FedVTE Course Catalog

101 Courses - Basic level courses
NICE Cybersecurity Workforce Framework Category - Analyze
NICE Cybersecurity Workforce Framework Category - Collect and Operate
NICE Cybersecurity Workforce Framework Category - Investigate
NICE Cybersecurity Workforce Framework Category - Operate and Maintain
NICE Cybersecurity Workforce Framework Category - Oversee and Govern
NICE Cybersecurity Workforce Framework Category - Protect and Defend
NICE Cybersecurity Workforce Framework Category - Securely Provision

The NICE Cybersecurity Workforce Framework can be found at: https://niccs.us-cert.gov/workforce-development/cyber-security-workforce-framework

Limit to NICE Cybersecurity Workforce Framework Category or subject:
101 Courses - Basic level courses Analyze Collect and Operate
Investigate Operate and Maintain Oversee and Govern
Protect and Defend Securely Provision
Show All Courses in All Categories

Expand/Collapse All
Advanced Windows Scripting 6 HoursSkill Level: Basic 
+ Description
 This course focusses on advanced concepts for writing scripts for the Microsoft Windows operating system. The course covers how to string multiple commands together in traditional BATCH scripts as well as leverage Visual Basic Scripting (VBS) to perform more complex tasks, and includes reinforcing video demonstrations and final assessment. Training Purpose: Securely Provision, Operate and Maintain

Specialty Areas: Software Development, Systems Administration, Systems Analysis, Customer Service and Technical Support

Training Proficiency Area: Level 1 - Basic

Capture Date: 2015

+ Course Modules/Units
 
Advanced Windows Scripting Introduction
Windows BATCH Scripting Overview
Windows BATCH Advanced Syntax Part 1 of 2
Windows BATCH Advanced Syntax Part 2 of 2
Windows Scripting Advanced Uses of FOR
Windows Scripting Syntax Tips and Tricks
Windows Scripting CALL and START Demo
Windows Scripting Subroutine Demo
Windows Scripting SET Demo
Windows Scripting PUSHD and POPD Demo
Manipulating In_Outputs
Stringing Multiple Commands Together
FOR Loop Generating List Demo
FOR Loop Recursive Listing Demo
Taking Action Based on Content of Output
Action Based on Content Output Demo
Scripts in Typical Penetration Testing Tasks Part 1 of 2
Scripts in Typical Penetration Testing Tasks Part 2 of 2
Visual Basic Scripting Syntax and Usage
Visual Basic Scripting Merge Demo
VBS Elements_Structure
VBS Elements_Variables, Arguments, and Conditionals
VBS Elements_Loops
VBS Elements_Functions and Operators
VBS Windows Scripting Host
VBS Elements_File I_O
VBS Windows Scripting Demo
VBS Error Handling and Troubleshooting
Visual Basic for Applications
Visual Basic for Application Elements
Visual Basic for Applications Working with Applications
VBA Working with Applications Demo
VBA Error Handling and Troubleshooting
VBA Error Handling and Troubleshooting Demo
Advanced Windows Scripting Quiz
Analysis Pipeline 6 HoursSkill Level: Intermediate  
+ Description
 This course is designed for network flow data analysts who use or are considering using Analysis Pipeline (http://tools.netsa.cert.org/analysis-pipeline5/index.html). The course aims to help the student better understand how to incorporate streaming network flow analysis into their toolkit for identifying and alerting on events of interest. The focus will be on applying Analysis Pipeline to operational use cases

Training Purpose - Protect and Defend, Collect and Operate, Operate and Maintain

Specialty Areas - Network Services, Cyber Operations, Cyber Defense Analysis

Training Proficiency Area: Level 2 - Intermediate

+ Course Modules/Units
 
Introduction
Configuration Files
Running Pipeline
Logical Schematics
Pipeline and Timing and State
Alerts
Configuration File Basics
Filters
Filters (Exercises and Solutions)
Evaluations
Evaluations (Exercises and Solutions)
Statistics
Internal Filters
List Configurations
Configuration File Basics (Exercises and Solutions)
Threshold Examples
Special Evaluations
Building an Analytic
Server Profiling Analytic
Host Discovery Analytic
Advanced Configurations
NTP Anomalies
Unknown SSH Brute Force
Choose Your Own Adventure
ICMP Surveying: Thinking it Through
ICMP Surveying: Building it Out
DDoS Detection: Thinking it Through
DDoS Detection: Building it Out
SSH Compromise: Thinking it Through
SSH Compromise: Building it Out
Analysis Pipeline 5
Course Lifetime ExpiringEC-Council Certified Ethical Hacker (CEHv9) Self-Study Prep 31 Hours - Will be removed 11/13/2019Skill Level: Advanced  
+ Description
 

The CEHv9 certification prep self-study course helps prepare students to sit for the EC-Council Certified Ethical Hacker version 9 certification exam. This course contains materials to aid the student in broadening their knowledge of advanced network assessment techniques including enumeration, scanning and reconnaissance. Updates to v9 from v8 include several new tools and new module on cloud considerations. Topics include reconnaissance, hacking laws, web application hacking, social engineering, packet capture, and scanning. The course then moves on to exploitation of several types of threats and how to cover your tracks, concluding with a practice exam.

Learning Objectives

  • Review of the domains and published objectives of the CEHv9
  • Supplemental resource for preparation for the EC-Council CEHv9 certification exam

Training Purpose: Operate and Maintain, Protect and Defend, Analyze

Specialty Areas: Systems Analysis, Cyber Defense Infrastructure Support, Vulnerability Assessment and Management, Threat Analysis

Training Proficiency Area: Level 3 - Advanced

Capture Date: 2016

+ Course Modules/Units
 
Certified Ethical Hacker v9 Intro
Ethical Hacking Intro and Security Reports
Security Reports Statistics
Ethical Hacking Terminology
IR in Ethical Hacking
Laws and Regulations
Ethical Hacking and Threats
Types of Attacks and Attack Vectors
Hacking Phases and Vul Research
Reconnaissance
Passive Footprinting
DEMO: WHOIS with BackTrack
Passive WHOIS Queries
Google Hacking
Active Footprinting
DEMO: Nslookup Example
Active Footprinting Cont
DEMO: Active Footprinting with Traceroute
Network Mapping and Web Mirroring
Active Footprinting Countermeasures
Scanning Essentials
Scanning Essentials Continued
Port Scanning
Vulnerability Scanning
DEMO: Banner Grabbing with Telnet
Covert Scanning
DEMO: Scanning with Nmap Demo
Additional Covert Scanning
Enumeration Overview Part 1 of 2
Enumeration Overview Part 2 of 2
Enumeration Tools
Operating System Account Enumeration
Protocol Enumeration
DEMO: NetStat Enumeration and Countermeasures
Authentication Techniques
Microsoft Authentication
Password Cracking
Password Cracking Techniques
Privilege Escalation
DEMO: Rainbow Table Lookup Sites
Keyloggers
Spyware and Activity Monitoring
Packet Sniffing Attacks
Rootkits
Covert Hacking
Covering Tracks
Virus Examples and Symptoms
Virus Classifications and Characteristics
Virus Types and Terminology
Virus Making Tools
Famous Worms
Trojan Terminology and Techniques
Trojans and Backdoors
DEMO: Shell Connections via Netcat and BackTrack
Trojan Analysis
DEMO: Trojans and Rootkits
Malware Countermeasures and Tools
DEMO: Strings Analysis
Other Malicious Code Types
Sniffers Terminology and Overview
Network Overview for Sniffer Placement
Basic Packet Analysis
DEMO: Viewing ARP Packets with Packet Builder
Attacks and Protocols Vulnerable to Sniffing
Spoofing and Flooding Sniffing Attacks
MITM Attacks Ports Vul to Sniffing
Wireshark Overview and Examples
Evasion in Network Sniffing
Sniffing Countermeasures and Tools
DEMO: Hping3
DEMO: Wireshark
Social Engineering Background and Examples
Human-based Social Engineering
Additional Human-based SE
Computer Based Social Engineering
Computer-Based SE - Social Networking
Mobile-based Social Engineering
SE and Identity Theft Countermeasures
DEMO: Social Engineering Toolkit Demo
Denial of Service Part 1 of 2
Denial of Service Part 2 of 2
Categories of Denial of Service
DEMO: HW and Mobile DoS Options
Buffer Overflow Terminology and Background
DEMO: Stack Overflow Testing wil OllyDbg
Session Hijacking Overview and Examples
Cross Site Scripting and Other Session Attacks
Session Hijacking Techniques
IPSec and Session Hijacking
Hacking Webservers Terminology and Background
Webserver Architecture
Webserver Hacking Tools
Web Server Attacks
OWASP Top 10
Webserver Hacking Countermeasures
SQL and Command Injection Web App Hacking
Non SQL Injection Errors
Parameter and Form Tampering Web App Hacking
Cross-site Scripting and Obfuscation Web App Hacks
Cross-Site Request Forgery and Cookies
Web Application Methodology
Web App Attack Tools and Countermeasures
Buffer Overflow Tools and Countermeasures
DEMO: BurpSuite
DEMO: XP cmdshell Demo
SQL Terminology and Example Statements
SQL Enumeration
SQL Injection Attacks
SQL Injection Tools and Countermeasures
DEMO: SQL Injection
Wireless Terminology and Standards
Wireless Terminology and Antennas
Wireless Authentication
Wireless-based Attacks
Wireless Attack Methodology
Wireless Attack Methodology Continued
WEP WPA and Other Wireless Attacks
Bluetooth Communication Basics
Wireless Protocols and Signal Modulation
DEMO: SSID and Channels
DEMO: WiFi Analyzer Using Mobile Device
Wireless Hacking Tools and Countermeasures
Mobile Platform Overview
Mobile Device Operating Systems
Hacking Mobile Platforms
IDS Overview and Detection Methods
DEMO: Published Snort Rules
Firewalls and Honeypots
Firewall Configurations
Signs of Intrusions
Evasion Techniques
IDS Evasion Techniques
Evasion Testing Techniques
DEMO: Intrusion Signs
Cryptography Background and Terminology
Crypto Keys and Algorithms
SHA and TLS Algorithms
DEMO: Hashing with MD5 Sum
Crypto Keys and Algorithms Continued
Cryptography Implementations
Public Key Infrastructure (PKI)
Cryptanalysis Techniques
Cryptanalysis Tools
Cryptographic Attacks
Steganography Tools
Security Testing and Assessments
Penetration Testing Terminology
Risk Management and Penetration Testing
Penn Testing Phases and Methodology
Penetration Testing Walkthrough
Penetration Testing Tools
DEMO: Exploits with Armitage
DEMO: Intro to Armitage
DEMO: v3 RunningExploitFrom Code
Introduction to Cloud Computing
Cloud Security
Cloud Architectures
Cloud Testing Tools
Cloud Threats and Attacks
CEHv9 Prep Practice Exam
New Course OfferingCertified Ethical Hacker Version 10 (CEHv10) Prep 29 HoursSkill Level: Advanced  
+ Description
 The Certified Ethical Hacker v10 Prep self-study course helps prepare students to sit for the EC-Council Certified Ethical Hacker version 10 certification exam. This course contains materials to aid the student in broadening their knowledge of advanced network assessment techniques including enumeration, scanning and reconnaissance. This course is designed for the skilled professional to use the same knowledge and tools as a malicious hacker but in an ethical and lawful manner to examine an organization's network security posture. This course concludes with a practice exam.

Learning Objectives:

  • Learn how to perform a vulnerability analysis to identify security weakness in an organization's network structure.
  • Perform a security assessment of a cloud environment to understand cloud computing threats and attacks.
  • Understand risks and defensive strategies for IoT Platforms and devices.
NICCS Specialty Areas:
  • Cyber Defense Analysis
  • Systems Analysis
  • Vulnerability Assessment and Management
Training Purpose: Skill Development

Training Proficiency Area Level 3 - Advanced

+ Course Modules/Units
 
CEHv10 Course Introduction
Information Security Reports
Ethical Hacking Defined
Ethical Hacking Terminology
Hacking Phases and Vul Research
Types of Attacks and Attack Vectors
Threat Modeling
Introduction to Physical Security
Incident Management Process
Incident Response Overview
Security Testing and Assessments
Pen Testing Phases and Methodology
Information Security Laws and Standards
Reconnaissance
Footprinting Methodologies - Passive
Footprinting Methodologies - Active
Advanced Google Hacking Techniques
Network Mapping
DEMO: WHOIS with BackTrack
DEMO: Active Footprinting with Traceroute
DEMO: Maltego for Information Gathering Part 1
DEMO: Maltego for Information Gathering Part 2
Footprinting Countermeasures
DEMO: Windows CMD Information Gathering
Scanning Essentials
DEMO: Colasoft Packet Builder
Port Scanning
DEMO: Banner Grabbing with Telnet
Covert Scanning
Covert Scanning with Proxies
DEMO: Scanning with Nmap
Common Enumeration Techniques
Enumeration Tools
Protocol Enumeration
DEMO: Scanning and Enumeration with Nmap
Understanding System Vulnerabilities
Passive and Active Vul Scanning
Vulnerability Assessment Lifecycle and CVSS
Common Vulnerabilities and Exposures (CVE)
Vulnerability Scanning
DEMO: Vulnerability Scanning with Nessus
Authentication Techniques
Microsoft Authentication
Password Cracking
Privilege Escalation
DEMO: Rainbow Table Lookup Sites
Keyloggers
Spyware and Activity Monitoring
Packet Sniffing Attacks
Covert Hacking
Hiding Files - Rootkits
DEMO: Kernel-Level Rootkits
Covering Tracks
Malware Awareness
Trojan Terminology and Techniques
Trojans and Backdoors
Virus Examples and Symptoms
Virus Classifications and Characteristics
Virus Making Tools
Other Malicious Code Types
Malware Countermeasures and Tools
DEMO: Bind and Reverse Shell
DEMO: Strings Analysis
Sniffers Terminology and Overview
Network Overview for Sniffer Placement
Basic Packet Analysis
Address Resolution Protocol (ARP)
DEMO: Viewing ARP Packets with Packet Builder
Spoofing and Flooding Sniffing Attacks
MITM Attacks Ports Vul to Sniffing
Wireshark Overview and Examples
Evasion in Network Sniffing
Sniffing Countermeasures and Tools
DEMO: Hping3
DEMO: Wireshark
Social Engineering Background and Examples
Human-Based Social Engineering
Computer-Based Social Engineering
Computer Based SE - Social Networking
Social Engineering with Mobile Applications
SE and Identity Theft Countermeasures
DEMO: Social Engineering Toolkit
DEMO: Leveraging Armitage in Phishing Attack
DoS Impacts and Classifications
Categories of Denial of Service
Botnets and Disruption Attacks
DoS Symptoms and Tools
Buffer Overflow Terminology and Background
Session Hijacking Overview and Examples
Compromising Session Attacks
Session Hijacking Techniques
Session Hijacking Tools
IPSec and Session Hijacking
Firewalls and Honeypots
Firewall Configurations
IDS Overview and Detection Methods
IDS, Firewall, and Honeypot Evasion
Evasion Techniques
Evasion Testing Techniques
DEMO: Intrusion Signs
Common Web Server Attack
Webserver Architecture
OWASP Top 10 and Beyond
Webserver Hacking Countermeasures
SQL and Command Injection Web App Hacking
Non SQL Injection Errors
Parameter and Form Tampering Web App Hacking
Cross-site Scripting and Obfuscation Web App Hacks
Cross-site Request Forgery and Cookies
Web Application Pen Test Methodology
Web App Tools and Countermeasures
Buffer Overflow Tools and Countermeasures
DEMO: BurpSuite
SQL Terminology and Example Statements
SQL Enumeration
SQL Injection Attacks
SQL Injection Tools and Countermeasures
DEMO: SQL Inject Attacks
Wireless Terminology and Standards
Wireless Terminology and Antennas
Wireless Authentication
Wireless-Based Attacks
Wireless Attack Methodology Part 1 of 2
Wireless Attack Methodology Part 2 of 2
WEP, WPA and Other Wireless Attacks
Bluetooth Communication Basics
Wireless Protocols and Signal Modulation
DEMO: SSID and Channels
DEMO: Wireless Hacking
Wireless Hacking Tools
Wireless Hacking Countermeasures
Mobile Platform Overview
OWASP IoT Vuls and Countermeasures
Mobile Device Operating Systems
Hacking Mobile Platforms
Mobile Device Management and Risks
Mobile Device Security
Internet of Things (IoT) Concepts
Internet of Things (IoT) Attacks and Mitigation
Introduction to Cloud Computing
Cloud Architectures and Deployment Models
Cloud Threats and Attacks
Cloud Security
Cloud Testing Tools
Cryptography Background and Terminology
Crypto Keys and Algorithms
SHA and TLS Algorithms
DEMO: Hashing with MD5 Sum
Cryptography Implementations
Public Key Infrastructure (PKI)
Cryptanalysis Techniques
Crypto Attacks
DEMO: Encryption with TrueCrypt
Digital Signatures
Certified Ethical Hacker Practice Exam
LAB: Using a Simulated Botnet to Conduct a Distributed Denial of Service
Cisco CCENT Self-Study Prep 13 hoursSkill Level: Intermediate
+ Description
 The Cisco CCENT Prep course is a self-study resource for learners preparing for the Cisco CCENT certification, one of the prerequisites for the Cisco CCNA certification. Installing, operating, configuring, and verifying a basic IPv4 and IPv6 network will be discussed. Students will also be introduced to configuring a local area network (LAN) switch, configuring an internet protocol (IP) router, and identifying basic security threats. The course includes several reinforcing video demonstrations of concepts discussed, as well as a quiz.

Training Purpose: Operate and Maintain

Specialty Areas: Network Services, Systems Administration, Systems Analysis, Customer Service and Technical Support

Training Proficiency Area: Level 2 - Intermediate

Capture Date: 2015

+ Course Modules/Units
 
Switched Networks Part 1 of 2
Switched Networks Part 2 of 2
Collisions and Broadcasts
DEMO: Viewing an ARP Table
Basic Switch Configuration
SSH Operation and Configuration
Configuring Switch Ports
Switch Troubleshooting
Securing a Switch
Best Practices for Switched Networks
DEMO: Making an RJ-45 Cable
VLAN Segmentation Part 1 of 2
VLAN Segmentation Part 2 of 2
VLAN Implementations
VLAN Security and Design
DEMO: Configuring VLANs
DEMO: Demonstrating VLAN Connectivity
Functions of a Router Part 1 of 2
Functions of a Router Demo
Functions of a Router Part 2 of 2
Configuring Basic Router Settings
DEMO: IPv4 and IPv6 Subnetting
Basic Router Settings_IPv6 and Loopback Interfaces
Verifying Connectivity of Directly Connected Networks
Switching Packets Between Networks
Routing Tables and Protocols
DEMO: IPv6 Header Analysis
DEMO: MAC Address Table
DEMO: IPv4 Addresses and Router Interfaces
DEMO: IPv6 Addressing on Router Interfaces
Inter-VLAN Routing Configuration
Layer 3 Switching
Static Routing
Configure Static Routing
Classful Addressing and Routing
Configuring Summary Routes
Troubleshooting Static and Default Routes
DEMO: Static Routing
Dynamic Routing Protocol Operation
Routing Protocol Operating Fundamentals
Types of Routing Protocols
Types of Distance Vector Routing Protocols
Configuring the RIP Protocol
RIPng and Link-State Routing
DEMO: RIP Version 1 and IPv4
DEMO: RIP Version 2 Improvements
DEMO: Setting up RIP for IPv6
Characteristics of OSPF
OSPF Messages
OSPF Router IDs
Configuring and Verifying OSPF
OSPFv2 versus OSPFv3
DEMO: Configuring OSPF
DEMO: Troubleshooting OSPFv2
DEMO: Configuring OSPFv3
DHCPv4 Operation
Configuring and Troubleshooting DHCPv4
DEMO: DHCPv4
SLAAC and DHCPv6
Stateless and Stateful DHCPv6
DEMO: Stateless DHCPv6
NAT Characteristics and Benefits
Types of NAT
Configuring Static and Dynamic NAT
Configuring PAT and Port Forwarding
DEMO: Enabling IPv4 NAT
Configuring and Troubleshooting NAT for IPv6
CCENT Prep Practice Exam
Cloud Computing Security 1 HourSkill Level: Intermediate 
+ Description
 This course provides an in-depth look at the strengths and weaknesses of cloud computing security as well as the considerations to take in choosing the cloud as a data management solution. Technical and operational risks are explained, along with strategies to mitigate the aforementioned risks. To demonstrate concepts learned, the course closes with a real-world example of how a government agency (Defense Information Systems Agency) utilizes cloud computing solutions.

Training Purpose: Securely Provision, Operate and Maintain

Specialty Areas: Systems Analysis, Network Services, Systems Requirement Planning

Training Proficiency Area: Level 2 - Intermediate

Course Capture Date: 2010

+ Course Modules/Units
 
What is Cloud Computing?
Technical Risks
Operational Risks
Risk Mitigation Strategies
Cisco CCNA Security Self-Study Prep 15 Hours Skill Level: Intermediate
+ Description
 The Cisco CCNA Security Self-Study Prep course is aimed at those who already have experience with routers and basic level networking skills, and those who may be interested in taking the Cisco CCNA Security exam. Content covered in the CCNA Security Prep course include protocol sniffers, analyzers, TCP/IP, desktop utilities, Cisco IOS, the Cisco VPN, a Cisco simulation program called Packet Tracer, and some web-based resources. Students will get a theoretical understanding of network security, knowledge and skills designed to implement it. This self-study resource contains several reinforcing video demonstrations and final exam.

Training Purpose: Operate and Maintain

Specialty Areas: Network Services, Systems Administration, Systems Analysis, Customer Service and Technical Support

Training Proficiency Area: Level 2 - Intermediate

Capture Date: 2015

+ Course Modules/Units
 
Securing Network Devices
Secure Administrative Access Part 1 of 2
Secure Administrative Access Part 2 of 2
DEMO: Securing Router Access Methods
Role-Based CLI Overview
Password Recovery
Management Reporting and Logging Considerations
Implementing Log Messaging for Security
Configuring NTP
Disabling Unused Cisco Router Network Services and Interfaces
AAA Authentication Methods
Implementing Local AAA Authentication
Implementing Server-Based AAA Authentication
Cisco Secure ACS
Configuring Server-Based AAA Authentication
Server-Based Authorization and Accounting
Implementation Firewall Technologies
Access List Controls (ACLs)
Extended ACLs and ACL Caveats
ACL Placement
Complex ACLs
Troubleshooting ACLs
Securing Networks with Firewalls
Zone-Based Policy Firewalls
CCP Firewall Wizard and Manual ZPF using CCP
DEMO: Enabling IOS Firewall
Implementing Intrusion Prevention Intro
IPS Signatures
Signature Trigger and Action for IPS
Managing and Monitoring IPS
Configuring and Verifying IOS IPS
Securing the Local Area Network Intro
Layer 2 Security Part 1 of 2
Layer 2 Security Part 2 of 2
Mitigating MAC Spoofing and MAC Table Overflow Attacks
Mitigating STP Manipulation
Configuring Storm Control
Mitigating VLAN Attacks
Configuring Cisco Switch Port Analyzer
Private VLAN Edge
Advanced Technology Security Considerations
Wireless Networks
VoIP and SAN Networks
DEMO: Enabling STP with Voiceover
Cryptographic Systems and Hashes
Encryption and Confidentiality
Public Key Cryptography and PKI
VPN Terminology and Topologies
IPSec Frameworks and Key Exchange
IPSec Tasks
Configuring IPsec VPN using CCP
Remote-Access VPNs
Managing a Secure Network and Addressing Risks
Operations Security
Network Security Testing
Continuity Planning
SDLC
Security Policy
ASA Models and Features
Basic ASA Configuration and Settings
Introduction to ASDM
ASA Objects and Object Groups
ACLs for ASA
ASA and NAT
ASA and PAT
ASA AAA
Modular Policy Framework
ASDM Service Policies Demo
ASA VPN Features
ASDM AnyConnect VPN Wizard
DEMO: ASA Console Config
DEMO: ASA GUI Config
DEMO: ASA Traffic Management
CCNA Security Prep Practice Exam
CMaaS Transition Classroom Sessions 5 HoursSkill Level: Basic 
+ Description
 This course is part of the CMaaS transitional webinar series conducted via WebEx. Each video focuses on a single tool within the CMaaS solution stack, and includes two major Use Cases for each tool.

Training Proficiency Level: Level 1 - Basic

Capture Date: 2018

+ Course Modules/Units
 
Session 1
Session 2
Session 3
Session 4
New Course OfferingCourse Lifetime ExpiringCompTIA A+ 220-901 Certification Prep 12 HoursSkill Level: Basic
+ Description
 The CompTIA A+ 901 certification prep course is a self-study resource to help students prepare for the CompTIA A+ certification exam. The A+ exam covers both 220-901 and 220-902 objectives. Topics covered in the 901 prep include maintenance and configuration of PCs and devices, basics of networking, troubleshooting software and hardware issues, and customer support. Learning objectives:
  • Provide a review of the four knowledge area domains in the CompTIA A+ 220-901 exam objectives.
  • Supplemental self-study preparation resource for the CompTIA A+ certification exam.
  • Understand the basics of device installation, troubleshooting, and customer support.
Training Purpose: Skill Development Specialty Areas: (Operate and Maintain) Customer Service and Technical Support, Network Services, System Administration Training Proficiency Area: Level 1 - Basic
+ Course Modules/Units
 
CompTIA A+ 220-901 Prep Course Introduction
Computing System Components
Central Processing Unit (CPU)
Sockets and Processing
Virtualization and Temperature Monitoring
DEMO: CPU Characteristics and Installation
RAM Basics and Types of RAM
Upgrading and Installing RAM
DEMO: RAM Installation and Verification
BIOS Components, Configurations and Settings
DEMO: BIOS Overview
Motherboard Form Factor, Chipset and Components
Motherboard Expansion Slots and Card Installation
Installing New Motherboard
Power Supply and Connectors
Display Types and Features
Display Connector and Cable Types
Hard Drive Basics
Hard Drive RAID Types
Hard Drive Interfaces
DEMO: Hard Drive Installation and Initializing
DEMO: Software Virtualization
Common Peripheral Devices
Removable Media
Audio/Video Standards
PC Configurations
DEMO: Inside Desktop Computer
Printer Types
Printer Languages and Installation
Printer-Scanner Maintenance and Troubleshooting
SOHO Network
Fiber and Coaxial Cables and Connectors
Patch Panels, Ethernet Standards and LAN
IP Address, Ports and Protocols Part 1 of 3
IP Address, Ports and Protocols Part 2 of 3
IP Address, Ports and Protocols Part 3 of 3
Wireless Networks and WiFi Standards
Configuring a SOHO Network
Network Types
Network Devices: Routers
Network Devices: Hubs, Switches and Firewalls
Hardware Tools for Connectivity Issues
Laptops and Mobile Devices
Laptop Expansion Options, Docking and Locks
Laptop Hardware Replacement
Laptop Special Functions and Features
DEMO: Laptop Computer Components
Characteristics of Various Mobile Device Types
Mobile Device Ports and Accessories
Network Troubleshooting Process
Troubleshooting Hardware, Video, Networks and OS
DEMO: Troubleshooting Hard Drives
Network Troubleshooting Methodology
DEMO: Troubleshooting Network Issues
Troubleshooting Common Video and Display Issues
CompTIA A+ 220-901 Prep Practice Exam
New Course OfferingCompTIA A+ (220-1001) Certification Prep 14 HoursSkill Level: Basic
+ Description
 

The CompTIA A+ (220-1001) certification prep course is a self-study resource to help students prepare for the CompTIA A+ certification exam. Topics covered in the CompTIA A+ 220-1001 cover mobile devices, networking technology, hardware, virtualization and cloud computing and network troubleshooting.

Learning objectives:

  • Supplemental self-study preparation resource for the CompTIA A+ 220-1001 certification exam.
  • Identify installation, configuration, and maintenance details for PC components, mobile devices, and user applications.
  • Recall basics of networking and security fundamentals
  • Apply troubleshooting techniques and satisfactory customer support.

NICCS Specialty Areas:

  • (Operate and Maintain) Customer Service and Technical Support
  • Network Services
  • System Administration

Training Purpose: Skill Development

Training Proficiency Area: Level 1 - Basic

+ Course Modules/Units
 
Laptops and Mobile Devices
Laptop Expansion Options, Docking and Locks
Laptop Hardware Replacement
Laptop Special Functions and Features
DEMO: Laptop Computer Components
Characteristics of Various Mobile Device Types
Mobile Device Ports and Accessories
Network Services and Protocols
IP Address, Ports, and Protocols Part 1 of 3
IP Address, Ports, and Protocols Part 2 of 3
IP Address, Ports, and Protocols Part 3 of 3
DEMO: Windows Command-Line Tools
Patch Panels, Ethernet Standards and LAN
Wireless Networks and WiFi Standards
Network Devices: Routers
Network Devices: Hubs, Switches and Firewalls
SOHO Network
Network Types
Technologies that Facilitate IoT
IoT Attacks and Mitigation
Wireless Protocols and Signal Modulation
Fiber, Coaxial Cables and Connectors
Display Connector and Cable Types
Computing System Components
Hard Drive Interfaces
Power Supply and Connectors
RAM Basics and Types of RAM
Upgrading and Installing RAM
DEMO: RAM Installation and Verification
Hard Drive Basics
Hard Drive RAID Types
Removable Media
Motherboard Form Factor, Chipset and Components
Motherboard Expansion Slots and Card Installation
Installing New Motherboard
BIOS Components, Configuration, and Settings
DEMO: BIOS Overview
DEMO: Hard Drive Installation and Initializing
PC Configurations
DEMO: Inside Desktop Computer
Central Processing Unit (CPU)
Sockets and Processors
Virtualization and Temperature Monitoring
DEMO: CPU Characteristics and Installation
Common Peripheral Devices
Display Types and Features
Audio/Video Standards
Configuring a SOHO Network
Printer Types
Printer Languages and Installation
Introduction to Cloud Computing
Cloud Architectures
Cloud Security
Virtual Environments
Network Troubleshooting Process
Network Troubleshooting Methodology
PC Troubleshooting Tools
Troubleshooting Common Symptoms of System Issues
Troubleshooting Hardware, Video, Networks and OS
DEMO: Troubleshooting Hard Drives
Troubleshooting Common Video and Display Issues
Troubleshooting Mobile Device Issues
Hardware Tools for Connectivity Issues
Printer and Scanner Maintenance and Troubleshooting
DEMO: Troubleshooting Network Issues
CompTIA A+ 220-1001 Practice Exam
New Course OfferingCourse Lifetime ExpiringCompTIA A+ 220-902 Certification Prep 8.5 HoursSkill Level: Basic
+ Description
 The CompTIA A+ 902 certification prep course is a self-study resource to help students prepare for the CompTIA A+ certification exam. The A+ exam covers both 220-901 and 220-902 objectives. Topics covered in the 902 prep installation and configuration of devices and software, networking and security basics, troubleshooting and diagnosing issues, as well as operational procedures. Learning objectives:
  • Provide an overview of the five knowledge area domains in the CompTIA A+ 220-902 exam objectives.
  • Supplemental self-study resource for the CompTIA A+ certification exam
  • Understand the basics of device configuration, networking, and applying troubleshooting theory.
Training Purpose: Skill Development Specialty Areas: (Operate and Maintain) Customer Service and Technical Support, Network Services, System Administration Training Proficiency Area: Level 1 - Basic
+ Course Modules/Units
 
CompTIA A+ 220-902 Prep Course Introduction
Microsoft Operating System Versions
Upgrading Windows Operating Systems
Windows Operating System Features Part 1 of 2
DEMO: File Structure and Paths
DEMO: Creating and Managing Disk Folders
Windows Operating System Features Part 2 of 2
Windows OS Installation Options
Windows Command-line Tools Part 1 of 2
DEMO: Windows Command-Line Tools
Windows Command-line Tools Part 2 of 2
DEMO: Windows OS GUI Tools Part 1 of 2
DEMO: Windows OS GUI Tools Part 2 of 2
Windows OS GUI Tools Best Practices
Windows Networking and Resource Sharing
DEMO: Image Backup and Restore on Windows
DEMO: Linux Commands
Best Practices and Common Features of OS X
Introduction to Cloud Computing
Cloud Architectures
Network Services and Protocols
Mobile Device Security Introduction
Mobile Device Security Introduction Cont.
Android Introduction
Android Security
Android Application Security
DEMO: Installing Antivirus
File System for iOS Devices
Understanding the Basics of iOS
Understanding iOS Security Architecture
iOS Jailbreaking
Malware and Social Engineering Threats
Threats to Physical Security
Physical Security Considerations
Infrastructure Physical Security
Laptop Security
TEMPEST
Physical Security Access Controls
Biometric Access Control Devices
Authentication
DEMO: Windows Hidden File Properties
Symptoms, Troubleshooting and Preventing Infection
Mobile Device Security Best Practices
Data Destruction and Disposal Methods
SOHO Network
PC Troubleshooting Tools
Troubleshooting Common Symptoms of System Issues
Troubleshooting System Crash and Failure-to-Boot
Troubleshooting Mobile Device Issues
Safety Procedures and Personal Safety
IT Environmental Controls
Incident Response Concepts
Intellectual Property and Licensing
Professional Communication and Troubleshooting
CompTIA A+ 220-902 Prep Practice Exam
New Course OfferingCompTIA A+ (220-1002) Certification Prep 7.5 HoursSkill Level: Basic
+ Description
 

The CompTIA A+ 1002 certification prep course is a self-study resource to help students prepare for the CompTIA A+ certification exam. Topics in the A+1002 covers installing and configuring operating systems, expanded security, software troubleshooting and operational procedures.

Learning objectives:

  • Supplemental self-study preparation resource for the CompTIA A+ 220-1002 certification exam.
  • Apply diagnostic and resolution processes to hardware and software issues
  • Employ device installation and sound troubleshooting and customer support practices.
  • Recall fundamentals of cloud and virtualization deployment strategies

NICCS Specialty Areas:

  • (Operate and Maintain) Customer Service and Technical Support
  • Network Services
  • System Administration

Training Purpose: Skill Development

Training Proficiency Area: Level 1 - Basic

+ Course Modules/Units
 
Microsoft Operating System Versions
Understanding Windows Compatibility Risks
File System for iOS Devices
Understanding the Basics of iOS
Understanding iOS Security Architecture
Windows Command-line Tools
DEMO: Windows Command-Line Tools
Demonstration: Windows OS GUI Tools Part 1 of 2
Demonstration: Windows OS GUI Tools Part 2 of 2
Windows Operating System Features Part 1 of 2
Windows Operating System Features Part 2 of 2
Windows OS GUI Tools Best Practices
Demonstration: Creating and Managing Disk Folders
Demonstration: Windows Hidden File Properties
Demonstration: File Structure and Paths
Windows Firewall Zones
Application Events and Security Events
Windows Event Forwarding
Windows Networking and Resource Sharing
Demonstration: Image Backup and Restore on Windows
Demonstration: Linux Commands
Best Practices and Common Features of OS X
Physical Security Concerns and Controls
DEMO: Physical Security
Infrastructure Physical Security
Identification and Authentication Methods
Demonstration: Installing Antivirus
Authentication Services
Malware and Social Engineering Threats
Symptoms, Troubleshooting and Preventing PC Infections
Host Security Controls Part 1 of 2
Host Security Controls Part 2 of 2
Windows 10 Security Features
Mobile Based Social Engineering
Mobile Device Security Best Practices
Data Destruction and Disposal Methods
Configuring a SOHO Network
PC Troubleshooting Tools
Troubleshooting Common Symptoms of System Issues
Troubleshooting System Crash and Failure-to-Boot Issues
Troubleshooting Mobile Device Issues
Safety Procedures and Personal Safety
IT Environmental Controls
Incident Response Concepts
Intellectual Property and Licensing
Professional Communication and Troubleshooting Theory
Procedures Supporting Policy
Scripting Basics Overview
CompTIA A+ 220-1002 Practice Exam
New Course OfferingCompTIA Cybersecurity Analyst (CySA+) Prep 12.5 HoursSkill Level: Intermediate  
+ Description
 The CompTIA Cybersecurity Analyst (CySA+) self-study certification prep course is designed to help prepare candidates to sit for the CySA+ exam, as well as reinforce concepts for work roles such as Systems Security Analyst, Threat Analyst, and Vulnerability Assessment Analysts. This intermediate-level course focuses on analysis and defense techniques leveraging data and tools to identify risks to an organization, and apply effective mitigation strategies. They CySA+ is an approved baseline certification of the DoD Directive 8570.
Learning objectives:
  • Provide a review of the following four skills: threat management, vulnerability management, security architecture and tool sets, and cyber incident response.
  • Supplemental self-study preparation resource for the CompTIA CySA+ exam.
  • Understand how to configure and use threat detection tools, perform data analysis, identify vulnerabilities, threats and risks, and secure and protect applications and systems within an organization.
Training Purpose: Skill Development
Specialty Areas: (Protect and Defend, Operate and Maintain, Securely Provision) Vulnerability Assessment and Management, Systems Analysis, Cyber Defense Analysis
Training Proficiency Area: Level 2 - Intermediate
Capture Date: 2018
+ Course Modules/Units
 
CySA Course Introduction
Reconnaissance
Port Scanning for Active Reconnaissance
Environmental Reconnaissance Tools
Social Engineering for Reconnaissance
Network Mapping for Active Reconnaissance
Syslog
Reviewing Alerts/Detecting Attack Phases
Common Tasks in Environmental Reconnaissance
Environmental Reconnaisannce Variables
Basic Packet Analysis
Methods of Network Traffic Analysis
Network Traffic Analysis
Netflows
Working with Netflows
Netflow Tools
Examining Log Files
Data Correlation and Analytics
Analyzing Device Data
SIEM
DEMO: Wireshark Packet Analyzer
Hardening Network Devices
Network Segmentation and Design
Honeypot
Endpoint Security
Windows Group Policy
Access Control Models
Remote Authentication - Radius and Tacacs+
Hardening Host and Networked Systems
Compensating Controls
Corporate Penetration Testing
Reverse Engineering Purpose and Practice
Team Training and Exercises
Risk Evaluation and Security Controls
Vulnerability Assessment Introduction
Vulnerability Management Requirements
Vulnerability Scanner Configuration
Vulnerability Assessment Tools
Scanning and Enumeration with Nmap
Intro to Vulnerability Scanning with Nessus
Vulnerability Remediation
Scanning and Report Viewing with OpenVAS
Endpoint and Protocol Analysis
Logging Strategies and Sources
Reviewing, Analyzing and Correlating Logs
Network Vulnerabilities
System Vulnerabilities
Web Application Vulnerabilities
Wireless Network Vulnerabilities
Virtual Infrastructure Vulnerabilities
Threats to Mobile Devices
ICS and SCADA Systems Security
Malware and Social Engineering Threats
Preparing for Impact Analysis
Forensics Kit and Incident Response
Forensic Investigation Suite
Setting Up an Analysis Environment
Communication During Incident Response
Common Symptoms of Host Infection
Incident Response and Recovery Part 1 of 2
Incident Response and Recovery Part 2 of 2
Regulatory Compliance and Frameworks
Control Selection Tailoring and Implementation
Verification and Quality Control
Procedures Supporting Policy
Enterprise Network Authentication Part 1 of 2
Enterprise Network Authentication Part 2 of 2
Cross-site Scripting and Other Exploits
Privilege Escalation Exploit
Technical Processes and Controls
Software Development Models and SDLC
Code Review and Testing
Secure Coding Best Practice Resources
Preventative Cyber Tools
Collective Cyber Tools
Analytical Cyber Tools
Exploit Cyber Tools
Forensics Cyber Tools
CySA Prep Practice Quiz
New Course OfferingCompTIA Network+ N10-007 18 HoursSkill Level: Basic
+ Description
 This Network+ prep course is a self-study resource designed to help students prepare to sit for the CompTIA Network+ 10-N007 certification exam. The Network+ certification is focused on IT infrastructure and networking concepts for junior to mid-level IT professionals in the cyber workforce. Topics covered include network operations, security, troubleshooting and tools, and well as infrastructure support.

Learning Objectives:

  • Design and implement a functional network
  • Configure, manage and maintain network security, standards and protocols
  • Troubleshoot network issues
  • Create and support virtualized networks

NICCS Specialty Areas:

  • Operate and Maintain
  • Network Services
  • System Administration
  • Customer Service and Technical Support

Training Purpose: Skill Development

Training Proficiency Area: Level 1- Basic

+ Course Modules/Units
 
Net+N100-007 Introduction
Ports and Protocols Part 1 of 2
Ports and Protocols Part 2 of 2
OSI Layers
Properties of Network Traffic
VLANs and VTP
Routers and Routing Protocols
Routing Tables and Types
IP Addressing – IPv6
Traffic Filtering and Port Mirroring
Network Performance Optimization
IP Addressing Components
Subnetting
Network Topologies
Technologies that Facilitate IOT
Wireless Standards Part 1 of 2
Wireless Standards Part 2 of 2
DEMO: Wireless Architecture
Introduction to Cloud Computing
Cloud Security
DNS Service
Dynamic Host Configuration Protocol (DHCP)
Ethernet Standards
Cables and Wires
Cable Termination and Fiber Optic
DEMO: Cables and Connectors
Firewall Implementations
Network Components – Hubs and Switches
DEMO: Contrasting Hubs, Switches,VLANS
Router Setup and MAC Filtering
Installing and Configuring Wireless Networks
SOHO Network
Telephony, VoIP
Network Security Appliances IDS
Advanced Security Devices
Virtual Environments
Network Storage Connection Types
Network Storage and Jumbo Frames
Wide Area Network Technologies
Configuration Management Documentation
Business Continuity and Disaster Recovery
Fault Tolerance and Availability Concepts
Maintainability: MTTR and MTBF
Security Device and Technology Placement
DEMO: Introduction to SNMP
Network Access Security
Remote Access Methods
Operations Policies and Best Practices
Mobile Device Deployment Models
Physical Security Devices
Authentication Services
PKI Public Key Infrastructure
Examples of PKI Use
Network Access Control
Wireless Encryption and Authentication
DoS and MITM Attacks
Wireless Threats and Mitigation
Understanding Insider Threat
DEMO: Malware and Social Engineering Threats
Hardening Network Devices
Switch Loop Protocol
Network Segmentation and Design
Honeypot
Corporate Penetration Testing
Network Troubleshooting Methodology
Hardware Tools for Connectivity Issues
Software Tools for Connectivity Issues
DEMO: NSlookup Dig Google Toolbox
Physical Connectivity Problems
Cable Troubleshooting
Wireless Troubleshooting
Troubleshooting Routers and Switches
Technologies that Facilitate IOT
Network+ N10-007 Exam
New Course OfferingCompTIA Security+ (SY0-501) Certification Prep 17.5 HoursSkill Level: Basic 
+ Description
 The CompTIA Security+ (SY0-501) Certification Prep is a self-study resource to help candidates prepare for the Security+ (SY0-501) certification exam. The topics covered are categorized into the six domain areas of the SY0-501 exam objectives: Threats and Vulnerabilities, Technology and Tools, Architecture and Design, Identity and Access Management, Risk Management, and Cryptography.

Learning Objectives:
  • Supplemental preparation for the CompTIA Security+ SY0-501 Certification Exam
  • List common cyber threats and how scanning and assessment tools and techniques identify potential vulnerabilities
  • Explain how various tools and technologies are configured or deployed to support an organization's security posture
  • Detail risk management best practices and mitigation strategies
NICCS Specialty Areas:
  • Systems Analysis (Operate and Maintain)
  • Systems Administration (Operate and Maintain)
  • Network Services (Operate and Maintain)
  • Vulnerability Assessment and Management (Protect and Defend)
Training Purpose Skill Development
Training Proficiency Area Level 1- Basic
+ Course Modules/Units
 
Security+ (SY0-501) Course Introduction
Malware: Viruses
Malware: Rootkits, Trojans, Botnets
MITM, DoS, Packet Flooding and Other Attacks
Backdoor, Spoofing, Replay and Other Attacks
Password, Birthday, Crypto and Application Attacks
Social Engineering Techniques
Wireless Attacks
Application Attacks
Threat Actors
Assessment Tools and Techniques
Active and Passive Reconnaissance
Security Testing and Assessment
Firewall Implementations
Proxy Server Implementations
Hubs and Switches
Routers and Routing Protocols
Remote Access and VPNs Part 1 of 2
Remote Access and VPNs Part 2 of 2
Network Intrusion Detection Systems
Host-Based Intrusion Detection Systems
Password Cracking Categories and Tools
Password Cracking Techniques
DEMO: Local Information Gathering Tools
DEMO: Network Connectivity Testing Tools
DEMO: Remote Information Gathering Tools
Mobile Device Security
Mobile Device Deployment
Network Security Protocols
Network Services and Protocols
Frameworks and Reference Architectures
Network Zones
Demilitarized Zones (DMZ) Implementations
Security Device and Technology Placement
Host Security: OS Hardening and Firewalls
Host Security: Anti Virus, Malware and Spam
Host Security: Pop Ups and Patch Management
Secure Static Environment
Secure Staging Deployment Concepts
Cloud and Virtualization Concepts
Cloud Architectures
Host Security: Virtualization
Resiliency and Automation to Reduce Risk
Physical Security and Environmental Controls
Access Control Categories
Authentication Services
Access Control Models
Authentication and Authorization Concepts
Biometric Authentication
Account Management
Identity Management
Security Awareness and Training
Risk and Related Concepts
Risk and Asset Identification
Threat and Risk Calculation
Risk Control Types
Security Control Types and Categories
Basic Forensics Procedures
Incident Handling and Forensics
Incident Response Preparation
Risk Management: Business Continuity
Risk Management: Redundancy and Fault Tolerance
Risk Management: Disaster Recovery
Risk Mitigation Strategies
Data Security
Data Destruction and Disposal Methods
Data Sensitivity and Handling
Mitigation and Deterrence: Logging
Mitigation and Deterrence: Hardening
Mitigation and Deterrence: Network Security
Mitigation and Deterrence: Attack Countermeasures
Cryptography Part 1 of 2
Cryptography Part 2 of 2
Wireless Security Evolution
Wireless Security Best Practices
Cryptographic Keys and PKI
Security+ (SY0-501) Certification Prep Exam
New Course OfferingCyber Awareness Challenge 2019 1 hourSkill Level: Basic
+ Description
 This course provides an overview of cybersecurity threats and best practices to keep information and information systems secure. Every year, authorized users of certain information systems must complete the Cyber Awareness Challenge to maintain awareness of, and stay up-to-date on new cybersecurity threats. The training also reinforces best practices to keep personal information and information systems secure, and stay abreast of changes in general cybersecurity policies.
+ Course Modules/Units
 
Cyber Awareness Challenge
New Course OfferingCyber Dark Arts 3 HoursSkill Level: Intermediate  
+ Description
 

Cyber Dark Arts highlights ‘dark’ or deceptive activities that are employed by malicious users via the Internet. Several legitimate purpose technologies and techniques and how they are leveraged, or manipulated for fraudulent purposes, is discussed. Threats from topics such as zero-day attacks, dark web, alternate OSs, VPN/TOR, weaponized psychology, and anonymous services will be detailed, as well as methods for concealing one’s identity. These methods are taught in order for cybersecurity experts to defend against such attacks. The course includes reinforcing video demonstrations.

Learning Objectives:

  • Explain several techniques for obfuscating online activities
  • List examples of technologies leveraged for deceptive purposes
  • Detail best practices for prevention and protection from malicious cyber activities

NICCS Specialty Areas:
  • Collect and Operate: Cyber Operations
  • Operate and Maintain: Systems Analysis
  • Protect and Defend: Cyber Defense Analysis

Training Purpose: Skill Development

Training Proficiency Area Level 2 - Intermediate

+ Course Modules/Units
 
Cyber Dark Arts
Weaponized Psychology
DEMO: Password Cracking Using Hydra
Scanning for Vulnerable Devices and Networks
Anonymous Web Hosting, Searching, and Browsing
Alternative Operating Systems
Tails, Whonix, and Qubes
Secure Messaging Services
Blockchain and Cryptocurrency
DEMO: Blockchain and Cryptocurrency
DEMO: Iodine IP over DNS
DEMO: TOR versus Traditional Tunneling
Advanced Persistent Threats
Cyber Dark Arts Exam
Demilitarized Zone (DMZ) with IDS/IPS 9 HoursSkill Level: Intermediate 
+ Description
 This course introduces the concept of a network Demilitarized Zone (DMZ) and the security benefits it can provide. Best practices for designing and implementing a DMZ is followed with a section on IDS and IPS systems that includes an in-depth look at SNORT for network monitoring. The course concludes with log analysis and management best practices.

Training Purpose: Skill development

Specialty Area: Computer Network Defense Infrastructure Support, Network Services, Systems Security Analysis, System Administration

Training Proficiency Area: Level 2 - Intermediate

Capture Date: 2013

+ Course Modules/Units
 
Demilitarized Zone (DMZ) Introduction
DMZ Architecture
DMZ Components: Firewalls Part 1 of 2
DMZ Components: Firewalls Part 2 of 2
Setting up a DMZ using IPTables Demo
DMZ Components: IDS
DMZ Components: IDS/IPS Placement
DMZ Components: Proxy Servers
DMZ Components: Network Servers
DMZ Architectures
Attacking the DMZ Part 1 of 2
Attacking the DMZ Part 2 of 2
DMZ Attack Types Part 1 of 2
DMZ Attack Types Part 2 of 2
DMZ: Open Source vs Commercial Implementations
DMZ: Software Subscription Services
Open Source DMZ Tools Part 1 of 2
Open Source DMZ Tools Part 2 of 2
Proxy Concepts
DNS Concepts
Web Server Concepts
E-mail Relay and VPN Concepts
DMZ and Commercial Software - Part 1
DMZ and Commercial Software - Part 2
Security Capabilities in a DMZ
Security Capabilities in Procmail Demo
Network Security Appliances IDS
Snort Intro and Overview
Using BASE w Snort DB
Snort Demo
Log Mgmt and Analysis Concepts
SYSLOG Basics
Using Swatch Overview
Log Management Best Practices
Proxy and DNS Log File Concepts
Analyzing Proxy and DNS Log Files
DMZ with IDS/IPS Course Quiz
DNSSEC Training Workshop 2 HoursSkill Level: Advanced
+ Description
 This course covers the basics of DNSSEC, how it integrates into the existing global DNS and provides a step-by-step process to deploying DNSSEC on existing DNS zones.

Training Purpose: Skill development

Specialty Areas: Enterprise Architecture, Network Services, System Administration

Training Proficiency Area: Level 3 - Advanced

Capture Date: 2015

+ Course Modules/Units
 
DNSSEC Introduction
DNS Resolution Steps
DNS Vulnerabilities and Security Controls
DNSSEC Mechanisms
DNS Resource Records (RR)
Special DNS Resource Records
DNS Zone Signing
Secure DNS Zone Configuration-DNSSEC Key Generation
Prepare the DNS Zone File for Signing
Signing the DNS Zone file
Publishing a signed zone
Testing a signed zone
Testing a signed zone through a validator
DNSSEC Chain of Trust
Setting Up A Secure Resolver
Adding a trusted key
Securing the last hop
ZSK Rollover
Using pre-published keys
KSK Rollover
Conclusions
Emerging Cyber Security Threats 12 HoursSkill Level: Intermediate  
+ Description
 This course covers a broad range of cyber security elements that pose threats to information security posture. The various threats are covered in detail, followed by mitigation strategies and best practices. This course will cover what policy is, the role it plays in cyber security, how it is implemented, and cyber security laws, standards, and initiatives. Topics include cyber security policy, knowing your enemy, mobile device security, cloud computing security, Radio Frequency Identification (RFID) security, LAN security using switch features, securing the network perimeter, securing infrastructure devices, security and DNS and IPv6 security. Video demonstrations are included to reinforce concepts.

Training Purpose: Skill Development

Specialty Areas: System Administration, Technology Demonstration, Vulnerability Assessment and Management, Strategic Planning and Policy Development, Cyber Threat Analysis

Training Proficiency Area: Level 2 - Intermediate

Capture Date: 2010

+ Course Modules/Units
 
Introduction to Cybersecurity Policy
Types of Security Policy
Policy Education and Implementation
Cybersecurity Laws
Proposed Legislation
NIST Cybersecurity Standards
Other Cybersecurity Standards
Comprehensive National Cybersecurity Initiatives (CNCI)
Other Federal Cybersecurity Initiatives
Implementing Cybersecurity Initiatives
SPAM
Malware Trends
Botnets
Monetization
Cyber Attack Profiles
Cyber Crime
Cyberwarfare
Cyber Attack Attribution
Cyber Threat Mitigation
Mobile Device Trends
Mobile Device Threats
Mobile Device Countermeasures
Exploited Threats
What is Cloud Computing?
Technical Risks
Operational Risks
Risk Mitigation Strategies
DISA Cloud Solutions
RFID Introduction
RFID Threats
RFID Countermeasures
Exploited Threats
Introduction and MAC Address Monitoring
MAC Address Spoofing
Managing Traffic Flows
VLANs and Security
802.1x Port Authentication
Network Admission Control
Securing STP
Securing VLANs and VTP
Introduction and Edge Security Traffic Design
Blocking DoS and DDoS Traffic
Specialized Access Control Lists
Routers with Firewalls
Beyond Firewalls: Inspecting Layer 4 and Above
Securing Routing Protocols and Traffic Prioritization
Securing Against Single Point of Failures
Physical and Operating System Security
Management Traffic Security
Device Service Hardening
Securing Management Services
Device Access Hardening
Device Access Privileges
Name Resolution Introduction
Name Resolution and Security
DNS Cache
DNS Security Standards and TSIG
DNSSEC
Migrating to DNSSEC
Issues with Implementing DNSSEC 1
Issues with Implementing DNSSEC 2
IPv6 Concepts
IPv6 Threats
IPv6 Network Reconnaissance
DEMO: IPv6 Network Reconnaissance
IPv6 Network Recon Mitigation Strategies
IPv6 Network Mapping
DEMO: IPv6 Network Mapping
IPv6 Network Mapping Mitigation Strategies
IPv6 Neighbor Discovery
DEMO: IPv6 Address Assignment
IPv6 Attacks
DEMO: IPv6 Alive Hosts
DEMO: IPv6 Duplicate Address Detection (DAD)
DEMO: IPv6 DAD Denial of Services (DOS)
DEMO: IPv6 Fake Router Advertisement
DEMO: IPv6 Man-in-the-middle
IPv6 Attack Mitigation Strategies
IPv6 Tunneling
IPv6 Windows Teredo Tunneling
IPv6 Tunneling Mitigation Strategies
IPv6 Best Practices
Introduction to Windows Scripting 4 HoursSkill Level: Basic
+ Description
 This course focusses on writing scripts for the Microsoft Windows operating system. It covers fundamentals and syntax for automating administrative and security monitoring tasks. The course will present the basics of Windows BATCH scripting syntax and structure, along with several Windows command line utilities to harness the powerful capabilities built into Windows.

Training Purpose: Functional Development

Specialty Areas: Network Services, System Administration, Systems Security Analysis

Training Proficiency Area: Level 1 - Basic

Capture Date: 2015

+ Course Modules/Units
 
Scripting Basics Overview
Windows BATCH Scripting Basics
Windows BATCH Scripting_Variables
Windows BATCH Scripting_Loops
Windows BATCH Scripting_Functions
Windows Script Error Handling and Troubleshooting
Windows Script Best Practices and Examples
Windows Scripting Demo
Scripting for Penetration Testing
Windows Scripting Utilities_xcopy
Windows Scripting Utilities_findstr
Windows Scripting Utilities_net Commands
xcopy Examples Demo
WMI and WMIC
PowerShell Commands
PSExec
Windows Management Instrumentation Demo
Intro to Windows BATCH Quiz
IPv6 Security Essentials Course 5 HoursSkill Level: Advanced 
+ Description
 This Internet Protocol version 6 (IPv6) Security Essentials course begins with a primer of IPv6 addressing and its current deployment state, discusses Internet Control Manager Protocol version 6 (ICMPv6), Dynamic Host Configuration Protocol version 6 (DHCPv6), and Domain Name System version 6 (DNSv6), and concludes with IPv6 Transition Mechanisms, security concerns and management strategies. This course includes several reinforcing video demonstrations, as well as a final knowledge assessment.

Training Purpose: Skill development

Specialty Area(s): Enterprise Architecture, Network Services, System Administration, Computer Network Defense Infrastructure Support, Systems Security Analysis

Training Proficiency Level: Level 3 - Advanced

Capture Date: 2015

+ Course Modules/Units
 
IPv6 Introduction
IPv6 Adoption
DEMO: IPv6 Network Reconnaissance
IPv6 Addressing Part 1 of 2
IPv6 Addressing Part 2 of 2
IPv6 Packet Header
DEMO: IPv6 Header Analysis
ICMPv6
IPv6 Address Assignment
DEMO: IPv6 Address Assignment
IPv6 Web Browsing
IPv6 Transition Mechanisms Part 1 of 2
IPv6 Transition Mechanisms Part 2 of 2
DEMO: IPv6 Tunneling
IPv6 Security Concerns
DEMO: IPv6 Network Mapping
IPv6 Security Mitigation Strategies
DEMO: IPv6 Network Monitoring Tools
IPv6 Ready
IPv6 Security Essentials Key Takeaways
DEMO: IPv4 and IPv6 Subnetting
DEMO: IPv6 Addressing on Router Interfaces
DEMO: Setting up RIP for IPv6
DEMO: Configuring OSPFv3
DEMO: IPv6 Alive Hosts
DEMO: IPv6 Duplicate Address Detection (DAD)
DEMO: IPv6 DAD Denial of Services (DOS)
DEMO: IPv6 Fake Router Advertisement
DEMO: IPv6 Man-in-the-middle
IPv6 Security Essentials Quiz
New Course OfferingISACA Certified Information Security Manager (CISM) Prep 11 HoursSkill Level: Intermediate  
+ Description
 The ISACA Certified Information Security Manager (CISM) certification prep self-study resource helps prepare candidates to sit for the management-focused CISM exam, and strengthens students information security management expertise through in-depth lecture topics, reinforcing demonstrations, and practice exam. The course includes concepts from the four job practice areas of the 2017 CISM certification: Information Security Governance, Information Risk Management and Compliance, Information Security Program Development and Management, and Information Security Incident Management.
Learning Objectives:
  • Explain how information security governance and supporting processes are used to align security strategy with organizational goals and objectives.
  • Detail strategies to manage risk to an acceptable level in support of organization goals and objectives.
  • Describe the information security program's role in the organization's security posture by managing and protecting assets while supporting goals.
  • Detail means to minimize the impact to operations in the event of a security incident through establishing detection, response and recovery capabilities.
Training Purpose: Skill Development
NICCS Specialty Areas:
  • Cybersecurity Management (Oversee and Govern)
  • Systems Analysis (Operate and Maintain)
  • Program/Project Management and Acquisition (Oversee and Govern)
  • Vulnerability Assessment and Management (Protect and Defend)

Training Proficiency Area: Level 2- Intermediate
+ Course Modules/Units
 
CISM Course Introduction
IS Governance Domain Overview
Information Security (IS) Management
Importance of IS Governance Part 1 of 2
Importance of IS Governance Part 2 of 2
IS Management Metrics
ISM Strategy Part 1 of 2
ISM Strategy Part 2 of 2
Elements of IS Strategy
IS Action Plan for Strategy
DEMO: Key Goal, Risk, Performance Indicator
Risk Management Overview and Concepts
Risk Management Implementation
Risk Assessment: Models and Analysis
DEMO: Calculating Total Cost of Ownership
DEMO: Recovery Time Objective (RTO)
Compliance Enforcement
Risk Analysis: Threat Analysis
IS Controls and Countermeasures
Other Risk Management Considerations Part 1 of 2
Other Risk Management Considerations Part 2 of 2
DEMO: Cost Benefit Analysis
Information Security Program Development
Information Security Program Management
Outcomes of Effective Management
IS Security Program Development Concepts
Scope and Charter of IS Program Development
IS Management Framework
IS Framework Components
IS Program Roadmap
Organizational Roles and Responsibilities
Information Security Manager Responsibilities
Other Roles and Responsibilities in IS
Information Security Program Resources
IS Personnel Roles and Responsibilities
IS Program Implementation Part 1 of 2
IS Program Implementation Part 2 of 2
Implementing IS Security Management Part 1 of 2
Implementing IS Security Management Part 2 of 2
Measuring IS Management Performance
Common Challenges to IS Management
Determining the State of IS Management
Incident Management and Response
Incident Management Part 1 of 2
Incident Management Part 2 of 2
IMT IRT Members
Incident Response Planning Part 1 of 2
Incident Response Planning Part 2 of 2
DEMO: Phishing Emails
DEMO: Incident Management Workflow
Recovery Planning Part 1 of 2
Recovery Planning Part 2 of 2
DEMO: RTIR Incident Response Tool Part 1 of 2
DEMO: RTIR Incident Response Tool Part 2 of 2
CISM Practice Exam
New Course Offering(ISC)2 (TM) CISSP Concentration: ISSEP Prep 7 HoursSkill Level: Advanced 
+ Description
 The Information Systems Security Engineering Professional (ISSEP) is a CISSP concentration focused on applying security and systems engineering principles into business functions. This self-study prep course is designed to help students prepare to sit for the specialized (ISSEP) certification exam. The topics in the course cover the five domain areas of the CISSP-ISSEP.

Learning Objectives:

  • Incorporate security into business processes and information systems
  • Demonstrate subject matter expertise in security engineering
  • Apply engineering principles into business functions

NICCS Specialty Areas:

  • Collect and Operation
  • Cyber Operation Planning
  • Operate and Maintain
  • Systems Analysis
  • Oversee and Govern
  • Cybersecurity Management

Training Purpose Skill Development

Training Proficiency Area Level 3 - Advanced

+ Course Modules/Units
 
ISSEP Course Introduction
ISSE Responsibilities and Principles
ISSE and IATF
Security Design Principles
Elements of Defense in Depth
RMF Characteristics
Maintaining Operational Resilience
Risk Management Overview
Assessing Risk Part 1 of 2
Assessing Risk Part 2 of 2
Determining Risks
Categorizing Information Systems
Stakeholder Roles and Responsibilities
Requirements Analysis
Using Common and Tailored Controls
Assessing Security Controls
Implementing Security Controls
Authorizing Information Systems
Systems Verification and Validation
Monitor, Manage, and Decommissioning
Defense Acquisition System Overview
Acquisitions Process
System Development Process Models
Project Processes
Project Management
ISSEP Practice Exam
(ISC)2 (TM) Systems Security Certified Practitioner 16 Hours Prep 2015Skill Level: Basic 
+ Description
 The Systems Security Certified Practitioner (SSCP) certification prep course is a self-study resource for those preparing to take the (ISC)2 SSCP certification exam as well as those looking to increase their understanding of information security concepts and techniques. The certification is described as being ideal for those working toward positions such as network security engineers, security systems analysts, or security administrators. This course, complete with a 100-question practice exam and video demonstrations, was developed based on the seven SSCP domains prior to the April 15, 2015 (ISC)2™ domain update. A new, updated course is currently in development.

Training Purpose: Skill development

Specialty Area(s): Systems Security Analysis, Computer Network Defense, Vulnerability Assessment and Management, Network Services

Training Proficiency Area: Level 1 - Basic

Capture Date: 2015

+ Course Modules/Units
 
SSCP Introduction
Access Control Terms and Categories
Access Control Types
Access Control Administration
Security Models
System Permissions
Identification and Authentication Methods
Biometrics
Auditing and Threats
Attribute based Access Control
Device Authentication
Trust Architectures
Identity Management Lifecycle
Introduction to Cloud Computing
Cloud Computing Implementations
Cloud Computing Security Issues Part 1 of 2
Cloud Computing Security Issues Part 2 of 2
Big Data
Big Data with Hadoop Demo
NoSQL with MongoDB Demo
Virtual Environments
Access Controls Domain Knowledge Check
Security Operations
Data Classification and Administration
System Development and Change Cycle
Certification and Accreditation
Change Control and Patch Management
End Point Security
Securing People and Devices
Security Awareness and Training
(ISC)2 Code of Ethics
Asset Management
Assessing Physical Security
Physical Security Defenses
Security Ops and Admin Knowledge Check
Monitoring and Analysis
Monitoring Employees
Log Management
Integrity Checking
Testing and Analysis
Auditing
Communicate Findings
Continuous Monitoring and CAESARS
Introduction to Continuous Monitoring
Incident Handling, Response and Recovery
Incident Handling Knowledge Areas Part 1 of 2
Incident Handling Knowledge Areas Part 2 of 2
Incident Handling Response
Incident Handling Countermeasures
OpenVAS Demo
Monitoring and Analysis Knowledge Check
Risk Management
Risk Assessment
Security Testing
Incident Handling
Forensics
Volatility Framework
Business Continuity Planning
Business Impact Analysis
Backup and Recovery Strategies
Redundancy and Storage
Risk and Response Knowledge Check
Cryptography Terms
Requirements for Cryptography Part 1 of 2
Requirements for Cryptography Part 2 of 2
Steganography
Hashes, Parity and Checksum
Secure Protocols and Cryptographic Methods
Symmetric Cryptosystems
Symmetric and Asymmetric Cryptosystems
Public Key Infrastructure (PKI)
Key Management
Web of Trust
Secure Protocols
Cryptography Knowledge Check
Network Topology
Transmission Media
Crosstalk and Interference
Network Devices: NIC, Hub, Switches
Network Devices: Routers, Firewalls, IDS
OSI and TCP/IP Models
IP Addressing
NAT and Subnetting
TCP, UDP and Common Protocols
ARP, DHCP, ICMP
Wireshark Protocol Analysis
Routers and Routing Protocols
Network Services
Network Security Protocols
VoIP
VoIP Call Traffic Demo
WANs
Remote Access
Securing SSH
Wireless Technology
Network Reliability
Firewalls and Proxies
Wireless Attacks and Countermeasures
Common Attacks and Countermeasures
Network Access Control
Wiring Closets
Mobile Device Physical Security
Network Segmentation
Traffic Shaping
Wireless Security
Networks and Comm Knowledge Check
Malicious Code
Virus Lifecycle and Characteristics
Botnets: DoS, Packet Flood Attacks
Botnets: Rootkits and Malware
Malicious Activity
Social Engineering Sources and Anatomy of Attack
Malicious Activity Countermeasures
SE and Insider Threat Countermeasures
Infected System Response and Remediation
Reverse Engineering
Malicious Code Activity Knowledge Check
SSCP Course Practice Exam
New Course Offering(ISC)2(TM) Systems Security Certified Practitioner 12 HoursSkill Level: Basic 
+ Description
 The (ISC)2 Systems Security Certified Practitioner (SSCP) certification self-study prep course is a resource for individuals preparing for the SSCP certification exam, helping to demonstrate their advanced technical skills and knowledge required to implement and administer infrastructure using security best practices, policies, and procedures.

Learning Objectives:

  • Demonstrate knowledge of security operations and administration
  • Implement risk monitoring, analysis, and mitigation strategies
  • Develop and implement incident response and recovery plans
NICCS Specialty Areas:
  • Operate and Maintain
    • Systems Analysis
    • Systems Administration
  • Securely Provision
    • Systems Requirements Planning

    Training Purpose: Skill Development

    Training Proficiency Area: Level 1 - Basic

    + Course Modules/Units
     
    SSCP Introduction
    Authentication Methods
    Single Sign-On and Federated Access
    Attribute Based Access Control
    Device Authentication
    Trust Architectures
    Identity Management Lifecycle
    Implementing Access Controls
    (ISC)2 Code of Ethics
    Security Concepts and Controls
    Asset Management
    Security Control Implementation
    Assessing Physical Security
    Physical Security Defenses
    Administrative Controls
    Auditing
    System Development and Change Cycle
    Change Control and Patch Management
    Security Awareness and Training
    Risk Management
    Risk and Security Assessment
    Security Testing and Assessment
    Monitoring and Analysis
    Monitoring Employees
    Log Management
    Integrity Checking
    Testing and Analysis
    Auditing Methodologies
    Communicate Findings
    Continuous Monitoring and CAESARS
    Introduction to Continuous Monitoring
    Incident Handling, Response and Recovery
    Incident Handling Knowledge Areas Part 1 of 2
    Incident Handling Knowledge Areas Part 2 of 2
    Incident Handling Response
    Incident Handling Countermeasures
    DEMO: OpenVAS
    Forensics
    Business Continuity Planning
    Business Impact Analysis
    Backup and Recovery Strategies
    Redundancy and Storage
    Cryptography Terms
    Requirements for Cryptography Part 1 of 2
    Requirements for Cryptography Part 2 of 2
    Steganography
    Hashes, Parity and Checksum
    Secure Protocols and Cryptographic Methods
    Symmetric Cryptosystems
    Symmetric and Asymmetric Cryptosystems
    Public Key Infrastructure (PKI)
    Key Management
    Web of Trust
    Secure Protocols
    OSI and TCP/IP Models
    Network Topology
    Transmission Media
    TCP, UDP and Common Protocols
    ARP, DHCP and ICMP
    Routers and Routing Protocols
    Network Security Protocols
    SSCP Exam
    LAN Security Using Switch Features 2 HoursSkill Level: Intermediate 
    + Description
     In this course, students learn different methods of how to secure Local Area Networks (LANs) at the connectivity level. Topics include: monitoring media access control (MAC) addresses and port security, limiting MAC & IP spoofing, controlling traffic flows, implementing and enhancing security in virtual local area netorks (VLANs), enabling authentication on connection points, and determining host security health. Examples are used throughout to reinforce concepts

    Training Purpose: Skill Development

    Specialty Areas: System Administration, Systems Security Analysis, Vulnerability Assessment and Management, Cyber Threat Analysis

    Training Proficiency Area: Level 2 - Intermediate

    Capture Date: 2010

    + Course Modules/Units
     
    Introduction and MAC Address Monitoring
    MAC Address Spoofing
    Managing Traffic Flows
    VLANs and Security
    802.1x Port Authentication
    Network Admission Control
    Securing STP
    Securing VLANs and VTP
    Linux Operating System Security 9 HoursSkill Level: Advanced 
    + Description
     This course introduces students to the security features and tools available in Linux as well as the considerations, advantages, and disadvantages of using those features. The class will be based on Red Hat Linux and is designed for IT and security managers, and system administrators who want to increase their knowledge on configuring and hardening Linux from a security perspective.

    Training Purpose: Skill Development

    Specialty Areas: Vulnerability Assessment and Management, Systems Security Analysis, System Administration

    Training Proficiency Area: Level 3 - Advanced

    Capture Date: 2013

    + Course Modules/Units
     
    Linux OS Security Introduction
    Booting Linux
    Linux Recovery
    Linux Startup Scripts
    Linux Startup Processes
    Linux Runlevels Demo
    Chkconfig_and_Upstart Demo
    Linux Processes and Signals
    Linux Process Monitoring
    PS_and_Netstat Demo
    Linux PS and TOP Demo
    Working with Linux PIDs
    Linux File System Overview
    Linux File Security
    Linux File Access Controls
    File Integrity Demo
    Linux Kernel Tuning
    Linux Host Access Controls
    Linux User and Group Definition
    User Management
    Linux Privilege Escalation
    Sudoers Demo
    Linux Authentication Methods
    Linux Viruses and Worms
    Linux Trojan Horses
    Linux Rootkits
    Linux Misconfigurations
    Linux Software Vulnerabilities
    Linux Social Engineering
    Linux Automated Installation
    Managing Linux Packages
    Package Management Tools Demo
    Repositories and System Management
    Custom Repository Demo
    Linux IPv4 and IPv6
    Linux Network Configuration
    Linux Tunneling
    Kernel Tuning Demo
    Linux X11 Forwarding
    Linux File Sharing
    Linux Grand Unified Bootloader (GRUB)
    Configuring GRUB Demo
    Security Enhanced Linux
    Introduction to IPTables
    IPTables Rules
    IPFilter
    Linux Packet Sniffers
    Linux NIDS
    Linux HIDS
    Linux Antivirus
    Linux Secure Shell
    Linux Log Management
    Linux Scripting Basics
    BASH Scripting Demo
    IF Statements
    Pipes and Redirection
    Variables and Regular Expressions
    Custom Scripting
    Linux Hardening
    NSA Hardening Guides
    National Vulnerability Database (NVD)
    Common Vulnerabilities and Exposures (CVE)
    Vulnerability Scanning
    Linux Operating System Security Quiz
    Network Layer 1 & 2 Troubleshooting  3 HoursSkill Level: Basic
    + Description
     This course reviews troubleshooting methods used in Layer 1 and Layer 2 of the OSI Model. The course covers how to detect, trace, identify, and fix network connectivity issues at the Physical and Data Link layers of the OSI stack. The basics of the Physical and Data Link layers will be covered along with a review of the devices, signaling, and cabling which operate at these layers. Students will be presented with methods for tracing connectivity issues back to the source and identifying mitigation solutions.

    Training Purpose: Functional Development

    Specialty Areas: Network Services, System Administration, Customer Service and Technical Support, Systems Security Architecture

    Training Proficiency Area: Level 1 - Basic

    Capture Date: 2015

    + Course Modules/Units
     
    Network Layer 1 and 2 Troubleshooting Introduction
    OSI Physical Layer 1 Overview
    Data Transmission Medium Cables and Connectors
    Patch Panels
    Fiber Optic Cables
    Encoding and Signaling Functions
    Network Components
    Physical Network Design/Topology
    Network Troubleshooting Methodology
    Common Layer 1 Issues Part 1 of 2
    Common Layer 1 Issues Part 2 of 2
    Layer 2 Data Link Layer Components Overview
    MAC Addresses/Logical Link Control
    Layer 2 Protocols
    Physical Network Design/Topology
    Network Troubleshooting Methodology Review
    Common Layer 2 Issues
    Layer 2 Troubleshooting Tools
    NW Layer 1 and 2 Troubleshooting exam
    Offensive and Defensive Network Operations 13 HoursSkill Level: Basic  
    + Description
     

    This course focuses on fundamental concepts for offensive and defensive network operations. It covers how offensive and defensive cyber operations are conducted and details U.S. government doctrine for network operations. Topics include network attack planning, methodologies, and tactics and techniques used to plan for, detect, and defend against network attacks.

    Learning Objectives

    • Apply U.S. government network operations background and doctrine
    • Describe offensive and defensive network operations
    • Determine offensive network operation missions, planning, and exploitation phases and methodologies
    • Derive defensive network operation missions, planning, and methods to detect and defend against network attacks and attackers' methods

    Training Purpose: Functional Development

    Specialty Areas: Computer Network Defense Analysis, Cyber Operations

    Training Proficiency Area: Level 1 - Basic

    Capture Date: 2015

    + Course Modules/Units
     
    Cyberspace As A Domain
    Joint Publication 3-12(R), Cyberspace Operations Overview Part 1 of 3
    Joint Publication 3-12(R), Cyberspace Operations Overview Part 2 of 3
    Joint Publication 3-12(R), Cyberspace Operations Overview Part 3 of 3
    Joint Communications Overview and Information Environment
    Joint Force Communication, System Operations, and Management Planning
    Legal Considerations for Cyber Operations Part 1 of 2
    Legal Considerations for Cyber Operations Part 2 of 2
    Adversaries in Cyberspace Part 1 of 3
    Adversaries in Cyberspace Part 2 of 3
    Adversaries in Cyberspace Part 3 of 3
    Offensive Cyber Operations Background
    Offensive Cyberspace Operations Definitions
    Offensive Cyberspace Operations Planning and Legal Considerations
    Offensive Methodologies
    Offensive Methodology Planning Examples 1 of 2
    Offensive Methodology Planning Examples 2 of 2
    Reconnaissance Methodology Overview
    Social Engineering for Reconnaissance
    Reconn with Automated Correlation Tools and Search Engines Part 1 of 2
    Reconn with Automated Correlation Tools and Search Engines Part 2 of 2
    Network Mapping for Active Reconnaissance
    Port Scanning for Active Reconnaissance
    Windows Enumeration Basics
    Linux Enumeration Basics
    Scanning and Enumerating with Nmap
    Exploitation using Direct Exploits and System Misconfiguration
    Exploitation with SET Example
    Exploitation
    Entrenchment
    Exploitation Basics
    Post-Exploitation
    Abuse and Attacks
    Defensive Cyberspace Operations (DCO)
    DCO Types of Operations
    DCO Operational Goals
    DCO Best Practices
    Defensive Methodology: Understanding the Threat
    Defensive Methodology: Tactics
    Defensive Methodology: Defense-in-Depth
    Incident Management Overview
    Incident Management Policies, Plans and Procedures
    Incident Management Team Configuration
    Incident Response Lifecycle
    Defending the Domain
    Perimeter and Host Defenses
    IDS/IPS Defined Including Advantages and Disadvantages
    IDS/IPS Types and Functions
    IDS/IPS Location Placements
    Intrusion Detection using Snort
    Reviewing Alerts and Detecting Attack Phases
    Network Traffic Analysis
    Methods of Network Traffic Analysis
    Wireshark
    Log Analysis Methods and Techniques Part 1 of 2
    Log Analysis Methods and Techniques Part 2 of 2
    Detecting Offensive Operations using Log Analysis
    Digital Forensics Overview and Tools
    Digital Forensics Methods and Techniques Part 1 of 2
    Digital Forensics Methods and Techniques Part 2 of 2
    Identifying Phases of Attack Using Digital Forensics
    Incident Data: Profile and Analysis
    Incident Reporting
    Offensive and Defensive Network Operations Exam
    Root Cause Analysis 1 hourSkill Level: Intermediate  
    + Description
     This course provides an explanation of root cause analysis for cyber security incidents and an overview of two different root cause analysis models (and approaches used in these models). The course also describes how root cause analysis can benefit other incident management processes (response, prevention, and detection), and details general root cause analysis techniques that can be adopted as methods for analysis of cyber incidents.

    Training Purpose: Skill Development

    Specialty Areas: Threat Analysis, Computer Network Defense Analysis, Incident Response

    Training Proficiency Area: Level 1 - Basic

    Capture Date: 2016

    + Course Modules/Units
     
    Root Cause Analysis Fundamentals
    Root Cause Analysis Methods
    Cyber Kill Chain Model for Root Cause Analysis
    Sample Incident Cause Analysis Workflow
    Root Cause Analysis Course Exam
    Radio Frequency Identification (RFID) Security 1 HourSkill Level: Intermediate 
    + Description
     This course will cover securing radio frequency identification (RFID), different components of RFID, how it works, applications in which it is being used, benefits and weaknesses, and the communication range over which it works will be reviewed. Students will learn specific concerns with RFID, recommendations for RFID, and security issues that have come to light.

    Training Purpose: Skill Development

    Specialty Areas: System Security Analysis, Vulnerability Assessment and Management

    Training Proficiency Area: Level 2 - Intermediate

    Capture Date: 2010

    + Course Modules/Units
     
    RFID Introduction
    RFID Threats
    RFID Countermeasures
    Exploited Threats
    Securing Infrastructure Devices 1 HourSkill Level: Intermediate  
    + Description
     This course covers physical security, operating system security, management traffic security, device service hardening, securing management services and device access privileges.

    Training Purpose: Skill Development

    Specialty Areas: Enterprise Architecture, Network Services, System Administration, Computer Network Defense Infrastructure Support, Systems Security Analysis

    Training Proficiency Level: Level 2 - Intermediate

    Capture Date: 2010

    + Course Modules/Units
     
    Physical and Operating System Security
    Management Traffic Security
    Device Service Hardening
    Securing Management Services
    Device Access Hardening
    Device Access Privileges
    Securing the Network Perimeter 1 HourSkill Level: Intermediate 
    + Description
     This course covers edge security traffic design, blocking Denial of Service / Distributed Denial of Service (DoS/DDoS) traffic, specialized access control lists, routers and firewalls, securing routing protocols, securing traffic prioritization and securing against Single Point of Failure (SPOF).

    Training Purpose: Skill Development

    Specialty Areas: Network Services, Computer Network Defense, Incident Response, Digital Forensics, Systems Security Analysis

    Training Proficiency Area: Level 2 - Intermediate

    Capture Date: 2010

    + Course Modules/Units
     
    Introduction and Edge Security Traffic Design
    Blocking DoS and DDoS Traffic
    Specialized Access Control Lists
    Routers with Firewalls
    Beyond Firewalls: Inspecting Layer 4 and Above
    Securing Routing Protocols and Traffic Prioritization
    Securing Against Single Point of Failures
    Security and DNS 1 HourSkill Level: Advanced 
    + Description
     This course discusses name resolution principles, name resolution and security, DNS security standards, securing zone transfers with Transaction Signature (TSIG), and DNS Security Extension (DNSSEC) principles, implementation and resources.

    Training Purpose: Skill Development

    Specialty Areas: Enterprise Architecture, Network Services, System Administration

    Training Proficiency Area: Level 3 - Advanced

    Capture Date: 2010

    + Course Modules/Units
     
    Name Resolution Introduction
    Name Resolution and Security
    DNS Cache
    DNS Security Standards and TSIG
    DNSSEC
    Migrating to DNSSEC
    Issues with Implementing DNSSEC 1
    Issues with Implementing DNSSEC 2
    Windows Operating System Security 16 HoursSkill Level: Intermediate 
    + Description
     This course introduces students to the security aspects of Microsoft Windows. The class begins with an overview of the Microsoft Windows security model and some of the key components such processes, drivers, the Windows registry, and Windows kernel. An overview of the users and group permission structure used in Windows is presented along with a survey of the attacks commonly seen in Windows environments. Patching, networking, and the built-in security features of Windows such as the firewall, anti-malware, and BitLocker are all covered in light detail.

    Training Purpose: Skill Development

    Specialty Area: Vulnerability Assessment and Management, Systems Security Analysis, System Administration

    Training Proficiency Area: Level 2 - Intermediate

    Capture Date: 2012

    + Course Modules/Units
     
    Windows OS Security Course Introduction
    Windows Security Module Introduction
    Windows Architecture Overview
    Windows Subsystems Part 1 of 2
    Windows Subsystems Part 2 of 2
    Windows Security Development Lifecycle
    Windows API
    Windows Registry
    Viewing Windows Registry Demo
    Windows Services Part 1 of 2
    Windows Services Demo
    Windows Services Part 2 of 2
    Multi-tasking
    Sessions, Windows Stations and Desktops
    Programs and Drivers Part 1 of 2
    Reviewing Drivers in Windows
    Programs and Drivers Part 2 of 2
    Updating Widows Drives Demo
    Applications, Processes, and Threads
    Buffer Overflow Protection
    Authenticode Part 1 of 2
    Digital Certificate Details Demo
    Authenticode Part 2 of 2
    Windows Action Center
    Windows Users and Groups Introduction
    User Account Control
    Windows Users and Groups Part 1 of 2
    Windows Users and Groups Part 2 of 2
    Windows Interactive Logon Process
    NTLM Authentication Overview
    Kerberos Authentication Overview
    Types of Authentication
    File Permissions
    Dynamic Access Controls
    Threats and Vulnerabilities Introduction
    OS Vulnerabilities
    CVE Details Demo
    CVE Samples
    Misconfigurations
    Password Configuration Options
    Password DDOS Demo
    Common Misconfigurations
    CCE and the NVD Demo
    Social Engineering
    Viruses and Worms
    Impersonation
    Microsoft Updates and Patching Process Part 1 of 2
    Double Decode
    Microsoft Updates and Patching Process Part 2 of 2
    Securing the Update Process
    Update Process Circumvention
    Windows Server Update Service
    Internet Explorer Patching
    Windows Network Connectivity
    Windows Network Profiles
    Windows Network Adapter Settings
    Windows Wireless Settings
    Windows Networking Protocols
    Other Windows Protocols
    Microsoft VPN Part 1 of 2
    Microsoft VPN Part 2 of 2
    Microsoft Network Access Protection Part 1 of 2
    Microsoft Network Access Protection Part 2 of 2
    How to Configure Windows Update Settings Demo
    Windows Security Features Introduction
    Windows Firewall
    Windows Firewall Wizard Demo
    Windows Firewall with Advanced Security
    Windows Firewall with Advanced Security Demo
    Configuring Windows Firewall Demo
    Windows Defender
    Windows AD and PKI Demo
    Windows Active Directory Certificate Services
    Windows Group Policy
    Windows AppLocker
    Configuring And Using App Locker Demo
    Windows BitLocker
    Configuring And Using Bitlocker Demo
    Windows Secure Boot
    Windows Security Auditing
    Windows Audit Settings and Examples
    SCW Introduction
    Hardening Windows Introduction
    Windows Templates
    Microsoft Baseline Security Analyzer
    Microsoft Security Configuration Wizard
    Microsoft Security Compliance Manager
    Hardening with Group Policy
    NVD Search Demo
    Other Guidelines and Recommendations
    Using Windows Mgmt Intstrumentation Demo
    Using The Security Config Wizard Demo
    PowerShell Introduction
    PowerShell Key Commands
    PowerShell Demo
    Administrative Functions with PowerShell
    Computer and Network Management with PowerShell
    Basic Scripts in PowerShell
    PowerShell Security Settings and Configurations
    Using Powershell Demo
    Windows OS Security Quiz
    Wireless Network Security (WNS) 9 HoursSkill Level: Intermediate 
    + Description
     The purpose of the Wi-Fi Communications and Security course is to teach the technologies of the 802.11 family of wireless networking, including the principles of network connectivity and network security.

    Training Purpose: Skill Development

    Speciality Areas: Enterprise Architecture, Network Services, System Administration, Customer Service and Technical Support, Computer Network Defense Infrastructure Support

    Training Proficiency Area: Level 2 - Intermediate

    Capture Date: 2013

    + Course Modules/Units
     
    Wi-Fi Communication and Security Intro
    How Wi-Fi Became Ubiquitous
    Wi-Fi Standards - 802.11b
    Wi-Fi Standards - 802.11a
    Wi-Fi Standards - 802.11g n and ac
    Bluetooth Standards
    WiMAX Standards
    LTE HSPA EvDO Network Types
    Spread Spectrum Technology
    802.11 Transmissions and Wireless Channels
    802.11 Data Rates
    Wireless Network Topologies
    Wireless Network Hardware
    RF Propagation Principles
    Impacts on Signal Radiation
    Signal Propagation and Objects
    Additional Signal Effects
    Measuring Signal Strength
    Signal Strength and Antennas
    Wireless Coverage and Frequency Reuse
    Wireless Network Design Issues
    Wireless Modes and Service Sets
    Wireless Authentication and Association
    Wireless and Roaming 1 of 2
    Wireless and Roaming 2 of 2
    Enterprise 802.11 Solutions
    Key Points of CAPWAP
    Advantages of CAPWAP
    CAPWAP Demo
    802.11 Security Flaws
    Fixing 802.11 Security
    802.1x Authentication Protocols
    Additional Issues with 802.11 Encryption
    Additional 802.11 Security Measures
    Other Wireless Threats
    Wireless Best Practices
    Wireless Network Assessment Part 1 of 2
    Wireless Network Assessment Part 2 of 2
    Wireless Network Security Quiz