Final Exam: Security Threat Intelligence
Overview/Description
Expected Duration
Lesson Objectives
Course Number
Expertise Level
Overview/Description
Final Exam: Security Threat Intelligence will test your knowledge and application of the topics presented throughout the Security Threat Intelligence track of the Skillsoft Aspire Security Threat Intelligence Journey.
Expected Duration (hours)
0.0
Lesson Objectives Final Exam: Security Threat Intelligence
apply DNS filters and examine DNS queries in Wireshark
capture and examine HTTP traffic using Wireshark
change file and folder permissions from a Bash script
compare and use conditionals in C and C++
connect to a remote server securely using ssh
create custom functions in a Python script
create loops in PowerShell
create, modify, and delete user accounts in a Linux system
define what is involved in risk analysis and risk modeling as they relate to threat intelligence and outline the FAIR risk model and framework
demonstrate how to create a password policy on a Windows workstation to prevent dictionary attacks
demonstrate how to implement an account lockout policy to stop brute force attacks
demonstrate how to implement full disk encryption with BitLocker
demonstrate techniques to harden Windows DNS Servers
demonstrate the use of packet capturing to gain intelligence from an attack
describe and compare the different types of DCO missions
describe common security vulnerabilities in code that can lead to exploits
describe how machine learning can improve threat intelligence
describe how SIEMs are used to detect threat activity
describe how to gather digital evidence, including identification, collection, acquisition, and preservation
describe malware cyber threats and how reverse engineering malware can lead to attribution
describe symptoms of an infected system
describe the command processing capabilities and environment of the Bash shell
describe the common features and properties of command line environments
describe the function and characteristics of the NetFlow and IPFIX network flow protocols
describe the Open Systems Interconnection (OSI) model for network communications
describe the operations of DCO in terms of missions, actions, and forces
describe when and how to use threat intelligence, including before, during, and after an attack
differentiation between attribution types such as machine, human, adversary
discuss common BIOS/UEFI settings that are used to help secure the system
discuss common techniques to secure the file system
identify bash scripts based on their features
identify different types of malware attacks
identify different types of PowerShell cmdlets and objects
identify key steps when responding to malware incidents
identify network endpoints from captured network traffic using Wireshark
identify the phases of the Cyber Operations Cycle
identify the roles and responsibilities of OCO team members and how they interact within the cyber operations cycle
implement the for and while loops in a Python script
inspect the static properties of malware
install ELK stack in preparation for it to serve as a SIEM for Suricata
navigate ELK Stack's Kibana dashboards for SIEM use when connected to Suricata
outline how to gather digital evidence, including identification, collection, acquisition, and preservation
outline the Open Systems Interconnection (OSI) model for network communications
perform ARP scans to find hidden hosts on a network
perform DNS host discovery
perform requests with netcat and other tools to pull banner information from services
provide an overview of malware cyber threats and how reverse engineering malware can lead to attribution
recognize best practices for removing malware
recognize common malware characteristics at the Windows API level (registry manipulation, keylogging, HTTP communications, droppers)
recognize different tools used for network scanning
recognize the importance of audit logs for security
recognize the importance of identifying and preserving forensic artifacts and list common errors when dealing with digital evidence
recognize the use of various baselines for network management
recognize why intrusion detection is the heart of threat intelligence and outline the kill chain and diamond models of analysis
set variables in a Bash script
use and set variables in a Bash script
use loops in C and C++
use the for and while loops in a Python script
use the for, while, and until loops in a Bash script
use the for, while, and until loops in a Bash script
Course Number: it_festi_01_enus
Expertise Level
Everyone