Integrity Training – CyberSec First Responder: Threat Detection and Response

Course Curriculum

Course Introduction
StartIntroduction (0:09)
StartCourse Introduction (1:12)
StartInstructor Introduction (0:22)
Assessing Information Security Risk
StartIntroduction (0:22)
StartTopic A: Identify the Importance of Risk Management (0:28)
StartElements of Cybersecurity (Perimeter Model) (1:26)
StartElements of Cybersecurity (Endpoint Model) (1:38)
StartThe Risk Equation (0:54)
StartRisk Management (0:56)
StartThe Importance of Risk Management (0:43)
StartERM (0:42)
StartReasons to Implement ERM (1:02)
StartRisk Exposure (0:25)
StartRisk Analysis Methods (1:22)
StartRisks Facing an Enterprise (1:10)
StartTopic B: Assess Risk (0:32)
StartESA Frameworks (0:28)
StartESA Framework Assessment Process Part1 (0:43)
StartESA Framework Assessment Process Part2 (0:44)
StartNew and Changing Business Models (0:40)
StartDe-perimeterization (1:41)
StartNew Products and Technologies (1:23)
StartInternal and External Influences (0:55)
StartSystem-Specific Risk Analysis (0:38)
StartRisk Determinations (2:58)
StartDocumentation of Assessment Results (0:36)
StartGuidelines for Assessing Risk (2:01)
StartTopic C: Mitigate Risk (0:51)
StartClasses of Information (1:16)
StartClassification of Information Types into CIA Levels (1:51)
StartSecurity Control Categories (1:15)
StartTechnical Controls (Template) (0:26)
StartTechnical Controls (Example Answer) (0:36)
StartAggregate CIA Score (3:08)
StartCommon Vulnerability Scoring System (1:54)
StartCommon Vulnerabilities and Exposures (0:30)
StartDemo – Common Vulnerability Scoring System (5:41)
StartExtreme Scenario Planning and Worst Case Scenarios (1:12)
StartRisk Response Techniques (1:10)
StartAdditional Risk Management Strategies (1:40)
StartContinuous Monitoring and Improvement (0:27)
StartIT Governance (0:31)
StartGuidelines for Mitigating Risk (1:12)
StartTopic D: Integrate Documentation into Risk Management (0:29)
StartFrom Policy to Procedures (1:17)
StartPolicy Development (0:14)
StartProcess and Procedure Development (0:10)
StartDemo – Finding a Policy Template (5:20)
StartTopics to Include in Security Policies and Procedures (0:36)
StartBest Practices to Incorporate in Security Policies and Procedures Part1 (1:34)
StartBest Practices to Incorporate in Security Policies and Procedures Part2 (0:59)
StartBusiness Documents That Support Security Initiatives (1:50)
StartGuidelines for Integrating Documentation into Risk Management Part1 (1:06)
StartGuidelines for Integrating Documentation into Risk Management Part2 (0:46)
StartSection Review (0:21)
StartReview Questions
Analyzing the Threat Landscape
StartIntroduction (0:14)
StartTopic A: Classify Threats and Threat Profiles (0:30)
StartThreat Actors Part1 (1:12)
StartThreat Actors Part2 (0:44)
StartThreat Motives (0:39)
StartThreat Intentions (0:39)
StartAttack Vectors (0:41)
StartAttack Technique Criteria (1:20)
StartQualitative Threat and Impact Analysis (0:54)
StartGuidelines for Classifying Threats and Threat Profiles (0:39)
StartTopic B: Perform Ongoing Threat Research (0:30)
StartOngoing Research (0:47)
StartSituational Awareness (0:30)
StartCommonly Targeted Assets (1:56)
StartThe Latest Vulnerabilities (1:21)
StartThe Latest Threats and Exploits (1:28)
StartThe Latest Security Technologies (1:07)
StartResources Aiding in Research Part1 (0:52)
StartResources Aiding in Research Part2 (0:21)
StartDemo – Resources that Aid in Research of Threats (3:02)
StartThe Global Cybersecurity Industry and Community (0:43)
StartTrend Data (0:16)
StartTrend Data and Qualifying Threats (1:01)
StartGuidelines for Performing Ongoing Threat Research (1:25)
StartSection Review (0:28)
StartReview Questions
Analyzing Reconnaissance Threats to Computing and Network Environments
StartIntroduction (0:21)
StartTopic A: Implement Threat Modeling (0:25)
StartThe Diverse Nature of Threats (0:36)
StartThe Anatomy of a Cyber Attack (2:13)
StartThreat Modeling (0:37)
StartReasons to Implement Threat Modeling (0:32)
StartThreat Modeling Process (1:15)
StartAttack Tree (1:35)
StartThreat Modeling Tools (0:24)
StartThreat Categories (1:27)
StartTopic B: Assess the Impact of Reconnaissance Incidents (0:37)
StartFootprinting, Scanning, and Enumeration (1:15)
StartFootprinting Methods (1:35)
StartNetwork and System Scanning Methods (0:41)
StartEnumeration Methods (1:05)
StartEvasion Techniques for Reconnaissance (2:06)
StartReconnaissance Tools (2:38)
StartPacket Trace Analysis with Wireshark (0:31)
StartDemo – Performing Reconnaissance on a Network (7:22)
StartDemo – Examining Reconnaissance Incidents (8:10)
StartTopic C: Assess the Impact of Social Engineering (0:25)
StartSocial Engineering (2:09)
StartTypes of Social Engineering Part1 (1:52)
StartTypes of Social Engineering Part2 (1:44)
StartTypes of Social Engineering Part3 (1:09)
StartPhishing and Delivery Media (0:47)
StartPhishing and Common Components (1:14)
StartSocial Engineering for Reconnaissance (0:49)
StartDemo – Assessing the Impact of Social Engineering (7:37)
StartDemo – Assessing the Impact of Phishing (3:23)
StartSection Review (0:26)
StartReview Questions
Analyzing Attacks on Computing and Network Environments
StartIntroduction (0:21)
StartTopic A: Assess the Impact of System Hacking Attacks (0:19)
StartSystem Hacking Part1 (0:29)
StartSystem Hacking Part2 (0:28)
StartSystem Hacking Part3 (0:32)
StartSystem Hacking Part4 (0:29)
StartSystem Hacking Part5 (0:26)
StartSystem Hacking Part6 (0:23)
StartPassword Sniffing (0:57)
StartPassword Cracking (3:58)
StartDemo – Cracking Passwords Using a Password File (8:30)
StartPrivilege Escalation (0:57)
StartSocial Engineering for Systems Hacking (0:25)
StartSystem Hacking Tools and Exploitation Frameworks (1:06)
StartTopic B: Assess the Impact of Web-Based Attacks (0:26)
StartClient-Side vs. Server-Side Attacks (1:09)
StartXSS (0:56)
StartXSRF (0:58)
StartSQL Injection (1:47)
StartDirectory Traversal (1:58)
StartFile Inclusion (1:24)
StartAdditional Web Application Vulnerabilities and Exploits (1:16)
StartWeb Services Exploits (1:09)
StartWeb-Based Attack Tools (0:20)
StartDemo – Assessing the Impact of Web-Based Threats (3:24)
StartTopic C: Assess the Impact of Malware (0:22)
StartMalware Categories (4:55)
StartTrojan Horse (0:46)
StartPolymorphic Virus (0:15)
StartSpyware (1:09)
StartSupply Chain Attack (0:40)
StartMalware Tools (0:16)
StartDemo – Malware Detection and Removal (5:35)
StartTopic D: Assess the Impact of Hijacking and Impersonation Attacks (0:28)
StartSpoofing, Impersonation, and Hijacking (0:42)
StartARP Spoofing (5:12)
StartDNS Poisoning (1:35)
StartICMP Redirect (0:58)
StartDHCP Spoofing (2:32)
StartNBNS Spoofing (1:16)
StartSession Hijacking (0:44)
StartHijacking and Spoofing Tools (0:23)
StartTopic E: Assess the Impact of DoS Incidents (0:23)
StartDoS Attacks (1:58)
StartDoS Attack Techniques (4:37)
StartDDoS (0:53)
StartDoS Evasion Techniques (1:31)
StartDoS Tools (0:27)
StartDemo – Assessing the Impact of DoS Attacks (4:06)
StartTopic F: Assess the Impact of Threats to Mobile Security (0:27)
StartTrends in Mobile Security (2:37)
StartWireless Threats (1:51)
StartBYOD Threats (1:33)
StartMobile Platform Threats (2:11)
StartMobile Infrastructure Hacking Tools (0:17)
StartTopic G: Assess the Impact of Threats to Cloud Security (0:19)
StartCloud Infrastructure Challenges (1:56)
StartThreats to Virtualized Environments (3:37)
StartThreats to Big Data (1:33)
StartExample of a Cloud Infrastructure Attack (1:22)
StartCloud Platform Security (1:09)
StartSection Review (0:21)
StartReview Questions
Analyzing Post -Attack Techniques
StartIntroduction (0:38)
StartTopic A: Assess Command and Control Techniques (0:23)
StartCommand and Control (1:00)
StartIRC (0:33)
StartHTTP/S (0:56)
StartDNS (2:02)
StartICMP (1:48)
StartAdditional Channels (1:31)
StartDemo – Assessing Command and Control Techniques (10:37)
StartTopic B: Assess Persistence Techniques (0:21)
StartAdvanced Persistent Threat (0:52)
StartRootkits (0:50)
StartBackdoors (0:37)
StartLogic Bomb (0:24)
StartDemo – Detecting Rootkits (3:45)
StartRogue Accounts (2:04)
StartTopic C: Assess Lateral Movement and Pivoting Techniques (0:24)
StartLateral Movement (1:41)
StartPass the Hash (1:39)
StartGolden Ticket (2:25)
StartRemote Access Services (0:59)
StartWMIC (1:41)
StartPsExec (1:04)
StartPort Forwarding (1:11)
StartVPN Pivoting (0:57)
StartSSH Pivoting (0:42)
StartRouting Tables and Pivoting (0:26)
StartTopic D: Assess Data Exfiltration Techniques (0:17)
StartData Exfiltration (0:43)
StartCovert Channels (1:34)
StartSteganography (1:03)
StartDemo – Steganography (3:51)
StartFile Sharing Services (0:25)
StartTopic E: Assess Anti -Forensics Techniques (0:37)
StartAnti -Forensics (0:46)
StartGolden Ticket and Anti -Forensics (0:44)
StartDemo – Assessing Anti -Forensics (3:44)
StartBuffer Overflows (0:42)
StartMemory Residents (0:35)
StartProgram Packers (1:00)
StartVM and Sandbox Detection (0:40)
StartADS (2:22)
StartCovering Tracks (1:23)
StartSection Review (0:42)
StartReview Questions
Evaluating the Organization’s Security Posture
StartIntroduction (0:20)
StartTopic A: Conduct Vulnerability Assessments (0:32)
StartVulnerability Assessment (1:13)
StartPenetration Testing (0:53)
StartVulnerability Assessment vs. Penetration Testing (2:51)
StartVulnerability Assessment Implementation (2:23)
StartVulnerability Assessment Tools (1:42)
StartSpecific Assessment Tools (1:09)
StartPort Scanning and Fingerprinting (2:04)
StartSources of Vulnerability Information (1:28)
StartOperating System and Software Patching (1:01)
StartSystemic Security Issues (0:45)
StartDemo – Perform a Vulnerability Scan with Nessus (7:36)
StartDemo – Perform a Vulnerability Scan with MBSA (5:17)
StartTopic B: Conduct Penetration Tests on Network Assets (0:34)
StartROE (2:29)
StartPen Test Phases (1:20)
StartPen Test Scope (0:54)
StartExternal vs. Internal Pen Testing (2:05)
StartPen Testing Techniques (1:33)
StartPen Testing Tools of the Trade (0:45)
StartKali Linux (0:20)
StartData Mining (0:39)
StartAttack Surface Scanning and Mapping (0:36)
StartPacket Manipulation for Enumeration (0:50)
StartSimulated Attacks (0:28)
StartPassword Attacks (1:54)
StartPenetration Test Considerations (4:06)
StartTopic C: Follow Up on Penetration Testing (0:18)
StartEffective Reporting and Documentation (1:50)
StartTarget Audiences (0:43)
StartInformation Collection Methods (0:48)
StartPenetration Test Follow -Up (0:52)
StartReport Classification and Distribution (1:08)
StartSection Review (0:24)
StartReview Questions
Collecting Cybersecurity Intelligence
StartIntroduction (0:15)
StartTopic A: Deploy a Security Intelligence Collection and Analysis Platform (0:56)
StartSecurity Intelligence (1:05)
StartThe Challenge of Security Intelligence Collection (0:33)
StartSecurity Intelligence Collection Lifecycle (0:52)
StartSecurity Intelligence Collection Plan (0:22)
StartCSM (0:55)
StartWhat to Monitor (1:11)
StartSecurity Monitoring Tools (0:41)
StartData Collection (0:40)
StartPotential Sources of Security Intelligence (2:12)
StartGuidelines for Determining Which Data to Collect for Security Intelligence (1:00)
StartGuidelines for Determining Which Fields You Should Log (1:03)
StartGuidelines for Configuring Logging Systems Based on Their Impact (2:25)
StartGuidelines for Determining Which Events Should Prompt an Alert (1:16)
StartInformation Processing (0:41)
StartExternal Data Sources (0:39)
StartPublicly Available Information (0:19)
StartCollection and Reporting Automation (0:56)
StartData Retention (0:53)
StartTopic B: Collect Data from Network-Based Intelligence Sources (0:33)
StartNetwork Device Configuration Files (0:57)
StartNetwork Device State Data (2:25)
StartSwitch and Router Logs (0:59)
StartWireless Device Logs (1:06)
StartFirewall Logs (2:27)
StartWAF Logs (0:47)
StartIDS/IPS Logs (1:26)
StartProxy Logs (1:52)
StartCarrier Provider Logs (0:35)
StartSoftware-Defined Networking (0:39)
StartNetwork Traffic and Flow Data (1:12)
StartLog Tuning (0:34)
StartDemo – Collecting Network-Based Security Intelligence (7:32)
StartTopic C: Collect Data from Host-Based Intelligence Sources (0:23)
StartOperating System Log Data (0:56)
StartWindows Event Logs (3:00)
StartSyslog Data (1:00)
StartApplication Logs (1:21)
StartDNS Event Logs (0:54)
StartSMTP Logs (1:03)
StartHTTP Logs (0:45)
StartFTP Logs (0:35)
StartSSH Logs (1:24)
StartSQL Logs (1:03)
StartDemo – Collecting Host-Based Security Intelligence (15:50)
StartDemo – Parsing Log Files (3:54)
StartSection Review (0:36)
StartReview Questions
Analyzing Log Data
StartIntroduction (0:35)
StartTopic A: Use Common Tools to Analyze Logs (0:37)
StartPreparation for Analysis (0:32)
StartGuidelines for Preparing Data for Analysis (0:27)
StartLog Analysis Tools (0:25)
StartThe grep Command (0:57)
StartThe cut Command (1:26)
StartThe diff Command (2:12)
StartThe find Command (1:21)
StartWMIC for Log Analysis (1:30)
StartEvent Viewer (3:28)
StartBash (2:37)
StartWindows PowerShell (2:50)
StartAdditional Log Analysis Tools (0:56)
StartGuidelines for Using Windows- and Linux-Based Tools for Log Analysis (2:49)
StartDemo – Analyzing Linux Logs for Security Intelligence (8:21)
StartTopic B: Use SIEM Tools for Analysis (0:24)
StartSecurity Intelligence Correlation (1:41)
StartSIEM (1:38)
StartThe Realities of SIEM (0:49)
StartSIEM and the Intelligence Lifecycle (1:09)
StartGuidelines for Using SIEMs for Security Intelligence Analysis (1:58)
StartDemo – Incorporating SIEMs into Security Intelligence Analysis (18:02)
StartTopic C: Parse Log Files with Regular Expressions (0:45)
StartRegular Expressions (1:15)
StartQuantification Operators (2:37)
StartAnchor Operators (0:52)
StartCharacter Set Operators (1:54)
StartMiscellaneous Search Operators (2:24)
StartSpecial Operators (2:51)
StartBuild an Expression (2:28)
StartKeyword Searches (4:30)
StartSpecial Character Searches (2:09)
StartIP Address Searches (2:37)
StartGuidelines for Writing Regular Expressions (0:50)
StartSection Review (0:26)
StartReview Questions
Performing Active Asset and Network Analysis
StartIntroduction (0:26)
StartTopic A: Analyze Incidents with Windows-Based Tools (0:26)
StartRegistry Editor (regedit) (0:59)
StartAnalysis with Registry Editor (1:14)
StartFile System Analysis Tools for Windows (1:39)
StartProcess Explorer (1:07)
StartProcess Monitor (0:29)
StartService Analysis Tools for Windows (1:30)
StartVolatile Memory Analysis Tools for Windows (1:00)
StartActive Directory Analysis Tools (1:56)
StartNetwork Analysis Tools for Windows Part1 (2:38)
StartNetwork Analysis Tools for Windows Part2 (4:08)
StartDemo – Windows-Based Incident Analysis Tools (19:47)
StartTopic B: Analyze Incidents with Linux-Based Tools (0:14)
StartFile System Analysis Tools for Linux (0:47)
StartProcess Analysis Tools for Linux (0:25)
StartVolatile Memory Analysis Tools for Linux (0:48)
StartSession Analysis Tools for Linux (1:00)
StartNetwork Analysis Tools for Linux Part1 (0:54)
StartNetwork Analysis Tools for Linux Part2 (1:18)
StartDemo – Linux -Based Incident Analysis Tools (7:00)
StartTopic C: Analyze Malware (0:41)
StartMalware Sandboxing (1:18)
StartCrowd -Sources Signature Detection (0:56)
StartVirusTotal Malware Entry (0:39)
StartReverse Engineering (0:57)
StartDisassemblers (1:11)
StartDisassembly of Malware in IDA (0:24)
StartMalware Strings (0:58)
StartAnti -Malware Solutions (2:12)
StartMAEC (0:39)
StartGuidelines for Analyzing Malware (1:26)
StartDemo – Analyzing Malware (3:17)
StartTopic D: Analyze Indicators of Compromise (0:33)
StartIOCs (0:49)
StartUnauthorized Software and Files (3:19)
StartSuspicious Emails (2:07)
StartSuspicious Registry Entries (1:09)
StartUnknown Port and Protocol Usage (2:51)
StartExcessive Bandwidth Usage (2:31)
StartService Disruption and Defacement (1:45)
StartRogue Hardware (2:28)
StartSuspicious or Unauthorized Account Usage (1:15)
StartGuidelines for Analyzing Indicators of Compromise (1:35)
StartDemo – Analyzing Indicators of Compromise (15:03)
StartSection Review (0:29)
StartReview Questions
Responding to Cybersecurity Incidents
StartIntroduction (0:17)
StartTopic A: Deploy an Incident Handling and Response Architecture (0:41)
StartIncident Handling and Response Planning (0:37)
StartSite Book (1:24)
StartIncident Response Process (2:18)
StartSOCs (1:09)
StartCSIRT Organization (0:34)
StartCSIRT Organization (1:53)
StartA Day in the Life of a CSIRT (1:40)
StartCSIRT Communication Process (2:01)
StartIncident Indicator Sources (1:04)
StartThe Impact and Scope of Incidents (1:50)
StartIncident Evaluation and Analysis (1:00)
StartIncident Containment (1:48)
StartIncident Mitigation and Eradication (0:46)
StartIncident Recovery (1:02)
StartLessons Learned (1:08)
StartIncident Handling Tools (1:27)
StartTopic B: Mitigate Incidents (0:24)
StartSystem Hardening (14:22)
StartDemo – Hardening Windows Servers (1:36)
StartSystem and Application Isolation (0:29)
StartBlacklisting (2:17)
StartWhitelisting (0:52)
StartDNS Filtering (1:38)
StartDemo – DNS Filtering (5:07)
StartDemo – Blacklisting and Whitelisting (9:54)
StartBlack Hole Routing (1:21)
StartMobile Device Management (3:08)
StartDevices Used in Mitigation (2:47)
StartThe Importance of Updating Device Signatures (1:18)
StartGuidelines for Mitigating Incidents (0:48)
StartTopic C: Prepare for Forensic Investigation as a CSIRT (0:17)
StartThe Duties of a Forensic Analyst (1:34)
StartCommunication of CSIRT Outcomes to Forensic Analysts (0:47)
StartGuidelines for Conducting Post-Incident Tasks (0:56)
StartSection Review (0:16)
StartReview Questions
Investigating Cybersecurity Incidents
StartIntroduction (0:19)
StartTopic A: Apply a Forensic Investigation Plan (0:32)
StartA Day in the Life of a Forensic Analyst (0:20)
StartForensic Investigation Models (0:58)
StartForensic Investigation Preparation (0:50)
StartInvestigation Scope (0:48)
StartTimeline Generation and Analysis (1:45)
StartAuthentication of Evidence (0:37)
StartChain of Custody (0:53)
StartCommunication and Interaction with Third Parties (0:47)
StartForensic Toolkits (1:39)
StartGuidelines for Preparing for a Forensic Investigation (0:27)
StartTopic B: Securely Collect and Analyze Electronic Evidence (0:25)
StartOrder of Volatility (1:57)
StartFile Systems (1:30)
StartFile Carving and Data Extraction (1:07)
StartPersistent Data (1:27)
StartData Preservation for Forensics (0:47)
StartForensic Analysis of Compromised Systems (1:18)
StartDemo – Securely Collecting Electronic Evidence (5:34)
StartDemo – Analyzing Forensic Evidence (7:54)
StartTopic C: Follow Up on the Results of an Investigation (0:15)
StartCyber Law (0:24)
StartTechnical Experts and Law Enforcement Liaisons (0:46)
StartDocumentation of Investigation Results (0:23)
StartSection Review (0:16)
StartNext Steps (0:31)
StartReview Questions
StartCourse Closure (1:16)

Forex Trading – Foreign Exchange Course

Want to learn about Forex?

Foreign exchange, or forex, is the conversion of one country’s currency into another.
In a free economy, a country’s currency is valued according to the laws of supply and demand.
In other words, a currency’s value can be pegged to another country’s currency, such as the U.S. dollar, or even to a basket of currencies.
A country’s currency value may also be set by the country’s government.
However, most countries float their currencies freely against those of other countries, which keeps them in constant fluctuation.