Final Exam: Forensics Analyst will test your knowledge and application of the topics presented throughout the Forensics Analyst track of the Skillsoft Aspire Security Analyst to Security Architect Journey.
compare available security audit tools and outline their features and benefits
configure certificate properties
deduce activity of encrypted web traffic
define common hashing algorithms
define common symmetric encryption algorithms
define cryptojacking
define e-mail security basics
define the goals of information security
define the purpose of a CRL and how it works
define training and awareness
define what is considered a reasonable expectation of privacy
describe 802.1x and MACsec
describe a certificate and the different types of certificates
describe approaches and techniques used when working with live or volatile data, such as confirming if encryption is in use and acquiring system memory
describe asymmetric encryption
describe audit review, analysis, and reporting
describe cryptography services and associate those services with the goals of information security
describe data breaches and theft
describe DoS and DDoS attacks
describe forth step in the RMF, assessing security control effectiveness
describe guidelines and standards for defining cyber security audit strategies
describe how network forensics can be used to protect mission critical areas of business
describe how SSL is used
describe how SSL is used to secure web traffic
describe how to monitor the Linux system by reviewing system logs
describe how to perform web application auditing and secure web application and web sites
describe next-generation EDR
describe ransomware
describe shared responsibility
describe symmetric encryption
describe the first step of the NIST risk management framework, categorizing risk
describe the importance of a security management process and its common functions
differentiate between criminal, civil, and intellectual property investigations
differentiate between different risk responses such as accepting, avoiding, mitigating, sharing, or transferring risk
differentiate between least frequency of occurrence and baselining
differentiate between legal authorization forms such as consent forms and warrants
differentiate between threats, vulnerabilities, impacts, and risks
distinguish physical security controls
identify beaconing activity
list common software vulnerabilities such as buffer overflow and injection flaws
list keys to presenting risk to shareholders, such as soliciting stakeholder input
protect data in storage
provide an overview of digital forensics
provide an overview of microservices and APIs and highlight security concerns associated to each
provide an overview of population analysis
recognize best practices and considerations when working with digital evidence
recognize concepts and applications of network behavior anomaly detection
recognize different anomalies or outliers, such as configuration faults or a malicious presence
recognize how viruses and other malware work
recognize legalities surrounding digital forensics investigative techniques
recognize limitations of traditional approaches to anomaly detection, such as chasing false positives
recognize possible conflicts of interest and how to avoid them
recognize steps and techniques to analyze risk
recognize steps to properly test software to ensure it is secure
recognize the benefits of an event focused risk management approach
recognize the benefits of using auto-periodicity to aid in identifying anomalies
recognize the different standards for analyzing digital evidence
recognize the different types of forensics including computer, mobile, network, vehicle, and IoT