101 Courses - Basic level courses
NICE Cybersecurity Workforce Framework Category - Analyze
NICE Cybersecurity Workforce Framework Category - Collect and Operate
NICE Cybersecurity Workforce Framework Category - Investigate
NICE Cybersecurity Workforce Framework Category - Operate and Maintain
NICE Cybersecurity Workforce Framework Category - Oversee and Govern
NICE Cybersecurity Workforce Framework Category - Protect and Defend
NICE Cybersecurity Workforce Framework Category - Securely Provision

The NICE Cybersecurity Workforce Framework can be found at: https://niccs.us-cert.gov/workforce-development/cyber-security-workforce-framework

FedVTE Course Catalog
Limit to NICE Cybersecurity Workforce Framework Category or subject:
101 Courses - Basic level courses Analyze Collect and Operate
Investigate Operate and Maintain Oversee and Govern
Protect and Defend Securely Provision
Show All Courses in All Categories

Expand/Collapse All
Advanced PCAP Analysis and Signature Development (APA) 1 HourSkill Level: Intermediate 
+ Description
 Advanced PCAP Analysis and Signature Development (APA)

The Advanced PCAP Analysis and Signature Development (APA) course takes users through an introduction to rules, goes over example syntax, protocols and expressions. This course contains several supporting video demonstrations as well as lab exercises writing and testing basic rules.

Training Purpose: Analyze, Protect and Defend
Specialty Areas: Cyber Defense Analysis, Cyber Defense Infrastructure Support, All Source Analysis, Cyber Operations
Training Proficiency Area: Level 2 - Intermediate

+ Course Modules/Units
Advanced Pcap Analysis And Signature Development
Packet Protocol Dns
Introduction To Rules
Examples Of Sourcefire Rules
Sourcefire Rule Syntax - Protocols
Sourcefire Rule Syntax - Message And Matching
Lab Exercise Writing And Testing Basic Rules
Lab Exercise Writing And Testing Basic Rules Video
Lab Exercise Writing And Testing Basic Rules Continued
Lab Exercise Continued
Regular Expressions
Editing A Poor Rule
How To Write An Ipv4 Regular Expression
Lab Exercise Writing Regular Expression
Lab Exercise Writing Regular Expression Continued
Malware Analysis Reports (Mar)
Demonstration of Mar 131751 Report
Demonstration Of Mar Report Continued
Lab Exercise Writing Rules From Malware Analysis Reports
Lab Exercise Writing Rules From Malware Analysis Reports Continued
EC-Council Certified Ethical Hacker (CEHv9) Self-Study Prep 31 HoursSkill Level: Advanced  
+ Description

The CEHv9 certification prep self-study course helps prepare students to sit for the EC-Council Certified Ethical Hacker version 9 certification exam. This course contains materials to aid the student in broadening their knowledge of advanced network assessment techniques including enumeration, scanning and reconnaissance. Updates to v9 from v8 include several new tools and new module on cloud considerations. Topics include reconnaissance, hacking laws, web application hacking, social engineering, packet capture, and scanning. The course then moves on to exploitation of several types of threats and how to cover your tracks, concluding with a practice exam.

Learning Objectives

  • Review of the domains and published objectives of the CEHv9
  • Supplemental resource for preparation for the EC-Council CEHv9 certification exam

Training Purpose: Operate and Maintain, Protect and Defend, Analyze

Specialty Areas: Systems Analysis, Cyber Defense Infrastructure Support, Vulnerability Assessment and Management, Threat Analysis

Training Proficiency Area: Level 3 - Advanced

Capture Date: 2016

+ Course Modules/Units
Certified Ethical Hacker v9 Intro
Ethical Hacking Intro and Security Reports
Security Reports Statistics
Ethical Hacking Terminology
IR in Ethical Hacking
Laws and Regulations
Ethical Hacking and Threats
Types of Attacks and Attack Vectors
Hacking Phases and Vul Research
Passive Footprinting
DEMO: WHOIS with BackTrack
Passive WHOIS Queries
Google Hacking
Active Footprinting
DEMO: Nslookup Example
Active Footprinting Cont
DEMO: Active Footprinting with Traceroute
Network Mapping and Web Mirroring
Active Footprinting Countermeasures
Scanning Essentials
Scanning Essentials Continued
Port Scanning
Vulnerability Scanning
DEMO: Banner Grabbing with Telnet
Covert Scanning
DEMO: Scanning with Nmap Demo
Additional Covert Scanning
Enumeration Overview Part 1 of 2
Enumeration Overview Part 2 of 2
Enumeration Tools
Operating System Account Enumeration
Protocol Enumeration
DEMO: NetStat Enumeration and Countermeasures
Authentication Techniques
Microsoft Authentication
Password Cracking
Password Cracking Techniques
Privilege Escalation
DEMO: Rainbow Table Lookup Sites
Spyware and Activity Monitoring
Packet Sniffing Attacks
Covert Hacking
Covering Tracks
Virus Examples and Symptoms
Virus Classifications and Characteristics
Virus Types and Terminology
Virus Making Tools
Famous Worms
Trojan Terminology and Techniques
Trojans and Backdoors
DEMO: Shell Connections via Netcat and BackTrack
Trojan Analysis
DEMO: Trojans and Rootkits
Malware Countermeasures and Tools
DEMO: Strings Analysis
Other Malicious Code Types
Sniffers Terminology and Overview
Network Overview for Sniffer Placement
Basic Packet Analysis
DEMO: Viewing ARP Packets with Packet Builder
Attacks and Protocols Vulnerable to Sniffing
Spoofing and Flooding Sniffing Attacks
MITM Attacks Ports Vul to Sniffing
Wireshark Overview and Examples
Evasion in Network Sniffing
Sniffing Countermeasures and Tools
DEMO: Hping3
DEMO: Wireshark
Social Engineering Background and Examples
Human-based Social Engineering
Additional Human-based SE
Computer Based Social Engineering
Computer-Based SE - Social Networking
Mobile-based Social Engineering
SE and Identity Theft Countermeasures
DEMO: Social Engineering Toolkit Demo
Denial of Service Part 1 of 2
Denial of Service Part 2 of 2
Categories of Denial of Service
DEMO: HW and Mobile DoS Options
Buffer Overflow Terminology and Background
DEMO: Stack Overflow Testing wil OllyDbg
Session Hijacking Overview and Examples
Cross Site Scripting and Other Session Attacks
Session Hijacking Techniques
IPSec and Session Hijacking
Hacking Webservers Terminology and Background
Webserver Architecture
Webserver Hacking Tools
Web Server Attacks
OWASP Top 10
Webserver Hacking Countermeasures
SQL and Command Injection Web App Hacking
Non SQL Injection Errors
Parameter and Form Tampering Web App Hacking
Cross-site Scripting and Obfuscation Web App Hacks
Cross-Site Request Forgery and Cookies
Web Application Methodology
Web App Attack Tools and Countermeasures
Buffer Overflow Tools and Countermeasures
DEMO: BurpSuite
DEMO: XP cmdshell Demo
SQL Terminology and Example Statements
SQL Enumeration
SQL Injection Attacks
SQL Injection Tools and Countermeasures
DEMO: SQL Injection
Wireless Terminology and Standards
Wireless Terminology and Antennas
Wireless Authentication
Wireless-based Attacks
Wireless Attack Methodology
Wireless Attack Methodology Continued
WEP WPA and Other Wireless Attacks
Bluetooth Communication Basics
Wireless Protocols and Signal Modulation
DEMO: SSID and Channels
DEMO: WiFi Analyzer Using Mobile Device
Wireless Hacking Tools and Countermeasures
Mobile Platform Overview
Mobile Device Operating Systems
Hacking Mobile Platforms
IDS Overview and Detection Methods
DEMO: Published Snort Rules
Firewalls and Honeypots
Firewall Configurations
Signs of Intrusions
Evasion Techniques
IDS Evasion Techniques
Evasion Testing Techniques
DEMO: Intrusion Signs
Cryptography Background and Terminology
Crypto Keys and Algorithms
SHA and TLS Algorithms
DEMO: Hashing with MD5 Sum
Crypto Keys and Algorithms Continued
Cryptography Implementations
Public Key Infrastructure (PKI)
Cryptanalysis Techniques
Cryptanalysis Tools
Cryptographic Attacks
Steganography Tools
Security Testing and Assessments
Penetration Testing Terminology
Risk Management and Penetration Testing
Penn Testing Phases and Methodology
Penetration Testing Walkthrough
Penetration Testing Tools
DEMO: Exploits with Armitage
DEMO: Intro to Armitage
DEMO: v3 RunningExploitFrom Code
Introduction to Cloud Computing
Cloud Security
Cloud Architectures
Cloud Testing Tools
Cloud Threats and Attacks
CEHv9 Prep Practice Exam
New Course OfferingCyber Fundamentals for Law Enforcement Investigations 8 HoursSkill Level: Intermediate 
+ Description

This course serves as an introduction and overview of several concepts and technologies that may be encountered as part of an investigation with a digital or cyber component. Starting with the basics of how devices communicate, the course continues with technical concepts and applications that may be used to facilitate or investigate incidents. Content includes lab exercises and practical application takeaways to reinforce concepts, and a course exam.

Learning objectives:

  • Describe essential computing communication concepts
  • Identify digital evidence sources and handling
  • Apply techniques to examine applications for target information

Training Purpose: Skill Development

Specialty Areas: Threat Analysis, Digital Forensics, Investigation

Training Proficiency Area: Level 2 - Intermediate

Capture Date: 2017

+ Course Modules/Units
Cyber Investigation Course Intro
Cyber Crimes versus Traditional Crimes
Cyber Laws Overview
Logical and Physical Addresses
Dissecting a Data Packet
How Computers Connect
IP Addresses and Domain Names
IP Addresses
Domain Naming
NSlookup Dig Google Toolbox
Digital Artifacts Basics
Site Survey and Collection
Determining Sophistication
Time Standardization
Requesting Digital Forensic Artifacts
Handling Untrusted or Unknown Files
Setting Up an Analysis Environment
Examining Images
Intro to Encryption
Detecting Encryption
Malware Awareness
Malware Propagation
Malware History
Remote Access
Understanding Insider Threat
Introduction to Peer-to-Peer
Advanced IP Tunneling Overview
TOR versus Traditional Tunneling
Iodine IP over DNS
Email Analysis
Phishing Message Analysis
Online Auctions
Open Source Searches Using Facebook
Open Source Searches Using Twitter
Google FU
Cyber Investigations Exam
Domain Information Lookup
Examining EXIF Data and Images
Computing and Comparing Hash Values
File Search Techniques
Open Source Twitter Searches
Introduction to Threat Hunting Teams 1.5 hoursSkill Level: Basic  
+ Description
 This course provides basic definitions, activities, and examples of teams hunting threats in the cyber domain. The course addresses the differences between hunting team activities and those of incident management teams or penetration testing teams. The content covers how hunting teams establish goals, methods used by threat hunting teams, and sources available to help read and interpret the threat landscape.

Training Purpose: Skill development

Specialty Areas: Computer Network Defense Analysis, Threat Analysis, Vulnerability Assessment and Management

Training Proficiency Area: Level 1 - Basic

Capture Date: 2016

+ Course Modules/Units
Defining Threat Hunting
Examples and Goals of Threat Hunting
Differences Between Hunt Teams and Other Cyber Teams
Threat Landscape
Types of Threat Modeling
Hunting Methods on Networks
Teaming and Automation Example
Threat Hunting Teams Course Exam
Root Cause Analysis 1 hourSkill Level: Intermediate  
+ Description
 This course provides an explanation of root cause analysis for cyber security incidents and an overview of two different root cause analysis models (and approaches used in these models). The course also describes how root cause analysis can benefit other incident management processes (response, prevention, and detection), and details general root cause analysis techniques that can be adopted as methods for analysis of cyber incidents.

Training Purpose: Skill Development

Specialty Areas: Threat Analysis, Computer Network Defense Analysis, Incident Response

Training Proficiency Area: Level 1 - Basic

Capture Date: 2016

+ Course Modules/Units
Root Cause Analysis Fundamentals
Root Cause Analysis Methods
Cyber Kill Chain Model for Root Cause Analysis
Sample Incident Cause Analysis Workflow
Root Cause Analysis Course Exam