Digital Revolver

Welcome to the Course

Exam Foundations

How to Schedule Your Exam

Domain 1: Threat Management

CIA Triad

Risk Consideration

Risk Assessment

Identify Threats

Identify Vulnerabilities

Likelihood, Impact, and Risk

Qualitative and Quantitative Assessments

Reviewing Controls

Network Perimeter Security

Network Segmentation

Network Access Control

Defense Deception Methods

Secure Endpoint Management

Penetration Testing

Security Exercises and Training

Reverse Engineering

Quiz: Defense Against Cyber Threats

Reconnaissance and Intelligence

Footprinting the Network

Network Mapping

Port Scanning

Other Port Scanners

NMAP - Demonstration of the world's most popular port scanning tool

Passive Reconnaissance

Passive Recon - Network Devices

Passive Recon - Netstat

DHCP Logs and Configs

Firewall Logs and Configs

System and Host Log Files

DNS Harvesting

Domain Names and IP Ranges

DNS Zone Transfers

Whois and Host Commands

Information Gathering and Aggregation

Organizational Intelligence

Detecting, Preventing, and Responding to Reconnaissance

Quiz: Reconnaissance and Intelligence Gathering

Domain 2: Vulnerability Management

Regulatory Requirements

Corporate Requirements

Scanning Tools

Scoping Scans

Configuring Scans

Scanning Sensitivity

Authenticated Scanning

Maintaining Scanners

Standardizing Vulnerabilities

Workflow for Remediation

Vulnerability Reporting

Remediation Priority

Implementing and Testing

Nessus Vulnerability Scanner: A Walkthrough

Quiz: Vulnerability Management Program

Interpreting Scan Results

Interpreting CVSS

Calculating the CVSS Score

CVSS Temporal Score

Validation of Results

Common Vulnerabilities

Server and Host Vulnerabilities

Network Vulnerabilities

Virtualization Vulnerabilities

Web Application Vulnerabilities

Internet of Things (IoT) Vulnerabilities

Quiz: Analyzing Vulnerability Reports

Domain 3: Cyber Incident Response

Security Incidents

Incident Response Teams

Incident Response Phases

Incident Response Policy and Procedures

Quiz: Cyber Incident Response Program

Communication and Info Sharing

Incident Classification

Network Event Monitoring

Network Monitoring Tools

Detecting Network Events

Network Probes and Attacks

Server and Host Events

Service and Application Events

Quiz: Symptoms of Cyber Attacks

Digital Forensics

Forensic Toolkit Components

Mobile Forensic Toolkits

Forensic Software

Training and Certification

Forensic Investigation Process

Disk Imaging

Disk Imaging Using dd

Disk Imaging Using FTK Imager

Quiz: Digital Forensics

Incident Containment

Eradication and Recovery

Finishing the Response

Quiz: Incident Containment and Eradication

Domain 4: Security Architecture and Tool Sets

Policy Documents

Standard Frameworks

Policy-based Controls

Audits and Assessments

Laws and Regulations

Quiz: Policies, Standards, Procedures, and Frameworks

Defense in Depth

Types of Controls

Layered Network Defense

Layered Host Security

Data Analytics

Personnel Security

Outsourcing Concerns

User Awareness Training

Analyzing Secure Architectures

Quiz: Defense in Depth

What Is Identity?

Identity Systems

Threats to Identity Systems

Attacking AAA Protocols and Systems

Targeting Account Lifecycle

Identity Exploits

Credential Theft

Securing Authentication and Authorization System

Identity as a Service (IDaaS)

Detecting Identity Attacks

Federated Identity Systems

Quiz: Identity and Access Management

Software Development Life Cycle (SDLC)

Software Development Models

Coding for Security

Testing Application Security

Finding Security Flaws

Web Application Vulnerability Scanners

Quiz: Software Development and SDLC

124 - Conclusion

Simulations and Performance-Based Questions (PBQs)

CompTIA CSA+ Practice Certification Exam

CompTIA CSA+ Practice Certification Exam