FedVTE Course Catalog

This video explains the features of the current ES-3 version of the CDM Agency Dashboard.

Date: 2021

Training Proficiency Area: Level 1 - Basic

Training Purpose: Skill Development

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

In this video, Mr. Dave Otto, the Risk expert of the CDM program, explains the Binding Operational Directive 22-01, the CISA KEV (Known Exploited Vulnerabilities) Catalog, and how agencies can better protect their assets.

Date: 2022

Training Proficiency Area: Level 1 - Basic

Training Purpose: Skill Development

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

In this video, Mr. Richard Grabowski, acting CDM PMO, explains CDM Enabled Threat Hunting (CETH) and how CETH benefits the federal agencies. He also discusses how the CDM Dashboard supports the implementation of Endpoint Detection and Response (EDR).

Date: 2022

Training Proficiency Area: Level 1 - Basic

Training Purpose: Skill Development

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This course is a recording of a virtual two-hour course which provides participants with the essential knowledge of the ES-4 version of the CDM Agency Dashboard. It explains basic features and navigation within the environment, and includes demonstrations using the new CDM Agency Dashboard to identify and report on vulnerabilities.

Register to join the next live iteration of this course via https://www.cisa.gov/cdm-training.

Learning Objectives:

• Understand CDM Agency Dashboard basic features and functionality
• Instructor demonstrates the CDM Agency Dashboard

Date: July 2022

Training Proficiency Area: Level 1 - Beginner

Training Purpose: Skill Development

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

Learning Objectives:

• Understand CDM agency dashboard functionalities around asset management
• Learn how to create asset management queries
• Learn how to create reports

Date: March 2022

Training Proficiency Area: Level 1 - Beginner

Training Purpose: Skill Development

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This CDM Agency Dashboard video will provide a foundation level of knowledge and background that will help end users of the dashboard better understanding the functionality of ES-5 of the CDM Agency Dashboard.

Learning Objectives:

• Understand the Header Section of the CDM Agency Dashboard ES-5
• Utilize the Tool Bar feature the dashboard
• Provide an overview of the Query Bar
• Become familiar with the Time Filter of the dashboard
• Understand the Navigation Panel and Navigation Drawer features of the dashboard

Date: May 2022

Length: 10 minutes

Training Proficiency Area: Level 1 - Beginner

Training Purpose: Skill Development

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This course is a recording of a virtual two-hour course covering the ES-4 version of the CDM Agency Dashboard. This course introduces participants to the updated version 1.5 of the CDM Agency-Wide Adaptive Risk Enumeration (AWARE) and other vulnerability management topics. With the information provided, dashboard users can identify the most critical vulnerabilities and prioritize mitigation activities at their agency.

Register to join the next live iteration of this course via https://www.cisa.gov/cdm-training.

Learning Objectives:

• Understand the CDM Agency-Wide Adaptive Risk Enumeration (AWARE) Score
• Walkthrough how to identify vulnerabilities in the CDM Agency Dashboard

Date: July 2022

Training Proficiency Area: Level 1 - Beginner

Training Purpose: Skill Development

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

In this video, the AWARE 1.5 risk scoring overview is described and how it can benefit the federal agencies.

Date: May 2022

Training Purpose: Skill Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This video explains the new AWARE 1.5 scoring and features.

Date: 2022

Training Purpose: Skill Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This video explains the features of AWARE 1.5 on the current ES-3 version of the CDM Agency Dashboard.

Date: 2021

Training Proficiency Area: Level 1 - Basic

Training Purpose: Skill Development

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This course is a recording of a virtual two-hour course covering the ES-4 version of the CDM Agency Dashboard. This course introduces participants to the four identity management capabilities - PRIV, CRED, TRUST, and BEHAVE - and to the use of the new CDM Agency Dashboard to reduce risks associated with each.

Register to join the next live iteration of this course via https://www.cisa.gov/cdm-training.

Learning Objectives:

• Overview of how the CDM Agency Dashboard addresses user-centric data in addition to hardware and software information
• Strategies for integrating PRIV/CRED/TRUST/BEHAVE capabilities into routine processes workflows to drive increased risk awareness and mitigation.

Date: March 2022

Training Proficiency Area: Level 2 - Intermediate

Training Purpose: Skill Development

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This 39 minute video is an interview recording of a Mr. Ross Foard, subject matter expert for DHS/CISA, and Identity and Access Management (IAM) . This video provides participants with the essential knowledge of IAM and the CDM Agency Dashboard.

Learning Objectives:

• Understand CDM Agency Dashboard basic features and IAM functionality.

Date: 2021

Training Proficiency Area: Level 2 - Intermediate

Training Purpose: Skill Development

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This video provides an overview of the configuration settings management (CSM) capability and how CSM helps to reduce cyber-attacks in software and hardware assets within the Continuous Diagnostics and Mitigation (CDM) Program.

Date: 2022

Training Purpose: Skill Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This video discusses the need for standardized benchmarks in the federal government and the use of Defense Information Systems Agency’s (DISA) Security Technical Implementation Guides (STIGs) for integration within the CDM solution. A review of DISA’s role, authority, and DISA STIG compliance levels is provided as well.

Date: 2022

Training Purpose: Skill Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This video explains the CSM features of the current ES-3 version of the CDM Agency Dashboard.

Date: 2021

Training Proficiency Area: Level 1 - Basic

Training Purpose: Skill Development

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This video presents an overview of the System Security Analyst role and the six key responsibilities associated with that role. The importance of these six key responsibilities is covered including adherence to agency policy and assessing metrics and data.

Date: 2022

Training Purpose: Skill Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This video presents cybersecurity concepts associated with continuous monitoring of issues that affect networks. A review of workplan concepts, checks and reviews, and mitigation recommendations is also covered.

Date: 2022

Training Purpose: Skill Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This is a two hour recording of the August 2022 class offering and focuses on the CDM-Enabled Threat Hunting (CETH) capability which aggregates endpoint collection of measurements for monitoring and log data in the CDM Agency Dashboard to enhance analysis by allowing disparate data sets to be queried for proactive threat detection and incident response activities. The course reviews the CDM capabilities and focuses on CETH reporting.

Learning Objectives:

• Provide an overview of CDM-Enabled Threat Hunting (CETH)
• Demonstrate continuous monitoring, threat hunting, and incident response using the CDM Dashboard
• Demonstrate how to create visualizations and Saved Searches using the CDM Dashboard
• Discuss agency remediation and reporting practices

Date: August 2022

Training Proficiency Area: Level 1 - Intermediate

Training Purpose: Skill Development

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This is a three hour recording of the October 2022 class and focuses on policy origination, provides an historic timeline, describes current directives and will guide the learner on how the CDM Dashboard can be used to address a directive, adhere to policies, and understand how to continuously monitor known exploitable vulnerabilities (KEVs.).

Learning Objectives:

• Describe the federal policy and directive origination process
• Identify the most current / relevant government directives that relate to cybersecurity
• Utilize the CDM Agency Dashboard to identify vulnerabilities in response to federal directives
• Identify characteristics of BOD 22-01 and the response procedures

Date: October 2022

Training Proficiency Area: Level 1 - Intermediate

Training Purpose: Skill Development

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This course orients analysts to analyzing common protocols, identifying suspicious or malicious traffic and provides an introduction to the Wireshark packet filter syntax.

By the end of this course, you should be able to use network flow data to do the following:

• Evaluate the correct implementation of application traffic on the network.
• Find anomalous traffic on a large network.
• Find malicious activity given additional network and intelligence data sources.
• Identify potential malicious activity on a network.
• Provide input for appropriate techniques in an operational environment.

This course focuses on advanced concepts for writing scripts for the Microsoft Windows operating system. The course covers how to string multiple commands together in traditional BATCH scripts, as well as leverage Visual Basic Scripting (VBS) to perform more complex tasks and includes reinforcing video demonstrations and final assessment.

Learning Objectives:

• Understand the fundamentals of Visual Basic Scripting.
• Recognize the concepts of redirection, piping, and how to conduct complex tasks with multiple commands.
• Apply integration of Windows BATCH with Visual Basic Scripting.
• Demonstrate how to access the Windows API from Visual Basic Scripting.

Date: 2015

Training Purpose: Functional Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This three-module course teaches the beginner analyst how to develop the analytical skills and capabilities needed to handle a potential cyber incident— from analysis to reporting findings.

Learning Objectives: By the end of this course, participants will be familiar with

• How to think about the approach to analysis
• Writing a proper hypothesis and prediction
• The Importance of Organizational Context
• Impact of the Organization Environment
• Gathering the necessary information to analyze an incident
• Analyzing the Functional elements of an incident
• Analyzing the Strategic elements of an incident
• Assembling the elements to solve the cyber puzzle
• Reporting the finding results of the analysis
• Accessing CISA resources for incident and vulnerability cases.

Date: 2022

Training Purpose: Skill Development

Training Proficiency Area: Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This course is designed for network flow data analysts who use or are considering using Analysis Pipeline (http://tools.netsa.cert.org/analysis-pipeline5/index.html). The course aims to create a better understanding of how to incorporate streaming network flow analysis into their toolkit for identifying and alerting on events of interest. The focus will be on applying Analysis Pipeline to operational use cases.

Learning Objectives
At the completion of this course analysts will be able to:

• Understand Analysis Pipeline and its role in network flow data streaming analytics and alerting.
• Understand the Analysis Pipeline configuration language.
• Develop and implement network flow data use cases with Analysis Pipeline.

Date: 2016

Training Purpose: Skill Development

Training Proficiency Area: Level 2 - Intermediate

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This course provides the foundational practices and ethical principles of artificial intelligence. Diving into each of the ethical principles along with other technical ethics, it is aimed at reducing risk and unwanted bias to create ethical, transparent, and fair artificial intelligence systems.

Learning Objectives:

• Explain the harm with bias in artificial intelligence.
• Discuss how to reduce risk and unwanted bias.
• Cite several principles of AI and the goals of each.
• Describe how principles are applied to create ethical, transparent, and fair AI.

Date: 2020

Training Purpose: Skill Development

Training Proficiency Area: Level 2 - Intermediate

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This self-study course focuses on preparing learners for the EC-Council Certified Ethical Hacker version 10 certification exam. This course contains materials on advanced network assessment techniques including enumeration, scanning, and reconnaissance. It is designed to use the same knowledge and tools as a malicious hacker, but in an ethical and lawful manner to examine an organization's network security posture. The course concludes with a practice exam.

Learning Objectives:

• Learn how to perform a vulnerability analysis to identify security weakness in an organization's network structure.
• Perform a security assessment of a cloud environment to understand cloud computing threats and attacks.
• Understand risks and defensive strategies for IoT platforms and devices.

Date: 2019

Training Purpose: Skill Development

Training Proficiency Area: Level 3 - Advanced

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

C1 An introduction into the PRIVMGMT solution and how it aligns to CDM goals.
C2 General use of the web portal for requesting, accessing and managing privileged credentials.
C3 Account management features which include account reconciliation and password management.

C1 An introduction into the PRIVMGMT solution and how it aligns to CDM goals.
C2 General use of the web portal for requesting, accessing and managing privileged credentials.
C3 Account management features which include account reconciliation and password management.

This course is a self-study resource to help prepare for the Cisco CCENT certification, one of the prerequisites for the Cisco CCNA certification. Installing, operating, configuring, and verifying a basic IPv4 and IPv6 network will be discussed. The course focuses on configuring a local area network (LAN) switch, configuring an internet protocol (IP) router, and identifying basic security threats. It includes several reinforcing video demonstrations of concepts discussed, as well as a quiz.

Learning Objectives:

• Review of objectives for the Cisco Certified Entry Networking Technician certification
• Supplemental preparation for the Cisco CCENT certification exam

Date: 2016

Training Purpose: Operate and Maintain

Training Proficiency Area: Level 2 - Intermediate

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This course is the follow-up to Cisco CCENT and is aimed to prepare learners for the Cisco CCNA Security exam. Content covered in this course includes protocol sniffers, analyzers, TCP/IP, desktop utilities, Cisco IOS, the Cisco VPN, a Cisco simulation program called Packet Tracer, and some web-based resources. The course focuses on a theoretical understanding of network security, knowledge, and skills designed to implement it. This course contains several reinforcing video demonstrations and final exam.

Learning Objectives:

• Review of objectives for the Cisco Certified Network Associate certification
• Supplemental preparation for the Cisco CCNA certification exam

Date: 2015

Training Purpose: Skill Development

Training Proficiency Area: Level 2 - Intermediate

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This course explores the guidance from the Cloud Security Alliance (CSA), National Institute of Standards and Technology (NIST), National Security Agency (NSA), and several Cloud Service Providers (CSPs). Objectives cover cloud security risks and threats, basic operations, incident response considerations, along with application, data and infrastructure security concepts. Where applicable, demonstrations of cloud provider tools and capabilities will be used to reinforce key points.

Learning Objectives:

• Define cloud models and components.
• Apply CSA security guidance and other best practices to cloud deployments.
• Understand cybersecurity requirements within the Shared Responsibilities model.
• Prepare for cloud computing governance and compliance challenges.
• Relate traditional cybersecurity controls to popular cloud solutions.
• Recognize and prepare for cloud computing threats.
• Review additional cloud security tools and use cases.

Date: 2020

Training Purpose: Skill Development

Training Proficiency Area: Level 2 - Intermediate

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

The Cloud Computing Concepts course highlights concepts and best practices for cloud architecture, design, security, and operations. Topics include leveraging cloud environments for critical assets or operations, and the impacts on data and application security, as well as legal, risk, and compliance considerations.

Learning Objectives:

• Compare cloud service and deployment models and each’s impact on customer control and responsibilities
• Identify data security strategies within cloud environments
• Explain secure data center design concepts including example risks and security controls
• Describe the Secure Software Development Life Cycle (SDLC) and its relation to applications within cloud environments
• Summarize concepts for building, operating, and managing physical and logical infrastructure for cloud environments
• Outline privacy, legal, and audit requirements with cloud environments, and how it relates to evaluating providers

Date: 2021

Training Purpose: Skill Development

Training Proficiency Area: Level 2 - Intermediate

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This course introduces concepts around Infrastructure as a Service (IaaS), Platform as a Service (PaaS), Software as a Service (SaaS), Multiple Cloud Hosting and Hybrid Cloud Hosting.

Date: 2021

Training Purpose: Skill Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This course features National Defense University Professor Robert Richardson who discusses important security and oversight requirements for commercial cloud solutions.

Learning Objectives:

• Overview of the cloud physically, logically, and architecturally.
• Discuss cloud deployment models and characteristics.
• Overview of cloud infrastructure characteristics.
• Cloud Supply Chain Risk Management and considerations of commercial cloud as third-party cloud services; senior leaders should "beware of the gaps and seams."
• Cloud software components - microservices & APIs.
• The driving forces and key technology enablers of commercial cloud services in the Federal Government.
• Must-have security requirements and policies for cloud solutions.
• The top ten cybersecurity cloud risks such as: loss of service, data breaches, human error. As well as non-cybersecurity risks such as: outsourcing risks, personnel security, and supply chain risk management.
• Where Federal Government adoption of commercial cloud is now and predictions for the future.

Date: 2020

Training Purpose: Skill Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

Think about your organization’s most critical functions: what do others depend on you to provide? Your high-value assets (HVAs), also known as critical assets across many industries, are the information or information systems that have serious impact to your organization’s ability to conduct its mission or business operations if lost, corrupted, or inaccessible. Across sectors and industries, data and information systems that underpin core business and operational functions- or those systems that connect to core functionalities- make highly tempting targets for sophisticated criminal, politically motivated, or state-sponsored actors to exploit directly or compromise to undermine public trust.

The HVA program was established by CISA to help organizations gain a comprehensive understanding of the risks that dynamic threat actors pose and identify the high-value information and systems that are likely targets.

This webinar provides an overview of the following key information:

• HVA and critical asset overview: Define high-value assets, and how to assess and prioritize risks.
• Common threats: Understand the most likely threats to HVAs and how to mitigate associated vulnerabilities.
• CISA guidance: Learn the steps and parameters to identify, categorize, prioritize, and secure your HVAs or critical assets.
• Case studies: Explore the impacts of documented critical or high-value asset cyberattacks, and the success of resulting response and recovery efforts.

This course is accessible to a non-technical audience including managers and business leaders and provides an organizational perspective useful to technical specialists.

Date: July 2021

Training Purpose: Skill Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This course discusses the influence, impact, and need for cybersecurity when defending the critical infrastructure and key resources of the United States. This course provides the definition of critical infrastructure, examples of cybersecurity threats to critical infrastructure, and information on what is being done to protect critical infrastructure from these cybersecurity threats.

Learning Objectives:

• Define and give examples of critical infrastructure.
• Identify possible cyber threats to critical infrastructure.
• Describe U.S. cybersecurity policies and programs.
• Explain the cybersecurity roles of the Department of Homeland Security (DHS) and other Federal agencies.

Date: 2017

Training Purpose: Skill Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This course provides an overview of cybersecurity threats and best practices to keep information and information systems secure. Every year, authorized users of certain information systems must complete the Cyber Awareness Challenge to maintain awareness of and stay current on new cybersecurity threats. The training also reinforces best practices to keep personal information and information systems secure and stay abreast of changes in general cybersecurity policies.

Date: 2019

Training Purpose: Skill Development

Training Proficiency Area: Level 1 - Beginner

This course highlights 'dark' or deceptive activities that are employed by malicious users via the Internet. Several legitimate purpose technologies and techniques and how they are leveraged, or manipulated for fraudulent purposes, is discussed. Threats from topics such as zero-day attacks, dark web, alternate OSs, VPN/TOR, weaponized psychology, and anonymous services will be detailed, as well as methods for concealing one’s identity. These methods are taught in order for cybersecurity experts to defend against such attacks. The course includes reinforcing video demonstrations.

Learning Objectives:

• Explain several techniques for obfuscating online activities.
• List examples of technologies leveraged for deceptive purposes.
• Detail best practices for prevention and protection from malicious cyber activities.

Date: 2018

Training Purpose: Skill Development

Training Proficiency Area: Level 2 - Intermediate

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This course highlights best practices applicable to a wide variety cybersecurity job roles. Topics include risk management, architecture and design, and tools and technologies. This course also covers key concepts for detecting, protecting, and defending from security threats.

Learning Objectives:

• List common cyber threats and how scanning and assessment tools and techniques identify potential vulnerabilities.
• Explain how various tools and technologies are configured or deployed to support an organization's security posture.
• Detail risk management best practices and mitigation strategies.

Date: 2018

Training Purpose: Skill Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

On Wednesday, April 20, 2022, the CyberStat Program, along with Subject Matter Experts from the OMB Office of the Federal Chief Information Officer, General Services Administration(GSA), and CISA’s Office of the Technical Director, hosted the CyberStat Workshop “Zero Trust Pillar 1: Identity (Part 1).” Attending agency representatives had the opportunity to learn more about Zero Trust Implementation Tasks, Multi Factor Authentication, including phishing resistant MFA for Public Facing Systems, the new password policy, and how the new policy can be implemented.

Date: April 20, 2022

Length: 57 minutes

Training Proficiency Area: Level 1 - Beginner

Training Purpose: Improving the management of policy changes required by EO14028.

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework: Cyber Defense Infrastructure Support

On Wednesday, May 4, 2022, the CyberStat Program, along with Subject Matter Experts from CISA and OMB, hosted the CyberStat Workshop “Zero Trust Pillar 1: Identity (Part 2).” Attending agency representatives had the opportunity to learn more about the role of centralized identity management within their agencies’ structures and gain assistance in how to incorporate device-level signals alongside identity information in authentication.

Date: May 4, 2022

Length: 42:53

Training Proficiency Area: Level 1 - Beginner

Training Purpose: Improving the management of policy changes required by EO 14028.

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework: Cyber Defense Infrastructure Support

On Tuesday, June 28, 2022, the CyberStat Program, along with subject matter experts from CISA and OMB, hosted the CyberStat Workshop Zero Trust Pillar 3: Networks. Agency participants learned about the four tasks in Pillar 3 of M-22-09 and engaged with SMEs to discuss obstacles and challenges in implementing these required tasks.

Date: June 28, 2022

Length: 1:05:26

Training Proficiency Area: Level 1 - Beginner

Training Purpose: Improving the management of policy changes required by EO 14028.

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework: Cyber Defense Infrastructure Support

On Thursday, August 25, 2022, the CyberStat Program, along with subject matter experts from CISA and USDS, hosted the CyberStat Workshop Zero Trust Pillar 4: Applications and Workloads. Agency participants learned about the five tasks in Pillar 4 of M-22-09 and engaged with SMEs to discuss obstacles and challenges in implementing these required tasks.

Date: August 25, 2022

Length: 59:59

Training Proficiency Area: Level 1 - Beginner

Training Purpose: Improving the management of policy changes required by EO 14028.

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework: Cyber Defense Infrastructure Support

On Thursday, October 13, 2022, the CyberStat Program, along with subject matter experts from CISA, NIST, the Department of Transportation, the Department of State, the Department of Education, and the General services Administration, hosted the CyberStat Workshop Zero Trust Pillar 4: Applications and Workloads. Agency participants learned about the four tasks in Pillar 4 of M-22-09 and engaged with SMEs to discuss obstacles and challenges in implementing these required tasks.

Date: October 13, 2022

Length: 51:14

Training Proficiency Area: Level 1 - Beginner

Training Purpose: Improving the management of policy changes required by EO 14028.

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework: Cyber Defense Infrastructure Support

This course introduces the concept of a network Demilitarized Zone (DMZ) and the security benefits it can provide. This course focuses on best practices for designing and implementing a DMZ and includes a section on Intrusion Detection Systems (IDS) and Intrusion Protection Systems (IPS) that provides an in-depth look at SNORT for network monitoring. The course concludes with log analysis and management best practices.

Learning Objectives:

• Present an overview of the DMZ security model and key components.
• Discuss DMZ structure, purpose, and operation.
• Present different models for implementation to meet network requirements.
• Discuss the network threats that a DMZ can detect and mitigate.

Date: 2013

Training Purpose: Skill Development

Training Proficiency Area: Level 2 - Intermediate

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This 1/2-day course is a joint collaboration of the Cybersecurity & Infrastructure Security Agency (CISA) and the CERT Division of the Software Engineering Institute at Carnegie Mellon University. The purpose of this training is to help federal civilian agencies meet required actions of BOD 20-01, the Binding Operational Directive to Develop and Publish a Vulnerability Disclosure Policy (VDP) by covering the knowledge of and providing resources for:

• Vulnerability report receipt and intake
• Developing and publishing a vulnerability disclosure policy
• Developing vulnerability disclosure handling procedures
• Developing a vulnerability disclosure capability development
• Reporting metrics

After completing this course, participants should be able to

• Describe agency requirements for developing and publishing a vulnerability disclosure policy (VDP).
• Describe the minimum capacity needed to support your vulnerability disclosure handling process.
• Explain how vulnerability disclosure and handling is dependent on successful human interaction.
• Explain the importance of establishing trust and good relationships with reporters and stakeholders.
• List the key resources that can help your agency build your VDP and supporting processes.
• Meet the requirements to develop and publish a VDP and supporting handling process.
• Understand how and when to work with CISA for assistance and escalation.

Date: 2022

Training Purpose: Skill Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This course covers the basics of Domain Name System Security Extensions (DNSSEC), how it integrates into the existing global DNS and provides a step-by-step process to deploying DNSSEC on existing DNS zones.

Learning Objectives:

• Discuss DNSSEC and supporting mechanisms.
• Sign a DNS zone.
• Configure Delegation Signer (DS) resource records.
• Set up a Secure Resolver.
• Discuss server operational considerations.

Date: 2015

Training Purpose: Skill Development

Training Proficiency Area: Level 3 - Advanced

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This course covers a broad range of cybersecurity elements that pose threats to information security posture. The various threats are covered in detail, followed by mitigation strategies and best practices. It will cover what the policies are, the roles it plays in cybersecurity, how they are implemented. The course will also look at cybersecurity laws, standards, and initiatives. Topics include policy, knowing your enemy, mobile device security, cloud computing security, Radio Frequency Identification (RFID) security, LAN security using switch features, securing the network perimeter, securing infrastructure devices, security and DNS and IPv6 security. Video demonstrations are included to reinforce concepts.

Date: 2010

Training Purpose: Skill Development

Training Proficiency Area: Level 2 - Intermediate

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This course highlights technical knowledge and skills required for implementing secure solutions in the enterprise. A broad spectrum of disciplines is covered to aid practitioners in applying frameworks and controls to improve the security posture while supporting the business mission.

Learning Objectives:

• Describe risk management's role in the enterprise and mitigation strategies for specific threats.
• Detail implementing network security strategies and controls for connected devices.
• Explain how cloud technologies are leveraged and can support a secure enterprise architecture.
• List sources and methods to help stay current with cybersecurity best practices and threat trends and analyzing potential impact to the enterprise.

Date: 2018

Training Purpose: Skill Development

Training Proficiency Area: Level 2 - Intermediate

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

In this hour-long webinar National Defense University Professor Roxanne Everetts discusses some key leadership decisions around using Federal Risk and Authorization Management Program (FedRAMP) solutions. FedRAMP is a unique government cloud - it is a combination of cloud security, cybersecurity, and risk management.

Learning Objectives:

• Explain FedRAMP and why Federal agencies use FedRAMP. (Hint: It's the law!)
• Discuss knowledge key leaders need for cloud solutions, including: FedRAMP structure, how it helps, and how agencies can leverage it.
• Describe the FedRAMP governing bodies.
• Examine the roles of Cloud Service Providers (CSPs) and Third-Party Assessment Organizations (3PAOs) as FedRAMP participants.
• Identify agency responsibilities, which include ensuring they have an Authority to Operate (ATO) letter on file with the FedRAMP Program Management Office (PMO).
• Explore the FedRAMP Security Framework (SAF), based on the National Institute of Standards and Technology (NIST) Special Publication (SP) 800-37.
• Use the FedRAMP Marketplace to find services that meet agency needs. Any service listed in the Marketplace meets federal security requirements and has already been authorized.

Date: 2020

Training Purpose: Management Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This course presents a process roadmap that can be followed to build the various parts of a robust Insider Threat Program. It discusses various techniques and methods to develop, implement, and operate program components. The content covered supports organizations implementing and managing insider threat detection and prevention programs based on various government mandates or guidance.

Learning Objectives:

• Identify critical assets and protection schemes.
• Coordinate a cross-organizational team to help develop and implement the Insider Threat Program.
• Develop a framework for the Insider Threat Program.
• Identify methods to gain management support and sponsorship.
• Plan the implementation for their Insider Threat Program.
• Identify organizational policies and processes that require enhancement to accommodate insider threat components.
• Identify data sources and priorities for data collection.
• Identify infrastructure changes and enhancements necessary for implementing and supporting an Insider Threat Program.
• Outline operational considerations and requirements needed to implement the program.
• Build policies and processes to help hire the right staff and develop an organizational culture of security.
• Improve organizational security awareness training.
• Identify training competencies for insider threat team staff.

Date: 2020

Training Purpose: Management Development

Training Proficiency Area: Level 2 - Intermediate

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This course orients analysts to the various types of information that can be found in packets, uses Wireshark as the packet capture and analysis tool, and explains why data available in packets can be affected by the location of the packet capture in the network environment.

This course focuses on writing scripts for the Microsoft Windows operating system. It covers fundamentals and syntax for automating administrative and security monitoring tasks. The course presents the basics of Windows BATCH scripting syntax and structure, along with several Windows command line utilities to harness the powerful capabilities built into Windows.

Learning Objectives:

• Understand fundamentals of Windows BATCH scripting, including syntax and structure.
• Perform redirection, piping, standard input / output, error handling, conditional statements, jumps, and command line parameters.
• Apply built-in commands like net, netsh, xcopy, and findstr to perform more complex functions.
• Understand best practices for writing and debugging Windows scripts.

Date: 2015

Training Purpose: Functional Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This course begins with a primer of IPv6 addressing and its current deployment state, discusses Internet Control Manager Protocol version 6 (ICMPv6), Dynamic Host Configuration Protocol version 6 (DHCPv6), and Domain Name System version 6 (DNSv6), and concludes with IPv6 Transition Mechanisms, security concerns, and management strategies. This course includes several reinforcing video demonstrations, as well as a final knowledge assessment.

Learning Objectives:

• Primer of IPv6 addressing
• Describe current deployment state
• Explain ICMPv6, DHCPv6, and DNSv6
• Explore IPv6 Transition mechanisms
• Identify security concerns
• Incorporate management strategies

Date: 2015

Training Purpose: Skill Development

Training Proficiency Area: Level 3 - Advanced

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

The self-study resource prepares learners for the CISM exam. This course focuses on information security management expertise through in-depth lecture topics, reinforcing demonstrations, and a practice exam. This course includes concepts from the four job practice areas: Information Security Governance, Information Risk Management and Compliance, Information Security Program Development and Management, and Information Security Incident Management.

Learning Objectives:

• Explain how information security governance and supporting processes are used to align security strategy with organizational goals and objectives.
• Detail strategies to manage risk to an acceptable level in support of organization goals and objectives.
• Describe the information security program's role in the organization's security posture by managing and protecting assets while supporting goals.
• Detail means to minimize the impact to operations in the event of a security incident through establishing detection, response, and recovery capabilities.

Date: 2015

Training Purpose: Skill Development

Training Proficiency Area: Level 2 - Intermediate

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework