The three most used endpoint operating systems are Windows, Linux, and Mac. When investigating security incidents, security analysts often encounter these operating systems running on servers or user end hosts. If you are an associate-level cybersecurity analyst who is working in security operation centers, this course will help you understand basic Windows operations principles. By the end of the course, you will be able to:
•By the end of the course, you will be able to:
• Describe the history of the Windows operating system and vulnerabilities.
• Describe the Windows OS architecture and components.
• Describe Windows processes, threads, and handles.
• Describe virtual memory allocation in the Windows OS.• Describe Windows services and how they are used.
• Describe the functionality of Windows NTFS.
• Describe the Windows NTFS structure.
• Describe Windows domains and local user accounts.
• Describe the Windows graphical user interface and its use.
• Describe how to perform tasks in Windows which may require administrator privileges.• Describe the Windows command line interface use and features.
• Describe the features of the Windows PowerShell.
• Describe how the net command is used for Windows administration and maintenance.
•Describe how to control Windows startup services and execute a system shutdown.
• Describe how to control Windows services and processes that are operating on a host.
• Describe how to monitor Windows system resources with the use of Windows Task Manager.
• Describe the Windows boot process, starting services, and registry entries.
• Describe how to configure Windows networking properties.
•Use the netstat command to view running networking functions.
•Access Windows network resources and perform remote functions.
•Describe the use of the Windows registry.
•Describe how the Windows Event Viewer is used to browse and manage event logs.
• Use the Windows Management Instrumentation to manage data and operations on Windows-based operating systems.• Understand common Windows server functions and features.
• Describe commonly used third-party tools to manage to manage Windows operating systems.
• Explore the Windows operating system and services.
The knowledge and skills that students are expected to have before attending this course are:
1. Skills and knowledge equivalent to those learned in Implementing and Administering Cisco Solutions (CCNA) v1.0 course
2. Familiarity with Ethernet and TCP/IP networking
3. Working knowledge of the Windows and Linux operating systems
4. Familiarity with basics of networking security concepts.
Overview
Syllabus
- Understanding Windows Operating System Basics
- The three most used endpoint operating systems are Windows, Linux, and Mac. When investigating security incidents, security analysts often encounter these operating systems running on servers or user end hosts. If you are an associate-level cybersecurity analyst who is working in security operation centers, this course will help you understand basic Windows operations principles. By the end of the course, you will be able to: •By the end of the course, you will be able to: • Describe the history of the Windows operating system and vulnerabilities.• Describe the Windows OS architecture and components.• Describe Windows processes, threads, and handles.• Describe virtual memory allocation in the Windows OS.• Describe Windows services and how they are used.• Describe the functionality of Windows NTFS.• Describe the Windows NTFS structure.• Describe Windows domains and local user accounts.• Describe the Windows graphical user interface and its use.• Describe how to perform tasks in Windows which may require administrator privileges.• Describe the Windows command line interface use and features.• Describe the features of the Windows PowerShell.• Describe how the net command is used for Windows administration and maintenance.• Describe how to control Windows startup services and execute a system shutdown.• Describe how to control Windows services and processes that are operating on a host.• Describe how to monitor Windows system resources with the use of Windows Task Manager.• Describe the Windows boot process, starting services, and registry entries.• Describe how to configure Windows networking properties.• Use the netstat command to view running networking functions.• Access Windows network resources and perform remote functions.• Describe the use of the Windows registry.• Describe how the Windows Event Viewer is used to browse and manage event logs.• Use the Windows Management Instrumentation to manage data and operations on Windows-based operating systems.• Understand common Windows server functions and features.• Describe commonly used third-party tools to manage to manage Windows operating systems.• Explore the Windows operating system and services. The knowledge and skills that students are expected to have before attending this course are: 1. Skills and knowledge equivalent to those learned in Implementing and Administering Cisco Solutions (CCNA) v1.0 course 2. Familiarity with Ethernet and TCP/IP networking 3. Working knowledge of the Windows and Linux operating systems 4. Familiarity with basics of networking security concepts.
- Understanding Linux Operating System Basics
- If you are an associate-level cybersecurity analyst who is working in security operation centers, this course will help you to understand Linux Operating System basics. By the end of the course, you will be able to: • Provide brief history and benefits of Linux operating system.• Describe Linux architecture.• Provide an overview of the Linux file system.• Describe basic file system navigation and management commands in Linux.• Describe Linux file properties and permissions.• Describe Linux commands that you can use to manage file permissions and ownership.• Describe root and sudo commands in Linux.• Describe Linux storage disks and file systems.• Describe the Linux boot process.• Describe alternate startup options in case Linux is experiencing problems or has been compromised.• Describe the proper procedure to shut down a Linux-based system for maintenance or troubleshooting.• Describe Linux system processes.• Describe mechanisms for interacting with the Linux operating system.• Explore important concepts about the Linux shell and its usage.• Explore Linux piping command output.• Describe other useful Linux command line tools.• Provide an overview of Secure Shell Protocol.• Describe Linux tools and features for managing every aspect of networking and connectivity configuration.• Describe the process of managing services in SysV environments. • Describe tools to track the services running in your Linux installation. • Provide an overview of the Domain Name System. • Explore the Linux operating system tools to test name resolation. • Explore Linux tools to view network traffic. • Configure remote syslog in context to Linux systems. • Describe requirements to run software in a Linux installation. • Explore Linux executable files and interpreters that can execute code. • Describe package managers to install software in Linux • Describe system applications used to serve clients in context to Linux. • Provide an overview of LDAP. • Explore the Linux operating system and services. To be successful in this course, you should have the following background: 1. Skills and knowledge equivalent to those learned in Implementing and Administering Cisco Solutions (CCNA) v1.0 course 2. Familiarity with Ethernet and TCP/IP networking 3. Working knowledge of the Windows and Linux operating systems 4. Familiarity with basics of networking security concepts.
- Understanding Endpoint Security Technologies
- If you are an associate-level cybersecurity analyst who is working in security operation centers, this course will help you understand endpoint security and familiarity with common endpoint security technologies. By the end of the course, you will be able to: • Describe the host-based personal firewall. • Describe a host-based antivirus. • Describe HIPS software. • Describe application allowed lists and blocked lists. • Describe host-based malware protection. • Describe sandboxing in the context of network security. • Describe how security analysts use file integrity checking tools and sandboxing in the context of network security. • Explore the behavior of two endpoint security applications that are part of the base Windows operating system distribution: Windows Defender and Windows Firewall. • Understand common endpoint security technologies. To be successful in this course, you should have the following background: 1. Skills and knowledge equivalent to those learned in Implementing and Administering Cisco Solutions (CCNA) v1.0 course 2. Familiarity with Ethernet and TCP/IP networking 3. Working knowledge of the Windows and Linux operating systems 4. Familiarity with basics of networking security concepts.
Taught by
Cisco Learning & Certifications