5.1. Incident Response Methodologies (NIST, SANS, etc.) 5.2. Threat Hunting and Detection 5.3. Incident Response Process (Preparation, Identification, Containment, etc.) 5.4. Post-Incident Activities (Lessons Learned, etc.)
2.1. Types of Cyber Threats (Malware, Phishing, Ransomware, etc.) 2.2. Attack Vectors (Network, Endpoint, Web Application, etc.) 2.3. Threat Actors (Hackers, Nation-State Actors, Insider Threats, etc.) 2.4. Cyber Attack Lifecycle (Reconnaissance, Exploitation, etc.)
6.1. SIEM Overview and Architecture 6.2. Log Collection and Analysis 6.3. Event Correlation and Alerting 6.4. SIEM Use Cases and Best Practices
9.1. Network Security Fundamentals (TCP/IP, Network Protocols, etc.) 9.2. Network Segmentation and Isolation 9.3. Firewalls and Intrusion Prevention Systems (IPS) 9.4. Network Access Control (NAC) and Secure Networking