1 - Lesson 1: Assessing Cybersecurity Risk
Topic A: Identify the Importance of Risk ManagementTopic B: Assess RiskTopic C: Mitigate RiskTopic D: Integrate Documentation into Risk Management
2 - Lesson 2: Analyzing the Threat Landscape
Topic A: Classify ThreatsTopic B: Analyze Trends Affecting Security Posture
3 - Lesson 3: Analyzing Reconnaissance Threats to Computing and Network Environments
Topic A: Implement Threat ModelingTopic B: Assess the Impact of ReconnaissanceTopic C: Assess the Impact of Social Engineering
4 - Lesson 4: Analyzing Attacks on Computing and Network Environments
Topic A: Assess the Impact of System Hacking AttacksTopic B: Assess the Impact of Web-Based AttacksTopic C: Assess the Impact of MalwareTopic D: Assess the Impact of Hijacking and Impersonation AttacksTopic E: Assess the Impact of DoS IncidentsTopic F: Assess the Impact of Threats to Mobile SecurityTopic G: Assess the Impact of Threats to Cloud Security
5 - Lesson 5: Analyzing Post-Attack Techniques
Topic A: Assess Command and Control TechniquesTopic B: Assess Persistence TechniquesTopic C: Assess Lateral Movement and Pivoting TechniquesTopic D: Assess Data Exfiltration TechniquesTopic E: Assess Anti-Forensics Techniques
6 - Lesson 6: Assessing the Organization's Security Posture
Topic A: Implement Cybersecurity AuditingTopic B: Implement a Vulnerability Management PlanTopic C: Assess VulnerabilitiesTopic D: Conduct Penetration Testing
7 - Lesson 7: Collecting Cybersecurity Intelligence
Topic A: Deploy a Security Intelligence Collection and Analysis PlatformTopic B: Collect Data from Network-Based Intelligence SourcesTopic C: Collect Data from Host-Based Intelligence Sources
8 - Lesson 8: Analyzing Log Data
Topic A: Use Common Tools to Analyze LogsTopic B: Use SIEM Tools for Analysis
9 - Lesson 9: Performing Active Asset and Network Analysis
Topic A: Analyze Incidents with Windows-Based ToolsTopic B: Analyze Incidents with Linux-Based ToolsTopic C: Analyze Indicators of Compromise
10 - Lesson 10: Responding to Cybersecurity Incidents
Topic A: Deploy an Incident Handling and Response ArchitectureTopic B: Mitigate IncidentsTopic C: Hand Over Incident Information to a Forensic Investigation
11 - Lesson 11: Investigating Cybersecurity Incidents
Topic A: Apply a Forensic Investigation PlanTopic B: Securely Collect and Analyze Electronic EvidenceTopic C: Follow Up on the Results of an Investigation
Actual course outline may vary depending on offering center. Contact your sales representative for more information.
Who is it For?
This course is designed primarily for cybersecurity practitioners preparing for or who currently perform job functions related to protecting information systems by ensuring their availability, integrity, authentication, confidentiality, and non-repudiation. It is ideal for those roles within federal contracting companies and private sector firms whose mission or strategic objectives require the execution of Defensive Cyber Operations (DCO) or DoD Information Network (DoDIN) operation and incident handling. This course focuses on the knowledge, ability, and skills necessary to provide for the defense of those information systems in a cybersecurity context, including protection, detection, analysis, investigation, and response processes.
To ensure your success in this course, you should meet the following requirements:
At least two years (recommended) of experience or education in computer network security technology or a related field.
The ability or curiosity to recognize information security vulnerabilities and threats in the context of risk management.
Foundational knowledge of the concepts and operational framework of common assurance safeguards in network environments. Safeguards include, but are not limited to, firewalls, intrusion prevention systems, and VPNs.
General knowledge of the concepts and operational framework of common assurance safeguards in computing environments. Safeguards include, but are not limited to, basic authentication and authorization, resource permissions, and anti-malware mechanisms.
Foundation-level skills with some of the common operating systems for computing environments.
Entry-level understanding of some of the common concepts for network environments, such as routing and switching.
General or practical knowledge of major TCP/IP networking protocols, including, but not limited to, TCP, IP, UDP, DNS, HTTP, ARP, ICMP, and DHCP.