FedVTE Course Catalog

101 Courses - Basic level courses
NICE Cybersecurity Workforce Framework Category - Analyze
NICE Cybersecurity Workforce Framework Category - Collect and Operate
NICE Cybersecurity Workforce Framework Category - Investigate
NICE Cybersecurity Workforce Framework Category - Operate and Maintain
NICE Cybersecurity Workforce Framework Category - Oversee and Govern
NICE Cybersecurity Workforce Framework Category - Protect and Defend
NICE Cybersecurity Workforce Framework Category - Securely Provision

The NICE Cybersecurity Workforce Framework can be found at: https://niccs.us-cert.gov/workforce-development/cyber-security-workforce-framework

Limit to NICE Cybersecurity Workforce Framework Category or subject:
101 Courses - Basic level courses Analyze Collect and Operate
Investigate Operate and Maintain Oversee and Govern
Protect and Defend Securely Provision
Show All Courses in All Categories

Expand/Collapse All
Analysis Pipeline 6 HoursSkill Level: Intermediate  
+ Description
 

This course is designed for network flow data analysts who use or are considering using Analysis Pipeline (http://tools.netsa.cert.org/analysis-pipeline5/index.html). The course aims to create a better understanding of how to incorporate streaming network flow analysis into their toolkit for identifying and alerting on events of interest. The focus will be on applying Analysis Pipeline to operational use cases.

Learning Objectives
At the completion of this course analysts will be able to:

  • Understand Analysis Pipeline and its role in network flow data streaming analytics and alerting.
  • Understand the Analysis Pipeline configuration language.
  • Develop and implement network flow data use cases with Analysis Pipeline.

Date: 2016

Training Purpose: Skill Development

Training Proficiency Area: Level 2 - Intermediate

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

CategorySpecialty AreaWork Roles
Collect and Operate Cyber Operations Cyber Operator
Operate and Maintain Network Services Network Operations Specialist
Protect and Defend Cyber Defense Analysis Cyber Defense Analyst
+ Course Modules/Units
 
Introduction
Configuration Files
Running Pipeline
Logical Schematics
Pipeline and Timing and State
Alerts
Configuration File Basics
Filters
Filters (Exercises and Solutions)
Evaluations
Evaluations (Exercises and Solutions)
Statistics
Internal Filters
List Configurations
Configuration File Basics (Exercises and Solutions)
Threshold Examples
Special Evaluations
Building an Analytic
Server Profiling Analytic
Host Discovery Analytic
Advanced Configurations
NTP Anomalies
Unknown SSH Brute Force
Choose Your Own Adventure
ICMP Surveying: Thinking it Through
ICMP Surveying: Building it Out
DDoS Detection: Thinking it Through
DDoS Detection: Building it Out
SSH Compromise: Thinking it Through
SSH Compromise: Building it Out
Analysis Pipeline 5
New Course OfferingArtificial Intelligence (AI) and Machine Learning (ML) for Cyber 1.5 HoursSkill Level: Intermediate 
+ Description
 

This course provides the foundational practices and ethical principles of artificial intelligence. Diving into each of the ethical principles along with other technical ethics, it is aimed at reducing risk and unwanted bias to create ethical, transparent, and fair artificial intelligence systems.

Learning Objectives:

  • Explain the harm with bias in artificial intelligence.
  • Discuss how to reduce risk and unwanted bias.
  • Cite several principles of AI and the goals of each.
  • Describe how principles are applied to create ethical, transparent, and fair AI.

Date: 2020

Training Purpose: Skill Development

Training Proficiency Area: Level 2 - Intermediate

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

CategorySpecialty AreaWork Roles
Collect and Operate Cyber Operational Planning Cyber Ops Planner
Operate and Maintain Data Administration Data Analyst
+ Course Modules/Units
 
AI and ML for Cyber
Ethical Principles for AI Overview
Responsible Aspects of Ethics Part 1 of 2
Responsible Aspects of Ethics Part 2 of 2
Equitable Portion of the Ethics Principles
Traceable AI
Reliable AI Part 1 of 2
Reliable AI Part 2 of 2
How to Make AI Reliable Part 1 of 2
How to Make AI Reliable Part 2 of 2
Governable AI
AI and ML for Cyber Review
Course Test
Cyber Security Investigations 9 HoursSkill Level: Beginner  
+ Description
 

This course discusses the basic concepts of cybersecurity and digital forensics investigation practices. Topics include performing collection and triage of digital evidence in response to an incident, evidence collection methodologies, and forensic best practices. This is an introductory course reviewing the processes, methods, techniques, and tools in support of cyber security investigations.

Learning Objectives:

  • Understand the process of integrating forensics collection and analysis program into an organization.
  • Recognize concepts involved in the Forensic Process.
  • Apply necessary preparation to perform collections and incident response according to best practices.
  • Understand methods, goals and objectives for digital forensic collection activities.
  • Apply techniques and tools for conducting evidence collection, triage, and log analysis.

Date: 2015

Training Purpose: Functional Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

CategorySpecialty AreaWork Roles
Collect and Operate Cyber Operations Cyber Operator
Investigate Cyber Investigation Cyber Crime Investigator
Investigate Digital Forensics Cyber Defense Forensics Analyst
Protect and Defend Incident Response Cyber Defense Incident Responder
+ Course Modules/Units
 
Purpose of Computer and Network Forensics
Digital Forensics Tools
Forensics Team Staffing Considerations
Digital Forensics Guidelines, Policies, and Procedures
Digital Forensics Life Cycle
Digital Forensics Best Practices
Digital Forensics Concepts
Locard's Exchange Principle
Incident Response Phases Part 1 of 3
Incident Response Phases Part 2 of 3
Incident Response Phases Part 3 of 3
Computer Forensics Process Part 1 of 2
Computer Forensics Process Part 2 of 2
Digital Forensic Planning and Preparation
IR and Digital Forensics Tools
Forensically Prepared Media, Tools and Equipment
Incident Response Information Gathering
Incident Response Acquisition Considerations
Incident Response Notes and Documentation
Auditing Windows Event Logs
Volatile Data Collection
Storage Media Collection
Network Data Collection
Log Collection
Data Carving using FTK
Digital Forensic Triage Overview
Incident Triage Process
Incident Triage Methodology
Attacker Methodology Overview Part 1 of 3
Attacker Methodology Overview Part 2 of 3
Attacker Methodology Overview Part 3 of 3
Triage: Light and General Collections
Triage Analysis
Triage Analysis of Volatile Data
Program Execution
Analyzing Services
Malware Vectors and Detection
Mobile Device Triage Analysis
IR: Following a Trail
Hash and File Signature Analysis
Time Analysis
Registry Analysis
File Analysis Demonstration
Hashing with md5deep
Hash Analysis with Autopsy
Lessons Learned from an Incident
Lessons Learned from Objective and Subjective Data
Evidence Retention and Information Sharing Post Incident
Cyber Security Investigations Exam
Introduction to Threat Hunting Teams 1.5 hoursSkill Level: Beginner  
+ Description
 

This course provides basic definitions, activities, and examples of teams hunting threats in the cyber domain. The course addresses the differences between hunting team activities and those of incident management teams or penetration testing teams. The content covers how hunting teams establish goals, methods used by threat hunting teams, and sources available to help read and interpret the threat landscape.

Learning Objectives:

  • Define threat hunting, what it means to hunt and how to hunt as a team.
  • Differentiate between hunting teams and other types of cyber security teams.
  • Describe how goals influence the method and success of hunting teams.
  • Recognize the types of threat analysis information available and how to interpret the facts presented.
  • Understand the three types of threat models and explain one in detail.

Date: 2016

Training Purpose: Skill Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

CategorySpecialty AreaWork Roles
Analyze Threat Analysis Threat/Warning Analyst
Protect and Defend Cyber Defense Analysis Cyber Defense Analyst
Protect and Defend Vulnerability Assessment and Management Vulnerability Assessment Analyst
+ Course Modules/Units
 
Defining Threat Hunting
Examples and Goals of Threat Hunting
Differences Between Hunt Teams and Other Cyber Teams
Threat Landscape
Types of Threat Modeling
Hunting Methods on Networks
Teaming and Automation Example
Threat Hunting Teams Course Exam
New Course Offering(ISC)2 (TM) CISSP Concentration: ISSEP Prep 7 HoursSkill Level: Advanced 
+ Description
 

This course is focused on applying security and systems engineering principles into business functions. This self-study prep course is designed to help learners prepare for the specialized Information Systems Security Engineering Professional (ISSEP) certification exam. The topics in the course cover the five domain areas of the CISSP-ISSEP.

Learning Objectives:

  • Incorporate security into business processes and information systems.
  • Demonstrate subject matter expertise in security engineering.
  • Apply engineering principles into business functions.

Date: 2018

Training Purpose: Skill Development

Training Proficiency Area: Level 3 - Advanced

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

CategorySpecialty AreaWork Roles
Collect and Operate Cyber Operational Planning Cyber Ops Planner
Operate and Maintain Systems Analysis Systems Security Analyst
Oversee and Govern Cybersecurity Management Information Systems Security Manager
+ Course Modules/Units
 
ISSEP Course Introduction
ISSE Responsibilities and Principles
ISSE and IATF
Security Design Principles
Elements of Defense in Depth
RMF Characteristics
Maintaining Operational Resilience
Risk Management Overview
Assessing Risk Part 1 of 2
Assessing Risk Part 2 of 2
Determining Risks
Categorizing Information Systems
Stakeholder Roles and Responsibilities
Requirements Analysis
Using Common and Tailored Controls
Assessing Security Controls
Implementing Security Controls
Authorizing Information Systems
Systems Verification and Validation
Monitor, Manage, and Decommissioning
Defense Acquisition System Overview
Acquisitions Process
System Development Process Models
Project Processes
Project Management
ISSEP Practice Exam
Offensive and Defensive Network Operations 13 HoursSkill Level: Beginner  
+ Description
 

This course focuses on fundamental concepts for offensive and defensive network operations. It covers how offensive and defensive cyber operations are conducted and details U.S. government doctrine for network operations. Topics include network attack planning, methodologies, and tactics and techniques used to plan for, detect, and defend against network attacks.

Learning Objectives:

  • Apply U.S. government network operations background and doctrine.
  • Describe offensive and defensive network operations.
  • Determine offensive network operation missions, planning, and exploitation phases and methodologies.
  • Derive defensive network operation missions, planning, and methods to detect and defend against network attacks and attackers' methods.

Date: 2015

Training Purpose: Skill Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

CategorySpecialty AreaWork Roles
Collect and Operate Cyber Operations Cyber Operator
Protect and Defend Cyber Defense Analysis Cyber Defense Analyst
+ Course Modules/Units
 
Cyberspace As A Domain
Joint Publication 3-12(R), Cyberspace Operations Overview Part 1 of 3
Joint Publication 3-12(R), Cyberspace Operations Overview Part 2 of 3
Joint Publication 3-12(R), Cyberspace Operations Overview Part 3 of 3
Joint Communications Overview and Information Environment
Joint Force Communication, System Operations, and Management Planning
Legal Considerations for Cyber Operations Part 1 of 2
Legal Considerations for Cyber Operations Part 2 of 2
Adversaries in Cyberspace Part 1 of 3
Adversaries in Cyberspace Part 2 of 3
Adversaries in Cyberspace Part 3 of 3
Offensive Cyber Operations Background
Offensive Cyberspace Operations Definitions
Offensive Cyberspace Operations Planning and Legal Considerations
Offensive Methodology Planning Examples 1 of 2
Offensive Methodology Planning Examples 2 of 2
Reconnaissance Methodology Overview
Social Engineering for Reconnaissance
Reconn with Automated Correlation Tools and Search Engines Part 1 of 2
Reconn with Automated Correlation Tools and Search Engines Part 2 of 2
Network Mapping for Active Reconnaissance
Port Scanning for Active Reconnaissance
Windows Enumeration Basics
Linux Enumeration Basics
Scanning and Enumerating with Nmap
Exploitation using Direct Exploits and System Misconfiguration
Exploitation with SET Example
Exploitation
Entrenchment
Exploitation Basics
Post-Exploitation
Abuse and Attacks
Defensive Cyberspace Operations (DCO)
DCO Types of Operations
DCO Operational Goals
DCO Best Practices
Defensive Methodology: Understanding the Threat
Defensive Methodology: Tactics
Defensive Methodology: Defense-in-Depth
Incident Management Overview
Incident Management Policies, Plans and Procedures
Incident Management Team Configuration
Incident Response Lifecycle
Defending the Domain
Perimeter and Host Defenses
IDS/IPS Defined Including Advantages and Disadvantages
IDS/IPS Types and Functions
IDS/IPS Location Placements
Intrusion Detection using Snort
Reviewing Alerts and Detecting Attack Phases
Network Traffic Analysis
Methods of Network Traffic Analysis
Wireshark
Log Analysis Methods and Techniques Part 1 of 2
Log Analysis Methods and Techniques Part 2 of 2
Detecting Offensive Operations using Log Analysis
Digital Forensics Overview and Tools
Digital Forensics Methods and Techniques Part 1 of 2
Digital Forensics Methods and Techniques Part 2 of 2
Identifying Phases of Attack Using Digital Forensics
Incident Data: Profile and Analysis
Incident Reporting
Offensive and Defensive Network Operations Exam