DOMAIN 1 - Cyber Security Concepts

DOMAIN 2 - Cyber Security Architecture Principles

DOMAIN 3 - Security of Networks, Systems, Applications and Data
DOMAIN 4 - Incident Response
DOMAIN 5 - Security Implications and Adoption of Evolving Technology

Course Outline
 Introduction to Cybersecurity
o Cybersecurity objectives
o Cybersecurity roles
o Differences between Information Security & Cybersecurity
 Cybersecurity Principles
o Confidentiality, integrity, & availability
o Authentication & nonrepudiation
 Information Security (IS) within Lifecycle
o Management Lifecycle management landscape
o Security architecture processes
o Security architecture tools
o Intermediate lifecycle management concepts
 Risks & Vulnerabilities
o Basics of risk management
o Operational threat environments
o Classes of attacks
 Incident Response
o Incident categories
o Incident response
o Incident recovery
 Future Implications & Evolving Technologies
o New & emerging IT & IS technologies
o Mobile security issues, risks, & vulnerabilities
o Cloud concepts around data & collaboration

DOMAIN 1 - Cyber Security Concepts

DOMAIN 2 - Cyber Security Architecture Principles
DOMAIN 3 - Security of Networks, Systems, Applications and Data
DOMAIN 4 - Incident Response
DOMAIN 5 - Security Implications and Adoption of Evolving Technology

Domain 1: Cyber Security Concepts

Cyber Security Concepts is the first domain covered in this official CSX
Fundamentals training program. The various areas or topics students spend time on
can be found below:

CSX Fundamentals Domain 1 Lessons

  Cyber security principles used to manage risks related to the use, processing,
storage and transmission of information or data. 

 Security Management 

 Risk Management Processes, including steps and methods for assessing risk. 

 Threat Actors 

 Cyber Security Roles 

 Common Adversary Tactics, Techniques, and Procedures (TTPs) 

 Relevant Laws, Policies, Procedures and Governance Requirements. 

 Cyber Security Controls 


Domain 2: Cyber Security Architecture Principles 


Domain 2 focuses on Cyber Security Architecture Principles, and students will learn
about the following topics: 


CSX Fundamentals Domain 2 Lessons 


 Network Design Processes, to include an understanding of security objectives,

operational objectives, and trade-offs. 

 Security System Design Methods, Tools and Techniques. 

 Network Access, Identity and Access Management 

 Information Technology (IT) Security Principles and Methods 

 Network Security Architecture Concepts, including topology, protocols,
components, and 
principles 

 Malware Analysis Concepts and Methodology 

 Intrusion detection methodologies and techniques for detecting host and network-
based 
intrusions via intrusion detection technologies 

 Defense in Depth Principles and Network Security Architecture 

 Encryption Algorithms 

 Cryptography 

 Encryption Methodologies 

 The process of traffic flows across the network (e.g. transmission and
encapsulation) 

 Network Protocols, Dynamic Host Configuration Protocol, and Directory Services



Domain 3: Security of Networks, Systems, Applications and Data

This is the third domain covered in this course, and it’s called Security of Networks,
Systems, Applications, and Data. Students can expect to review the following topics:

CSX Fundamentals Domain 3 Lessons

 Vulnerability Assessment Tools and their Capabilities

 Basic System Administration, Network and Operating System Hardening
Techniques

 Risk Associated with Virtualizations

 Penetration Testing

 Network Systems Management Principles, Modules, Methods and Tools

 Remote Access Technology

 Unix Command Line

 System and Application Security Threats and Vulnerabilities

 System Life Cycle Management Principles, including software security and
usability
 Local Specialized System Requirements for Safety, Performance, and Reliability.

 System and Application Security Threats and Vulnerabilities

 Social Dynamics of Computer Attackers in a Global Context

 Secure Configuration Management Techniques

 Capabilities and Applications of Network Equipment including Hubs, Routers,
Switches,
 Bridges, Servers, Transmission Media and Related Hardware.

 Communication Methods, Principles, and Concepts that Support the Network
 Infrastructure

 Common Networking Protocols and Services and how they Interact to Provide
Network
 Communications.

 Different Types of Network Communication

 Virtualization Technologies and Virtual Machine Development and Maintenance
 Application Security

 Risk Threat Assessment

Domain 4: Incident Response

Incident Response is the fourth domain reviewed in this course and it focuses on the
following areas:

CSX Fundamentals Domain 4 Lessons

 Incident Categories and Response 


  Business Continuity/Disaster Recovery 

 Incident Response and Handling Methodologies 

 Security Event Correlation Tools 

 Processes for Seizing and Preserving Digital Evidence 

 Types of Digital Forensics Data 

 Basic Concepts and Practices of Processing Digital Forensics Data 

 Anti-Forensics Tactics, Techniques, and Procedures (TTPS) 

 Common Forensic Tool Configuration and Support Applications 

 Network Traffic Analysis Methods 

 Which System Files Contain Relevant Information and Where to Find Those
System Files 


Domain 5: Security Implications and Adoption of Evolving Technology

Security Implications and Adoption of Evolving Technology is the fifth and final
domain covered in this official CSX Fundamentals training program. It’s in this
domain where students can expect to learn about the following topics: 
CSX
Fundamentals Domain 5 Lessons 


 Emerging Technology and Associated Security Issues, Risks and

Vulnerabilities 

 Risk Associated with Mobile Computing 

 Cloud Concepts Around Data and Collaboration 

 Risk of Moving Applications and Infrastructure to the Cloud 

 Risk Associated with Outsourcing 

 Supply Chain Risk Management Processes and Practices