FedVTE Course Catalog

This is a 10-minute video explaining how to enroll and log onto the CDM Training Environment which is used in the live delivery of the CDM webinars. The Training Environment allows students to participate in lab activities and apply what they learn in the webinars in real-time.

Register to join the next live iteration of this course via https://www.cisa.gov/cdm-training.

Learning Objectives:

• Learn how to enroll in the CDM Training Environment
• Learn how to log onto the CDM Training Environment

Date: 2021

Training Proficiency Area: Level 1 - Beginner

Training Purpose: Skill Development

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework: N/A

This course is a recording of a virtual two-hour course which is the first of six webinars. This course provides participants with the essential knowledge of the ES-2 version of the CDM Agency Dashboard. It explains basic features and navigation within the environment, and includes demonstrations using the new CDM Agency Dashboard to identify and report on vulnerabilities.

Register to join the next live iteration of this course via https://www.cisa.gov/cdm-training.

Learning Objectives:

• Understand CDM Agency Dashboard basic features and functionality
• Instructor demonstrates the CDM Agency Dashboard

Date: 2020

Training Proficiency Area: Level 1 - Beginner

Training Purpose: Skill Development

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This course is a recording of a virtual two-hour course which is the second of six webinars covering the ES-2 version of the CDM Agency Dashboard. This course introduces participants to CDM Agency-Wide Adaptive Risk Enumeration (AWARE) and other vulnerability management topics. With the information provided, dashboard users can identify the most critical vulnerabilities and prioritize mitigation activities at their agency.

Register to join the next live iteration of this course via https://www.cisa.gov/cdm-training.

Learning Objectives:

• Understand the CDM Agency-Wide Adaptive Risk Enumeration (AWARE) Score
• Walkthrough how to identify vulnerabilities in the CDM Agency Dashboard

Date: 2021

Training Proficiency Area: Level 1 - Beginner

Training Purpose: Skill Development

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This course is a recording of a virtual two-hour course which is the second of six webinars covering the ES-2 version of the CDM Agency Dashboard. This course introduces participants to the four identity management capabilities - PRIV, CRED, TRUST, and BEHAVE - and to the use of the new CDM Agency Dashboard to reduce risks associated with each.

Register to join the next live iteration of this course via https://www.cisa.gov/cdm-training.

Learning Objectives:

• Overview of how the CDM Agency Dashboard addresses user-centric data in addition to hardware and software information
• Strategies for integrating PRIV/CRED/TRUST/BEHAVE capabilities into routine processes workflows to drive increased risk awareness and mitigation.

Date: 2021

Training Proficiency Area: Level 1 - Beginner

Training Purpose: Skill Development

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This course focuses on building skills to improve the ability to piece together the various components of the digital investigation. The course begins with acquisition planning and preparation, progresses through the investigative process, and concludes with analysis techniques and methods for more manageable investigations.

Learning Objectives:

• Develop an investigative process for the digital forensic investigation.
• Explain methods of focusing investigations through analysis of multiple evidence sources.
• Effectively prepare for incident response of both victim and suspect systems.
• Identify sources of evidentiary value in various evidence sources including network logs, network traffic, volatile data and through disk forensics.
• Identify common areas of malicious software activity and characteristics of various types of malicious software files.
• Confidently perform live response in intrusion investigation scenarios.

Date: 2020

Training Purpose: Skill Development

Training Proficiency Area: Level 3 - Advanced

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This course will introduce rules and go over example syntax, protocols, and expressions. It contains several supporting video demonstrations as well as lab exercises writing and testing basic rules.

Learning Objectives:

• Identify poorly written signatures and revise them.
• Write regular expressions.
• Create signatures.
• Identify information in PCAP data to use for creating alerts.

Date: 2011

Training Purpose: Skill Development

Training Proficiency Area: Level 2 - Intermediate

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This course focuses on advanced concepts for writing scripts for the Microsoft Windows operating system. The course covers how to string multiple commands together in traditional BATCH scripts, as well as leverage Visual Basic Scripting (VBS) to perform more complex tasks and includes reinforcing video demonstrations and final assessment.

Learning Objectives:

• Understand the fundamentals of Visual Basic Scripting.
• Recognize the concepts of redirection, piping, and how to conduct complex tasks with multiple commands.
• Apply integration of Windows BATCH with Visual Basic Scripting.
• Demonstrate how to access the Windows API from Visual Basic Scripting.

Date: 2015

Training Purpose: Functional Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This course is designed for network flow data analysts who use or are considering using Analysis Pipeline (http://tools.netsa.cert.org/analysis-pipeline5/index.html). The course aims to create a better understanding of how to incorporate streaming network flow analysis into their toolkit for identifying and alerting on events of interest. The focus will be on applying Analysis Pipeline to operational use cases.

Learning Objectives
At the completion of this course analysts will be able to:

• Understand Analysis Pipeline and its role in network flow data streaming analytics and alerting.
• Understand the Analysis Pipeline configuration language.
• Develop and implement network flow data use cases with Analysis Pipeline.

Date: 2016

Training Purpose: Skill Development

Training Proficiency Area: Level 2 - Intermediate

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This course provides the foundational practices and ethical principles of artificial intelligence. Diving into each of the ethical principles along with other technical ethics, it is aimed at reducing risk and unwanted bias to create ethical, transparent, and fair artificial intelligence systems.

Learning Objectives:

• Explain the harm with bias in artificial intelligence.
• Discuss how to reduce risk and unwanted bias.
• Cite several principles of AI and the goals of each.
• Describe how principles are applied to create ethical, transparent, and fair AI.

Date: 2020

Training Purpose: Skill Development

Training Proficiency Area: Level 2 - Intermediate

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This self-study course focuses on preparing learners for the EC-Council Certified Ethical Hacker version 10 certification exam. This course contains materials on advanced network assessment techniques including enumeration, scanning, and reconnaissance. It is designed to use the same knowledge and tools as a malicious hacker, but in an ethical and lawful manner to examine an organization's network security posture. The course concludes with a practice exam.

Learning Objectives:

• Learn how to perform a vulnerability analysis to identify security weakness in an organization's network structure.
• Perform a security assessment of a cloud environment to understand cloud computing threats and attacks.
• Understand risks and defensive strategies for IoT platforms and devices.

Date: 2019

Training Purpose: Skill Development

Training Proficiency Area: Level 3 - Advanced

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

These short videos (5-11 minutes) of the new CDM Agency Dashboard will provide a foundation level of knowledge and background that will help end users of the dashboard prepare for training demonstrations and hands-on activities, as well as the implementation of the new dashboard.

Learning Objectives:

• Understand what are CDM and the CDM Agency Dashboard
• Understand the New CDM Agency Dashboard
• Provide an overview on the AWARE Scoring Algorithm 1.0
• Become familiar with the Kibana User Interface
• Understand the general architecture, data flow, and data structure and schema
• Become familiar with JSON Documents

Date: 2021

Training Proficiency Area: Level 1 - Beginner

Training Purpose: Skill Development

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

Custom Searches and Reports: View demonstrations of navigating and searching the data within the CDM Agency Dashboard. See how that data can be used to create meaningful and visually appealing custom reports to communicate query results to leadership and stakeholders.

Learning Objectives:

• Learn how to examine the standard operating view (SOV) and iView of the Legacy (Archer) CDM agency dashboard
• Learn how to examine records and containers, browse and filter hardware records and build custom queries

Date: 2019

Training Proficiency Area: Level 1 - Beginner

Training Purpose: Skill Development

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

Custom Searches and Reports: View demonstrations of navigating and searching the hardware and software data within CDM and create reports.

Learning Objectives:

• Learn how to find hardware by the FISMA container using the Legacy (Archer) CDM Agency Dashboard
• Learn how to conduct a multi-filter query to find legacy software and unauthorized software
• Learn how to create reports and iViews from custom queries

Date: 2019

Training Proficiency Area: Level 1 - Beginner

Training Purpose: Skill Development

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

Learn how to use AWARE to prioritize vulnerability management activities to address the worst vulnerabilities first.

Learning Objectives:

• Understand AWARE Risk Scoring using the Legacy (Archer) CDM Agency Dashboard
• Learn how to identify vulnerabilities, components and mitigations

Date: 2019

Training Proficiency Area: Level 1 - Beginner

Training Purpose: Skill Development

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

The course provides a high level overview of the CDM program. Topics covered include basic CDM concepts, how CDM relates to NIST 800-53 and other NIST SPs, CDM Concept of Operations, the CDM Environment, and CDM’s Phases and Capabilities.

Training Purpose: Securely Provision, Oversee and Govern, Protect and Defend

Specialty Areas: Risk Management, Cybersecurity Management, Vulnerability Assessment and Management, Cyber Defense Analysis

Proficiency: Level 1 - Basic

Capture Date: 2015

The course begins by defining Hardware Asset Management (HWAM) and why it is critical to the implementation of a robust cybersecurity program. The training highlights the criteria for monitoring and managing hardware assets using CDM. It then transitions into HWAM implementation criteria and discusses the generic CDM concept of operations specific to HWAM. Topics covered include Actual State, Desired State, and Defects.

Training Purpose: Securely Provision, Oversee and Govern, Protect and Defend

Specialty Areas: Risk Management, Cybersecurity Management, Vulnerability Assessment and Management, Cyber Defense Analysis

Proficiency: Level 1 - Basic

Capture Date: 2015

The course begins by defining SWAM and why it is critical to the implementation of a robust cyber-security program. It covers new roles and responsibilities which the department or agency (D/A) must implement. It then transitions into SWAM implementation criteria, and discusses the generic CDM concept of operations specific to SWAM Actual State, Desired State, and Defects. It includes high level discussions of software lists (white, gray, black) and how software can be identified and tracked in CDM through the use of Common Platform Enumeration (CPE) and Software Identification (SWID) tags by Software package down to executables.

Training Purpose: Securely Provision, Oversee and Govern, Protect and Defend

Specialty Areas: Risk Management, Cybersecurity Management, Vulnerability Assessment and Management, Cyber Defense Analysis

Proficiency: Level 1 - Basic

Capture Date: 2015

The course begins by outlining the Cyber Security Manager position (CSM) and highlighting the types of attacks CSM can help prevent. It then transitions into CSM methods and criteria, where it reviews Actual State, Desired State, and Defect Checks specific to the capability area. It explains how CSM builds upon the other capabilities and how defect checks differ at the local and federal levels.

Training Purpose: Securely Provision, Oversee and Govern, Protect and Defend

Specialty Areas: Risk Management, Cybersecurity Management, Vulnerability Assessment and Management, Cyber Defense Analysis

Proficiency: Level 1 - Basic

Capture Date: 2015

The course begins by defining VULN, how it applies to the target environment, and how a fully implemented VULN capability impacts a Department or Agency. It then transitions into VULN criteria and methods, where it reviews Actual State, Desired State, and Defect Checks specific to the capability area. It explains how VULN builds upon the other capabilities areas, the types of defects, and how those defect checks differ at the local and federal levels.

Training Purpose: Securely Provision, Oversee and Govern, Protect and Defend

Specialty Areas: Risk Management, Cybersecurity Management, Vulnerability Assessment and Management, Cyber Defense Analysis

Proficiency: Level 1 - Basic

Capture Date: 2015

• X1 An introduction into the PRIVMGMT solution and how it aligns to CDM goals.
• X2 General use of the web portal for requesting, accessing and managing privileged credentials.
• X3 Account management features which include account reconciliation and password management.
• X4 Credential Approval designed to provide agencies with a functional understanding of approving credential requests.
• P1 Splunk dashboard introduction.
• S1 SailPoint Introduction covers the UI and highlights how to locate an Identity Attribute
• S2 SailPoint Administration I covers configuring Applications and Tasks.
• S3 SailPoint Administration II covers Target Applications and Connectors
• S4 SailPoint Administration III includes the ability to run, schedule and review reports.

• C1 An introduction into the PRIVMGMT solution and how it aligns to CDM goals.
• C2 General use of the web portal for requesting, accessing and managing privileged credentials.
• C3 Account management features which include account reconciliation and password management.
• C4 Credential Approval designed to provide agencies with a functional understanding of approving credential requests.
• P1 Splunk dashboard introduction.
• S1 SailPoint Introduction covers the UI and highlights how to locate an Identity Attribute.
• S2 SailPoint Administration I covers configuring Applications and Tasks.
• S3 SailPoint Administration II covers Target Applications and Connectors.
• S4 SailPoint Administration III includes the ability to run, schedule and review reports.

• X1 An introduction into the PRIVMGMT solution and how it aligns to CDM goals.
• X2 General use of the web portal for requesting, accessing and managing privileged credentials.
• X3 Account management features which include account reconciliation and password management.
• X4 Credential Approval designed to provide agencies with a functional understanding of approving credential requests.
• P1 Splunk dashboard introduction.
• S1 SailPoint Introduction covers the UI and highlights how to locate an Identity Attribute
• S2 SailPoint Administration I covers configuring Applications and Tasks.
• S3 SailPoint Administration II covers Target Applications and Connectors
• S4 SailPoint Administration III includes the ability to run, schedule and review reports.

• C1 An introduction into the PRIVMGMT solution and how it aligns to CDM goals.
• C2 General use of the web portal for requesting, accessing and managing privileged credentials.
• C3 Account management features which include account reconciliation and password management.
• C4 Credential Approval designed to provide agencies with a functional understanding of approving credential requests.
• P1 Splunk dashboard introduction.
• S1 SailPoint Introduction covers the UI and highlights how to locate an Identity Attribute
• S2 SailPoint Administration I covers configuring Applications and Tasks.
• S3 SailPoint Administration II covers Target Applications and Connectors
• S4 SailPoint Administration III includes the ability to run, schedule and review reports.

• X1 An introduction into the PRIVMGMT solution and how it aligns to CDM goals.
• X2 General use of the web portal for requesting, accessing and managing privileged credentials.
• X4 Credential Approval designed to provide agencies with a functional understanding of approving credential requests.
• P1 Splunk dashboard introduction.
• P2 Splunk Integration

• C1 An introduction into the PRIVMGMT solution and how it aligns to CDM goals.
• C2 General use of the web portal for requesting, accessing and managing privileged credentials.
• C4 Credential Approval designed to provide agencies with a functional understanding of approving credential requests.
• P1 Splunk dashboard introduction.
• P2 Splunk Integration

C1 An introduction into the PRIVMGMT solution and how it aligns to CDM goals.
C2 General use of the web portal for requesting, accessing and managing privileged credentials.
C3 Account management features which include account reconciliation and password management.

C1 An introduction into the PRIVMGMT solution and how it aligns to CDM goals.
C2 General use of the web portal for requesting, accessing and managing privileged credentials.
C3 Account management features which include account reconciliation and password management.

• X1 An introduction into the PRIVMGMT solution and how it aligns to CDM goals.
• X2 General use of the web portal for requesting, accessing and managing privileged credentials.
• X3 Account management features which include account reconciliation and password management.
• X4 Credential Approval designed to provide agencies with a functional understanding of approving credential requests.
• S1 SailPoint Introduction covers the UI and highlights how to locate an Identity Attribute
• S2 SailPoint Administration I covers configuring Applications and Tasks.
• S3 SailPoint Administration II covers Target Applications and Connectors
• S4 SailPoint Administration III includes the ability to run, schedule and review reports.

• C1 An introduction into the PRIVMGMT solution and how it aligns to CDM goals.
• C2 General use of the web portal for requesting, accessing and managing privileged credentials.
• C3 Account management features which include account reconciliation and password management.
• C4 Credential Approval designed to provide agencies with a functional understanding of approving credential requests.
• S1 SailPoint Introduction covers the UI and highlights how to locate an Identity Attribute
• S2 SailPoint Administration I covers configuring Applications and Tasks.
• S3 SailPoint Administration II covers Target Applications and Connectors
• S4 SailPoint Administration III includes the ability to run, schedule and review reports.

• X1 An introduction into the PRIVMGMT solution and how it aligns to CDM goals.
• X2 General use of the web portal for requesting, accessing and managing privileged credentials.
• X4 Credential Approval designed to provide agencies with a functional understanding of approving credential requests.
• P1 Splunk dashboard introduction.
• P2 Splunk Integration

• C1 An introduction into the PRIVMGMT solution and how it aligns to CDM goals.
• C2 General use of the web portal for requesting, accessing and managing privileged credentials.
• C4 Credential Approval designed to provide agencies with a functional understanding of approving credential requests.
• P1 Splunk dashboard introduction.
• P2 Splunk Integration

• S1 SailPoint Introduction covers the UI and highlights how to locate an Identity Attribute
• S2 SailPoint Administration I covers configuring Applications and Tasks.
• S3 SailPoint Administration II covers Target Applications and Connectors
• S4 SailPoint Administration III includes the ability to run, schedule and review reports.

X1 An introduction into the PRIVMGMT solution and how it aligns to CDM goals. X2 General use of the web portal for requesting, accessing and managing privileged credentials. X3 Account management features which include account reconciliation and password management. X4 Credential Approval designed to provide agencies with a functional understanding of approving credential requests. X5 Administration I covers how to add new users, devices, organize groups and connect to external resources such as LDAP. X6 Administration II provides users with the ability to create and configure application or services and setup policies. X7 Administration III covers how to run reports and schedule reports, locate/manage log files, perform session management and locate troubleshooting tools. X8 Administration IV provides users with an understanding of how to manage disaster recovery features.

• C1 An introduction into the PRIVMGMT solution and how it aligns to CDM goals.
• C2 General use of the web portal for requesting, accessing and managing privileged credentials.
• C3 Account management features which include account reconciliation and password management.
• C4 Credential Approval designed to provide agencies with a functional understanding of approving credential requests.
• C5 Administration I covers how to add new users, devices, organize groups and connect to external resources such as LDAP.
• C6 Administration II (Part 1 and 2) provides users with the ability to create and manage platforms and safes, configure master policies as well as an in-depth look into safe design.
• C7 Administration III covers how to run reports in the PVWA, operate the PrivateArk Client and how to locate and manage log files.
• C8 Administration IV provides users with an understanding of how to manage disaster recovery features.

This course is a self-study resource to help prepare for the Cisco CCENT certification, one of the prerequisites for the Cisco CCNA certification. Installing, operating, configuring, and verifying a basic IPv4 and IPv6 network will be discussed. The course focuses on configuring a local area network (LAN) switch, configuring an internet protocol (IP) router, and identifying basic security threats. It includes several reinforcing video demonstrations of concepts discussed, as well as a quiz.

Learning Objectives:

• Review of objectives for the Cisco Certified Entry Networking Technician certification
• Supplemental preparation for the Cisco CCENT certification exam

Date: 2016

Training Purpose: Operate and Maintain

Training Proficiency Area: Level 2 - Intermediate

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This course is the follow-up to Cisco CCENT and is aimed to prepare learners for the Cisco CCNA Security exam. Content covered in this course includes protocol sniffers, analyzers, TCP/IP, desktop utilities, Cisco IOS, the Cisco VPN, a Cisco simulation program called Packet Tracer, and some web-based resources. The course focuses on a theoretical understanding of network security, knowledge, and skills designed to implement it. This course contains several reinforcing video demonstrations and final exam.

Learning Objectives:

• Review of objectives for the Cisco Certified Network Associate certification
• Supplemental preparation for the Cisco CCNA certification exam

Date: 2015

Training Purpose: Skill Development

Training Proficiency Area: Level 2 - Intermediate

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This course explores the guidance from the Cloud Security Alliance (CSA), National Institute of Standards and Technology (NIST), National Security Agency (NSA), and several Cloud Service Providers (CSPs). Objectives cover cloud security risks and threats, basic operations, incident response considerations, along with application, data and infrastructure security concepts. Where applicable, demonstrations of cloud provider tools and capabilities will be used to reinforce key points.

Learning Objectives:

• Define cloud models and components.
• Apply CSA security guidance and other best practices to cloud deployments.
• Understand cybersecurity requirements within the Shared Responsibilities model.
• Prepare for cloud computing governance and compliance challenges.
• Relate traditional cybersecurity controls to popular cloud solutions.
• Recognize and prepare for cloud computing threats.
• Review additional cloud security tools and use cases.

Date: 2020

Training Purpose: Skill Development

Training Proficiency Area: Level 2 - Intermediate

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This course features National Defense University Professor Robert Richardson who discusses important security and oversight requirements for commercial cloud solutions.

Learning Objectives:

• Overview of the cloud physically, logically, and architecturally.
• Discuss cloud deployment models and characteristics.
• Overview of cloud infrastructure characteristics.
• Cloud Supply Chain Risk Management and considerations of commercial cloud as third-party cloud services; senior leaders should "beware of the gaps and seams."
• Cloud software components - microservices & APIs.
• The driving forces and key technology enablers of commercial cloud services in the Federal Government.
• Must-have security requirements and policies for cloud solutions.
• The top ten cybersecurity cloud risks such as: loss of service, data breaches, human error. As well as non-cybersecurity risks such as: outsourcing risks, personnel security, and supply chain risk management.
• Where Federal Government adoption of commercial cloud is now and predictions for the future.

Date: 2020

Training Purpose: Skill Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This course is designed for managers, staff, and other stakeholders who may be involved in implementation and/or decision making regarding Continuous Diagnostics and Mitigation (CDM). This course explains how Continuous Monitoring as a Service (CMaaS) relates to the Continuous Diagnostics and Mitigation (CDM) program.

Date: 2016

Training Purpose: Skill Development

Training Proficiency Area: Level 0 - Introduction

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This course is designed for managers, staff, and other stakeholders who may be involved in implementation and/or decision making regarding Continuous Diagnostics and Mitigation (CDM). The course aims to help the learner better understand how Continuous Monitoring as a Service (CMaaS) will be implemented in DHS Component networks.

Date: 2017

Training Purpose: Skill Development

Training Proficiency Area: Level 1 - Basic

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This course is part of the CMaaS transitional webinar series conducted via WebEx. Each video focuses on a single tool within the CMaaS solution stack and includes two major Use Cases for each tool.

Date: 2018

Training Purpose: Skill Development

Training Proficiency Area: Level 1 - Basic

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This course focuses on the basics of computer programming and how to give a machine a set of instructions to produce a desired behavior. This course also provides information on the elements of programming and programming languages, frameworks, and models. The course includes an interactive programming game, interactive knowledge checks, and the chance to write a fully functional code.

Learning Objectives:

• Define programming.
• Describe the structure and purpose of major programming paradigms.
• Explain the difference between high-level and low-level languages.
• Describe the uses of scripting and compiled languages.
• State the elements of programming.
• Explain when to use a variable in programming.
• List basic data types.
• State how operators are used in programming.
• Explain why logic and flow are important in programming.
• State the purpose of programming frameworks.

Date: 2017

Training Purpose: Skill Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This course is a self-study resource to prepare learners for the CompTIA A+ certification exam. Objectives in the CompTIA A+ 220-1001 cover mobile devices, networking technology, hardware, virtualization and cloud computing, and network troubleshooting.

Learning Objectives:

• Identify installation, configuration, and maintenance details for PC components, mobile devices, and user applications.
• Recall basics of networking and security fundamentals.
• Apply troubleshooting techniques and satisfactory customer support.

Date: 2019

Training Purpose: Skill Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This course is a self-study resource to help learners prepare for the CompTIA A+ certification exam. Topics in the A+1002 cover installing and configuring operating systems, expanded security, software troubleshooting, and operational procedures.

Learning Objectives:

• Apply diagnostic and resolution processes to hardware and software issues.
• Employ device installation and sound troubleshooting and customer support practices.
• Recall fundamentals of cloud and virtualization deployment strategies.

Date: 2019

Training Purpose: Skill Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This self-study resource is designed to help learners prepare for the CompTIA Network+ 10-N007 certification exam. This course is focused on IT infrastructure and networking concepts for junior to mid-level IT professionals in the cyber workforce. Objectives include network operations, security, troubleshooting and tools, as well as infrastructure support.

Learning Objectives:

• Design and implement a functional network.
• Configure, manage, and maintain network security, standards, and protocols.
• Troubleshoot network issues.
• Create and support virtualized networks.

Date: 2019

Training Purpose: Skill Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This course discusses the influence, impact, and need for cybersecurity when defending the critical infrastructure and key resources of the United States. This course provides the definition of critical infrastructure, examples of cybersecurity threats to critical infrastructure, and information on what is being done to protect critical infrastructure from these cybersecurity threats.

Learning Objectives:

• Define and give examples of critical infrastructure.
• Identify possible cyber threats to critical infrastructure.
• Describe U.S. cybersecurity policies and programs.
• Explain the cybersecurity roles of the Department of Homeland Security (DHS) and other Federal agencies.

Date: 2017

Training Purpose: Skill Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This course was developed for organizations and individuals who are at the beginning of their planning and implementation process for creating a computer security incident response team or an incident management capability. This course begins with definitions and context for defining a CSIRT framework, followed by services that may be provided and building an action plan. An attendee workbook is included with questions and exercises to use in conjunction with the training.

Learning Objectives:

• Understand the function of Computer Security Incident Response Teams (CSIRTs) and the philosophy behind them.
• Understand the role of CSIRT in the incident management process.
• Identify the requirements to establish an effective CSIRT.
• Appreciate the key issues and decisions that must be addressed when creating a CSIRT.
• Learn to strategically plan the development and implementation of your CSIRT.

Date: 2017

Training Purpose: Management Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This course covers the history, risks, and legality of cryptocurrency as well as discusses what cryptocurrency items can be seized by law enforcement.

Learning Objectives:

• Define cryptocurrency and compare it to traditional currency.
• Describe the history of cryptocurrency.
• State the elements of a cryptocurrency transaction and their roles.
• Describe safety measures taken to protect cryptocurrency.
• Identify items that serve as wallets for cryptocurrency and could be seized by law enforcement.
• Evaluate apps and websites that could be linked to cryptocurrency.
• Compare degrees of anonymity of various cryptocurrencies.
• Compare legal and illegal uses of cryptocurrency.
• Evaluate the legality of different cryptocurrency scenarios.
• Identify notable cases of illegal uses of cryptocurrency found in recent headlines.

Date: 2019

Training Purpose: Investigate

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This course provides an overview of cybersecurity threats and best practices to keep information and information systems secure. Every year, authorized users of certain information systems must complete the Cyber Awareness Challenge to maintain awareness of and stay current on new cybersecurity threats. The training also reinforces best practices to keep personal information and information systems secure and stay abreast of changes in general cybersecurity policies.

Date: 2019

Training Purpose: Skill Development

Training Proficiency Area: Level 1 - Beginner

This course highlights 'dark' or deceptive activities that are employed by malicious users via the Internet. Several legitimate purpose technologies and techniques and how they are leveraged, or manipulated for fraudulent purposes, is discussed. Threats from topics such as zero-day attacks, dark web, alternate OSs, VPN/TOR, weaponized psychology, and anonymous services will be detailed, as well as methods for concealing one’s identity. These methods are taught in order for cybersecurity experts to defend against such attacks. The course includes reinforcing video demonstrations.

Learning Objectives:

• Explain several techniques for obfuscating online activities.
• List examples of technologies leveraged for deceptive purposes.
• Detail best practices for prevention and protection from malicious cyber activities.

Date: 2018

Training Purpose: Skill Development

Training Proficiency Area: Level 2 - Intermediate

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This course focuses on how leaders can develop actionable items to start implementing organizational cybersecurity practices and introduces the six essential elements of building a culture of cyber readiness.

Learning Objectives:

• Identify actionable items to reduce your organization's cyber risks through a holistic approach.
• Identify the six essential elements of building a culture of cyber readiness.
• Identify the steppingstones to building a culture of cyber readiness.

Date: 2019

Training Purpose: Skill Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This course serves as an introduction and overview of several concepts and technologies that may be encountered as part of an investigation with a digital or cyber component. Starting with the basics of how devices communicate, the course continues with technical concepts and applications that may be used to facilitate or investigate incidents. Content includes lab exercises and practical application takeaways to reinforce concepts, and a course exam.

Learning Objectives:

• Describe essential computing communication concepts.
• Identify digital evidence sources and handling.
• Apply techniques to examine applications for target information.

Date: 2017

Training Purpose: Functional Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

The Cybersecurity Analyst course is designed to help reinforce concepts for cyber work roles that require monitoring and information analysis to respond to suspicious events. This intermediate-level course focuses on defense techniques leveraging data and tools to identify risks to an organization, and apply effective mitigation strategies to detect and respond to threats.

Learning Objectives:

• List common cyber threats and examples of scanning and assessment tools and techniques to identify potential vulnerabilities.
• Analyze data from various sources to identify vulnerabilities and recommend strategies for mitigation.
• Configure and implement threat detection tools to detect incidents, and effectively respond and recover.

Date: 2018

Training Purpose: Skill Development

Training Proficiency Area: Level 2 - Intermediate

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This course discusses the basic concepts of cybersecurity and digital forensics investigation practices. Topics include performing collection and triage of digital evidence in response to an incident, evidence collection methodologies, and forensic best practices. This is an introductory course reviewing the processes, methods, techniques, and tools in support of cyber security investigations.

Learning Objectives:

• Understand the process of integrating forensics collection and analysis program into an organization.
• Recognize concepts involved in the Forensic Process.
• Apply necessary preparation to perform collections and incident response according to best practices.
• Understand methods, goals and objectives for digital forensic collection activities.
• Apply techniques and tools for conducting evidence collection, triage, and log analysis.

Date: 2015

Training Purpose: Functional Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This course is designed for managers and other stakeholders who may be involved in decision making regarding their cyber environment, but do not have a strong technical background. Discussions will not focus on specific technologies or implementation techniques, but rather cybersecurity methodologies and the framework for providing a resilient cyber presence. The course aims to help managers better understand how people and devices work together to protect mission-critical assets and more effectively evaluate their cyber posture.

Date: 2012

Training Purpose: Management Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework