Analyzing Host-related IOCs (Introduction) In this section of the course, we’re going to discuss how we can detect and analyze host related indicators of compromise. In this section, we’re going to continue to focus on domain four, with a focus on Objective 4. 3. Now, Objective 4. 3 states that given an incident, you must analyze potential indicators of compromise. In this section of the course, we’re going to focus on those host related IOCs, like I said. Now, as we move through this section section, we’re going to start…

New Accounts (OBJ 4.3) New accounts. In this lesson we’re going to talk more about new accounts because new accounts are an area that attackers use to be able to give themselves more persistence by creating rogue accounts. This allows an adversary to maintain access to your systems once they’ve broken in. And so they are a dead giveaway as an indicator of compromise that you have been had and somebody using your network, for example, as an attacker, gains access to your system, one of the first things they…

Analyzing Application-related IOCs (Introduction) In this section of the course, we’re going to discuss how we can detect and analyze applicationrelated indicators of compromise. Now, in this section, we’re going to continue in domain four with a focus on Objective 4. 3 and Objective 4. 4. Objective 4. 3 states that given an incident, you must analyze potential indicators of compromise. In this section, we are going to focus on those application related IOCs. Now, Objective to 4. 4 states that given a scenario you must utilize basic digital forensic…

Evaluation Criteria: Domain 5 Domain five is evaluating the training event. Now, five B, the second part of this really takes place on Form C. That is when you provide the long answers there to some of the questions that are posed to you as the instructor. But five A is definitely something that happens in class. So five A is evaluation of learner performance during and at the close of the instructions. So make sure that you have your students share their screen from time to time. If they’re…

Overview – TK0-203 So now that we’ve covered all the domains of understanding for the CTT Plus body of knowledge, it’s time to talk about how they apply to the performance based exam. In this case, the TKO 203, the Virtual Classroom Trainer Performance based Exam. Now, it’s important to remember that there’s a couple of things involved with submitting for this certification. Number one, you’re going to actually include a video of UT teaching a class on a virtual platform. But you are also going to be submitting some…

Active Listening in the Classroom Active listening is important as an instructor. So there’s passive listening, like when your friend tries to tell you a story that you’ve heard a hundred times before. And there’s also active listening where you are reflecting what somebody is saying to you. You’re trying to help them process something, and you’re really involved in the conversation. So how to be an active listener as an instructor? Well, you want to observe body language and feedback. Make sure that you are noticing when people are…

Organization of Learner Training Records Organization of Learner Training records is important to any educational institution. It allows them to keep track of who’s taken what courses, what to offer next in terms of course offerings, and guiding students long term in their educational and career goals. So depending on the organization that you work for, they will have levels of sophistication in their organization of Learner training records. If you are working at a large organization where some of this training has to do with security compliance, my experience…

Overview – Domain 5 Domain five is our final domain of understanding for the CTT Plus course, and it really deals with evaluation. And there’s a number of different things we’re going to be evaluating at the conclusion of a course the students, what they’ve learned, their increase in knowledge, the instructor, how he or she performs, how effective were they at delivering class material, the course design itself. So all these things are going to be evaluated, and there’s also the documentation of that evaluation. So there’s the communication…

Evaluation Criteria: Domain 5 Finally, we have domain five, evaluating the Training Event. Again, this is a topic that will be covered in part in the form submission that goes along with your video. You’ll be giving long answer, narrative style answers that need to give evidence that you understand the principles of training or evaluating a training event, that is, evaluating the instructor performance, the course design, the logistics of the classroom, et cetera. So there’s two sub points here. Five A you will give evidence of during the…

Overview – TK0-202 At this point, we are ready to move on to the performance based portion of the exam. Now, remember that when you submit your video submission for the TKO 202 or the TKO 203, you also have to include evidence that you have passed the computer based TKO 201. So if that gives you an idea of the chronology of this, you will, of course, pass the computer your base exam first, and then you’ll include that as you move forward. So as an overview for this…