FedVTE Course Catalog

101 Courses - Basic level courses
NICE Cybersecurity Workforce Framework Category - Analyze
NICE Cybersecurity Workforce Framework Category - Collect and Operate
NICE Cybersecurity Workforce Framework Category - Investigate
NICE Cybersecurity Workforce Framework Category - Operate and Maintain
NICE Cybersecurity Workforce Framework Category - Oversee and Govern
NICE Cybersecurity Workforce Framework Category - Protect and Defend
NICE Cybersecurity Workforce Framework Category - Securely Provision

The NICE Cybersecurity Workforce Framework can be found at: https://niccs.us-cert.gov/workforce-development/cyber-security-workforce-framework

Limit to NICE Cybersecurity Workforce Framework Category or subject:
101 Courses - Basic level courses Analyze Collect and Operate
Investigate Operate and Maintain Oversee and Govern
Protect and Defend Securely Provision
Show All Courses in All Categories

Expand/Collapse All
Advanced PCAP Analysis and Signature Development (APA) 1 HourSkill Level: Intermediate  
+ Description
 

This course will introduce rules and go over example syntax, protocols, and expressions. It contains several supporting video demonstrations as well as lab exercises writing and testing basic rules.

Learning Objectives:

  • Identify poorly written signatures and revise them.
  • Write regular expressions.
  • Create signatures.
  • Identify information in PCAP data to use for creating alerts.

Date: 2011

Training Purpose: Skill Development

Training Proficiency Area: Level 2 - Intermediate

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

CategorySpecialty AreaWork Roles
Analyze All-Source Analysis All-Source Analyst
Collect and Operate Cyber Operations Cyber Operator
Protect and Defend Cyber Defense Analysis Cyber Defense Analyst
Protect and Defend Cyber Defense Infrastructure Support Cyber Defense Infrastructure Support Specialist
+ Course Modules/Units
 
Advanced Pcap Analysis And Signature Development
Packet Protocol Dns
Introduction To Rules
Examples Of Sourcefire Rules
Sourcefire Rule Syntax - Protocols
Sourcefire Rule Syntax - Message And Matching
Lab Exercise Writing And Testing Basic Rules
Lab Exercise Writing And Testing Basic Rules Video
Lab Exercise Writing And Testing Basic Rules Continued
Lab Exercise Continued
Regular Expressions
Editing A Poor Rule
How To Write An Ipv4 Regular Expression
Lab Exercise Writing Regular Expression
Lab Exercise Writing Regular Expression Continued
Malware Analysis Reports (Mar)
Demonstration of Mar 131751 Report
Demonstration Of Mar Report Continued
Lab Exercise Writing Rules From Malware Analysis Reports
Lab Exercise Writing Rules From Malware Analysis Reports Continued
Analysis Pipeline 6 HoursSkill Level: Intermediate  
+ Description
 

This course is designed for network flow data analysts who use or are considering using Analysis Pipeline (http://tools.netsa.cert.org/analysis-pipeline5/index.html). The course aims to create a better understanding of how to incorporate streaming network flow analysis into their toolkit for identifying and alerting on events of interest. The focus will be on applying Analysis Pipeline to operational use cases.

Learning Objectives
At the completion of this course analysts will be able to:

  • Understand Analysis Pipeline and its role in network flow data streaming analytics and alerting.
  • Understand the Analysis Pipeline configuration language.
  • Develop and implement network flow data use cases with Analysis Pipeline.

Date: 2016

Training Purpose: Skill Development

Training Proficiency Area: Level 2 - Intermediate

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

CategorySpecialty AreaWork Roles
Collect and Operate Cyber Operations Cyber Operator
Operate and Maintain Network Services Network Operations Specialist
Protect and Defend Cyber Defense Analysis Cyber Defense Analyst
+ Course Modules/Units
 
Introduction
Configuration Files
Running Pipeline
Logical Schematics
Pipeline and Timing and State
Alerts
Configuration File Basics
Filters
Filters (Exercises and Solutions)
Evaluations
Evaluations (Exercises and Solutions)
Statistics
Internal Filters
List Configurations
Configuration File Basics (Exercises and Solutions)
Threshold Examples
Special Evaluations
Building an Analytic
Server Profiling Analytic
Host Discovery Analytic
Advanced Configurations
NTP Anomalies
Unknown SSH Brute Force
Choose Your Own Adventure
ICMP Surveying: Thinking it Through
ICMP Surveying: Building it Out
DDoS Detection: Thinking it Through
DDoS Detection: Building it Out
SSH Compromise: Thinking it Through
SSH Compromise: Building it Out
Analysis Pipeline 5
Artificial Intelligence (AI) and Machine Learning (ML) for Cyber 1.5 HoursSkill Level: Intermediate 
+ Description
 

This course provides the foundational practices and ethical principles of artificial intelligence. Diving into each of the ethical principles along with other technical ethics, it is aimed at reducing risk and unwanted bias to create ethical, transparent, and fair artificial intelligence systems.

Learning Objectives:

  • Explain the harm with bias in artificial intelligence.
  • Discuss how to reduce risk and unwanted bias.
  • Cite several principles of AI and the goals of each.
  • Describe how principles are applied to create ethical, transparent, and fair AI.

Date: 2020

Training Purpose: Skill Development

Training Proficiency Area: Level 2 - Intermediate

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

CategorySpecialty AreaWork Roles
Collect and Operate Cyber Operational Planning Cyber Ops Planner
Operate and Maintain Data Administration Data Analyst
+ Course Modules/Units
 
AI and ML for Cyber
Ethical Principles for AI Overview
Responsible Aspects of Ethics Part 1 of 2
Responsible Aspects of Ethics Part 2 of 2
Equitable Portion of the Ethics Principles
Traceable AI
Reliable AI Part 1 of 2
Reliable AI Part 2 of 2
How to Make AI Reliable Part 1 of 2
How to Make AI Reliable Part 2 of 2
Governable AI
AI and ML for Cyber Review
Course Test
Cyber Dark Arts 3 HoursSkill Level: Intermediate  
+ Description
 

This course highlights 'dark' or deceptive activities that are employed by malicious users via the Internet. Several legitimate purpose technologies and techniques and how they are leveraged, or manipulated for fraudulent purposes, is discussed. Threats from topics such as zero-day attacks, dark web, alternate OSs, VPN/TOR, weaponized psychology, and anonymous services will be detailed, as well as methods for concealing one’s identity. These methods are taught in order for cybersecurity experts to defend against such attacks. The course includes reinforcing video demonstrations.

Learning Objectives:

  • Explain several techniques for obfuscating online activities.
  • List examples of technologies leveraged for deceptive purposes.
  • Detail best practices for prevention and protection from malicious cyber activities.

Date: 2018

Training Purpose: Skill Development

Training Proficiency Area: Level 2 - Intermediate

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

CategorySpecialty AreaWork Roles
Collect and Operate Cyber Operations Cyber Operator
Operate and Maintain Systems Analysis Systems Security Analyst
Protect and Defend Cyber Defense Analysis Cyber Defense Analyst
+ Course Modules/Units
 
Cyber Dark Arts
Weaponized Psychology
DEMO: Password Cracking Using Hydra
Scanning for Vulnerable Devices and Networks
Anonymous Web Hosting, Searching, and Browsing
Alternative Operating Systems
Tails, Whonix, and Qubes
Secure Messaging Services
Blockchain and Cryptocurrency
DEMO: Blockchain and Cryptocurrency
DEMO: Iodine IP over DNS
DEMO: TOR versus Traditional Tunneling
Advanced Persistent Threats
Cyber Dark Arts Exam
Cyber Security Investigations 9 HoursSkill Level: Beginner  
+ Description
 

This course discusses the basic concepts of cybersecurity and digital forensics investigation practices. Topics include performing collection and triage of digital evidence in response to an incident, evidence collection methodologies, and forensic best practices. This is an introductory course reviewing the processes, methods, techniques, and tools in support of cyber security investigations.

Learning Objectives:

  • Understand the process of integrating forensics collection and analysis program into an organization.
  • Recognize concepts involved in the Forensic Process.
  • Apply necessary preparation to perform collections and incident response according to best practices.
  • Understand methods, goals and objectives for digital forensic collection activities.
  • Apply techniques and tools for conducting evidence collection, triage, and log analysis.

Date: 2015

Training Purpose: Functional Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

CategorySpecialty AreaWork Roles
Collect and Operate Cyber Operations Cyber Operator
Investigate Cyber Investigation Cyber Crime Investigator
Investigate Digital Forensics Cyber Defense Forensics Analyst
Protect and Defend Incident Response Cyber Defense Incident Responder
+ Course Modules/Units
 
Purpose of Computer and Network Forensics
Digital Forensics Tools
Forensics Team Staffing Considerations
Digital Forensics Guidelines, Policies, and Procedures
Digital Forensics Life Cycle
Digital Forensics Best Practices
Digital Forensics Concepts
Locard's Exchange Principle
Incident Response Phases Part 1 of 3
Incident Response Phases Part 2 of 3
Incident Response Phases Part 3 of 3
Computer Forensics Process Part 1 of 2
Computer Forensics Process Part 2 of 2
Digital Forensic Planning and Preparation
IR and Digital Forensics Tools
Forensically Prepared Media, Tools and Equipment
Incident Response Information Gathering
Incident Response Acquisition Considerations
Incident Response Notes and Documentation
Auditing Windows Event Logs
Volatile Data Collection
Storage Media Collection
Network Data Collection
Log Collection
Data Carving using FTK
Digital Forensic Triage Overview
Incident Triage Process
Incident Triage Methodology
Attacker Methodology Overview Part 1 of 3
Attacker Methodology Overview Part 2 of 3
Attacker Methodology Overview Part 3 of 3
Triage: Light and General Collections
Triage Analysis
Triage Analysis of Volatile Data
Program Execution
Analyzing Services
Malware Vectors and Detection
Mobile Device Triage Analysis
IR: Following a Trail
Hash and File Signature Analysis
Time Analysis
Registry Analysis
File Analysis Demonstration
Hashing with md5deep
Hash Analysis with Autopsy
Lessons Learned from an Incident
Lessons Learned from Objective and Subjective Data
Evidence Retention and Information Sharing Post Incident
Cyber Security Investigations Exam
Enterprise Cybersecurity Operations 24 HoursSkill Level: Intermediate   
+ Description
 

This course highlights technical knowledge and skills required for implementing secure solutions in the enterprise. A broad spectrum of disciplines is covered to aid practitioners in applying frameworks and controls to improve the security posture while supporting the business mission.

Learning Objectives:

  • Describe risk management's role in the enterprise and mitigation strategies for specific threats.
  • Detail implementing network security strategies and controls for connected devices.
  • Explain how cloud technologies are leveraged and can support a secure enterprise architecture.
  • List sources and methods to help stay current with cybersecurity best practices and threat trends and analyzing potential impact to the enterprise.

Date: 2018

Training Purpose: Skill Development

Training Proficiency Area: Level 2 - Intermediate

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

CategorySpecialty AreaWork Roles
Analyze All-Source Analysis All-Source Analyst
Collect and Operate Cyber Operations Planning Cyber Ops Planner
Operate and Maintain Systems Analysis Systems Security Analyst
Securely Provision Risk Management Security Control Assessor
Securely Provision Systems Architecture Enterprise Architect
+ Course Modules/Units
 
Configuration Strategies w/ Spec Compon
Cryptographic Terms and Implementations
Cryptographic Tools and Techniques Part 1 of 2
Cryptographic Tools and Techniques Part 2 of 2
Hybrid Encryption in SSL Demo
Encryption Limitations and Key Length Part 1 of 2
Encryption Limitations and Key Length Part 2 of 2
DEMO: Volume and File Encryption
Hash Functions and Algorithms
Digital Signatures
Digital Certificate Elements
CAs and Public Key Infrastructure
Origins For Cryptographic Standards
Virtual Networking
Intro to Virtualized Computing Part 1 of 2
Intro to Virtualized Computing Part 2 of 2
VLANs and Switching
Storage Types and Considerations
Enterprise Storage
Enterprise Storage Connection Terms
Enterprise Storage and RAID
Securing iSCSI and FCoE and Managing Storage
Network Security Concepts
Network Zones and Remote Access
NW Components Routers and Firewalls Part 1 of 2
NW Components Routers and Firewalls Part 2 of 2
NW Components Intrusion Detection Systems
Networked-based IDS and IPS Deployment
Securing Wireless Part 1 of 2
Securing Wireless Part 2 of 2
DMZ Components
Web Services Concepts
Web Servers and DNS
Securing DNS Best Practices
Proxy Servers and SMTP Relay
NAT and PAT
Infra Design : Firewalls and Proxies
Infra Design : IDS and IPS
Infra Design : Syslog and SIEMs
Infra Design : Switch and Router Security
Infra Design : VPNs and SNMP
SCADA Environments
Application Security : VTC and VoIP
Application Security : Databases and Web Services
Application Security : IPv6
Physical Security Concerns and Controls
Host Security Controls Part 1 of 2
Host Security Controls Part 2 of 2
Web Application Security Design
DEMO: Whitelisting and Blacklisting
Specific Application Issues
Client side vs Server side Processing
Analyzing Business Risk
Risk Management in New Business Models
Risk Mitigation Strategies and Controls
Security Impact of Inter Organizational Change
Calculating Risk Exposure
Incident Response Concepts
Incident Response and Recovery Process
Privacy Policy and Procedures Part 1 of 2
Privacy Policy and Procedures Part 2 of 2
Assessment Tools
Assessment Methods
Assessment Methodologies
Cybersecurity Benchmarks
Security Metrics
Situational Awareness
Analyzing Industry Trends Part 1 of 3
Analyzing Industry Trends Part 2 of 3
Analyzing Industry Trends Part 3 of 3
Applying Analysis to Improve Enterprise Security Part 1 of 4
Applying Analysis to Improve Enterprise Security Part 2 of 4
Applying Analysis to Improve Enterprise Security Part 3 of 4
Applying Analysis to Improve Enterprise Security Part 4 of 4
Integrating Enterprise Disciplines Part 1 of 2
Integrating Enterprise Disciplines Part 2 of 2
Security Controls for Communication and Collaboration
Adv Authentication Tools and Techniques
Software Development Models
System Dev Life Cycle and CS
IT Governance
Cloud based Deploy Models
Cloud Security
Identity Management
Securing Virtual Environments Part 1 of 3
Securing Virtual Environments Part 2 of 3
Securing Virtual Environments Part 3 of 3
Enterprise Storage Advantages and Security Measures
Enterprise Network Authentication Part 1 of 2
Enterprise Network Authentication Part 2 of 2
Practice Exam
Foundations of Cybersecurity for Managers 2 HoursSkill Level: Beginner 
+ Description
 

This course is designed for managers and other stakeholders who may be involved in decision making that would include considerations for security in a cyber environment but do not have a strong technical background. Discussions focus on cybersecurity concepts and methodologies that are part of building a resilient cyber enterprise. This course explains how people and technology work together to protect mission-critical assets, and the frameworks leveraged to assess and apply security controls. Beginning with governance, laws, and regulations, the course progresses into threats to the environment and identifying corresponding controls and countermeasures, concluding with strategies for business continuity.

Learning Objectives:

  • Know key concepts of cybersecurity and its relation to the business mission.
  • Recall risk management strategies and related frameworks.
  • Identify how cloud services are leveraged and pros and cons of doing so.
  • Describe common threats, threat actor types, and mitigation techniques.

Date: 2020

Training Purpose: Skill Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

CategorySpecialty AreaWork Roles
Collect and Operate Cyber Operational Planning Cyber Ops Planner
Oversee and Govern Cybersecurity Management Information Systems Security Manager
Oversee and Govern Program/Project Management and Acquisition Program Manager
+ Course Modules/Units
 
Cybersecurity Introduction
Cybersecurity Workforce
Cybersecurity Governance
Cybersecurity Guidance Resources
Laws and Cybersecurity
Common Cyber Threats
Threat Actors
Cybersecurity and Mobile Devices
Security Controls
Security Tools and Measures
Introduction to Cloud Computing
Cloud Architectures and Deployment Models
Cloud Threats and Attacks
Cloud Security
Risk Management Overview
Incident Response and Digital Evidence Types
Risk and Planning Strategies
Foundations of Cybersecurity for Managers Exam
(ISC)2 (TM) CISSP Concentration: ISSEP Prep 7 HoursSkill Level: Advanced  
+ Description
 

This course is focused on applying security and systems engineering principles into business functions. This self-study prep course is designed to help learners prepare for the specialized Information Systems Security Engineering Professional (ISSEP) certification exam. The topics in the course cover the five domain areas of the CISSP-ISSEP.

Learning Objectives:

  • Incorporate security into business processes and information systems.
  • Demonstrate subject matter expertise in security engineering.
  • Apply engineering principles into business functions.

Date: 2018

Training Purpose: Skill Development

Training Proficiency Area: Level 3 - Advanced

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

CategorySpecialty AreaWork Roles
Collect and Operate Cyber Operational Planning Cyber Ops Planner
Operate and Maintain Systems Analysis Systems Security Analyst
Oversee and Govern Cybersecurity Management Information Systems Security Manager
+ Course Modules/Units
 
ISSEP Course Introduction
ISSE Responsibilities and Principles
ISSE and IATF
Security Design Principles
Elements of Defense in Depth
RMF Characteristics
Maintaining Operational Resilience
Risk Management Overview
Assessing Risk Part 1 of 2
Assessing Risk Part 2 of 2
Determining Risks
Categorizing Information Systems
Stakeholder Roles and Responsibilities
Requirements Analysis
Using Common and Tailored Controls
Assessing Security Controls
Implementing Security Controls
Authorizing Information Systems
Systems Verification and Validation
Monitor, Manage, and Decommissioning
Defense Acquisition System Overview
Acquisitions Process
System Development Process Models
Project Processes
Project Management
ISSEP Practice Exam
Measuring What Matters: Security Metrics Workshop 1.5 HoursSkill Level: Beginner  
+ Description
 

This workshop focuses on how to measure the right things in order to make informed management decisions, take the appropriate actions, and change behaviors. But how do managers figure out what those right things are? Public and private organizations today often base cyber risk management decisions on fear, uncertainty, and doubt (FUD), and the latest attack. The Measuring What Matters: Security Metrics Workshop, the learner will learn how to refine a strategic or business objective that meets that S.M.A.R.T.E.R. criteria: Specific, Measurable, Achievable, Relevant, Time-bound, Evaluated, Reviewed, and can be used to initiate the Goal - Question - Indicator - Metric (GQIM) process.

Learning Objectives:

  • Identify a core set of business goals, based on the business objective, to which the cybersecurity risk measurement program will be applied.
  • Formulate one or more key questions for each business goal, and use them to help determine the extent to which the goal is being achieved.
  • Identify one or more indicators for each business goal key question.
  • Identify one or more metrics for each indicator that most directly inform the answer to one or more questions.

Date: 2020

Training Purpose: Skill Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

CategorySpecialty AreaWork Roles
Collect and Operate Cyber Operational Planning Cyber Ops Planner
Oversee and Govern Cybersecurity Management Information Systems Security Manager
Securely Provision Risk Management Security Control Assessor
+ Course Modules/Units
 
Measuring What Matters Course Introduction
Why Measure?
Measurement Defined
GQIM Overview
Selecting Business Objectives
Objectives to Goals
Goals to Question
Questions to Indicators
Indicators to Metrics
The Big Picture: Putting It All in Context
Validate Current Questions or Metrics
Getting Started with GQIM
Appendix Cybersecurity Metrics Template
GQIM Process Template
Offensive and Defensive Network Operations 13 HoursSkill Level: Beginner 
+ Description
 

This course focuses on fundamental concepts for offensive and defensive network operations. It covers how offensive and defensive cyber operations are conducted and details U.S. government doctrine for network operations. Topics include network attack planning, methodologies, and tactics and techniques used to plan for, detect, and defend against network attacks.

Learning Objectives:

  • Apply U.S. government network operations background and doctrine.
  • Describe offensive and defensive network operations.
  • Determine offensive network operation missions, planning, and exploitation phases and methodologies.
  • Derive defensive network operation missions, planning, and methods to detect and defend against network attacks and attackers' methods.

Date: 2015

Training Purpose: Skill Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

CategorySpecialty AreaWork Roles
Collect and Operate Cyber Operations Cyber Operator
Protect and Defend Cyber Defense Analysis Cyber Defense Analyst
+ Course Modules/Units
 
Cyberspace As A Domain
Joint Publication 3-12(R), Cyberspace Operations Overview Part 1 of 3
Joint Publication 3-12(R), Cyberspace Operations Overview Part 2 of 3
Joint Publication 3-12(R), Cyberspace Operations Overview Part 3 of 3
Joint Communications Overview and Information Environment
Joint Force Communication, System Operations, and Management Planning
Legal Considerations for Cyber Operations Part 1 of 2
Legal Considerations for Cyber Operations Part 2 of 2
Adversaries in Cyberspace Part 1 of 3
Adversaries in Cyberspace Part 2 of 3
Adversaries in Cyberspace Part 3 of 3
Offensive Cyber Operations Background
Offensive Cyberspace Operations Definitions
Offensive Cyberspace Operations Planning and Legal Considerations
Offensive Methodology Planning Examples 1 of 2
Offensive Methodology Planning Examples 2 of 2
Reconnaissance Methodology Overview
Social Engineering for Reconnaissance
Reconn with Automated Correlation Tools and Search Engines Part 1 of 2
Reconn with Automated Correlation Tools and Search Engines Part 2 of 2
Network Mapping for Active Reconnaissance
Port Scanning for Active Reconnaissance
Windows Enumeration Basics
Linux Enumeration Basics
Scanning and Enumerating with Nmap
Exploitation using Direct Exploits and System Misconfiguration
Exploitation with SET Example
Exploitation
Entrenchment
Exploitation Basics
Post-Exploitation
Abuse and Attacks
Defensive Cyberspace Operations (DCO)
DCO Types of Operations
DCO Operational Goals
DCO Best Practices
Defensive Methodology: Understanding the Threat
Defensive Methodology: Tactics
Defensive Methodology: Defense-in-Depth
Incident Management Overview
Incident Management Policies, Plans and Procedures
Incident Management Team Configuration
Incident Response Lifecycle
Defending the Domain
Perimeter and Host Defenses
IDS/IPS Defined Including Advantages and Disadvantages
IDS/IPS Types and Functions
IDS/IPS Location Placements
Intrusion Detection using Snort
Reviewing Alerts and Detecting Attack Phases
Network Traffic Analysis
Methods of Network Traffic Analysis
Wireshark
Log Analysis Methods and Techniques Part 1 of 2
Log Analysis Methods and Techniques Part 2 of 2
Detecting Offensive Operations using Log Analysis
Digital Forensics Overview and Tools
Digital Forensics Methods and Techniques Part 1 of 2
Digital Forensics Methods and Techniques Part 2 of 2
Identifying Phases of Attack Using Digital Forensics
Incident Data: Profile and Analysis
Incident Reporting
Offensive and Defensive Network Operations Exam
Understanding DNS Attacks 1 HoursSkill Level: Beginner     
+ Description
 

The Domain Name System, commonly known as DNS, is often referred to as the "phone book" of the Internet. Every time we access the Internet to visit our favorite websites, shop and pay bills online, or access online portals for healthcare or banking, we depend on DNS infrastructure to securely route us to our intended destinations. While this shared infrastructure is incredibly powerful and useful, it also presents a rich attack surface for threat actors: allowing them to shut down websites and online services, replace legitimate website content with threats and extortion attempts, or even route traffic to a carbon copy of a legitimate website to steal any information entered by users intending to conduct business as usual. "Understanding DNS Attacks" provides key information you need to know to protect yourself and your organization from DNS infrastructure tampering including common vulnerabilities, how to identify a potential attack, and guidance and best practices to mitigate the likelihood and impact of a successful DNS attack.

This webinar is accessible to non-technical learners including managers and business leaders, and offers an organizational perspective useful to technical specialists.

Learning Objectives:
Enable learners to prevent, flag, and protect themselves and their organizations from DNS infrastructure attacks through awareness of common attack schemes, best practices, CISA guidance, and resources.

  • Define DNS Tampering and explain common attack methods
  • Identify signs of a DNS attack
  • Learn mitigation steps for DNS attacks
  • Understand the process to recover from a DNS attack
  • Explore impacts of DNS attacks through case studies

Date: 2021

Training Proficiency Area: Level 1 - Beginner

Training Purpose: Skill Development

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

CategorySpecialty AreaWork Roles
Analyze All-Source Analysis Mission Assessment Specialist
Collect and Operate Collection Operations All-Source Collection Manager, All-Source Collection Requirements Manager
Operate and Maintain Customer Service and Technical Support Technical Support Specialist
Operate and Maintain Data Administration Data analyst, database administrator
Operate and Maintain Knowledge Management Knowledge Manager
Operate and Maintain Network Services Network Operation Specialist
Operate and Maintain Systems Administration System Administrator
Oversee and Govern Cybersecurity Management Communications security manager; information systems security manager
Oversee and Govern Program Management and Acquisition IT investment manager, IT program auditor, IT project manager, product support manager, program manager
Oversee and Govern Strategic Planning and Policy Cyber policy and strategy planner; cyber workforce developer and manager
Oversee and Govern Training, Education, and Awareness Cyber Instructional Curriculum Developer
Protect and Defend Cyber Defense Infrastructure Support Cyber Defense Infrastructure Support Specialist
Protect and Defend Incident Response Cyber Defense Incident Responder
Protect and Defend Vulnerability Assessment and Management Vulnerability Assessment Analyst
Securely Provision Risk Management Authorizing official; security control assessor
Securely Provision Systems Architecture Enterprise Architect, Security Architect
Securely Provision Systems Requirements Planning Systems Requirements Planner
Securely Provision Test and Evaluation System Testing and Evaluation Specialist
+ Course Modules/Units
 
Understanding DNS Attacks
Understanding Web and Email Server Security 1 HoursSkill Level: Beginner    
+ Description
 

Web and email servers are the workhorses of the Internet: we couldn't run government, businesses, or our personal lives without them! However, the information exchanged through web and email servers can offer a tempting target for cyber attackers. Participants can request 1 CPE credit for completing this course.

This webinar includes the following information and more:

  • Attack methods: Hackers can target and decode victims' web and email traffic, compromise email security to make phishing attempts more likely to succeed, or can even use botnets to shut down access to websites and conduct large-scale campaigns of malicious activity.
  • Key Guidance for Organizations: CISA provides resources and best practices to help individuals and organizations secure their web and email infrastructure.
  • Case studies: Explore the methods and impacts of real-life cyberattacks, and how the victims responded and recovered.
  • Incident Response overview: Key steps to identify a potential attack, mitigate damage through proper preparation and response, and recover after an attack occurs.

Learning Objectives:
Enable learners to prevent, flag, and protect themselves and their organizations from web and email server cyberattacks through awareness of common attack schemes, best practices, CISA guidance, and resources.

  • Define web and email server infrastructure, and explain common attack methods
  • Identify signs of a potential attack
  • Learn mitigation steps for web and email server attacks
  • Understand the process to recover from a web or email server attack
  • Explore impacts of web and email server attacks through case studies

Date: 2020

Training Proficiency Area: Level 1 - Beginner

Training Purpose: Skill Development

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

CategorySpecialty AreaWork Roles
Analyze All-Source Analysis All-source analysis
Analyze Threat Analysis Threat/ warning analyst
Collect and Operate Collection Operations All Source Collection Manager; All Source Collection Requirements Manager
Collect and Operate Cyber Operational Planning Cyber Intel Planner; Cyber Ops Planner; Partner Integration Planner
Operate and Maintain Data Administration Data analyst, database administrator
Operate and Maintain Knowledge Management Knowledge Manager
Operate and Maintain Network Services Network Operations Specialist
Operate and Maintain Systems Administration System Administrator
Operate and Maintain Systems Analysis Systems Security Analyst
Oversee and Govern Cybersecurity Management Communications security manager; information systems security manager
Oversee and Govern Program Management and Acquisition IT investment manager, IT program auditor, IT project manager, product support manager, program manager
Oversee and Govern Strategic Planning and Policy Cyber policy and strategy planner; cyber workforce developer and manager
Protect and Defend Cyber Defense Analysis Cyber Defense Analyst
Protect and Defend Cyber Defense Infrastructure Support Cyber Defense Infrastructure Support specialist
Protect and Defend Incident Response Cyber defense incident responder
Protect and Defend Vulnerability Assessment and Management Vulnerability assessment analyst
Securely Provision Risk Management Authorizing official; security control assessor
Securely Provision Systems Architecture Enterprise Architect; Security Architect
Securely Provision System Requirements Planning System requirements planner
+ Course Modules/Units
 
Understanding Web and Email Server Security