Final Exam: Forensics Analyst

WHAT YOU WILL LEARN

• 

  Define training and awareness
  

  recognize the benefits of an event focused risk management approach
  

  define the purpose of a crl and how it works
  

  configure certificate properties
  

  describe forth step in the rmf, assessing security control effectiveness
  

  list keys to presenting risk to shareholders, such as soliciting stakeholder input
  

  describe the first step of the nist risk management framework, categorizing risk
  

  describe how ssl is used to secure web traffic
  

  describe ransomware
  

  deduce activity of encrypted web traffic
  

  recognize best practices and considerations when working with digital evidence
  

  identify beaconing activity
  

  define the goals of information security
  

  recognize possible conflicts of interest and how to avoid them
  

  describe how network forensics can be used to protect mission critical areas of business
  

  describe approaches and techniques used when working with live or volatile data, such as confirming if encryption is in use and acquiring system memory
  

  recognize limitations of traditional approaches to anomaly detection, such as chasing false positives
  

  describe shared responsibility
  

  differentiate between criminal, civil, and intellectual property investigations
  

  describe dos and ddos attacks
  

  describe data breaches and theft
  

  describe guidelines and standards for defining cyber security audit strategies
  

  differentiate between legal authorization forms such as consent forms and warrants
  

  define common symmetric encryption algorithms
  

  recognize the different types of forensics including computer, mobile, network, vehicle, and iot
  

  recognize steps to properly test software to ensure it is secure
  

  describe asymmetric encryption
  

  differentiate between different risk responses such as accepting, avoiding, mitigating, sharing, or transferring risk
  

  define what is considered a reasonable expectation of privacy
  

  describe next-generation edr
• 

  recognize the different standards for analyzing digital evidence
  

  define cryptojacking
  

  classify authentication technologies
  

  compare audit review, analysis, and reporting
  

  describe 802.1x and macsec
  

  differentiate between least frequency of occurrence and baselining
  

  recognize concepts and applications of network behavior anomaly detection
  

  provide an overview of population analysis
  

  recognize how viruses and other malware work
  

  recognize different anomalies or outliers, such as configuration faults or a malicious presence
  

  differentiate between threats, vulnerabilities, impacts, and risks
  

  define common hashing algorithms
  

  describe cryptography services and associate those services with the goals of information security
  

  describe how to monitor the linux system by reviewing system logs
  

  describe how ssl is used
  

  define e-mail security basics
  

  describe a certificate and the different types of certificates
  

  recognize legalities surrounding digital forensics investigative techniques
  

  describe symmetric encryption
  

  describe how to perform web application auditing and secure web application and web sites
  

  describe the importance of a security management process and its common functions
  

  list common software vulnerabilities such as buffer overflow and injection flaws
  

  provide an overview of digital forensics
  

  distinguish physical security controls
  

  protect data in storage
  

  describe audit review, analysis, and reporting
  

  recognize steps and techniques to analyze risk
  

  compare available security audit tools and outline their features and benefits
  

  provide an overview of microservices and apis and highlight security concerns associated to each
  

  recognize the benefits of using auto-periodicity to aid in identifying anomalies