FedVTE Course Catalog

This is a recorded version of an Incident Response Training Webinar delivered to a live audience by instructors. For information on how to register for live and instructor-led courses, please visit: https://www.cisa.gov/resources-tools/programs/Incident-Response-Training.

Learning Objectives:

The Domain Name System, commonly known as DNS, is often referred to as the “phone book” of the Internet. Every time we access the Internet to visit our favorite websites, we depend on DNS infrastructure to securely route us to our intended destinations. While this shared infrastructure is incredibly useful, it also presents a rich attack surface. Threat actors have the ability to shut down websites and online services, replace legitimate website content with threats or extortion attempts, or even route traffic to a carbon copy of a legitimate website to steal information entered by users. This recorded webinar provides an organizational perspective and is accessible to a general audience including managers, business leaders, and technical specialists.

This webinar includes the following information and more:

• Common attacks and vulnerabilities: Learn how to identify a potential attack on DNS infrastructure.
• CISA guidance: CISA provides information on best practices to reduce the likelihood and impact of a successful DNS attack.
• Case studies: Examine the methods and impacts of real-life cyberattacks, and how the targets responded and recovered.
• Knowledge checks: The course provides knowledge checks throughout the presentation to reinforce key concepts and takeaways.

This awareness webinar is designed for both technical and non-technical audiences.

Date: 2022

Training Proficiency Area: Level 1 - Beginner

Training Purpose: Skill Development

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework (Top 5)

Micro Learn: The Federal Dashboard and Cross Cluster Search 

Description:

Learn about the concepts and features of the CDM Federal Dashboard. This video will describe the Federal Dashboard, use case scenarios, and how Cross Cluster Searching can provide its many benefits to federal agencies.

Learning Objectives:

• Learning the new features of the Federal Dashboard and the primary use cases of the dashboard.
• Understanding the data trends within the Federal Dashboard
• What are the primary user roles of the Federal Dashboard?
• Learn about Cross Cluster Searching and how the federal dashboard increases the security of the .GOV domain

Date: April  2023

Length: 13 minutes

Training Proficiency Area: Level 1 - Beginner

Training Purpose: Skill Development

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

The following skills are mapped to the NICE Framework’s Cyber Defense Analyst role. This course is made up of demonstrations of subject matter experts going through a guided lab for each skill. To perform these same steps on the virtual machines shown in the demonstration, please go to https://presidentscup.cisa.gov/practice and create a login to access the lab guide and environment.

• Indicators of Compromise

This is a basic level course.

Date: 2023

This course is aligned to the NIST SP 800-181 Cybersecurity Workforce Framework:

The following skills are mapped to the NICE Framework’s Cyber Defense Analyst role. This course is made up of demonstrations of subject matter experts going through a guided lab for each skill. To perform these same steps on the virtual machines shown in the demonstration, please go to https://presidentscup.cisa.gov/practice and create a login to access the lab guide and environment.

• Intrusion Detection Systems

This is a basic level course.

Date: 2023

This course is aligned to the NIST SP 800-181 Cybersecurity Workforce Framework:

The following skills are mapped to the NICE Framework’s Cyber Defense Analyst role. This course is made up of demonstrations of subject matter experts going through a guided lab for each skill. To perform these same steps on the virtual machines shown in the demonstration, please go to https://presidentscup.cisa.gov/practice and create a login to access the lab guide and environment.

• Incident Response

This is a basic level course.

Date: 2023

This course is aligned to the NIST SP 800-181 Cybersecurity Workforce Framework:

The following skills are mapped to the NICE Framework’s Cyber Defense Analyst role. This course is made up of demonstrations of subject matter experts going through a guided lab for each skill. To perform these same steps on the virtual machines shown in the demonstration, please go to https://presidentscup.cisa.gov/practice and create a login to access the lab guide and environment.

• Packet Level Analysis

This is a basic level course.

Date: 2023

This course is aligned to the NIST SP 800-181 Cybersecurity Workforce Framework:

The following skills are mapped to the NICE Framework’s Cyber Defense Analyst role. This course is made up of demonstrations of subject matter experts going through a guided lab for each skill. To perform these same steps on the virtual machines shown in the demonstration, please go to https://presidentscup.cisa.gov/practice and create a login to access the lab guide and environment.

• Security Information and Event Management (SIEM)

This is a basic level course.

Date: 2023

This course is aligned to the NIST SP 800-181 Cybersecurity Workforce Framework:

The following skills are mapped to the NICE Framework’s Cyber Defense Analyst role. This course is made up of demonstrations of subject matter experts going through a guided lab for each skill. To perform these same steps on the virtual machines shown in the demonstration, please go to https://presidentscup.cisa.gov and create a login to access the lab guide and environment.

• Vulnerability Assessments

This is a basic level course.

Date: 2023

This course is aligned to the NIST SP 800-181 Cybersecurity Workforce Framework:

The following skills are mapped to the NICE Framework’s Cyber Defense Infrastructure Support Specialist. This course is made up of demonstrations of subject matter experts going through a guided lab for each skill. To perform these same steps on the virtual machines shown in the demonstration, please go to https://presidentscup.cisa.gov/practice and create a login to access the lab guide and environment.

• Installing, Configuring, and Troubleshooting

This is a basic level course.

Date: 2023

This course is aligned to the NIST SP 800-181 Cybersecurity Workforce Framework:

The following skills are mapped to the NICE Framework’s Cyber Defense Infrastructure Support Specialist. This course is made up of demonstrations of subject matter experts going through a guided lab for each skill. To perform these same steps on the virtual machines shown in the demonstration, please go to https://presidentscup.cisa.gov/practice and create a login to access the lab guide and environment.

• Incident Response

This is a basic level course.

Date: 2023

This course is aligned to the NIST SP 800-181 Cybersecurity Workforce Framework:

The following skills are mapped to the NICE Framework’s Cyber Defense Infrastructure Support Specialist. This course is made up of demonstrations of subject matter experts going through a guided lab for each skill. To perform these same steps on the virtual machines shown in the demonstration, please go to https://presidentscup.cisa.gov/practice and create a login to access the lab guide and environment.

• Network Access Controls

This is a basic level course.

Date: 2023

This course is aligned to the NIST SP 800-181 Cybersecurity Workforce Framework:

The following skills are mapped to the NICE Framework’s Cyber Defense Infrastructure Support Specialist. This course is made up of demonstrations of subject matter experts going through a guided lab for each skill. To perform these same steps on the virtual machines shown in the demonstration, please go to https://presidentscup.cisa.gov/practice and create a login to access the lab guide and environment.

• Network Device Hardening

This is a basic level course.

Date: 2023

This course is aligned to the NIST SP 800-181 Cybersecurity Workforce Framework:

The following skills are mapped to the NICE Framework’s Cyber Defense Infrastructure Support Specialist. This course is made up of demonstrations of subject matter experts going through a guided lab for each skill. To perform these same steps on the virtual machines shown in the demonstration, please go to https://presidentscup.cisa.gov/practice and create a login to access the lab guide and environment.

• Securing Communications

This is a basic level course.

Date: 2023

This course is aligned to the NIST SP 800-181 Cybersecurity Workforce Framework:

The following skills are mapped to the NICE Framework’s Cyber Defense Infrastructure Support Specialist. This course is made up of demonstrations of subject matter experts going through a guided lab for each skill. To perform these same steps on the virtual machines shown in the demonstration, please go to https://presidentscup.cisa.gov/practice and create a login to access the lab guide and environment.

• Securing Wifi

This is a basic level course.

Date: 2023

This course is aligned to the NIST SP 800-181 Cybersecurity Workforce Framework:

CDM PMO Matt House provides an update of ES-6 version of the CDM Dashboard and its capabilities

Description:

Learn about the capabilities of the CDM Dashboard version ES-6. This video will describe the Federal Dashboard, use case scenarios, and how Cross Cluster Searching can provide its many benefits to federal agencies.

Learning Objectives:

Understanding the capabilities of the ES-6 version of the CDM Dashboard, with focus on the FISMA directives, Binding Operating Directives (BOD), Database as a Service, cross cluster searching, Known Exploited Vulnerabilities (KEV) catalog, plus much more!

Date: May 2023

Length: 34 minutes

Training Proficiency Area: Level 1 - Beginner

Training Purpose: Skill Development

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This video explains the features of the current ES-3 version of the CDM Agency Dashboard.

Date: 2021

Training Proficiency Area: Level 1 - Basic

Training Purpose: Skill Development

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

The next evolution of the CDM Agency Dashboard is being offered in a cloud-based format, which provides agencies with the same functionality but relieves them from having to manage and continue to fund all of the aspects of an “on-prem” security solution. CISA is making this dashboard tool available in a Dashboard as a Service format, or DBaaS. This video will describe DBaaS and its many benefits to federal agencies.

Learning Objectives:

• Understand the basic principals of DBaaS and the CDM Agency Dashboard
• How DBaaS can help minimize agency vulnerabilities
• Provide a demonstration of how DBaaS works

Date: October 2022

Length: 7 minutes

Training Proficiency Area: Level 1 - Beginner

Training Purpose: Skill Development

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

In this video, the updated AWARE 1.5 supplemental overview is described and how it can benefit the federal agencies. Discussion questions include: What are the changes to the scoring algorithm; what are flipping scores; how are scores prioritized; what benchmarks are being accessed.

Date: March 2023

Training Purpose: Skill Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This is a recorded version of an Incident Response Training Webinar delivered to a live audience by instructors. For information on how to register for live and instructor-led courses, please visit: https://www.cisa.gov/resources-tools/programs/Incident-Response-Training.

Learning Objectives:

To protect the confidentiality, integrity, and availability of an agency’s network and the data contained therein, cybersecurity professionals must be able to identify their network enterprise accurately and completely. Network diagrams are essential and serve to help visualize what is on the network, how the overall network is structured, and how all the devices on the network are connected. Every organization should build and maintain current and accurate network diagrams to help manage their network architecture and ultimately determine how to best mitigate potential or realized risks and vulnerabilities.

This webinar includes the following information and more:

• Importance of network diagrams: Students will learn the importance of creating and maintaining network topology diagrams. Students will also understand the importance of identifying data flows and storage, identifying remote access points and external connections, and network segmentation for security.
• Key guidance for organizations: CISA provides guidance on what to include in network diagrams.
• Knowledge check: The course concludes with a brief knowledge check section to reinforce key concepts and takeaways.

This awareness webinar is designed for both technical and non-technical audiences.

Date: 2023

Training Proficiency Area: Level 1 - Beginner

Training Purpose: Skill Development

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework (Top 5)

In this video, Mr. Dave Otto, the Risk expert of the CDM program, explains the Binding Operational Directive 22-01, the CISA KEV (Known Exploited Vulnerabilities) Catalog, and how agencies can better protect their assets.

Date: 2022

Training Proficiency Area: Level 1 - Basic

Training Purpose: Skill Development

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

In this video, Mr. Richard Grabowski, acting CDM PMO, explains CDM Enabled Threat Hunting (CETH) and how CETH benefits the federal agencies. He also discusses how the CDM Dashboard supports the implementation of Endpoint Detection and Response (EDR).

Date: 2022

Training Proficiency Area: Level 1 - Basic

Training Purpose: Skill Development

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This is a recorded version of an Incident Response Training Webinar delivered to a live audience by instructors. For information on how to register for live and instructor-led courses, please visit: https://www.cisa.gov/resources-tools/programs/Incident-Response-Training.

Learning Objectives:

Ransomware attacks hit a new target every 14 seconds–shutting down digital operations, stealing information and exploiting businesses, essential services, and individuals alike. This one-hour webinar provides essential knowledge and reviews real-life examples of these attacks to help you and your organization to mitigate and respond to the ever-evolving threat of ransomware.

This webinar includes the following information and more:

• Common attack methods: Learn the definition of ransomware, summary of its large-scale impacts, and how these attacks have developed over time. The webinar will discuss common signs of a ransomware attack and how to respond if an attack is suspected.
• Key guidance for organizations: CISA provides guidance for how to mitigate the impact of ransomware attacks and recover in the event of an attack.
• Case studies: Explore the methods and impacts of real-life cyber-attacks, and how the victims responded and recovered.
• Knowledge check: The course concludes with a brief knowledge check section to reinforce key concepts and takeaways.

This awareness webinar is designed for both technical and non-technical audiences.

Date: 2023

Training Proficiency Area: Level 1 - Beginner

Training Purpose: Skill Development

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework (Top 5)

This is a recorded version of an Incident Response Training Webinar delivered to a live audience by instructors. For information on how to register for live and instructor-led courses, please visit: https://www.cisa.gov/resources-tools/programs/Incident-Response-Training.

Learning Objectives:

Log files provide the data that are the bread and butter of incident response, enabling network analysts and incident responders to investigate and diagnose issues and suspicious activity from network perimeter to epicenter. This webinar introduces the fundamentals of investigating logs for incidents.

This webinar includes the following information and more:

• Common attack methods: Understand log analysis, and its importance as a crucial component of incident response and network security.
• Key guidance for organizations: Introduce resources and tools that enable organizations and individuals to use log analysis to query for threat activity including SIEM, FPCAP analysis, and using PowerShell and Active Directory to run scripts.
• Case studies: Explore the methods and impacts of real-life cyberattacks, and how the victims responded and recovered.
• Knowledge check: The course concludes with a brief knowledge check section to reinforce key concepts and takeaways.

This awareness webinar is designed for both technical and non-technical audiences.

Date: 2023

Training Proficiency Area: Level 1 - Beginner

Training Purpose: Skill Development

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework (Top 5)

Description:

This course is a recording of a virtual 3 hour course which provides participants with the essential knowledge of the ES-5 version of the CDM Agency Dashboard. It explains basic features and navigation within the environment, and includes demonstrations using the CDM Agency Dashboard to identify and report on asset vulnerabilities and other key features of the dashboard.

Register to join the next live iteration of this course via https://www.cisa.gov/cdm-training.

Learning Objectives:

• Understand CDM Agency Dashboard basic features and functionality
• Instructor demonstrates the CDM Agency Dashboard

Date: April 2023

Length: 3 hours

Training Proficiency Area: Level 1 - Beginner

Training Purpose: Skill Development

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

Learning Objectives:

• Understand CDM agency dashboard functionalities around asset management
• Learn how to create asset management queries
• Learn how to create reports

Date: April 2023

Training Proficiency Area: Level 1 - Beginner

Training Purpose: Skill Development

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This CDM Agency Dashboard video will provide a foundation level of knowledge and background that will help end users of the dashboard better understanding the functionality of ES-5 of the CDM Agency Dashboard.

Learning Objectives:

• Understand the Header Section of the CDM Agency Dashboard ES-5
• Utilize the Tool Bar feature the dashboard
• Provide an overview of the Query Bar
• Become familiar with the Time Filter of the dashboard
• Understand the Navigation Panel and Navigation Drawer features of the dashboard

Date: May 2022

Length: 10 minutes

Training Proficiency Area: Level 1 - Beginner

Training Purpose: Skill Development

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This course is a recording of a virtual two-hour course covering the ES-4 version of the CDM Agency Dashboard. This course introduces participants to the updated version 1.5 of the CDM Agency-Wide Adaptive Risk Enumeration (AWARE) and other vulnerability management topics. With the information provided, dashboard users can identify the most critical vulnerabilities and prioritize mitigation activities at their agency.

Register to join the next live iteration of this course via https://www.cisa.gov/cdm-training.

Learning Objectives:

• Understand the CDM Agency-Wide Adaptive Risk Enumeration (AWARE) Score
• Walkthrough how to identify vulnerabilities in the CDM Agency Dashboard

Date: May 2023

Training Proficiency Area: Level 1 - Beginner

Training Purpose: Skill Development

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This video explains the new AWARE 1.5 scoring and features.

Date: 2022

Training Purpose: Skill Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

In this video, the AWARE 1.5 risk scoring overview is described and how it can benefit the federal agencies.

Date: May 2022

Training Purpose: Skill Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This video explains the features of AWARE 1.5 on the current ES-3 version of the CDM Agency Dashboard.

Date: 2021

Training Proficiency Area: Level 1 - Basic

Training Purpose: Skill Development

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This 2.5 hour course is a recording of a virtual four-hour course covering the ES-5 version of the CDM Agency Dashboard. This course introduces participants to the four identity management capabilities - PRIV, CRED, TRUST, and BEHAVE - and to the use of the new CDM Agency Dashboard to reduce risks associated with each.

Register to join the next live iteration of this course via https://www.cisa.gov/cdm-training.

• Overview of how the CDM Agency Dashboard addresses user-centric data in addition to hardware and software information.
• Strategies for integrating PRIV/CRED/TRUST/BEHAVE capabilities into routine processes workflows to drive increased risk awareness and mitigation.

Date: March 2023

Training Proficiency Area: Level 2 - Intermediate

Training Purpose: Skill Development

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This 39 minute video is an interview recording of a Mr. Ross Foard, subject matter expert for DHS/CISA, and Identity and Access Management (IAM) . This video provides participants with the essential knowledge of IAM and the CDM Agency Dashboard.

Learning Objectives:

• Understand CDM Agency Dashboard basic features and IAM functionality.

Date: 2021

Training Proficiency Area: Level 2 - Intermediate

Training Purpose: Skill Development

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This video provides an overview of the configuration settings management (CSM) capability and how CSM helps to reduce cyber-attacks in software and hardware assets within the Continuous Diagnostics and Mitigation (CDM) Program.

Date: 2022

Training Purpose: Skill Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This video discusses the need for standardized benchmarks in the federal government and the use of Defense Information Systems Agency’s (DISA) Security Technical Implementation Guides (STIGs) for integration within the CDM solution. A review of DISA’s role, authority, and DISA STIG compliance levels is provided as well.

Date: 2022

Training Purpose: Skill Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This video explains the CSM features of the current ES-3 version of the CDM Agency Dashboard.

Date: October 2022

Training Proficiency Area: Level 1 - Basic

Training Purpose: Skill Development

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This 2.5 hour virtual course demonstrates the configuration settings management (CSM) capability within the CDM Agency Dashboard. In this course students are shown the basic concepts associated with CSM, the importance of Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIGs), how CSM scoring is incorporated into the current AWARE calculations, and students will gain an understanding of how the CSM capability of the CDM Agency Dashboard can be used to reduce the misconfiguration of assets in their agency IT inventory.

Learning Objectives:

• Overview of the importance of Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIGs) and how CSM scoring is incorporated into the AWARE calculations.
• Walkthrough of how CSM scoring affect the AWARE algorithm and can reduce asset misconfiguration.

Date: December 2022

Training Proficiency Area: Level 2 - Intermediate

Training Purpose: Skill Development

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This video presents an overview of the System Security Analyst role and the six key responsibilities associated with that role. The importance of these six key responsibilities is covered including adherence to agency policy and assessing metrics and data.

Date: 2022

Training Purpose: Skill Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This video presents cybersecurity concepts associated with continuous monitoring of issues that affect networks. A review of workplan concepts, checks and reviews, and mitigation recommendations is also covered.

Date: 2022

Training Purpose: Skill Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This 2.5 hour course demonstrates the continuous monitoring and analysis capability with version ES-5 of the CDM Agency Dashboard. This is a role-based course for those in the cybersecurity workforce that use the dashboard routinely. In this course students are shown concepts associated with continuous monitoring and analysis of the top issues that affect networks. Topics include an overview of the responsibilities of the Security analyst, continuous monitoring, how the CDM Agency Dashboard can be used to identify vulnerabilities, AWARE scoring, the reporting function, and possible courses of action.

Learning Objectives:

• Overview of the importance of the CDM Agency Dashboard role of system security analyst, which includes monitoring and vulnerability identification.
• Strategies for securing agency assets and creating report functionality using the CDM Agency Dashboard.

Date: March 2023

Training Proficiency Area: Level 2 - Intermediate

Training Purpose: Skill Development

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This 2.5 hour course demonstrates the continuous monitoring and analysis capability with version ES-5 of the CDM Agency Dashboard. This is a role-based course for those in the cybersecurity workforce that use the dashboard routinely. In this course students are shown concepts associated with continuous monitoring and analysis of the top issues that affect networks. Topics include an overview of the responsibilities of the Security analyst, continuous monitoring, how the CDM Agency Dashboard can be used to identify vulnerabilities, AWARE scoring, the reporting function, and possible courses of action.

Learning Objectives:

• Overview of the importance of the CDM Agency Dashboard role of system security analyst, which includes monitoring and vulnerability identification.
• Strategies for securing agency assets and creating report functionality using the CDM Agency Dashboard.

Date: March 2023

Training Proficiency Area: Level 2 - Intermediate

Training Purpose: Skill Development

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This 2.5 hour recording focuses on policy origination, provides an historic timeline, describes current directives and will guide the learner on how the CDM Dashboard can be used to address a directive, adhere to policies, and understand how to continuously monitor known exploitable vulnerabilities (KEVs.).

Learning Objectives:

• Describe the federal policy and directive origination process
• Identify the most current / relevant government directives that relate to cybersecurity
• Utilize the CDM Agency Dashboard to identify vulnerabilities in response to federal directives
• Identify characteristics of BOD 22-01 and the response procedures

Date: March 2023

Training Proficiency Area: Level 1 - Intermediate

Training Purpose: Skill Development

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This 2 hour course provides managers with an overview of the CDM Agency Dashboard. In this course students are shown concepts associated with the CDM Agency Dashboard and how to create appropriate reports.

Target Audience: This course is applicable to workforce Executives and Senior-level Managers who need to understand how Information Assurance and cybersecurity principles affect their agencies, how the CDM program helps support those principles, and how their CDM Agency Dashboard can help establish a cybersecurity baseline and identify and reduce their attack surface.

The National Initiative for Cybersecurity Education (NICE) roles of: Authorizing Official/Designated Representative, Executive Cyber Leadership, Program Managers, and other senior management roles responsible for cybersecurity within their agency will benefit from this course.

Learning Objectives:

• Discuss the principles of information assurance
• Discuss Federal laws and required executive and Senior-level management responsibilities
• Discuss the purpose and function of the CDM Program
• Discuss the purpose and benefit of the CDM Agency and Federal Dashboards
• Reviewing the CDM Agency Dashboard information to make risk-based decisions Includes lab exercises

Date: March 2023

Training Proficiency Area: Level 1 - Beginner

Training Purpose: Skill Development

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This course focuses on building skills to improve the ability to piece together the various components of the digital investigation. The course begins with acquisition planning and preparation, progresses through the investigative process, and concludes with analysis techniques and methods for more manageable investigations.

Learning Objectives:

• Develop an investigative process for the digital forensic investigation.
• Explain methods of focusing investigations through analysis of multiple evidence sources.
• Effectively prepare for incident response of both victim and suspect systems.
• Identify sources of evidentiary value in various evidence sources including network logs, network traffic, volatile data and through disk forensics.
• Identify common areas of malicious software activity and characteristics of various types of malicious software files.
• Confidently perform live response in intrusion investigation scenarios.

Date: 2020

Training Purpose: Skill Development

Training Proficiency Area: Level 3 - Advanced

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This course orients analysts to analyzing common protocols, identifying suspicious or malicious traffic and provides an introduction to the Wireshark packet filter syntax.

By the end of this course, you should be able to use network flow data to do the following:

• Evaluate the correct implementation of application traffic on the network.
• Find anomalous traffic on a large network.
• Find malicious activity given additional network and intelligence data sources.
• Identify potential malicious activity on a network.
• Provide input for appropriate techniques in an operational environment.

This course will introduce rules and go over example syntax, protocols, and expressions. It contains several supporting video demonstrations as well as lab exercises writing and testing basic rules.

Learning Objectives:

• Identify poorly written signatures and revise them.
• Write regular expressions.
• Create signatures.
• Identify information in PCAP data to use for creating alerts.

Date: 2011

Training Purpose: Skill Development

Training Proficiency Area: Level 2 - Intermediate

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This course focuses on advanced concepts for writing scripts for the Microsoft Windows operating system. The course covers how to string multiple commands together in traditional BATCH scripts, as well as leverage Visual Basic Scripting (VBS) to perform more complex tasks and includes reinforcing video demonstrations and final assessment.

Learning Objectives:

• Understand the fundamentals of Visual Basic Scripting.
• Recognize the concepts of redirection, piping, and how to conduct complex tasks with multiple commands.
• Apply integration of Windows BATCH with Visual Basic Scripting.
• Demonstrate how to access the Windows API from Visual Basic Scripting.

Date: 2015

Training Purpose: Functional Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This three-module course teaches the beginner analyst how to develop the analytical skills and capabilities needed to handle a potential cyber incident— from analysis to reporting findings.

Learning Objectives: By the end of this course, participants will be familiar with

• How to think about the approach to analysis
• Writing a proper hypothesis and prediction
• The Importance of Organizational Context
• Impact of the Organization Environment
• Gathering the necessary information to analyze an incident
• Analyzing the Functional elements of an incident
• Analyzing the Strategic elements of an incident
• Assembling the elements to solve the cyber puzzle
• Reporting the finding results of the analysis
• Accessing CISA resources for incident and vulnerability cases.

Date: 2022

Training Purpose: Skill Development

Training Proficiency Area: Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This course is designed for network flow data analysts who use or are considering using Analysis Pipeline (http://tools.netsa.cert.org/analysis-pipeline5/index.html). The course aims to create a better understanding of how to incorporate streaming network flow analysis into their toolkit for identifying and alerting on events of interest. The focus will be on applying Analysis Pipeline to operational use cases.

Learning Objectives
At the completion of this course analysts will be able to:

• Understand Analysis Pipeline and its role in network flow data streaming analytics and alerting.
• Understand the Analysis Pipeline configuration language.
• Develop and implement network flow data use cases with Analysis Pipeline.

Date: 2016

Training Purpose: Skill Development

Training Proficiency Area: Level 2 - Intermediate

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This course provides the foundational practices and ethical principles of artificial intelligence. Diving into each of the ethical principles along with other technical ethics, it is aimed at reducing risk and unwanted bias to create ethical, transparent, and fair artificial intelligence systems.

Learning Objectives:

• Explain the harm with bias in artificial intelligence.
• Discuss how to reduce risk and unwanted bias.
• Cite several principles of AI and the goals of each.
• Describe how principles are applied to create ethical, transparent, and fair AI.

Date: 2020

Training Purpose: Skill Development

Training Proficiency Area: Level 2 - Intermediate

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This self-study course focuses on preparing learners for the EC-Council Certified Ethical Hacker version 10 certification exam. This course contains materials on advanced network assessment techniques including enumeration, scanning, and reconnaissance. It is designed to use the same knowledge and tools as a malicious hacker, but in an ethical and lawful manner to examine an organization's network security posture. The course concludes with a practice exam.

Learning Objectives:

• Learn how to perform a vulnerability analysis to identify security weakness in an organization's network structure.
• Perform a security assessment of a cloud environment to understand cloud computing threats and attacks.
• Understand risks and defensive strategies for IoT platforms and devices.

Date: 2019

Training Purpose: Skill Development

Training Proficiency Area: Level 3 - Advanced

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This short CDM Agency Dashboard video will provide a foundation level of knowledge and background that will help end users of the dashboard prepare for training demonstrations and hands-on activities, as well as the implementation of the Elastic dashboard.

Learning Objectives:

• Become familiar with the Kibana User Interface of the CDM Agency Dashboard
• Better understand the CDM Agency Dashboard architecture and data flow
• Understand the general architecture, data flow, and data structure and schema
• Become familiar with JSON Documents

Date: 2022

Training Proficiency Area: Level 1 - Beginner

Training Purpose: Skill Development

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This course is a self-study resource to help prepare for the Cisco CCENT certification, one of the prerequisites for the Cisco CCNA certification. Installing, operating, configuring, and verifying a basic IPv4 and IPv6 network will be discussed. The course focuses on configuring a local area network (LAN) switch, configuring an internet protocol (IP) router, and identifying basic security threats. It includes several reinforcing video demonstrations of concepts discussed, as well as a quiz.

Learning Objectives:

• Review of objectives for the Cisco Certified Entry Networking Technician certification
• Supplemental preparation for the Cisco CCENT certification exam

Date: 2016

Training Purpose: Operate and Maintain

Training Proficiency Area: Level 2 - Intermediate

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This course is the follow-up to Cisco CCENT and is aimed to prepare learners for the Cisco CCNA Security exam. Content covered in this course includes protocol sniffers, analyzers, TCP/IP, desktop utilities, Cisco IOS, the Cisco VPN, a Cisco simulation program called Packet Tracer, and some web-based resources. The course focuses on a theoretical understanding of network security, knowledge, and skills designed to implement it. This course contains several reinforcing video demonstrations and final exam.

Learning Objectives:

• Review of objectives for the Cisco Certified Network Associate certification
• Supplemental preparation for the Cisco CCNA certification exam

Date: 2015

Training Purpose: Skill Development

Training Proficiency Area: Level 2 - Intermediate

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This course explores the guidance from the Cloud Security Alliance (CSA), National Institute of Standards and Technology (NIST), National Security Agency (NSA), and several Cloud Service Providers (CSPs). Objectives cover cloud security risks and threats, basic operations, incident response considerations, along with application, data and infrastructure security concepts. Where applicable, demonstrations of cloud provider tools and capabilities will be used to reinforce key points.

Learning Objectives:

• Define cloud models and components.
• Apply CSA security guidance and other best practices to cloud deployments.
• Understand cybersecurity requirements within the Shared Responsibilities model.
• Prepare for cloud computing governance and compliance challenges.
• Relate traditional cybersecurity controls to popular cloud solutions.
• Recognize and prepare for cloud computing threats.
• Review additional cloud security tools and use cases.

Date: 2020

Training Purpose: Skill Development

Training Proficiency Area: Level 2 - Intermediate

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

The Cloud Computing Concepts course highlights concepts and best practices for cloud architecture, design, security, and operations. Topics include leveraging cloud environments for critical assets or operations, and the impacts on data and application security, as well as legal, risk, and compliance considerations.

Learning Objectives:

• Compare cloud service and deployment models and each’s impact on customer control and responsibilities
• Identify data security strategies within cloud environments
• Explain secure data center design concepts including example risks and security controls
• Describe the Secure Software Development Life Cycle (SDLC) and its relation to applications within cloud environments
• Summarize concepts for building, operating, and managing physical and logical infrastructure for cloud environments
• Outline privacy, legal, and audit requirements with cloud environments, and how it relates to evaluating providers

Date: 2021

Training Purpose: Skill Development

Training Proficiency Area: Level 2 - Intermediate

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This course introduces concepts around Infrastructure as a Service (IaaS), Platform as a Service (PaaS), Software as a Service (SaaS), Multiple Cloud Hosting and Hybrid Cloud Hosting.

Date: 2021

Training Purpose: Skill Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This course features National Defense University Professor Robert Richardson who discusses important security and oversight requirements for commercial cloud solutions.

Learning Objectives:

• Overview of the cloud physically, logically, and architecturally.
• Discuss cloud deployment models and characteristics.
• Overview of cloud infrastructure characteristics.
• Cloud Supply Chain Risk Management and considerations of commercial cloud as third-party cloud services; senior leaders should "beware of the gaps and seams."
• Cloud software components - microservices & APIs.
• The driving forces and key technology enablers of commercial cloud services in the Federal Government.
• Must-have security requirements and policies for cloud solutions.
• The top ten cybersecurity cloud risks such as: loss of service, data breaches, human error. As well as non-cybersecurity risks such as: outsourcing risks, personnel security, and supply chain risk management.
• Where Federal Government adoption of commercial cloud is now and predictions for the future.

Date: 2020

Training Purpose: Skill Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This course is designed for managers, staff, and other stakeholders who may be involved in implementation and/or decision making regarding Continuous Diagnostics and Mitigation (CDM). This course explains how Continuous Monitoring as a Service (CMaaS) relates to the Continuous Diagnostics and Mitigation (CDM) program.

Date: 2016

Training Purpose: Skill Development

Training Proficiency Area: Level 0 - Introduction

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This course is designed for managers, staff, and other stakeholders who may be involved in implementation and/or decision making regarding Continuous Diagnostics and Mitigation (CDM). The course aims to help the learner better understand how Continuous Monitoring as a Service (CMaaS) will be implemented in DHS Component networks.

Date: 2017

Training Purpose: Skill Development

Training Proficiency Area: Level 1 - Basic

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This course is part of the CMaaS transitional webinar series conducted via WebEx. Each video focuses on a single tool within the CMaaS solution stack and includes two major Use Cases for each tool.

Date: 2018

Training Purpose: Skill Development

Training Proficiency Area: Level 1 - Basic

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This course focuses on the basics of computer programming and how to give a machine a set of instructions to produce a desired behavior. This course also provides information on the elements of programming and programming languages, frameworks, and models. The course includes an interactive programming game, interactive knowledge checks, and the chance to write a fully functional code.

Learning Objectives:

• Define programming.
• Describe the structure and purpose of major programming paradigms.
• Explain the difference between high-level and low-level languages.
• Describe the uses of scripting and compiled languages.
• State the elements of programming.
• Explain when to use a variable in programming.
• List basic data types.
• State how operators are used in programming.
• Explain why logic and flow are important in programming.
• State the purpose of programming frameworks.

Date: 2017

Training Purpose: Skill Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

Think about your organization’s most critical functions: what do others depend on you to provide? Your high-value assets (HVAs), also known as critical assets across many industries, are the information or information systems that have serious impact to your organization’s ability to conduct its mission or business operations if lost, corrupted, or inaccessible. Across sectors and industries, data and information systems that underpin core business and operational functions- or those systems that connect to core functionalities- make highly tempting targets for sophisticated criminal, politically motivated, or state-sponsored actors to exploit directly or compromise to undermine public trust.

The HVA program was established by CISA to help organizations gain a comprehensive understanding of the risks that dynamic threat actors pose and identify the high-value information and systems that are likely targets.

This webinar provides an overview of the following key information:

• HVA and critical asset overview: Define high-value assets, and how to assess and prioritize risks.
• Common threats: Understand the most likely threats to HVAs and how to mitigate associated vulnerabilities.
• CISA guidance: Learn the steps and parameters to identify, categorize, prioritize, and secure your HVAs or critical assets.
• Case studies: Explore the impacts of documented critical or high-value asset cyberattacks, and the success of resulting response and recovery efforts.

This course is accessible to a non-technical audience including managers and business leaders and provides an organizational perspective useful to technical specialists.

Date: July 2021

Training Purpose: Skill Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework