FedVTE Course Catalog

	101 Courses - Basic level courses
	NICE Cybersecurity Workforce Framework Category - Analyze
	NICE Cybersecurity Workforce Framework Category - Collect and Operate
	NICE Cybersecurity Workforce Framework Category - Investigate
	NICE Cybersecurity Workforce Framework Category - Operate and Maintain
	NICE Cybersecurity Workforce Framework Category - Oversee and Govern
	NICE Cybersecurity Workforce Framework Category - Protect and Defend
	NICE Cybersecurity Workforce Framework Category - Securely Provision

The NICE Cybersecurity Workforce Framework can be found at: https://niccs.us-cert.gov/workforce-development/cyber-security-workforce-framework

Limit to NICE Cybersecurity Workforce Framework Category or subject:
	101 Courses - Basic level courses	Analyze	Collect and Operate
	Investigate	Operate and Maintain	Oversee and Govern
	Protect and Defend	Securely Provision
Show All Courses in All Categories Expand/Collapse All

Advanced Windows Scripting 6 Hours

Skill Level: Basic

+ Description
	This course focusses on advanced concepts for writing scripts for the Microsoft Windows operating system. The course covers how to string multiple commands together in traditional BATCH scripts as well as leverage Visual Basic Scripting (VBS) to perform more complex tasks, and includes reinforcing video demonstrations and final assessment. Training Purpose: Securely Provision, Operate and Maintain Specialty Areas: Software Development, Systems Administration, Systems Analysis, Customer Service and Technical Support Training Proficiency Area: Level 1 - Basic Capture Date: 2015

+ Course Modules/Units

Advanced Windows Scripting Introduction

Windows BATCH Scripting Overview

Windows BATCH Advanced Syntax Part 1 of 2

Windows BATCH Advanced Syntax Part 2 of 2

Windows Scripting Advanced Uses of FOR

Windows Scripting Syntax Tips and Tricks

Windows Scripting CALL and START Demo

Windows Scripting Subroutine Demo

Windows Scripting SET Demo

Windows Scripting PUSHD and POPD Demo

Manipulating In_Outputs

Stringing Multiple Commands Together

FOR Loop Generating List Demo

FOR Loop Recursive Listing Demo

Taking Action Based on Content of Output

Action Based on Content Output Demo

Scripts in Typical Penetration Testing Tasks Part 1 of 2

Scripts in Typical Penetration Testing Tasks Part 2 of 2

Visual Basic Scripting Syntax and Usage

Visual Basic Scripting Merge Demo

VBS Elements_Structure

VBS Elements_Variables, Arguments, and Conditionals

VBS Elements_Loops

VBS Elements_Functions and Operators

VBS Windows Scripting Host

VBS Elements_File I_O

VBS Windows Scripting Demo

VBS Error Handling and Troubleshooting

Visual Basic for Applications

Visual Basic for Application Elements

Visual Basic for Applications Working with Applications

VBA Working with Applications Demo

VBA Error Handling and Troubleshooting

VBA Error Handling and Troubleshooting Demo

Advanced Windows Scripting Quiz

Analysis Pipeline 6 Hours

Skill Level: Intermediate

+ Description
	This course is designed for network flow data analysts who use or are considering using Analysis Pipeline (http://tools.netsa.cert.org/analysis-pipeline5/index.html). The course aims to help the student better understand how to incorporate streaming network flow analysis into their toolkit for identifying and alerting on events of interest. The focus will be on applying Analysis Pipeline to operational use cases Training Purpose - Protect and Defend, Collect and Operate, Operate and Maintain Specialty Areas - Network Services, Cyber Operations, Cyber Defense Analysis Training Proficiency Area: Level 2 - Intermediate

+ Course Modules/Units

Introduction

Configuration Files

Running Pipeline

Logical Schematics

Pipeline and Timing and State

Alerts

Configuration File Basics

Filters

Filters (Exercises and Solutions)

Evaluations

Evaluations (Exercises and Solutions)

Statistics

Internal Filters

List Configurations

Configuration File Basics (Exercises and Solutions)

Threshold Examples

Special Evaluations

Building an Analytic

Server Profiling Analytic

Host Discovery Analytic

Advanced Configurations

NTP Anomalies

Unknown SSH Brute Force

Choose Your Own Adventure

ICMP Surveying: Thinking it Through

ICMP Surveying: Building it Out

DDoS Detection: Thinking it Through

DDoS Detection: Building it Out

SSH Compromise: Thinking it Through

SSH Compromise: Building it Out

Analysis Pipeline 5

EC-Council Certified Ethical Hacker (CEHv9) Self-Study Prep 31 Hours

Skill Level: Advanced

+ Description
	The CEHv9 certification prep self-study course helps prepare students to sit for the EC-Council Certified Ethical Hacker version 9 certification exam. This course contains materials to aid the student in broadening their knowledge of advanced network assessment techniques including enumeration, scanning and reconnaissance. Updates to v9 from v8 include several new tools and new module on cloud considerations. Topics include reconnaissance, hacking laws, web application hacking, social engineering, packet capture, and scanning. The course then moves on to exploitation of several types of threats and how to cover your tracks, concluding with a practice exam. Learning Objectives Review of the domains and published objectives of the CEHv9 Supplemental resource for preparation for the EC-Council CEHv9 certification exam Training Purpose: Operate and Maintain, Protect and Defend, Analyze Specialty Areas: Systems Analysis, Cyber Defense Infrastructure Support, Vulnerability Assessment and Management, Threat Analysis Training Proficiency Area: Level 3 - Advanced Capture Date: 2016

+ Course Modules/Units

Certified Ethical Hacker v9 Intro

Ethical Hacking Intro and Security Reports

Security Reports Statistics

Ethical Hacking Terminology

IR in Ethical Hacking

Laws and Regulations

Ethical Hacking and Threats

Types of Attacks and Attack Vectors

Hacking Phases and Vul Research

Reconnaissance

Passive Footprinting

DEMO: WHOIS with BackTrack

Passive WHOIS Queries

Google Hacking

Active Footprinting

DEMO: Nslookup Example

Active Footprinting Cont

DEMO: Active Footprinting with Traceroute

Network Mapping and Web Mirroring

Active Footprinting Countermeasures

Scanning Essentials

Scanning Essentials Continued

Port Scanning

Vulnerability Scanning

DEMO: Banner Grabbing with Telnet

Covert Scanning

DEMO: Scanning with Nmap Demo

Additional Covert Scanning

Enumeration Overview Part 1 of 2

Enumeration Overview Part 2 of 2

Enumeration Tools

Operating System Account Enumeration

Protocol Enumeration

DEMO: NetStat Enumeration and Countermeasures

Authentication Techniques

Microsoft Authentication

Password Cracking

Password Cracking Techniques

Privilege Escalation

DEMO: Rainbow Table Lookup Sites

Keyloggers

Spyware and Activity Monitoring

Packet Sniffing Attacks

Rootkits

Covert Hacking

Covering Tracks

Virus Examples and Symptoms

Virus Classifications and Characteristics

Virus Types and Terminology

Virus Making Tools

Famous Worms

Trojan Terminology and Techniques

Trojans and Backdoors

DEMO: Shell Connections via Netcat and BackTrack

Trojan Analysis

DEMO: Trojans and Rootkits

Malware Countermeasures and Tools

DEMO: Strings Analysis

Other Malicious Code Types

Sniffers Terminology and Overview

Network Overview for Sniffer Placement

Basic Packet Analysis

DEMO: Viewing ARP Packets with Packet Builder

Attacks and Protocols Vulnerable to Sniffing

Spoofing and Flooding Sniffing Attacks

MITM Attacks Ports Vul to Sniffing

Wireshark Overview and Examples

Evasion in Network Sniffing

Sniffing Countermeasures and Tools

DEMO: Hping3

DEMO: Wireshark

Social Engineering Background and Examples

Human-based Social Engineering

Additional Human-based SE

Computer Based Social Engineering

Computer-Based SE - Social Networking

Mobile-based Social Engineering

SE and Identity Theft Countermeasures

DEMO: Social Engineering Toolkit Demo

Denial of Service Part 1 of 2

Denial of Service Part 2 of 2

Categories of Denial of Service

DEMO: HW and Mobile DoS Options

Buffer Overflow Terminology and Background

DEMO: Stack Overflow Testing wil OllyDbg

Session Hijacking Overview and Examples

Cross Site Scripting and Other Session Attacks

Session Hijacking Techniques

IPSec and Session Hijacking

Hacking Webservers Terminology and Background

Webserver Architecture

Webserver Hacking Tools

Web Server Attacks

OWASP Top 10

Webserver Hacking Countermeasures

SQL and Command Injection Web App Hacking

Non SQL Injection Errors

Parameter and Form Tampering Web App Hacking

Cross-site Scripting and Obfuscation Web App Hacks

Cross-Site Request Forgery and Cookies

Web Application Methodology

Web App Attack Tools and Countermeasures

Buffer Overflow Tools and Countermeasures

DEMO: BurpSuite

DEMO: XP cmdshell Demo

SQL Terminology and Example Statements

SQL Enumeration

SQL Injection Attacks

SQL Injection Tools and Countermeasures

DEMO: SQL Injection

Wireless Terminology and Standards

Wireless Terminology and Antennas

Wireless Authentication

Wireless-based Attacks

Wireless Attack Methodology

Wireless Attack Methodology Continued

WEP WPA and Other Wireless Attacks

Bluetooth Communication Basics

Wireless Protocols and Signal Modulation

DEMO: SSID and Channels

DEMO: WiFi Analyzer Using Mobile Device

Wireless Hacking Tools and Countermeasures

Mobile Platform Overview

Mobile Device Operating Systems

Hacking Mobile Platforms

IDS Overview and Detection Methods

DEMO: Published Snort Rules

Firewalls and Honeypots

Firewall Configurations

Signs of Intrusions

Evasion Techniques

IDS Evasion Techniques

Evasion Testing Techniques

DEMO: Intrusion Signs

Cryptography Background and Terminology

Crypto Keys and Algorithms

SHA and TLS Algorithms

DEMO: Hashing with MD5 Sum

Crypto Keys and Algorithms Continued

Cryptography Implementations

Public Key Infrastructure (PKI)

Cryptanalysis Techniques

Cryptanalysis Tools

Cryptographic Attacks

Steganography Tools

Security Testing and Assessments

Penetration Testing Terminology

Risk Management and Penetration Testing

Penn Testing Phases and Methodology

Penetration Testing Walkthrough

Penetration Testing Tools

DEMO: Exploits with Armitage

DEMO: Intro to Armitage

DEMO: v3 RunningExploitFrom Code

Introduction to Cloud Computing

Cloud Security

Cloud Architectures

Cloud Testing Tools

Cloud Threats and Attacks

CEHv9 Prep Practice Exam

Cisco CCENT Self-Study Prep 13 hours

Skill Level: Intermediate

+ Description
	The Cisco CCENT Prep course is a self-study resource for learners preparing for the Cisco CCENT certification, one of the prerequisites for the Cisco CCNA certification. Installing, operating, configuring, and verifying a basic IPv4 and IPv6 network will be discussed. Students will also be introduced to configuring a local area network (LAN) switch, configuring an internet protocol (IP) router, and identifying basic security threats. The course includes several reinforcing video demonstrations of concepts discussed, as well as a quiz. Training Purpose: Operate and Maintain Specialty Areas: Network Services, Systems Administration, Systems Analysis, Customer Service and Technical Support Training Proficiency Area: Level 2 - Intermediate Capture Date: 2015

+ Course Modules/Units

Switched Networks Part 1 of 2

Switched Networks Part 2 of 2

Collisions and Broadcasts

DEMO: Viewing an ARP Table

Basic Switch Configuration

SSH Operation and Configuration

Configuring Switch Ports

Switch Troubleshooting

Securing a Switch

Best Practices for Switched Networks

DEMO: Making an RJ-45 Cable

VLAN Segmentation Part 1 of 2

VLAN Segmentation Part 2 of 2

VLAN Implementations

VLAN Security and Design

DEMO: Configuring VLANs

DEMO: Demonstrating VLAN Connectivity

Functions of a Router Part 1 of 2

Functions of a Router Demo

Functions of a Router Part 2 of 2

Configuring Basic Router Settings

DEMO: IPv4 and IPv6 Subnetting

Basic Router Settings_IPv6 and Loopback Interfaces

Verifying Connectivity of Directly Connected Networks

Switching Packets Between Networks

Routing Tables and Protocols

DEMO: IPv6 Header Analysis

DEMO: MAC Address Table

DEMO: IPv4 Addresses and Router Interfaces

DEMO: IPv6 Addressing on Router Interfaces

Inter-VLAN Routing Configuration

Layer 3 Switching

Static Routing

Configure Static Routing

Classful Addressing and Routing

Configuring Summary Routes

Troubleshooting Static and Default Routes

DEMO: Static Routing

Dynamic Routing Protocol Operation

Routing Protocol Operating Fundamentals

Types of Routing Protocols

Types of Distance Vector Routing Protocols

Configuring the RIP Protocol

RIPng and Link-State Routing

DEMO: RIP Version 1 and IPv4

DEMO: RIP Version 2 Improvements

DEMO: Setting up RIP for IPv6

Characteristics of OSPF

OSPF Messages

OSPF Router IDs

Configuring and Verifying OSPF

OSPFv2 versus OSPFv3

DEMO: Configuring OSPF

DEMO: Troubleshooting OSPFv2

DEMO: Configuring OSPFv3

DHCPv4 Operation

Configuring and Troubleshooting DHCPv4

DEMO: DHCPv4

SLAAC and DHCPv6

Stateless and Stateful DHCPv6

DEMO: Stateless DHCPv6

NAT Characteristics and Benefits

Types of NAT

Configuring Static and Dynamic NAT

Configuring PAT and Port Forwarding

DEMO: Enabling IPv4 NAT

Configuring and Troubleshooting NAT for IPv6

CCENT Prep Practice Exam

Cloud Computing Security 1 Hour

Skill Level: Intermediate

+ Description
	This course provides an in-depth look at the strengths and weaknesses of cloud computing security as well as the considerations to take in choosing the cloud as a data management solution. Technical and operational risks are explained, along with strategies to mitigate the aforementioned risks. To demonstrate concepts learned, the course closes with a real-world example of how a government agency (Defense Information Systems Agency) utilizes cloud computing solutions. Training Purpose: Securely Provision, Operate and Maintain Specialty Areas: Systems Analysis, Network Services, Systems Requirement Planning Training Proficiency Area: Level 2 - Intermediate Course Capture Date: 2010

+ Course Modules/Units

What is Cloud Computing?

Technical Risks

Operational Risks

Risk Mitigation Strategies

Cisco CCNA Security Self-Study Prep 15 Hours

Skill Level: Intermediate

+ Description
	The Cisco CCNA Security Self-Study Prep course is aimed at those who already have experience with routers and basic level networking skills, and those who may be interested in taking the Cisco CCNA Security exam. Content covered in the CCNA Security Prep course include protocol sniffers, analyzers, TCP/IP, desktop utilities, Cisco IOS, the Cisco VPN, a Cisco simulation program called Packet Tracer, and some web-based resources. Students will get a theoretical understanding of network security, knowledge and skills designed to implement it. This self-study resource contains several reinforcing video demonstrations and final exam. Training Purpose: Operate and Maintain Specialty Areas: Network Services, Systems Administration, Systems Analysis, Customer Service and Technical Support Training Proficiency Area: Level 2 - Intermediate Capture Date: 2015

+ Course Modules/Units

Securing Network Devices

Secure Administrative Access Part 1 of 2

Secure Administrative Access Part 2 of 2

DEMO: Securing Router Access Methods

Role-Based CLI Overview

Password Recovery

Management Reporting and Logging Considerations

Implementing Log Messaging for Security

Configuring NTP

Disabling Unused Cisco Router Network Services and Interfaces

AAA Authentication Methods

Implementing Local AAA Authentication

Implementing Server-Based AAA Authentication

Cisco Secure ACS

Configuring Server-Based AAA Authentication

Server-Based Authorization and Accounting

Implementation Firewall Technologies

Access List Controls (ACLs)

Extended ACLs and ACL Caveats

ACL Placement

Complex ACLs

Troubleshooting ACLs

Securing Networks with Firewalls

Zone-Based Policy Firewalls

CCP Firewall Wizard and Manual ZPF using CCP

DEMO: Enabling IOS Firewall

Implementing Intrusion Prevention Intro

IPS Signatures

Signature Trigger and Action for IPS

Managing and Monitoring IPS

Configuring and Verifying IOS IPS

Securing the Local Area Network Intro

Layer 2 Security Part 1 of 2

Layer 2 Security Part 2 of 2

Mitigating MAC Spoofing and MAC Table Overflow Attacks

Mitigating STP Manipulation

Configuring Storm Control

Mitigating VLAN Attacks

Configuring Cisco Switch Port Analyzer

Private VLAN Edge

Advanced Technology Security Considerations

Wireless Networks

VoIP and SAN Networks

DEMO: Enabling STP with Voiceover

Cryptographic Systems and Hashes

Encryption and Confidentiality

Public Key Cryptography and PKI

VPN Terminology and Topologies

IPSec Frameworks and Key Exchange

IPSec Tasks

Configuring IPsec VPN using CCP

Remote-Access VPNs

Managing a Secure Network and Addressing Risks

Operations Security

Network Security Testing

Continuity Planning

SDLC

Security Policy

ASA Models and Features

Basic ASA Configuration and Settings

Introduction to ASDM

ASA Objects and Object Groups

ACLs for ASA

ASA and NAT

ASA and PAT

ASA AAA

Modular Policy Framework

ASDM Service Policies Demo

ASA VPN Features

ASDM AnyConnect VPN Wizard

DEMO: ASA Console Config

DEMO: ASA GUI Config

DEMO: ASA Traffic Management

CCNA Security Prep Practice Exam

CMaaS Transition Classroom Sessions 5 Hours

Skill Level: Basic

+ Description
	This course is part of the CMaaS transitional webinar series conducted via WebEx. Each video focuses on a single tool within the CMaaS solution stack, and includes two major Use Cases for each tool. Training Proficiency Level: Level 1 - Basic Capture Date: 2018

+ Course Modules/Units

Session 1

Session 2

Session 3

Session 4

CompTIA A+ 220-901 Certification Prep 12 Hours

Skill Level: Basic

+ Description
	The CompTIA A+ 901 certification prep course is a self-study resource to help students prepare for the CompTIA A+ certification exam. The A+ exam covers both 220-901 and 220-902 objectives. Topics covered in the 901 prep include maintenance and configuration of PCs and devices, basics of networking, troubleshooting software and hardware issues, and customer support. Learning objectives: Provide a review of the four knowledge area domains in the CompTIA A+ 220-901 exam objectives. Supplemental self-study preparation resource for the CompTIA A+ certification exam. Understand the basics of device installation, troubleshooting, and customer support. Training Purpose: Skill Development Specialty Areas: (Operate and Maintain) Customer Service and Technical Support, Network Services, System Administration Training Proficiency Area: Level 1 - Basic

+ Course Modules/Units

CompTIA A+ 220-901 Prep Course Introduction

Computing System Components

Central Processing Unit (CPU)

Sockets and Processing

Virtualization and Temperature Monitoring

DEMO: CPU Characteristics and Installation

RAM Basics and Types of RAM

Upgrading and Installing RAM

DEMO: RAM Installation and Verification

BIOS Components, Configurations and Settings

DEMO: BIOS Overview

Motherboard Form Factor, Chipset and Components

Motherboard Expansion Slots and Card Installation

Installing New Motherboard

Power Supply and Connectors

Display Types and Features

Display Connector and Cable Types

Hard Drive Basics

Hard Drive RAID Types

Hard Drive Interfaces

DEMO: Hard Drive Installation and Initializing

DEMO: Software Virtualization

Common Peripheral Devices

Removable Media

Audio/Video Standards

PC Configurations

DEMO: Inside Desktop Computer

Printer Types

Printer Languages and Installation

Printer-Scanner Maintenance and Troubleshooting

SOHO Network

Fiber and Coaxial Cables and Connectors

Patch Panels, Ethernet Standards and LAN

IP Address, Ports and Protocols Part 1 of 3

IP Address, Ports and Protocols Part 2 of 3

IP Address, Ports and Protocols Part 3 of 3

Wireless Networks and WiFi Standards

Configuring a SOHO Network

Network Types

Network Devices: Routers

Network Devices: Hubs, Switches and Firewalls

Hardware Tools for Connectivity Issues

Laptops and Mobile Devices

Laptop Expansion Options, Docking and Locks

Laptop Hardware Replacement

Laptop Special Functions and Features

DEMO: Laptop Computer Components

Characteristics of Various Mobile Device Types

Mobile Device Ports and Accessories

Network Troubleshooting Process

Troubleshooting Hardware, Video, Networks and OS

DEMO: Troubleshooting Hard Drives

Network Troubleshooting Methodology

DEMO: Troubleshooting Network Issues

Troubleshooting Common Video and Display Issues

CompTIA A+ 220-901 Prep Practice Exam

CompTIA A+ 220-902 Certification Prep 8.5 Hours

Skill Level: Basic

+ Description
	The CompTIA A+ 902 certification prep course is a self-study resource to help students prepare for the CompTIA A+ certification exam. The A+ exam covers both 220-901 and 220-902 objectives. Topics covered in the 902 prep installation and configuration of devices and software, networking and security basics, troubleshooting and diagnosing issues, as well as operational procedures. Learning objectives: Provide an overview of the five knowledge area domains in the CompTIA A+ 220-902 exam objectives. Supplemental self-study resource for the CompTIA A+ certification exam Understand the basics of device configuration, networking, and applying troubleshooting theory. Training Purpose: Skill Development Specialty Areas: (Operate and Maintain) Customer Service and Technical Support, Network Services, System Administration Training Proficiency Area: Level 1 - Basic

+ Course Modules/Units

CompTIA A+ 220-902 Prep Course Introduction

Microsoft Operating System Versions

Upgrading Windows Operating Systems

Windows Operating System Features Part 1 of 2

DEMO: File Structure and Paths

DEMO: Creating and Managing Disk Folders

Windows Operating System Features Part 2 of 2

Windows OS Installation Options

Windows Command-line Tools Part 1 of 2

DEMO: Windows Command-Line Tools

Windows Command-line Tools Part 2 of 2

DEMO: Windows OS GUI Tools Part 1 of 2

DEMO: Windows OS GUI Tools Part 2 of 2

Windows OS GUI Tools Best Practices

Windows Networking and Resource Sharing

DEMO: Image Backup and Restore on Windows

DEMO: Linux Commands

Best Practices and Common Features of OS X

Introduction to Cloud Computing

Cloud Architectures

Network Services and Protocols

Mobile Device Security Introduction

Mobile Device Security Introduction Cont.

Android Introduction

Android Security

Android Application Security

DEMO: Installing Antivirus

File System for iOS Devices

Understanding the Basics of iOS

Understanding iOS Security Architecture

iOS Jailbreaking

Malware and Social Engineering Threats

Threats to Physical Security

Physical Security Considerations

Infrastructure Physical Security

Laptop Security

TEMPEST

Physical Security Access Controls

Biometric Access Control Devices

Authentication

DEMO: Windows Hidden File Properties

Symptoms, Troubleshooting and Preventing Infection

Mobile Device Security Best Practices

Data Destruction and Disposal Methods

SOHO Network

PC Troubleshooting Tools

Troubleshooting Common Symptoms of System Issues

Troubleshooting System Crash and Failure-to-Boot

Troubleshooting Mobile Device Issues

Safety Procedures and Personal Safety

IT Environmental Controls

Incident Response Concepts

Intellectual Property and Licensing

Professional Communication and Troubleshooting

CompTIA A+ 220-902 Prep Practice Exam

CompTIA Cybersecurity Analyst (CySA+) Prep 12.5 Hours

Skill Level: Intermediate

+ Description
	The CompTIA Cybersecurity Analyst (CySA+) self-study certification prep course is designed to help prepare candidates to sit for the CySA+ exam, as well as reinforce concepts for work roles such as Systems Security Analyst, Threat Analyst, and Vulnerability Assessment Analysts. This intermediate-level course focuses on analysis and defense techniques leveraging data and tools to identify risks to an organization, and apply effective mitigation strategies. They CySA+ is an approved baseline certification of the DoD Directive 8570. Learning objectives: Provide a review of the following four skills: threat management, vulnerability management, security architecture and tool sets, and cyber incident response. Supplemental self-study preparation resource for the CompTIA CySA+ exam. Understand how to configure and use threat detection tools, perform data analysis, identify vulnerabilities, threats and risks, and secure and protect applications and systems within an organization. Training Purpose: Skill Development Specialty Areas: (Protect and Defend, Operate and Maintain, Securely Provision) Vulnerability Assessment and Management, Systems Analysis, Cyber Defense Analysis Training Proficiency Area: Level 2 - Intermediate Capture Date: 2018

+ Course Modules/Units

CySA Course Introduction

Reconnaissance

Port Scanning for Active Reconnaissance

Environmental Reconnaissance Tools

Social Engineering for Reconnaissance

Network Mapping for Active Reconnaissance

Syslog

Reviewing Alerts/Detecting Attack Phases

Common Tasks in Environmental Reconnaissance

Environmental Reconnaisannce Variables

Basic Packet Analysis

Methods of Network Traffic Analysis

Network Traffic Analysis

Netflows

Working with Netflows

Netflow Tools

Examining Log Files

Data Correlation and Analytics

Analyzing Device Data

SIEM

DEMO: Wireshark Packet Analyzer

Hardening Network Devices

Network Segmentation and Design

Honeypot

Endpoint Security

Windows Group Policy

Access Control Models

Remote Authentication - Radius and Tacacs+

Hardening Host and Networked Systems

Compensating Controls

Corporate Penetration Testing

Reverse Engineering Purpose and Practice

Team Training and Exercises

Risk Evaluation and Security Controls

Vulnerability Assessment Introduction

Vulnerability Management Requirements

Vulnerability Scanner Configuration

Vulnerability Assessment Tools

Scanning and Enumeration with Nmap

Intro to Vulnerability Scanning with Nessus

Vulnerability Remediation

Scanning and Report Viewing with OpenVAS

Endpoint and Protocol Analysis

Logging Strategies and Sources

Reviewing, Analyzing and Correlating Logs

Network Vulnerabilities

System Vulnerabilities

Web Application Vulnerabilities

Wireless Network Vulnerabilities

Virtual Infrastructure Vulnerabilities

Threats to Mobile Devices

ICS and SCADA Systems Security

Malware and Social Engineering Threats

Preparing for Impact Analysis

Forensics Kit and Incident Response

Forensic Investigation Suite

Setting Up an Analysis Environment

Communication During Incident Response

Common Symptoms of Host Infection

Incident Response and Recovery Part 1 of 2

Incident Response and Recovery Part 2 of 2

Regulatory Compliance and Frameworks

Control Selection Tailoring and Implementation

Verification and Quality Control

Procedures Supporting Policy

Enterprise Network Authentication Part 1 of 2

Enterprise Network Authentication Part 2 of 2

Cross-site Scripting and Other Exploits

Privilege Escalation Exploit

Technical Processes and Controls

Software Development Models and SDLC

Code Review and Testing

Secure Coding Best Practice Resources

Preventative Cyber Tools

Collective Cyber Tools

Analytical Cyber Tools

Exploit Cyber Tools

Forensics Cyber Tools

CySA Prep Practice Quiz

CompTIA Network+ N10-007 18 Hours

Skill Level: Basic

+ Description
	This Network+ prep course is a self-study resource designed to help students prepare to sit for the CompTIA Network+ 10-N007 certification exam. The Network+ certification is focused on IT infrastructure and networking concepts for junior to mid-level IT professionals in the cyber workforce. Topics covered include network operations, security, troubleshooting and tools, and well as infrastructure support. Learning Objectives: Design and implement a functional network Configure, manage and maintain network security, standards and protocols Troubleshoot network issues Create and support virtualized networks NICCS Specialty Areas: Operate and Maintain Network Services System Administration Customer Service and Technical Support Training Purpose: Skill Development Training Proficiency Area: Level 1- Basic

+ Course Modules/Units

Net+N100-007 Introduction

Ports and Protocols Part 1 of 2

Ports and Protocols Part 2 of 2

OSI Layers

Properties of Network Traffic

VLANs and VTP

Routers and Routing Protocols

Routing Tables and Types

IP Addressing – IPv6

Traffic Filtering and Port Mirroring

Network Performance Optimization

IP Addressing Components

Subnetting

Network Topologies

Technologies that Facilitate IOT

Wireless Standards Part 1 of 2

Wireless Standards Part 2 of 2

DEMO: Wireless Architecture

Introduction to Cloud Computing

Cloud Security

DNS Service

Dynamic Host Configuration Protocol (DHCP)

Ethernet Standards

Cables and Wires

Cable Termination and Fiber Optic

DEMO: Cables and Connectors

Firewall Implementations

Network Components – Hubs and Switches

DEMO: Contrasting Hubs, Switches,VLANS

Router Setup and MAC Filtering

Installing and Configuring Wireless Networks

SOHO Network

Telephony, VoIP

Network Security Appliances IDS

Advanced Security Devices

Virtual Environments

Network Storage Connection Types

Network Storage and Jumbo Frames

Wide Area Network Technologies

Configuration Management Documentation

Business Continuity and Disaster Recovery

Fault Tolerance and Availability Concepts

Maintainability: MTTR and MTBF

Security Device and Technology Placement

DEMO: Introduction to SNMP

Network Access Security

Remote Access Methods

Operations Policies and Best Practices

Mobile Device Deployment Models

Physical Security Devices

Authentication Services

PKI Public Key Infrastructure

Examples of PKI Use

Network Access Control

Wireless Encryption and Authentication

DoS and MITM Attacks

Wireless Threats and Mitigation

Understanding Insider Threat

DEMO: Malware and Social Engineering Threats

Hardening Network Devices

Switch Loop Protocol

Network Segmentation and Design

Honeypot

Corporate Penetration Testing

Network Troubleshooting Methodology

Hardware Tools for Connectivity Issues

Software Tools for Connectivity Issues

DEMO: NSlookup Dig Google Toolbox

Physical Connectivity Problems

Cable Troubleshooting

Wireless Troubleshooting

Troubleshooting Routers and Switches

Technologies that Facilitate IOT

Network+ N10-007 Exam

CompTIA Security+ (SY0-501) Certification Prep 17.5 Hours

Skill Level: Basic

+ Description
	The CompTIA Security+ (SY0-501) Certification Prep is a self-study resource to help candidates prepare for the Security+ (SY0-501) certification exam. The topics covered are categorized into the six domain areas of the SY0-501 exam objectives: Threats and Vulnerabilities, Technology and Tools, Architecture and Design, Identity and Access Management, Risk Management, and Cryptography. Learning Objectives: Supplemental preparation for the CompTIA Security+ SY0-501 Certification Exam List common cyber threats and how scanning and assessment tools and techniques identify potential vulnerabilities Explain how various tools and technologies are configured or deployed to support an organization's security posture Detail risk management best practices and mitigation strategies NICCS Specialty Areas: Systems Analysis (Operate and Maintain) Systems Administration (Operate and Maintain) Network Services (Operate and Maintain) Vulnerability Assessment and Management (Protect and Defend) Training Purpose Skill Development Training Proficiency Area Level 1- Basic

+ Course Modules/Units

Security+ (SY0-501) Course Introduction

Malware: Viruses

Malware: Rootkits, Trojans, Botnets

MITM, DoS, Packet Flooding and Other Attacks

Backdoor, Spoofing, Replay and Other Attacks

Password, Birthday, Crypto and Application Attacks

Social Engineering Techniques

Wireless Attacks

Application Attacks

Threat Actors

Assessment Tools and Techniques

Active and Passive Reconnaissance

Security Testing and Assessment

Firewall Implementations

Proxy Server Implementations

Hubs and Switches

Routers and Routing Protocols

Remote Access and VPNs Part 1 of 2

Remote Access and VPNs Part 2 of 2

Network Intrusion Detection Systems

Host-Based Intrusion Detection Systems

Password Cracking Categories and Tools

Password Cracking Techniques

DEMO: Local Information Gathering Tools

DEMO: Network Connectivity Testing Tools

DEMO: Remote Information Gathering Tools

Mobile Device Security

Mobile Device Deployment

Network Security Protocols

Network Services and Protocols

Frameworks and Reference Architectures

Network Zones

Demilitarized Zones (DMZ) Implementations

Security Device and Technology Placement

Host Security: OS Hardening and Firewalls

Host Security: Anti Virus, Malware and Spam

Host Security: Pop Ups and Patch Management

Secure Static Environment

Secure Staging Deployment Concepts

Cloud and Virtualization Concepts

Cloud Architectures

Host Security: Virtualization

Resiliency and Automation to Reduce Risk

Physical Security and Environmental Controls

Access Control Categories

Authentication Services

Access Control Models

Authentication and Authorization Concepts

Biometric Authentication

Account Management

Identity Management

Security Awareness and Training

Risk and Related Concepts

Risk and Asset Identification

Threat and Risk Calculation

Risk Control Types

Security Control Types and Categories

Basic Forensics Procedures

Incident Handling and Forensics

Incident Response Preparation

Risk Management: Business Continuity

Risk Management: Redundancy and Fault Tolerance

Risk Management: Disaster Recovery

Risk Mitigation Strategies

Data Security

Data Destruction and Disposal Methods

Data Sensitivity and Handling

Mitigation and Deterrence: Logging

Mitigation and Deterrence: Hardening

Mitigation and Deterrence: Network Security

Mitigation and Deterrence: Attack Countermeasures

Cryptography Part 1 of 2

Cryptography Part 2 of 2

Wireless Security Evolution

Wireless Security Best Practices

Cryptographic Keys and PKI

Security+ (SY0-501) Certification Prep Exam

Demilitarized Zone (DMZ) with IDS/IPS 9 Hours

Skill Level: Intermediate

+ Description
	This course introduces the concept of a network Demilitarized Zone (DMZ) and the security benefits it can provide. Best practices for designing and implementing a DMZ is followed with a section on IDS and IPS systems that includes an in-depth look at SNORT for network monitoring. The course concludes with log analysis and management best practices. Training Purpose: Skill development Specialty Area: Computer Network Defense Infrastructure Support, Network Services, Systems Security Analysis, System Administration Training Proficiency Area: Level 2 - Intermediate Capture Date: 2013

+ Course Modules/Units

Demilitarized Zone (DMZ) Introduction

DMZ Architecture

DMZ Components: Firewalls Part 1 of 2

DMZ Components: Firewalls Part 2 of 2

Setting up a DMZ using IPTables Demo

DMZ Components: IDS

DMZ Components: IDS/IPS Placement

DMZ Components: Proxy Servers

DMZ Components: Network Servers

DMZ Architectures

Attacking the DMZ Part 1 of 2

Attacking the DMZ Part 2 of 2

DMZ Attack Types Part 1 of 2

DMZ Attack Types Part 2 of 2

DMZ: Open Source vs Commercial Implementations

DMZ: Software Subscription Services

Open Source DMZ Tools Part 1 of 2

Open Source DMZ Tools Part 2 of 2

Proxy Concepts

DNS Concepts

Web Server Concepts

E-mail Relay and VPN Concepts

DMZ and Commercial Software - Part 1

DMZ and Commercial Software - Part 2

Security Capabilities in a DMZ

Security Capabilities in Procmail Demo

Network Security Appliances IDS

Snort Intro and Overview

Using BASE w Snort DB

Snort Demo

Log Mgmt and Analysis Concepts

SYSLOG Basics

Using Swatch Overview

Log Management Best Practices

Proxy and DNS Log File Concepts

Analyzing Proxy and DNS Log Files

DMZ with IDS/IPS Course Quiz

DNSSEC Training Workshop 2 Hours

Skill Level: Advanced

+ Description
	This course covers the basics of DNSSEC, how it integrates into the existing global DNS and provides a step-by-step process to deploying DNSSEC on existing DNS zones. Training Purpose: Skill development Specialty Areas: Enterprise Architecture, Network Services, System Administration Training Proficiency Area: Level 3 - Advanced Capture Date: 2015

+ Course Modules/Units

DNSSEC Introduction

DNS Resolution Steps

DNS Vulnerabilities and Security Controls

DNSSEC Mechanisms

DNS Resource Records (RR)

Special DNS Resource Records

DNS Zone Signing

Secure DNS Zone Configuration-DNSSEC Key Generation

Prepare the DNS Zone File for Signing

Signing the DNS Zone file

Publishing a signed zone

Testing a signed zone

Testing a signed zone through a validator

DNSSEC Chain of Trust

Setting Up A Secure Resolver

Adding a trusted key

Securing the last hop

ZSK Rollover

Using pre-published keys

KSK Rollover

Conclusions

Emerging Cyber Security Threats 12 Hours

Skill Level: Intermediate

+ Description
	This course covers a broad range of cyber security elements that pose threats to information security posture. The various threats are covered in detail, followed by mitigation strategies and best practices. This course will cover what policy is, the role it plays in cyber security, how it is implemented, and cyber security laws, standards, and initiatives. Topics include cyber security policy, knowing your enemy, mobile device security, cloud computing security, Radio Frequency Identification (RFID) security, LAN security using switch features, securing the network perimeter, securing infrastructure devices, security and DNS and IPv6 security. Video demonstrations are included to reinforce concepts. Training Purpose: Skill Development Specialty Areas: System Administration, Technology Demonstration, Vulnerability Assessment and Management, Strategic Planning and Policy Development, Cyber Threat Analysis Training Proficiency Area: Level 2 - Intermediate Capture Date: 2010

+ Course Modules/Units

Introduction to Cybersecurity Policy

Types of Security Policy

Policy Education and Implementation

Cybersecurity Laws

Proposed Legislation

NIST Cybersecurity Standards

Other Cybersecurity Standards

Comprehensive National Cybersecurity Initiatives (CNCI)

Other Federal Cybersecurity Initiatives

Implementing Cybersecurity Initiatives

SPAM

Malware Trends

Botnets

Monetization

Cyber Attack Profiles

Cyber Crime

Cyberwarfare

Cyber Attack Attribution

Cyber Threat Mitigation

Mobile Device Trends

Mobile Device Threats

Mobile Device Countermeasures

Exploited Threats

What is Cloud Computing?

Technical Risks

Operational Risks

Risk Mitigation Strategies

DISA Cloud Solutions

RFID Introduction

RFID Threats

RFID Countermeasures

Exploited Threats

Introduction and MAC Address Monitoring

MAC Address Spoofing

Managing Traffic Flows

VLANs and Security

802.1x Port Authentication

Network Admission Control

Securing STP

Securing VLANs and VTP

Introduction and Edge Security Traffic Design

Blocking DoS and DDoS Traffic

Specialized Access Control Lists

Routers with Firewalls

Beyond Firewalls: Inspecting Layer 4 and Above

Securing Routing Protocols and Traffic Prioritization

Securing Against Single Point of Failures

Physical and Operating System Security

Management Traffic Security

Device Service Hardening

Securing Management Services

Device Access Hardening

Device Access Privileges

Name Resolution Introduction

Name Resolution and Security

DNS Cache

DNS Security Standards and TSIG

DNSSEC

Migrating to DNSSEC

Issues with Implementing DNSSEC 1

Issues with Implementing DNSSEC 2

IPv6 Concepts

IPv6 Threats

IPv6 Network Reconnaissance

DEMO: IPv6 Network Reconnaissance

IPv6 Network Recon Mitigation Strategies

IPv6 Network Mapping

DEMO: IPv6 Network Mapping

IPv6 Network Mapping Mitigation Strategies

IPv6 Neighbor Discovery

DEMO: IPv6 Address Assignment

IPv6 Attacks

DEMO: IPv6 Alive Hosts

DEMO: IPv6 Duplicate Address Detection (DAD)

DEMO: IPv6 DAD Denial of Services (DOS)

DEMO: IPv6 Fake Router Advertisement

DEMO: IPv6 Man-in-the-middle

IPv6 Attack Mitigation Strategies

IPv6 Tunneling

IPv6 Windows Teredo Tunneling

IPv6 Tunneling Mitigation Strategies

IPv6 Best Practices

Introduction to Windows Scripting 4 Hours

Skill Level: Basic

+ Description
	This course focusses on writing scripts for the Microsoft Windows operating system. It covers fundamentals and syntax for automating administrative and security monitoring tasks. The course will present the basics of Windows BATCH scripting syntax and structure, along with several Windows command line utilities to harness the powerful capabilities built into Windows. Training Purpose: Functional Development Specialty Areas: Network Services, System Administration, Systems Security Analysis Training Proficiency Area: Level 1 - Basic Capture Date: 2015

+ Course Modules/Units

Scripting Basics Overview

Windows BATCH Scripting Basics

Windows BATCH Scripting_Variables

Windows BATCH Scripting_Loops

Windows BATCH Scripting_Functions

Windows Script Error Handling and Troubleshooting

Windows Script Best Practices and Examples

Windows Scripting Demo

Scripting for Penetration Testing

Windows Scripting Utilities_xcopy

Windows Scripting Utilities_findstr

Windows Scripting Utilities_net Commands

xcopy Examples Demo

WMI and WMIC

PowerShell Commands

PSExec

Windows Management Instrumentation Demo

Intro to Windows BATCH Quiz

IPv6 Security Essentials Course 5 Hours

Skill Level: Advanced

+ Description
	This Internet Protocol version 6 (IPv6) Security Essentials course begins with a primer of IPv6 addressing and its current deployment state, discusses Internet Control Manager Protocol version 6 (ICMPv6), Dynamic Host Configuration Protocol version 6 (DHCPv6), and Domain Name System version 6 (DNSv6), and concludes with IPv6 Transition Mechanisms, security concerns and management strategies. This course includes several reinforcing video demonstrations, as well as a final knowledge assessment. Training Purpose: Skill development Specialty Area(s): Enterprise Architecture, Network Services, System Administration, Computer Network Defense Infrastructure Support, Systems Security Analysis Training Proficiency Level: Level 3 - Advanced Capture Date: 2015

+ Course Modules/Units

IPv6 Introduction

IPv6 Adoption

DEMO: IPv6 Network Reconnaissance

IPv6 Addressing Part 1 of 2

IPv6 Addressing Part 2 of 2

IPv6 Packet Header

DEMO: IPv6 Header Analysis

ICMPv6

IPv6 Address Assignment

DEMO: IPv6 Address Assignment

IPv6 Web Browsing

IPv6 Transition Mechanisms Part 1 of 2

IPv6 Transition Mechanisms Part 2 of 2

DEMO: IPv6 Tunneling

IPv6 Security Concerns

DEMO: IPv6 Network Mapping

IPv6 Security Mitigation Strategies

DEMO: IPv6 Network Monitoring Tools

IPv6 Ready

IPv6 Security Essentials Key Takeaways

DEMO: IPv4 and IPv6 Subnetting

DEMO: IPv6 Addressing on Router Interfaces

DEMO: Setting up RIP for IPv6

DEMO: Configuring OSPFv3

DEMO: IPv6 Alive Hosts

DEMO: IPv6 Duplicate Address Detection (DAD)

DEMO: IPv6 DAD Denial of Services (DOS)

DEMO: IPv6 Fake Router Advertisement

DEMO: IPv6 Man-in-the-middle

IPv6 Security Essentials Quiz

ISACA Certified Information Security Manager (CISM) Prep 11 Hours

Skill Level: Intermediate

+ Description
	The ISACA Certified Information Security Manager (CISM) certification prep self-study resource helps prepare candidates to sit for the management-focused CISM exam, and strengthens students information security management expertise through in-depth lecture topics, reinforcing demonstrations, and practice exam. The course includes concepts from the four job practice areas of the 2017 CISM certification: Information Security Governance, Information Risk Management and Compliance, Information Security Program Development and Management, and Information Security Incident Management. Learning Objectives: Explain how information security governance and supporting processes are used to align security strategy with organizational goals and objectives. Detail strategies to manage risk to an acceptable level in support of organization goals and objectives. Describe the information security program's role in the organization's security posture by managing and protecting assets while supporting goals. Detail means to minimize the impact to operations in the event of a security incident through establishing detection, response and recovery capabilities. Training Purpose: Skill Development NICCS Specialty Areas: Cybersecurity Management (Oversee and Govern) Systems Analysis (Operate and Maintain) Program/Project Management and Acquisition (Oversee and Govern) Vulnerability Assessment and Management (Protect and Defend) Training Proficiency Area: Level 2- Intermediate

+ Course Modules/Units

CISM Course Introduction

IS Governance Domain Overview

Information Security (IS) Management

Importance of IS Governance Part 1 of 2

Importance of IS Governance Part 2 of 2

IS Management Metrics

ISM Strategy Part 1 of 2

ISM Strategy Part 2 of 2

Elements of IS Strategy

IS Action Plan for Strategy

DEMO: Key Goal, Risk, Performance Indicator

Risk Management Overview and Concepts

Risk Management Implementation

Risk Assessment: Models and Analysis

DEMO: Calculating Total Cost of Ownership

DEMO: Recovery Time Objective (RTO)

Compliance Enforcement

Risk Analysis: Threat Analysis

IS Controls and Countermeasures

Other Risk Management Considerations Part 1 of 2

Other Risk Management Considerations Part 2 of 2

DEMO: Cost Benefit Analysis

Information Security Program Development

Information Security Program Management

Outcomes of Effective Management

IS Security Program Development Concepts

Scope and Charter of IS Program Development

IS Management Framework

IS Framework Components

IS Program Roadmap

Organizational Roles and Responsibilities

Information Security Manager Responsibilities

Other Roles and Responsibilities in IS

Information Security Program Resources

IS Personnel Roles and Responsibilities

IS Program Implementation Part 1 of 2

IS Program Implementation Part 2 of 2

Implementing IS Security Management Part 1 of 2

Implementing IS Security Management Part 2 of 2

Measuring IS Management Performance

Common Challenges to IS Management

Determining the State of IS Management

Incident Management and Response

Incident Management Part 1 of 2

Incident Management Part 2 of 2

IMT IRT Members

Incident Response Planning Part 1 of 2

Incident Response Planning Part 2 of 2

DEMO: Phishing Emails

DEMO: Incident Management Workflow

Recovery Planning Part 1 of 2

Recovery Planning Part 2 of 2

DEMO: RTIR Incident Response Tool Part 1 of 2

DEMO: RTIR Incident Response Tool Part 2 of 2

CISM Practice Exam

(ISC)2 (TM) CISSP Concentration: ISSEP Prep 7 Hours

Skill Level: Advanced

+ Description
	The Information Systems Security Engineering Professional (ISSEP) is a CISSP concentration focused on applying security and systems engineering principles into business functions. This self-study prep course is designed to help students prepare to sit for the specialized (ISSEP) certification exam. The topics in the course cover the five domain areas of the CISSP-ISSEP. Learning Objectives: Incorporate security into business processes and information systems Demonstrate subject matter expertise in security engineering Apply engineering principles into business functions NICCS Specialty Areas: Collect and Operation Cyber Operation Planning Operate and Maintain Systems Analysis Oversee and Govern Cybersecurity Management Training Purpose Skill Development Training Proficiency Area Level 3 - Advanced

+ Course Modules/Units

ISSEP Course Introduction

ISSE Responsibilities and Principles

ISSE and IATF

Security Design Principles

Elements of Defense in Depth

RMF Characteristics

Maintaining Operational Resilience

Risk Management Overview

Assessing Risk Part 1 of 2

Assessing Risk Part 2 of 2

Determining Risks

Categorizing Information Systems

Stakeholder Roles and Responsibilities

Requirements Analysis

Using Common and Tailored Controls

Assessing Security Controls

Implementing Security Controls

Authorizing Information Systems

Systems Verification and Validation

Monitor, Manage, and Decommissioning

Defense Acquisition System Overview

Acquisitions Process

System Development Process Models

Project Processes

Project Management

ISSEP Practice Exam

(ISC)2 (TM) Systems Security Certified Practitioner 16 Hours Prep 2015

Skill Level: Basic

+ Description
	The Systems Security Certified Practitioner (SSCP) certification prep course is a self-study resource for those preparing to take the (ISC)2 SSCP certification exam as well as those looking to increase their understanding of information security concepts and techniques. The certification is described as being ideal for those working toward positions such as network security engineers, security systems analysts, or security administrators. This course, complete with a 100-question practice exam and video demonstrations, was developed based on the seven SSCP domains prior to the April 15, 2015 (ISC)2™ domain update. A new, updated course is currently in development. Training Purpose: Skill development Specialty Area(s): Systems Security Analysis, Computer Network Defense, Vulnerability Assessment and Management, Network Services Training Proficiency Area: Level 1 - Basic Capture Date: 2015

+ Course Modules/Units

SSCP Introduction

Access Control Terms and Categories

Access Control Types

Access Control Administration

Security Models

System Permissions

Identification and Authentication Methods

Biometrics

Auditing and Threats

Attribute based Access Control

Device Authentication

Trust Architectures

Identity Management Lifecycle

Introduction to Cloud Computing

Cloud Computing Implementations

Cloud Computing Security Issues Part 1 of 2

Cloud Computing Security Issues Part 2 of 2

Big Data

Big Data with Hadoop Demo

NoSQL with MongoDB Demo

Virtual Environments

Access Controls Domain Knowledge Check

Security Operations

Data Classification and Administration

System Development and Change Cycle

Certification and Accreditation

Change Control and Patch Management

End Point Security

Securing People and Devices

Security Awareness and Training

(ISC)2 Code of Ethics

Asset Management

Assessing Physical Security

Physical Security Defenses

Security Ops and Admin Knowledge Check

Monitoring and Analysis

Monitoring Employees

Log Management

Integrity Checking

Testing and Analysis

Auditing

Communicate Findings

Continuous Monitoring and CAESARS

Introduction to Continuous Monitoring

Incident Handling, Response and Recovery

Incident Handling Knowledge Areas Part 1 of 2

Incident Handling Knowledge Areas Part 2 of 2

Incident Handling Response

Incident Handling Countermeasures

OpenVAS Demo

Monitoring and Analysis Knowledge Check

Risk Management

Risk Assessment

Security Testing

Incident Handling

Forensics

Volatility Framework

Business Continuity Planning

Business Impact Analysis

Backup and Recovery Strategies

Redundancy and Storage

Risk and Response Knowledge Check

Cryptography Terms

Requirements for Cryptography Part 1 of 2

Requirements for Cryptography Part 2 of 2

Steganography

Hashes, Parity and Checksum

Secure Protocols and Cryptographic Methods

Symmetric Cryptosystems

Symmetric and Asymmetric Cryptosystems

Public Key Infrastructure (PKI)

Key Management

Web of Trust

Secure Protocols

Cryptography Knowledge Check

Network Topology

Transmission Media

Crosstalk and Interference

Network Devices: NIC, Hub, Switches

Network Devices: Routers, Firewalls, IDS

OSI and TCP/IP Models

IP Addressing

NAT and Subnetting

TCP, UDP and Common Protocols

ARP, DHCP, ICMP

Wireshark Protocol Analysis

Routers and Routing Protocols

Network Services

Network Security Protocols

VoIP

VoIP Call Traffic Demo

WANs

Remote Access

Securing SSH

Wireless Technology

Network Reliability

Firewalls and Proxies

Wireless Attacks and Countermeasures

Common Attacks and Countermeasures

Network Access Control

Wiring Closets

Mobile Device Physical Security

Network Segmentation

Traffic Shaping

Wireless Security

Networks and Comm Knowledge Check

Malicious Code

Virus Lifecycle and Characteristics

Botnets: DoS, Packet Flood Attacks

Botnets: Rootkits and Malware

Malicious Activity

Social Engineering Sources and Anatomy of Attack

Malicious Activity Countermeasures

SE and Insider Threat Countermeasures

Infected System Response and Remediation

Reverse Engineering

Malicious Code Activity Knowledge Check

SSCP Course Practice Exam

(ISC)2(TM) Systems Security Certified Practitioner 12 Hours

Skill Level: Basic

+ Description
	The (ISC)2 Systems Security Certified Practitioner (SSCP) certification self-study prep course is a resource for individuals preparing for the SSCP certification exam, helping to demonstrate their advanced technical skills and knowledge required to implement and administer infrastructure using security best practices, policies, and procedures. Learning Objectives: Demonstrate knowledge of security operations and administration Implement risk monitoring, analysis, and mitigation strategies Develop and implement incident response and recovery plans NICCS Specialty Areas: Operate and Maintain Systems Analysis Systems Administration Securely Provision Systems Requirements Planning Training Purpose: Skill Development Training Proficiency Area: Level 1 - Basic

+ Course Modules/Units

SSCP Introduction

Authentication Methods

Single Sign-On and Federated Access

Attribute Based Access Control

Device Authentication

Trust Architectures

Identity Management Lifecycle

Implementing Access Controls

(ISC)2 Code of Ethics

Security Concepts and Controls

Asset Management

Security Control Implementation

Assessing Physical Security

Physical Security Defenses

Administrative Controls

Auditing

System Development and Change Cycle

Change Control and Patch Management

Security Awareness and Training

Risk Management

Risk and Security Assessment

Security Testing and Assessment

Monitoring and Analysis

Monitoring Employees

Log Management

Integrity Checking

Testing and Analysis

Auditing Methodologies

Communicate Findings

Continuous Monitoring and CAESARS

Introduction to Continuous Monitoring

Incident Handling, Response and Recovery

Incident Handling Knowledge Areas Part 1 of 2

Incident Handling Knowledge Areas Part 2 of 2

Incident Handling Response

Incident Handling Countermeasures

DEMO: OpenVAS

Forensics

Business Continuity Planning

Business Impact Analysis

Backup and Recovery Strategies

Redundancy and Storage

Cryptography Terms

Requirements for Cryptography Part 1 of 2

Requirements for Cryptography Part 2 of 2

Steganography

Hashes, Parity and Checksum

Secure Protocols and Cryptographic Methods

Symmetric Cryptosystems

Symmetric and Asymmetric Cryptosystems

Public Key Infrastructure (PKI)

Key Management

Web of Trust

Secure Protocols

OSI and TCP/IP Models

Network Topology

Transmission Media

TCP, UDP and Common Protocols

ARP, DHCP and ICMP

Routers and Routing Protocols

Network Security Protocols

SSCP Exam

LAN Security Using Switch Features 2 Hours

Skill Level: Intermediate

+ Description
	In this course, students learn different methods of how to secure Local Area Networks (LANs) at the connectivity level. Topics include: monitoring media access control (MAC) addresses and port security, limiting MAC & IP spoofing, controlling traffic flows, implementing and enhancing security in virtual local area netorks (VLANs), enabling authentication on connection points, and determining host security health. Examples are used throughout to reinforce concepts Training Purpose: Skill Development Specialty Areas: System Administration, Systems Security Analysis, Vulnerability Assessment and Management, Cyber Threat Analysis Training Proficiency Area: Level 2 - Intermediate Capture Date: 2010

+ Course Modules/Units

Introduction and MAC Address Monitoring

MAC Address Spoofing

Managing Traffic Flows

VLANs and Security

802.1x Port Authentication

Network Admission Control

Securing STP

Securing VLANs and VTP

Linux Operating System Security 9 Hours

Skill Level: Advanced

+ Description
	This course introduces students to the security features and tools available in Linux as well as the considerations, advantages, and disadvantages of using those features. The class will be based on Red Hat Linux and is designed for IT and security managers, and system administrators who want to increase their knowledge on configuring and hardening Linux from a security perspective. Training Purpose: Skill Development Specialty Areas: Vulnerability Assessment and Management, Systems Security Analysis, System Administration Training Proficiency Area: Level 3 - Advanced Capture Date: 2013

+ Course Modules/Units

Linux OS Security Introduction

Booting Linux

Linux Recovery

Linux Startup Scripts

Linux Startup Processes

Linux Runlevels Demo

Chkconfig_and_Upstart Demo

Linux Processes and Signals

Linux Process Monitoring

PS_and_Netstat Demo

Linux PS and TOP Demo

Working with Linux PIDs

Linux File System Overview

Linux File Security

Linux File Access Controls

File Integrity Demo

Linux Kernel Tuning

Linux Host Access Controls

Linux User and Group Definition

User Management

Linux Privilege Escalation

Sudoers Demo

Linux Authentication Methods

Linux Viruses and Worms

Linux Trojan Horses

Linux Rootkits

Linux Misconfigurations

Linux Software Vulnerabilities

Linux Social Engineering

Linux Automated Installation

Managing Linux Packages

Package Management Tools Demo

Repositories and System Management

Custom Repository Demo

Linux IPv4 and IPv6

Linux Network Configuration

Linux Tunneling

Kernel Tuning Demo

Linux X11 Forwarding

Linux File Sharing

Linux Grand Unified Bootloader (GRUB)

Configuring GRUB Demo

Security Enhanced Linux

Introduction to IPTables

IPTables Rules

IPFilter

Linux Packet Sniffers

Linux NIDS

Linux HIDS

Linux Antivirus

Linux Secure Shell

Linux Log Management

Linux Scripting Basics

BASH Scripting Demo

IF Statements

Pipes and Redirection

Variables and Regular Expressions

Custom Scripting

Linux Hardening

NSA Hardening Guides

National Vulnerability Database (NVD)

Common Vulnerabilities and Exposures (CVE)

Vulnerability Scanning

Linux Operating System Security Quiz

Network Layer 1 & 2 Troubleshooting 3 Hours

Skill Level: Basic

+ Description
	This course reviews troubleshooting methods used in Layer 1 and Layer 2 of the OSI Model. The course covers how to detect, trace, identify, and fix network connectivity issues at the Physical and Data Link layers of the OSI stack. The basics of the Physical and Data Link layers will be covered along with a review of the devices, signaling, and cabling which operate at these layers. Students will be presented with methods for tracing connectivity issues back to the source and identifying mitigation solutions. Training Purpose: Functional Development Specialty Areas: Network Services, System Administration, Customer Service and Technical Support, Systems Security Architecture Training Proficiency Area: Level 1 - Basic Capture Date: 2015

+ Course Modules/Units

Network Layer 1 and 2 Troubleshooting Introduction

OSI Physical Layer 1 Overview

Data Transmission Medium Cables and Connectors

Patch Panels

Fiber Optic Cables

Encoding and Signaling Functions

Network Components

Physical Network Design/Topology

Network Troubleshooting Methodology

Common Layer 1 Issues Part 1 of 2

Common Layer 1 Issues Part 2 of 2

Layer 2 Data Link Layer Components Overview

MAC Addresses/Logical Link Control

Layer 2 Protocols

Physical Network Design/Topology

Network Troubleshooting Methodology Review

Common Layer 2 Issues

Layer 2 Troubleshooting Tools

NW Layer 1 and 2 Troubleshooting exam

Offensive and Defensive Network Operations 13 Hours

Skill Level: Basic

+ Description
	This course focuses on fundamental concepts for offensive and defensive network operations. It covers how offensive and defensive cyber operations are conducted and details U.S. government doctrine for network operations. Topics include network attack planning, methodologies, and tactics and techniques used to plan for, detect, and defend against network attacks. Learning Objectives Apply U.S. government network operations background and doctrine Describe offensive and defensive network operations Determine offensive network operation missions, planning, and exploitation phases and methodologies Derive defensive network operation missions, planning, and methods to detect and defend against network attacks and attackers' methods Training Purpose: Functional Development Specialty Areas: Computer Network Defense Analysis, Cyber Operations Training Proficiency Area: Level 1 - Basic Capture Date: 2015

+ Course Modules/Units

Cyberspace As A Domain

Joint Publication 3-12(R), Cyberspace Operations Overview Part 1 of 3

Joint Publication 3-12(R), Cyberspace Operations Overview Part 2 of 3

Joint Publication 3-12(R), Cyberspace Operations Overview Part 3 of 3

Joint Communications Overview and Information Environment

Joint Force Communication, System Operations, and Management Planning

Legal Considerations for Cyber Operations Part 1 of 2

Legal Considerations for Cyber Operations Part 2 of 2

Adversaries in Cyberspace Part 1 of 3

Adversaries in Cyberspace Part 2 of 3

Adversaries in Cyberspace Part 3 of 3

Offensive Cyber Operations Background

Offensive Cyberspace Operations Definitions

Offensive Cyberspace Operations Planning and Legal Considerations

Offensive Methodologies

Offensive Methodology Planning Examples 1 of 2

Offensive Methodology Planning Examples 2 of 2

Reconnaissance Methodology Overview

Social Engineering for Reconnaissance

Reconn with Automated Correlation Tools and Search Engines Part 1 of 2

Reconn with Automated Correlation Tools and Search Engines Part 2 of 2

Netowrk Mapping for Active Reconnaissance

Port Scanning for Active Reconnaissance

Windows Enumeration Basics

Linux Enumeration Basics

Scanning and Enumerating with Nmap

Exploitation using Direct Exploits and System Misconfiguration

Exploitation with SET Example

Exploitation

Entrenchment

Exploitation Basics

Post-Exploitation

Abuse and Attacks

Defensive Cyberspace Operations (DCO)

DCO Types of Operations

DCO Operational Goals

DCO Best Practices

Defensive Methodology: Understanding the Threat

Defensive Methodology: Tactics

Defensive Methodology: Defense-in-Depth

Incident Management Overview

Incident Management Policies, Plans and Procedures

Incident Management Team Configuration

Incident Response Lifecycle

Defending the Domain

Perimeter and Host Defenses

IDS/IPS Defined Including Advantages and Disadvantages

IDS/IPS Types and Functions

IDS/IPS Location Placements

Intrusion Detection using Snort

Reviewing Alerts and Detecting Attack Phases

Network Traffic Analysis

Methods of Network Traffic Analysis

Wireshark

Log Analysis Methods and Techniques Part 1 of 2

Log Analysis Methods and Techniques Part 2 of 2

Detecting Offensive Operations using Log Analysis

Digital Forensics Overview and Tools

Digital Forensics Methods and Techniques Part 1 of 2

Digital Forensics Methods and Techniques Part 2 of 2

Identifying Phases of Attack Using Digital Forensics

Incident Data: Profile and Analysis

Incident Reporting

Offensive and Defensive Network Operations Exam

Root Cause Analysis 1 hour

Skill Level: Intermediate

+ Description
	This course provides an explanation of root cause analysis for cyber security incidents and an overview of two different root cause analysis models (and approaches used in these models). The course also describes how root cause analysis can benefit other incident management processes (response, prevention, and detection), and details general root cause analysis techniques that can be adopted as methods for analysis of cyber incidents. Training Purpose: Skill Development Specialty Areas: Threat Analysis, Computer Network Defense Analysis, Incident Response Training Proficiency Area: Level 1 - Basic Capture Date: 2016

+ Course Modules/Units

Root Cause Analysis Fundamentals

Root Cause Analysis Methods

Cyber Kill Chain Model for Root Cause Analysis

Sample Incident Cause Analysis Workflow

Root Cause Analysis Course Exam

Radio Frequency Identification (RFID) Security 1 Hour

Skill Level: Intermediate

+ Description
	This course will cover securing radio frequency identification (RFID), different components of RFID, how it works, applications in which it is being used, benefits and weaknesses, and the communication range over which it works will be reviewed. Students will learn specific concerns with RFID, recommendations for RFID, and security issues that have come to light. Training Purpose: Skill Development Specialty Areas: System Security Analysis, Vulnerability Assessment and Management Training Proficiency Area: Level 2 - Intermediate Capture Date: 2010

+ Course Modules/Units

RFID Introduction

RFID Threats

RFID Countermeasures

Exploited Threats

Securing Infrastructure Devices 1 Hour

Skill Level: Intermediate

+ Description
	This course covers physical security, operating system security, management traffic security, device service hardening, securing management services and device access privileges. Training Purpose: Skill Development Specialty Areas: Enterprise Architecture, Network Services, System Administration, Computer Network Defense Infrastructure Support, Systems Security Analysis Training Proficiency Level: Level 2 - Intermediate Capture Date: 2010

+ Course Modules/Units

Physical and Operating System Security

Management Traffic Security

Device Service Hardening

Securing Management Services

Device Access Hardening

Device Access Privileges

Securing the Network Perimeter 1 Hour

Skill Level: Intermediate

+ Description
	This course covers edge security traffic design, blocking Denial of Service / Distributed Denial of Service (DoS/DDoS) traffic, specialized access control lists, routers and firewalls, securing routing protocols, securing traffic prioritization and securing against Single Point of Failure (SPOF). Training Purpose: Skill Development Specialty Areas: Network Services, Computer Network Defense, Incident Response, Digital Forensics, Systems Security Analysis Training Proficiency Area: Level 2 - Intermediate Capture Date: 2010

+ Course Modules/Units

Introduction and Edge Security Traffic Design

Blocking DoS and DDoS Traffic

Specialized Access Control Lists

Routers with Firewalls

Beyond Firewalls: Inspecting Layer 4 and Above

Securing Routing Protocols and Traffic Prioritization

Securing Against Single Point of Failures

Security and DNS 1 Hour

Skill Level: Advanced

+ Description
	This course discusses name resolution principles, name resolution and security, DNS security standards, securing zone transfers with Transaction Signature (TSIG), and DNS Security Extension (DNSSEC) principles, implementation and resources. Training Purpose: Skill Development Specialty Areas: Enterprise Architecture, Network Services, System Administration Training Proficiency Area: Level 3 - Advanced Capture Date: 2010

+ Course Modules/Units

Name Resolution Introduction

Name Resolution and Security

DNS Cache

DNS Security Standards and TSIG

DNSSEC

Migrating to DNSSEC

Issues with Implementing DNSSEC 1

Issues with Implementing DNSSEC 2

Windows Operating System Security 16 Hours

Skill Level: Intermediate

+ Description
	This course introduces students to the security aspects of Microsoft Windows. The class begins with an overview of the Microsoft Windows security model and some of the key components such processes, drivers, the Windows registry, and Windows kernel. An overview of the users and group permission structure used in Windows is presented along with a survey of the attacks commonly seen in Windows environments. Patching, networking, and the built-in security features of Windows such as the firewall, anti-malware, and BitLocker are all covered in light detail. Training Purpose: Skill Development Specialty Area: Vulnerability Assessment and Management, Systems Security Analysis, System Administration Training Proficiency Area: Level 2 - Intermediate Capture Date: 2012

+ Course Modules/Units

Windows OS Security Course Introduction

Windows Security Module Introduction

Windows Architecture Overview

Windows Subsystems Part 1 of 2

Windows Subsystems Part 2 of 2

Windows Security Development Lifecycle

Windows API

Windows Registry

Viewing Windows Registry Demo

Windows Services Part 1 of 2

Windows Services Demo

Windows Services Part 2 of 2

Multi-tasking

Sessions, Windows Stations and Desktops

Programs and Drivers Part 1 of 2

Reviewing Drivers in Windows

Programs and Drivers Part 2 of 2

Updating Widows Drives Demo

Applications, Processes, and Threads

Buffer Overflow Protection

Authenticode Part 1 of 2

Digital Certificate Details Demo

Authenticode Part 2 of 2

Windows Action Center

Windows Users and Groups Introduction

User Account Control

Windows Users and Groups Part 1 of 2

Windows Users and Groups Part 2 of 2

Windows Interactive Logon Process

NTLM Authentication Overview

Kerberos Authentication Overview

Types of Authentication

File Permissions

Dynamic Access Controls

Threats and Vulnerabilities Introduction

OS Vulnerabilities

CVE Details Demo

CVE Samples

Misconfigurations

Password Configuration Options

Password DDOS Demo

Common Misconfigurations

CCE and the NVD Demo

Social Engineering

Viruses and Worms

Impersonation

Microsoft Updates and Patching Process Part 1 of 2

Double Decode

Microsoft Updates and Patching Process Part 2 of 2

Securing the Update Process

Update Process Circumvention

Windows Server Update Service

Internet Explorer Patching

Windows Network Connectivity

Windows Network Profiles

Windows Network Adapter Settings

Windows Wireless Settings

Windows Networking Protocols

Other Windows Protocols

Microsoft VPN Part 1 of 2

Microsoft VPN Part 2 of 2

Microsoft Network Access Protection Part 1 of 2

Microsoft Network Access Protection Part 2 of 2

How to Configure Windows Update Settings Demo

Windows Security Features Introduction

Windows Firewall

Windows Firewall Wizard Demo

Windows Firewall with Advanced Security

Windows Firewall with Advanced Security Demo

Configuring Windows Firewall Demo

Windows Defender

Windows AD and PKI Demo

Windows Active Directory Certificate Services

Windows Group Policy

Windows AppLocker

Configuring And Using App Locker Demo

Windows BitLocker

Configuring And Using Bitlocker Demo

Windows Secure Boot

Windows Security Auditing

Windows Audit Settings and Examples

SCW Introduction

Hardening Windows Introduction

Windows Templates

Microsoft Baseline Security Analyzer

Microsoft Security Configuration Wizard

Microsoft Security Compliance Manager

Hardening with Group Policy

NVD Search Demo

Other Guidelines and Recommendations

Using Windows Mgmt Intstrumentation Demo

Using The Security Config Wizard Demo

PowerShell Introduction

PowerShell Key Commands

PowerShell Demo

Administrative Functions with PowerShell

Computer and Network Management with PowerShell

Basic Scripts in PowerShell

PowerShell Security Settings and Configurations

Using Powershell Demo

Windows OS Security Quiz

Wireless Network Security (WNS) 9 Hours

Skill Level: Intermediate

+ Description
	The purpose of the Wi-Fi Communications and Security course is to teach the technologies of the 802.11 family of wireless networking, including the principles of network connectivity and network security. Training Purpose: Skill Development Speciality Areas: Enterprise Architecture, Network Services, System Administration, Customer Service and Technical Support, Computer Network Defense Infrastructure Support Training Proficiency Area: Level 2 - Intermediate Capture Date: 2013

+ Course Modules/Units

Wi-Fi Communication and Security Intro

How Wi-Fi Became Ubiquitous

Wi-Fi Standards - 802.11b

Wi-Fi Standards - 802.11a

Wi-Fi Standards - 802.11g n and ac

Bluetooth Standards

WiMAX Standards

LTE HSPA EvDO Network Types

Spread Spectrum Technology

802.11 Transmissions and Wireless Channels

802.11 Data Rates

Wireless Network Topologies

Wireless Network Hardware

RF Propagation Principles

Impacts on Signal Radiation

Signal Propagation and Objects

Additional Signal Effects

Measuring Signal Strength

Signal Strength and Antennas

Wireless Coverage and Frequency Reuse

Wireless Network Design Issues

Wireless Modes and Service Sets

Wireless Authentication and Association

Wireless and Roaming 1 of 2

Wireless and Roaming 2 of 2

Enterprise 802.11 Solutions

Key Points of CAPWAP

Advantages of CAPWAP

CAPWAP Demo

802.11 Security Flaws

Fixing 802.11 Security

802.1x Authentication Protocols

Additional Issues with 802.11 Encryption

Additional 802.11 Security Measures

Other Wireless Threats

Wireless Best Practices

Wireless Network Assessment Part 1 of 2

Wireless Network Assessment Part 2 of 2

Wireless Network Security Quiz