101 Courses - Basic level courses
NICE Cybersecurity Workforce Framework Category - Analyze
NICE Cybersecurity Workforce Framework Category - Collect and Operate
NICE Cybersecurity Workforce Framework Category - Investigate
NICE Cybersecurity Workforce Framework Category - Operate and Maintain
NICE Cybersecurity Workforce Framework Category - Oversee and Govern
NICE Cybersecurity Workforce Framework Category - Protect and Defend
NICE Cybersecurity Workforce Framework Category - Securely Provision

The NICE Cybersecurity Workforce Framework can be found at: https://niccs.us-cert.gov/workforce-development/cyber-security-workforce-framework

FedVTE Course Catalog
Limit to NICE Cybersecurity Workforce Framework Category or subject:
101 Courses - Basic level courses Analyze Collect and Operate
Investigate Operate and Maintain Oversee and Govern
Protect and Defend Securely Provision
Show All Courses in All Categories

Expand/Collapse All
Advanced Windows Scripting 6 HoursSkill Level: Basic 
+ Description
 This course focusses on advanced concepts for writing scripts for the Microsoft Windows operating system. The course covers how to string multiple commands together in traditional BATCH scripts as well as leverage Visual Basic Scripting (VBS) to perform more complex tasks, and includes reinforcing video demonstrations and final assessment. Training Purpose: Securely Provision, Operate and Maintain

Specialty Areas: Software Development, Systems Administration, Systems Analysis, Customer Service and Technical Support

Training Proficiency Area: Level 1 - Basic

Capture Date: 2015

+ Course Modules/Units
 
Advanced Windows Scripting Introduction
Windows BATCH Scripting Overview
Windows BATCH Advanced Syntax Part 1 of 2
Windows BATCH Advanced Syntax Part 2 of 2
Windows Scripting Advanced Uses of FOR
Windows Scripting Syntax Tips and Tricks
Windows Scripting CALL and START Demo
Windows Scripting Subroutine Demo
Windows Scripting SET Demo
Windows Scripting PUSHD and POPD Demo
Manipulating In_Outputs
Stringing Multiple Commands Together
FOR Loop Generating List Demo
FOR Loop Recursive Listing Demo
Taking Action Based on Content of Output
Action Based on Content Output Demo
Scripts in Typical Penetration Testing Tasks Part 1 of 2
Scripts in Typical Penetration Testing Tasks Part 2 of 2
Visual Basic Scripting Syntax and Usage
Visual Basic Scripting Merge Demo
VBS Elements_Structure
VBS Elements_Variables, Arguments, and Conditionals
VBS Elements_Loops
VBS Elements_Functions and Operators
VBS Windows Scripting Host
VBS Elements_File I_O
VBS Windows Scripting Demo
VBS Error Handling and Troubleshooting
Visual Basic for Applications
Visual Basic for Application Elements
Visual Basic for Applications Working with Applications
VBA Working with Applications Demo
VBA Error Handling and Troubleshooting
VBA Error Handling and Troubleshooting Demo
Advanced Windows Scripting Quiz
Analysis Pipeline 6 HoursSkill Level: Intermediate  
+ Description
 This course is designed for network flow data analysts who use or are considering using Analysis Pipeline (http://tools.netsa.cert.org/analysis-pipeline5/index.html). The course aims to help the student better understand how to incorporate streaming network flow analysis into their toolkit for identifying and alerting on events of interest. The focus will be on applying Analysis Pipeline to operational use cases

Training Purpose - Protect and Defend, Collect and Operate, Operate and Maintain

Specialty Areas - Network Services, Cyber Operations, Cyber Defense Analysis

Training Proficiency Area: Level 2 - Intermediate

+ Course Modules/Units
 
Introduction
Configuration Files
Running Pipeline
Logical Schematics
Pipeline and Timing and State
Alerts
Configuration File Basics
Filters
Filters (Exercises and Solutions)
Evaluations
Evaluations (Exercises and Solutions)
Statistics
Internal Filters
List Configurations
Configuration File Basics (Exercises and Solutions)
Threshold Examples
Special Evaluations
Building an Analytic
Server Profiling Analytic
Host Discovery Analytic
Advanced Configurations
NTP Anomalies
Unknown SSH Brute Force
Choose Your Own Adventure
ICMP Surveying: Thinking it Through
ICMP Surveying: Building it Out
DDoS Detection: Thinking it Through
DDoS Detection: Building it Out
SSH Compromise: Thinking it Through
SSH Compromise: Building it Out
Analysis Pipeline 5
EC-Council Certified Ethical Hacker (CEHv9) Self-Study Prep 31 HoursSkill Level: Advanced  
+ Description
 

The CEHv9 certification prep self-study course helps prepare students to sit for the EC-Council Certified Ethical Hacker version 9 certification exam. This course contains materials to aid the student in broadening their knowledge of advanced network assessment techniques including enumeration, scanning and reconnaissance. Updates to v9 from v8 include several new tools and new module on cloud considerations. Topics include reconnaissance, hacking laws, web application hacking, social engineering, packet capture, and scanning. The course then moves on to exploitation of several types of threats and how to cover your tracks, concluding with a practice exam.

Learning Objectives

  • Review of the domains and published objectives of the CEHv9
  • Supplemental resource for preparation for the EC-Council CEHv9 certification exam

Training Purpose: Operate and Maintain, Protect and Defend, Analyze

Specialty Areas: Systems Analysis, Cyber Defense Infrastructure Support, Vulnerability Assessment and Management, Threat Analysis

Training Proficiency Area: Level 3 - Advanced

Capture Date: 2016

+ Course Modules/Units
 
Certified Ethical Hacker v9 Intro
Ethical Hacking Intro and Security Reports
Security Reports Statistics
Ethical Hacking Terminology
IR in Ethical Hacking
Laws and Regulations
Ethical Hacking and Threats
Types of Attacks and Attack Vectors
Hacking Phases and Vul Research
Reconnaissance
Passive Footprinting
DEMO: WHOIS with BackTrack
Passive WHOIS Queries
Google Hacking
Active Footprinting
DEMO: Nslookup Example
Active Footprinting Cont
DEMO: Active Footprinting with Traceroute
Network Mapping and Web Mirroring
Active Footprinting Countermeasures
Scanning Essentials
Scanning Essentials Continued
Port Scanning
Vulnerability Scanning
DEMO: Banner Grabbing with Telnet
Covert Scanning
DEMO: Scanning with Nmap Demo
Additional Covert Scanning
Enumeration Overview Part 1 of 2
Enumeration Overview Part 2 of 2
Enumeration Tools
Operating System Account Enumeration
Protocol Enumeration
DEMO: NetStat Enumeration and Countermeasures
Authentication Techniques
Microsoft Authentication
Password Cracking
Password Cracking Techniques
Privilege Escalation
DEMO: Rainbow Table Lookup Sites
Keyloggers
Spyware and Activity Monitoring
Packet Sniffing Attacks
Rootkits
Covert Hacking
Covering Tracks
Virus Examples and Symptoms
Virus Classifications and Characteristics
Virus Types and Terminology
Virus Making Tools
Famous Worms
Trojan Terminology and Techniques
Trojans and Backdoors
DEMO: Shell Connections via Netcat and BackTrack
Trojan Analysis
DEMO: Trojans and Rootkits
Malware Countermeasures and Tools
DEMO: Strings Analysis
Other Malicious Code Types
Sniffers Terminology and Overview
Network Overview for Sniffer Placement
Basic Packet Analysis
DEMO: Viewing ARP Packets with Packet Builder
Attacks and Protocols Vulnerable to Sniffing
Spoofing and Flooding Sniffing Attacks
MITM Attacks Ports Vul to Sniffing
Wireshark Overview and Examples
Evasion in Network Sniffing
Sniffing Countermeasures and Tools
DEMO: Hping3
DEMO: Wireshark
Social Engineering Background and Examples
Human-based Social Engineering
Additional Human-based SE
Computer Based Social Engineering
Computer-Based SE - Social Networking
Mobile-based Social Engineering
SE and Identity Theft Countermeasures
DEMO: Social Engineering Toolkit Demo
Denial of Service Part 1 of 2
Denial of Service Part 2 of 2
Categories of Denial of Service
DEMO: HW and Mobile DoS Options
Buffer Overflow Terminology and Background
DEMO: Stack Overflow Testing wil OllyDbg
Session Hijacking Overview and Examples
Cross Site Scripting and Other Session Attacks
Session Hijacking Techniques
IPSec and Session Hijacking
Hacking Webservers Terminology and Background
Webserver Architecture
Webserver Hacking Tools
Web Server Attacks
OWASP Top 10
Webserver Hacking Countermeasures
SQL and Command Injection Web App Hacking
Non SQL Injection Errors
Parameter and Form Tampering Web App Hacking
Cross-site Scripting and Obfuscation Web App Hacks
Cross-Site Request Forgery and Cookies
Web Application Methodology
Web App Attack Tools and Countermeasures
Buffer Overflow Tools and Countermeasures
DEMO: BurpSuite
DEMO: XP cmdshell Demo
SQL Terminology and Example Statements
SQL Enumeration
SQL Injection Attacks
SQL Injection Tools and Countermeasures
DEMO: SQL Injection
Wireless Terminology and Standards
Wireless Terminology and Antennas
Wireless Authentication
Wireless-based Attacks
Wireless Attack Methodology
Wireless Attack Methodology Continued
WEP WPA and Other Wireless Attacks
Bluetooth Communication Basics
Wireless Protocols and Signal Modulation
DEMO: SSID and Channels
DEMO: WiFi Analyzer Using Mobile Device
Wireless Hacking Tools and Countermeasures
Mobile Platform Overview
Mobile Device Operating Systems
Hacking Mobile Platforms
IDS Overview and Detection Methods
DEMO: Published Snort Rules
Firewalls and Honeypots
Firewall Configurations
Signs of Intrusions
Evasion Techniques
IDS Evasion Techniques
Evasion Testing Techniques
DEMO: Intrusion Signs
Cryptography Background and Terminology
Crypto Keys and Algorithms
SHA and TLS Algorithms
DEMO: Hashing with MD5 Sum
Crypto Keys and Algorithms Continued
Cryptography Implementations
Public Key Infrastructure (PKI)
Cryptanalysis Techniques
Cryptanalysis Tools
Cryptographic Attacks
Steganography Tools
Security Testing and Assessments
Penetration Testing Terminology
Risk Management and Penetration Testing
Penn Testing Phases and Methodology
Penetration Testing Walkthrough
Penetration Testing Tools
DEMO: Exploits with Armitage
DEMO: Intro to Armitage
DEMO: v3 RunningExploitFrom Code
Introduction to Cloud Computing
Cloud Security
Cloud Architectures
Cloud Testing Tools
Cloud Threats and Attacks
CEHv9 Prep Practice Exam
Cisco CCENT Self-Study Prep 13 hoursSkill Level: Intermediate
+ Description
 The Cisco CCENT Prep course is a self-study resource for learners preparing for the Cisco CCENT certification, one of the prerequisites for the Cisco CCNA certification. Installing, operating, configuring, and verifying a basic IPv4 and IPv6 network will be discussed. Students will also be introduced to configuring a local area network (LAN) switch, configuring an internet protocol (IP) router, and identifying basic security threats. The course includes several reinforcing video demonstrations of concepts discussed, as well as a quiz.

Training Purpose: Operate and Maintain

Specialty Areas: Network Services, Systems Administration, Systems Analysis, Customer Service and Technical Support

Training Proficiency Area: Level 2 - Intermediate

Capture Date: 2015

+ Course Modules/Units
 
Switched Networks Part 1 of 2
Switched Networks Part 2 of 2
Collisions and Broadcasts
DEMO: Viewing an ARP Table
Basic Switch Configuration
SSH Operation and Configuration
Configuring Switch Ports
Switch Troubleshooting
Securing a Switch
Best Practices for Switched Networks
DEMO: Making an RJ-45 Cable
VLAN Segmentation Part 1 of 2
VLAN Segmentation Part 2 of 2
VLAN Implementations
VLAN Security and Design
DEMO: Configuring VLANs
DEMO: Demonstrating VLAN Connectivity
Functions of a Router Part 1 of 2
Functions of a Router Demo
Functions of a Router Part 2 of 2
Configuring Basic Router Settings
DEMO: IPv4 and IPv6 Subnetting
Basic Router Settings_IPv6 and Loopback Interfaces
Verifying Connectivity of Directly Connected Networks
Switching Packets Between Networks
Routing Tables and Protocols
DEMO: IPv6 Header Analysis
DEMO: MAC Address Table
DEMO: IPv4 Addresses and Router Interfaces
DEMO: IPv6 Addressing on Router Interfaces
Inter-VLAN Routing Configuration
Layer 3 Switching
Static Routing
Configure Static Routing
Classful Addressing and Routing
Configuring Summary Routes
Troubleshooting Static and Default Routes
DEMO: Static Routing
Dynamic Routing Protocol Operation
Routing Protocol Operating Fundamentals
Types of Routing Protocols
Types of Distance Vector Routing Protocols
Configuring the RIP Protocol
RIPng and Link-State Routing
DEMO: RIP Version 1 and IPv4
DEMO: RIP Version 2 Improvements
DEMO: Setting up RIP for IPv6
Characteristics of OSPF
OSPF Messages
OSPF Router IDs
Configuring and Verifying OSPF
OSPFv2 versus OSPFv3
DEMO: Configuring OSPF
DEMO: Troubleshooting OSPFv2
DEMO: Configuring OSPFv3
DHCPv4 Operation
Configuring and Troubleshooting DHCPv4
DEMO: DHCPv4
SLAAC and DHCPv6
Stateless and Stateful DHCPv6
DEMO: Stateless DHCPv6
NAT Characteristics and Benefits
Types of NAT
Configuring Static and Dynamic NAT
Configuring PAT and Port Forwarding
DEMO: Enabling IPv4 NAT
Configuring and Troubleshooting NAT for IPv6
CCENT Prep Practice Exam
Cloud Computing Security 1 HourSkill Level: Intermediate 
+ Description
 This course provides an in-depth look at the strengths and weaknesses of cloud computing security as well as the considerations to take in choosing the cloud as a data management solution. Technical and operational risks are explained, along with strategies to mitigate the aforementioned risks. To demonstrate concepts learned, the course closes with a real-world example of how a government agency (Defense Information Systems Agency) utilizes cloud computing solutions.

Training Purpose: Securely Provision, Operate and Maintain

Specialty Areas: Systems Analysis, Network Services, Systems Requirement Planning

Training Proficiency Area: Level 2 - Intermediate

Course Capture Date: 2010

+ Course Modules/Units
 
What is Cloud Computing?
Technical Risks
Operational Risks
Risk Mitigation Strategies
Cisco CCNA Security Self-Study Prep 15 Hours Skill Level: Intermediate
+ Description
 The Cisco CCNA Security Self-Study Prep course is aimed at those who already have experience with routers and basic level networking skills, and those who may be interested in taking the Cisco CCNA Security exam. Content covered in the CCNA Security Prep course include protocol sniffers, analyzers, TCP/IP, desktop utilities, Cisco IOS, the Cisco VPN, a Cisco simulation program called Packet Tracer, and some web-based resources. Students will get a theoretical understanding of network security, knowledge and skills designed to implement it. This self-study resource contains several reinforcing video demonstrations and final exam.

Training Purpose: Operate and Maintain

Specialty Areas: Network Services, Systems Administration, Systems Analysis, Customer Service and Technical Support

Training Proficiency Area: Level 2 - Intermediate

Capture Date: 2015

+ Course Modules/Units
 
Securing Network Devices
Secure Administrative Access Part 1 of 2
Secure Administrative Access Part 2 of 2
DEMO: Securing Router Access Methods
Role-Based CLI Overview
Password Recovery
Management Reporting and Logging Considerations
Implementing Log Messaging for Security
Configuring NTP
Disabling Unused Cisco Router Network Services and Interfaces
AAA Authentication Methods
Implementing Local AAA Authentication
Implementing Server-Based AAA Authentication
Cisco Secure ACS
Configuring Server-Based AAA Authentication
Server-Based Authorization and Accounting
Implementation Firewall Technologies
Access List Controls (ACLs)
Extended ACLs and ACL Caveats
ACL Placement
Complex ACLs
Troubleshooting ACLs
Securing Networks with Firewalls
Zone-Based Policy Firewalls
CCP Firewall Wizard and Manual ZPF using CCP
DEMO: Enabling IOS Firewall
Implementing Intrusion Prevention Intro
IPS Signatures
Signature Trigger and Action for IPS
Managing and Monitoring IPS
Configuring and Verifying IOS IPS
Securing the Local Area Network Intro
Layer 2 Security Part 1 of 2
Layer 2 Security Part 2 of 2
Mitigating MAC Spoofing and MAC Table Overflow Attacks
Mitigating STP Manipulation
Configuring Storm Control
Mitigating VLAN Attacks
Configuring Cisco Switch Port Analyzer
Private VLAN Edge
Advanced Technology Security Considerations
Wireless Networks
VoIP and SAN Networks
DEMO: Enabling STP with Voiceover
Cryptographic Systems and Hashes
Encryption and Confidentiality
Public Key Cryptography and PKI
VPN Terminology and Topologies
IPSec Frameworks and Key Exchange
IPSec Tasks
Configuring IPsec VPN using CCP
Remote-Access VPNs
Managing a Secure Network and Addressing Risks
Operations Security
Network Security Testing
Continuity Planning
SDLC
Security Policy
ASA Models and Features
Basic ASA Configuration and Settings
Introduction to ASDM
ASA Objects and Object Groups
ACLs for ASA
ASA and NAT
ASA and PAT
ASA AAA
Modular Policy Framework
ASDM Service Policies Demo
ASA VPN Features
ASDM AnyConnect VPN Wizard
DEMO: ASA Console Config
DEMO: ASA GUI Config
DEMO: ASA Traffic Management
CCNA Security Prep Practice Exam
CMaaS Transition Classroom Sessions 5 HoursSkill Level: Basic 
+ Description
 This course is part of the CMaaS transitional webinar series conducted via WebEx. Each video focuses on a single tool within the CMaaS solution stack, and includes two major Use Cases for each tool.

Training Proficiency Level: Level 1 - Basic

Capture Date: 2018

+ Course Modules/Units
 
Session 1
Session 2
Session 3
Session 4
New Course OfferingCompTIA A+ 220-901 Certification Prep 12 HoursSkill Level: Basic
+ Description
 The CompTIA A+ 901 certification prep course is a self-study resource to help students prepare for the CompTIA A+ certification exam. The A+ exam covers both 220-901 and 220-902 objectives. Topics covered in the 901 prep include maintenance and configuration of PCs and devices, basics of networking, troubleshooting software and hardware issues, and customer support. Learning objectives:
  • Provide a review of the four knowledge area domains in the CompTIA A+ 220-901 exam objectives.
  • Supplemental self-study preparation resource for the CompTIA A+ certification exam.
  • Understand the basics of device installation, troubleshooting, and customer support.
Training Purpose: Skill Development Specialty Areas: (Operate and Maintain) Customer Service and Technical Support, Network Services, System Administration Training Proficiency Area: Level 1 - Basic
+ Course Modules/Units
 
CompTIA A+ 220-901 Prep Course Introduction
Computing System Components
Central Processing Unit (CPU)
Sockets and Processing
Virtualization and Temperature Monitoring
DEMO: CPU Characteristics and Installation
RAM Basics and Types of RAM
Upgrading and Installing RAM
DEMO: RAM Installation and Verification
BIOS Components, Configurations and Settings
DEMO: BIOS Overview
Motherboard Form Factor, Chipset and Components
Motherboard Expansion Slots and Card Installation
Installing New Motherboard
Power Supply and Connectors
Display Types and Features
Display Connector and Cable Types
Hard Drive Basics
Hard Drive RAID Types
Hard Drive Interfaces
DEMO: Hard Drive Installation and Initializing
DEMO: Software Virtualization
Common Peripheral Devices
Removable Media
Audio/Video Standards
PC Configurations
DEMO: Inside Desktop Computer
Printer Types
Printer Languages and Installation
Printer-Scanner Maintenance and Troubleshooting
SOHO Network
Fiber and Coaxial Cables and Connectors
Patch Panels, Ethernet Standards and LAN
IP Address, Ports and Protocols Part 1 of 3
IP Address, Ports and Protocols Part 2 of 3
IP Address, Ports and Protocols Part 3 of 3
Wireless Networks and WiFi Standards
Configuring a SOHO Network
Network Types
Network Devices: Routers
Network Devices: Hubs, Switches and Firewalls
Hardware Tools for Connectivity Issues
Laptops and Mobile Devices
Laptop Expansion Options, Docking and Locks
Laptop Hardware Replacement
Laptop Special Functions and Features
DEMO: Laptop Computer Components
Characteristics of Various Mobile Device Types
Mobile Device Ports and Accessories
Network Troubleshooting Process
Troubleshooting Hardware, Video, Networks and OS
DEMO: Troubleshooting Hard Drives
Network Troubleshooting Methodology
DEMO: Troubleshooting Network Issues
Troubleshooting Common Video and Display Issues
CompTIA A+ 220-901 Prep Practice Exam
New Course OfferingCompTIA A+ 220-902 Certification Prep 8.5 HoursSkill Level: Basic
+ Description
 The CompTIA A+ 902 certification prep course is a self-study resource to help students prepare for the CompTIA A+ certification exam. The A+ exam covers both 220-901 and 220-902 objectives. Topics covered in the 902 prep installation and configuration of devices and software, networking and security basics, troubleshooting and diagnosing issues, as well as operational procedures. Learning objectives:
  • Provide an overview of the five knowledge area domains in the CompTIA A+ 220-902 exam objectives.
  • Supplemental self-study resource for the CompTIA A+ certification exam
  • Understand the basics of device configuration, networking, and applying troubleshooting theory.
Training Purpose: Skill Development Specialty Areas: (Operate and Maintain) Customer Service and Technical Support, Network Services, System Administration Training Proficiency Area: Level 1 - Basic
+ Course Modules/Units
 
CompTIA A+ 220-902 Prep Course Introduction
Microsoft Operating System Versions
Upgrading Windows Operating Systems
Windows Operating System Features Part 1 of 2
DEMO: File Structure and Paths
DEMO: Creating and Managing Disk Folders
Windows Operating System Features Part 2 of 2
Windows OS Installation Options
Windows Command-line Tools Part 1 of 2
DEMO: Windows Command-Line Tools
Windows Command-line Tools Part 2 of 2
DEMO: Windows OS GUI Tools Part 1 of 2
DEMO: Windows OS GUI Tools Part 2 of 2
Windows OS GUI Tools Best Practices
Windows Networking and Resource Sharing
DEMO: Image Backup and Restore on Windows
DEMO: Linux Commands
Best Practices and Common Features of OS X
Introduction to Cloud Computing
Cloud Architectures
Network Services and Protocols
Mobile Device Security Introduction
Mobile Device Security Introduction Cont.
Android Introduction
Android Security
Android Application Security
DEMO: Installing Antivirus
File System for iOS Devices
Understanding the Basics of iOS
Understanding iOS Security Architecture
iOS Jailbreaking
Malware and Social Engineering Threats
Threats to Physical Security
Physical Security Considerations
Infrastructure Physical Security
Laptop Security
TEMPEST
Physical Security Access Controls
Biometric Access Control Devices
Authentication
DEMO: Windows Hidden File Properties
Symptoms, Troubleshooting and Preventing Infection
Mobile Device Security Best Practices
Data Destruction and Disposal Methods
SOHO Network
PC Troubleshooting Tools
Troubleshooting Common Symptoms of System Issues
Troubleshooting System Crash and Failure-to-Boot
Troubleshooting Mobile Device Issues
Safety Procedures and Personal Safety
IT Environmental Controls
Incident Response Concepts
Intellectual Property and Licensing
Professional Communication and Troubleshooting
CompTIA A+ 220-902 Prep Practice Exam
New Course OfferingCompTIA Cybersecurity Analyst (CySA+) Prep 12.5 HoursSkill Level: Intermediate  
+ Description
 The CompTIA Cybersecurity Analyst (CySA+) self-study certification prep course is designed to help prepare candidates to sit for the CySA+ exam, as well as reinforce concepts for work roles such as Systems Security Analyst, Threat Analyst, and Vulnerability Assessment Analysts. This intermediate-level course focuses on analysis and defense techniques leveraging data and tools to identify risks to an organization, and apply effective mitigation strategies. They CySA+ is an approved baseline certification of the DoD Directive 8570.
Learning objectives:
  • Provide a review of the following four skills: threat management, vulnerability management, security architecture and tool sets, and cyber incident response.
  • Supplemental self-study preparation resource for the CompTIA CySA+ exam.
  • Understand how to configure and use threat detection tools, perform data analysis, identify vulnerabilities, threats and risks, and secure and protect applications and systems within an organization.
Training Purpose: Skill Development
Specialty Areas: (Protect and Defend, Operate and Maintain, Securely Provision) Vulnerability Assessment and Management, Systems Analysis, Cyber Defense Analysis
Training Proficiency Area: Level 2 - Intermediate
Capture Date: 2018
+ Course Modules/Units
 
CySA Course Introduction
Reconnaissance
Port Scanning for Active Reconnaissance
Environmental Reconnaissance Tools
Social Engineering for Reconnaissance
Network Mapping for Active Reconnaissance
Syslog
Reviewing Alerts/Detecting Attack Phases
Common Tasks in Environmental Reconnaissance
Environmental Reconnaisannce Variables
Basic Packet Analysis
Methods of Network Traffic Analysis
Network Traffic Analysis
Netflows
Working with Netflows
Netflow Tools
Examining Log Files
Data Correlation and Analytics
Analyzing Device Data
SIEM
DEMO: Wireshark Packet Analyzer
Hardening Network Devices
Network Segmentation and Design
Honeypot
Endpoint Security
Windows Group Policy
Access Control Models
Remote Authentication - Radius and Tacacs+
Hardening Host and Networked Systems
Compensating Controls
Corporate Penetration Testing
Reverse Engineering Purpose and Practice
Team Training and Exercises
Risk Evaluation and Security Controls
Vulnerability Assessment Introduction
Vulnerability Management Requirements
Vulnerability Scanner Configuration
Vulnerability Assessment Tools
Scanning and Enumeration with Nmap
Intro to Vulnerability Scanning with Nessus
Vulnerability Remediation
Scanning and Report Viewing with OpenVAS
Endpoint and Protocol Analysis
Logging Strategies and Sources
Reviewing, Analyzing and Correlating Logs
Network Vulnerabilities
System Vulnerabilities
Web Application Vulnerabilities
Wireless Network Vulnerabilities
Virtual Infrastructure Vulnerabilities
Threats to Mobile Devices
ICS and SCADA Systems Security
Malware and Social Engineering Threats
Preparing for Impact Analysis
Forensics Kit and Incident Response
Forensic Investigation Suite
Setting Up an Analysis Environment
Communication During Incident Response
Common Symptoms of Host Infection
Incident Response and Recovery Part 1 of 2
Incident Response and Recovery Part 2 of 2
Regulatory Compliance and Frameworks
Control Selection Tailoring and Implementation
Verification and Quality Control
Procedures Supporting Policy
Enterprise Network Authentication Part 1 of 2
Enterprise Network Authentication Part 2 of 2
Cross-site Scripting and Other Exploits
Privilege Escalation Exploit
Technical Processes and Controls
Software Development Models and SDLC
Code Review and Testing
Secure Coding Best Practice Resources
Preventative Cyber Tools
Collective Cyber Tools
Analytical Cyber Tools
Exploit Cyber Tools
Forensics Cyber Tools
CySA Prep Practice Quiz
New Course OfferingCompTIA Security+ (SY0-501) Certification Prep 17.5 HoursSkill Level: Basic 
+ Description
 The CompTIA Security+ (SY0-501) Certification Prep is a self-study resource to help candidates prepare for the Security+ (SY0-501) certification exam. The topics covered are categorized into the six domain areas of the SY0-501 exam objectives: Threats and Vulnerabilities, Technology and Tools, Architecture and Design, Identity and Access Management, Risk Management, and Cryptography.

Learning Objectives:
  • Supplemental preparation for the CompTIA Security+ SY0-501 Certification Exam
  • List common cyber threats and how scanning and assessment tools and techniques identify potential vulnerabilities
  • Explain how various tools and technologies are configured or deployed to support an organization's security posture
  • Detail risk management best practices and mitigation strategies
NICCS Specialty Areas:
  • Systems Analysis (Operate and Maintain)
  • Systems Administration (Operate and Maintain)
  • Network Services (Operate and Maintain)
  • Vulnerability Assessment and Management (Protect and Defend)
Training Purpose Skill Development
Training Proficiency Area Level 1- Basic
+ Course Modules/Units
 
Security+ (SY0-501) Course Introduction
Malware: Viruses
Malware: Rootkits, Trojans, Botnets
MITM, DoS, Packet Flooding and Other Attacks
Backdoor, Spoofing, Replay and Other Attacks
Password, Birthday, Crypto and Application Attacks
Social Engineering Techniques
Wireless Attacks
Application Attacks
Threat Actors
Assessment Tools and Techniques
Active and Passive Reconnaissance
Security Testing and Assessment
Firewall Implementations
Proxy Server Implementations
Hubs and Switches
Routers and Routing Protocols
Remote Access and VPNs Part 1 of 2
Remote Access and VPNs Part 2 of 2
Network Intrusion Detection Systems
Host-Based Intrusion Detection Systems
Password Cracking Categories and Tools
Password Cracking Techniques
DEMO: Local Information Gathering Tools
DEMO: Network Connectivity Testing Tools
DEMO: Remote Information Gathering Tools
Mobile Device Security
Mobile Device Deployment
Network Security Protocols
Network Services and Protocols
Frameworks and Reference Architectures
Network Zones
Demilitarized Zones (DMZ) Implementations
Security Device and Technology Placement
Host Security: OS Hardening and Firewalls
Host Security: Anti Virus, Malware and Spam
Host Security: Pop Ups and Patch Management
Secure Static Environment
Secure Staging Deployment Concepts
Cloud and Virtualization Concepts
Cloud Architectures
Host Security: Virtualization
Resiliency and Automation to Reduce Risk
Physical Security and Environmental Controls
Access Control Categories
Authentication Services
Access Control Models
Authentication and Authorization Concepts
Biometric Authentication
Account Management
Identity Management
Security Awareness and Training
Risk and Related Concepts
Risk and Asset Identification
Threat and Risk Calculation
Risk Control Types
Security Control Types and Categories
Basic Forensics Procedures
Incident Handling and Forensics
Incident Response Preparation
Risk Management: Business Continuity
Risk Management: Redundancy and Fault Tolerance
Risk Management: Disaster Recovery
Risk Mitigation Strategies
Data Security
Data Destruction and Disposal Methods
Data Sensitivity and Handling
Mitigation and Deterrence: Logging
Mitigation and Deterrence: Hardening
Mitigation and Deterrence: Network Security
Mitigation and Deterrence: Attack Countermeasures
Cryptography Part 1 of 2
Cryptography Part 2 of 2
Wireless Security Evolution
Wireless Security Best Practices
Cryptographic Keys and PKI
Security+ (SY0-501) Certification Prep Exam
Demilitarized Zone (DMZ) with IDS/IPS 9 HoursSkill Level: Intermediate 
+ Description
 This course introduces the concept of a network Demilitarized Zone (DMZ) and the security benefits it can provide. Best practices for designing and implementing a DMZ is followed with a section on IDS and IPS systems that includes an in-depth look at SNORT for network monitoring. The course concludes with log analysis and management best practices.

Training Purpose: Skill development

Specialty Area: Computer Network Defense Infrastructure Support, Network Services, Systems Security Analysis, System Administration

Training Proficiency Area: Level 2 - Intermediate

Capture Date: 2013

+ Course Modules/Units
 
Demilitarized Zone (DMZ) Introduction
DMZ Architecture
DMZ Components: Firewalls Part 1 of 2
DMZ Components: Firewalls Part 2 of 2
Setting up a DMZ using IPTables Demo
DMZ Components: IDS
DMZ Components: IDS/IPS Placement
DMZ Components: Proxy Servers
DMZ Components: Network Servers
DMZ Architectures
Attacking the DMZ Part 1 of 2
Attacking the DMZ Part 2 of 2
DMZ Attack Types Part 1 of 2
DMZ Attack Types Part 2 of 2
DMZ: Open Source vs Commercial Implementations
DMZ: Software Subscription Services
Open Source DMZ Tools Part 1 of 2
Open Source DMZ Tools Part 2 of 2
Proxy Concepts
DNS Concepts
Web Server Concepts
E-mail Relay and VPN Concepts
DMZ and Commercial Software - Part 1
DMZ and Commercial Software - Part 2
Security Capabilities in a DMZ
Security Capabilities in Procmail Demo
Network Security Appliances IDS
Snort Intro and Overview
Using BASE w Snort DB
Snort Demo
Log Mgmt and Analysis Concepts
SYSLOG Basics
Using Swatch Overview
Log Management Best Practices
Proxy and DNS Log File Concepts
Analyzing Proxy and DNS Log Files
DMZ with IDS/IPS Course Quiz
DNSSEC Training Workshop 2 HoursSkill Level: Advanced
+ Description
 This course covers the basics of DNSSEC, how it integrates into the existing global DNS and provides a step-by-step process to deploying DNSSEC on existing DNS zones.

Training Purpose: Skill development

Specialty Areas: Enterprise Architecture, Network Services, System Administration

Training Proficiency Area: Level 3 - Advanced

Capture Date: 2015

+ Course Modules/Units
 
DNSSEC Introduction
DNS Resolution Steps
DNS Vulnerabilities and Security Controls
DNSSEC Mechanisms
DNS Resource Records (RR)
Special DNS Resource Records
DNS Zone Signing
Secure DNS Zone Configuration-DNSSEC Key Generation
Prepare the DNS Zone File for Signing
Signing the DNS Zone file
Publishing a signed zone
Testing a signed zone
Testing a signed zone through a validator
DNSSEC Chain of Trust
Setting Up A Secure Resolver
Adding a trusted key
Securing the last hop
ZSK Rollover
Using pre-published keys
KSK Rollover
Conclusions
Emerging Cyber Security Threats 12 HoursSkill Level: Intermediate  
+ Description
 This course covers a broad range of cyber security elements that pose threats to information security posture. The various threats are covered in detail, followed by mitigation strategies and best practices. This course will cover what policy is, the role it plays in cyber security, how it is implemented, and cyber security laws, standards, and initiatives. Topics include cyber security policy, knowing your enemy, mobile device security, cloud computing security, Radio Frequency Identification (RFID) security, LAN security using switch features, securing the network perimeter, securing infrastructure devices, security and DNS and IPv6 security. Video demonstrations are included to reinforce concepts.

Training Purpose: Skill Development

Specialty Areas: System Administration, Technology Demonstration, Vulnerability Assessment and Management, Strategic Planning and Policy Development, Cyber Threat Analysis

Training Proficiency Area: Level 2 - Intermediate

Capture Date: 2010

+ Course Modules/Units
 
Introduction to Cybersecurity Policy
Types of Security Policy
Policy Education and Implementation
Cybersecurity Laws
Proposed Legislation
NIST Cybersecurity Standards
Other Cybersecurity Standards
Comprehensive National Cybersecurity Initiatives (CNCI)
Other Federal Cybersecurity Initiatives
Implementing Cybersecurity Initiatives
SPAM
Malware Trends
Botnets
Monetization
Cyber Attack Profiles
Cyber Crime
Cyberwarfare
Cyber Attack Attribution
Cyber Threat Mitigation
Mobile Device Trends
Mobile Device Threats
Mobile Device Countermeasures
Exploited Threats
What is Cloud Computing?
Technical Risks
Operational Risks
Risk Mitigation Strategies
DISA Cloud Solutions
RFID Introduction
RFID Threats
RFID Countermeasures
Exploited Threats
Introduction and MAC Address Monitoring
MAC Address Spoofing
Managing Traffic Flows
VLANs and Security
802.1x Port Authentication
Network Admission Control
Securing STP
Securing VLANs and VTP
Introduction and Edge Security Traffic Design
Blocking DoS and DDoS Traffic
Specialized Access Control Lists
Routers with Firewalls
Beyond Firewalls: Inspecting Layer 4 and Above
Securing Routing Protocols and Traffic Prioritization
Securing Against Single Point of Failures
Physical and Operating System Security
Management Traffic Security
Device Service Hardening
Securing Management Services
Device Access Hardening
Device Access Privileges
Name Resolution Introduction
Name Resolution and Security
DNS Cache
DNS Security Standards and TSIG
DNSSEC
Migrating to DNSSEC
Issues with Implementing DNSSEC 1
Issues with Implementing DNSSEC 2
IPv6 Concepts
IPv6 Threats
IPv6 Network Reconnaissance
DEMO: IPv6 Network Reconnaissance
IPv6 Network Recon Mitigation Strategies
IPv6 Network Mapping
DEMO: IPv6 Network Mapping
IPv6 Network Mapping Mitigation Strategies
IPv6 Neighbor Discovery
DEMO: IPv6 Address Assignment
IPv6 Attacks
DEMO: IPv6 Alive Hosts
DEMO: IPv6 Duplicate Address Detection (DAD)
DEMO: IPv6 DAD Denial of Services (DOS)
DEMO: IPv6 Fake Router Advertisement
DEMO: IPv6 Man-in-the-middle
IPv6 Attack Mitigation Strategies
IPv6 Tunneling
IPv6 Windows Teredo Tunneling
IPv6 Tunneling Mitigation Strategies
IPv6 Best Practices
Introduction to Windows Scripting 4 HoursSkill Level: Basic
+ Description
 This course focusses on writing scripts for the Microsoft Windows operating system. It covers fundamentals and syntax for automating administrative and security monitoring tasks. The course will present the basics of Windows BATCH scripting syntax and structure, along with several Windows command line utilities to harness the powerful capabilities built into Windows.

Training Purpose: Functional Development

Specialty Areas: Network Services, System Administration, Systems Security Analysis

Training Proficiency Area: Level 1 - Basic

Capture Date: 2015

+ Course Modules/Units
 
Scripting Basics Overview
Windows BATCH Scripting Basics
Windows BATCH Scripting_Variables
Windows BATCH Scripting_Loops
Windows BATCH Scripting_Functions
Windows Script Error Handling and Troubleshooting
Windows Script Best Practices and Examples
Windows Scripting Demo
Scripting for Penetration Testing
Windows Scripting Utilities_xcopy
Windows Scripting Utilities_findstr
Windows Scripting Utilities_net Commands
xcopy Examples Demo
WMI and WMIC
PowerShell Commands
PSExec
Windows Management Instrumentation Demo
Intro to Windows BATCH Quiz
IPv6 Security Essentials Course 5 HoursSkill Level: Advanced 
+ Description
 This Internet Protocol version 6 (IPv6) Security Essentials course begins with a primer of IPv6 addressing and its current deployment state, discusses Internet Control Manager Protocol version 6 (ICMPv6), Dynamic Host Configuration Protocol version 6 (DHCPv6), and Domain Name System version 6 (DNSv6), and concludes with IPv6 Transition Mechanisms, security concerns and management strategies. This course includes several reinforcing video demonstrations, as well as a final knowledge assessment.

Training Purpose: Skill development

Specialty Area(s): Enterprise Architecture, Network Services, System Administration, Computer Network Defense Infrastructure Support, Systems Security Analysis

Training Proficiency Level: Level 3 - Advanced

Capture Date: 2015

+ Course Modules/Units
 
IPv6 Introduction
IPv6 Adoption
DEMO: IPv6 Network Reconnaissance
IPv6 Addressing Part 1 of 2
IPv6 Addressing Part 2 of 2
IPv6 Packet Header
DEMO: IPv6 Header Analysis
ICMPv6
IPv6 Address Assignment
DEMO: IPv6 Address Assignment
IPv6 Web Browsing
IPv6 Transition Mechanisms Part 1 of 2
IPv6 Transition Mechanisms Part 2 of 2
DEMO: IPv6 Tunneling
IPv6 Security Concerns
DEMO: IPv6 Network Mapping
IPv6 Security Mitigation Strategies
DEMO: IPv6 Network Monitoring Tools
IPv6 Ready
IPv6 Security Essentials Key Takeaways
DEMO: IPv4 and IPv6 Subnetting
DEMO: IPv6 Addressing on Router Interfaces
DEMO: Setting up RIP for IPv6
DEMO: Configuring OSPFv3
DEMO: IPv6 Alive Hosts
DEMO: IPv6 Duplicate Address Detection (DAD)
DEMO: IPv6 DAD Denial of Services (DOS)
DEMO: IPv6 Fake Router Advertisement
DEMO: IPv6 Man-in-the-middle
IPv6 Security Essentials Quiz
New Course OfferingISACA Certified Information Security Manager (CISM) Prep 11 HoursSkill Level: Intermediate  
+ Description
 The ISACA Certified Information Security Manager (CISM) certification prep self-study resource helps prepare candidates to sit for the management-focused CISM exam, and strengthens students information security management expertise through in-depth lecture topics, reinforcing demonstrations, and practice exam. The course includes concepts from the four job practice areas of the 2017 CISM certification: Information Security Governance, Information Risk Management and Compliance, Information Security Program Development and Management, and Information Security Incident Management.
Learning Objectives:
  • Explain how information security governance and supporting processes are used to align security strategy with organizational goals and objectives.
  • Detail strategies to manage risk to an acceptable level in support of organization goals and objectives.
  • Describe the information security program's role in the organization's security posture by managing and protecting assets while supporting goals.
  • Detail means to minimize the impact to operations in the event of a security incident through establishing detection, response and recovery capabilities.
Training Purpose: Skill Development
NICCS Specialty Areas:
  • Cybersecurity Management (Oversee and Govern)
  • Systems Analysis (Operate and Maintain)
  • Program/Project Management and Acquisition (Oversee and Govern)
  • Vulnerability Assessment and Management (Protect and Defend)

Training Proficiency Area: Level 2- Intermediate
+ Course Modules/Units
 
CISM Course Introduction
IS Governance Domain Overview
Information Security (IS) Management
Importance of IS Governance Part 1 of 2
Importance of IS Governance Part 2 of 2
IS Management Metrics
ISM Strategy Part 1 of 2
ISM Strategy Part 2 of 2
Elements of IS Strategy
IS Action Plan for Strategy
DEMO: Key Goal, Risk, Performance Indicator
Risk Management Overview and Concepts
Risk Management Implementation
Risk Assessment: Models and Analysis
DEMO: Calculating Total Cost of Ownership
DEMO: Recovery Time Objective (RTO)
Compliance Enforcement
Risk Analysis: Threat Analysis
IS Controls and Countermeasures
Other Risk Management Considerations Part 1 of 2
Other Risk Management Considerations Part 2 of 2
DEMO: Cost Benefit Analysis
Information Security Program Development
Information Security Program Management
Outcomes of Effective Management
IS Security Program Development Concepts
Scope and Charter of IS Program Development
IS Management Framework
IS Framework Components
IS Program Roadmap
Organizational Roles and Responsibilities
Information Security Manager Responsibilities
Other Roles and Responsibilities in IS
Information Security Program Resources
IS Personnel Roles and Responsibilities
IS Program Implementation Part 1 of 2
IS Program Implementation Part 2 of 2
Implementing IS Security Management Part 1 of 2
Implementing IS Security Management Part 2 of 2
Measuring IS Management Performance
Common Challenges to IS Management
Determining the State of IS Management
Incident Management and Response
Incident Management Part 1 of 2
Incident Management Part 2 of 2
IMT IRT Members
Incident Response Planning Part 1 of 2
Incident Response Planning Part 2 of 2
DEMO: Phishing Emails
DEMO: Incident Management Workflow
Recovery Planning Part 1 of 2
Recovery Planning Part 2 of 2
DEMO: RTIR Incident Response Tool Part 1 of 2
DEMO: RTIR Incident Response Tool Part 2 of 2
CISM Practice Exam
(ISC)2 (TM) Systems Security Certified Practitioner 16 Hours Prep 2015Skill Level: Basic 
+ Description
 The Systems Security Certified Practitioner (SSCP) certification prep course is a self-study resource for those preparing to take the (ISC)2 SSCP certification exam as well as those looking to increase their understanding of information security concepts and techniques. The certification is described as being ideal for those working toward positions such as network security engineers, security systems analysts, or security administrators. This course, complete with a 100-question practice exam and video demonstrations, was developed based on the seven SSCP domains prior to the April 15, 2015 (ISC)2™ domain update. A new, updated course is currently in development.

Training Purpose: Skill development

Specialty Area(s): Systems Security Analysis, Computer Network Defense, Vulnerability Assessment and Management, Network Services

Training Proficiency Area: Level 1 - Basic

Capture Date: 2015

+ Course Modules/Units
 
SSCP Introduction
Access Control Terms and Categories
Access Control Types
Access Control Administration
Security Models
System Permissions
Identification and Authentication Methods
Biometrics
Auditing and Threats
Attribute based Access Control
Device Authentication
Trust Architectures
Identity Management Lifecycle
Introduction to Cloud Computing
Cloud Computing Implementations
Cloud Computing Security Issues Part 1 of 2
Cloud Computing Security Issues Part 2 of 2
Big Data
Big Data with Hadoop Demo
NoSQL with MongoDB Demo
Virtual Environments
Access Controls Domain Knowledge Check
Security Operations
Data Classification and Administration
System Development and Change Cycle
Certification and Accreditation
Change Control and Patch Management
End Point Security
Securing People and Devices
Security Awareness and Training
(ISC)2 Code of Ethics
Asset Management
Assessing Physical Security
Physical Security Defenses
Security Ops and Admin Knowledge Check
Monitoring and Analysis
Monitoring Employees
Log Management
Integrity Checking
Testing and Analysis
Auditing
Communicate Findings
Continuous Monitoring and CAESARS
Introduction to Continuous Monitoring
Incident Handling, Response and Recovery
Incident Handling Knowledge Areas Part 1 of 2
Incident Handling Knowledge Areas Part 2 of 2
Incident Handling Response
Incident Handling Countermeasures
OpenVAS Demo
Monitoring and Analysis Knowledge Check
Risk Management
Risk Assessment
Security Testing
Incident Handling
Forensics
Volatility Framework
Business Continuity Planning
Business Impact Analysis
Backup and Recovery Strategies
Redundancy and Storage
Risk and Response Knowledge Check
Cryptography Terms
Requirements for Cryptography Part 1 of 2
Requirements for Cryptography Part 2 of 2
Steganography
Hashes, Parity and Checksum
Secure Protocols and Cryptographic Methods
Symmetric Cryptosystems
Symmetric and Asymmetric Cryptosystems
Public Key Infrastructure (PKI)
Key Management
Web of Trust
Secure Protocols
Cryptography Knowledge Check
Network Topology
Transmission Media
Crosstalk and Interference
Network Devices: NIC, Hub, Switches
Network Devices: Routers, Firewalls, IDS
OSI and TCP/IP Models
IP Addressing
NAT and Subnetting
TCP, UDP and Common Protocols
ARP, DHCP, ICMP
Wireshark Protocol Analysis
Routers and Routing Protocols
Network Services
Network Security Protocols
VoIP
VoIP Call Traffic Demo
WANs
Remote Access
Securing SSH
Wireless Technology
Network Reliability
Firewalls and Proxies
Wireless Attacks and Countermeasures
Common Attacks and Countermeasures
Network Access Control
Wiring Closets
Mobile Device Physical Security
Network Segmentation
Traffic Shaping
Wireless Security
Networks and Comm Knowledge Check
Malicious Code
Virus Lifecycle and Characteristics
Botnets: DoS, Packet Flood Attacks
Botnets: Rootkits and Malware
Malicious Activity
Social Engineering Sources and Anatomy of Attack
Malicious Activity Countermeasures
SE and Insider Threat Countermeasures
Infected System Response and Remediation
Reverse Engineering
Malicious Code Activity Knowledge Check
SSCP Course Practice Exam
LAN Security Using Switch Features 2 HoursSkill Level: Intermediate 
+ Description
 In this course, students learn different methods of how to secure Local Area Networks (LANs) at the connectivity level. Topics include: monitoring media access control (MAC) addresses and port security, limiting MAC & IP spoofing, controlling traffic flows, implementing and enhancing security in virtual local area netorks (VLANs), enabling authentication on connection points, and determining host security health. Examples are used throughout to reinforce concepts

Training Purpose: Skill Development

Specialty Areas: System Administration, Systems Security Analysis, Vulnerability Assessment and Management, Cyber Threat Analysis

Training Proficiency Area: Level 2 - Intermediate

Capture Date: 2010

+ Course Modules/Units
 
Introduction and MAC Address Monitoring
MAC Address Spoofing
Managing Traffic Flows
VLANs and Security
802.1x Port Authentication
Network Admission Control
Securing STP
Securing VLANs and VTP
Linux Operating System Security 9 HoursSkill Level: Advanced 
+ Description
 This course introduces students to the security features and tools available in Linux as well as the considerations, advantages, and disadvantages of using those features. The class will be based on Red Hat Linux and is designed for IT and security managers, and system administrators who want to increase their knowledge on configuring and hardening Linux from a security perspective.

Training Purpose: Skill Development

Specialty Areas: Vulnerability Assessment and Management, Systems Security Analysis, System Administration

Training Proficiency Area: Level 3 - Advanced

Capture Date: 2013

+ Course Modules/Units
 
Linux OS Security Introduction
Booting Linux
Linux Recovery
Linux Startup Scripts
Linux Startup Processes
Linux Runlevels Demo
Chkconfig_and_Upstart Demo
Linux Processes and Signals
Linux Process Monitoring
PS_and_Netstat Demo
Linux PS and TOP Demo
Working with Linux PIDs
Linux File System Overview
Linux File Security
Linux File Access Controls
File Integrity Demo
Linux Kernel Tuning
Linux Host Access Controls
Linux User and Group Definition
User Management
Linux Privilege Escalation
Sudoers Demo
Linux Authentication Methods
Linux Viruses and Worms
Linux Trojan Horses
Linux Rootkits
Linux Misconfigurations
Linux Software Vulnerabilities
Linux Social Engineering
Linux Automated Installation
Managing Linux Packages
Package Management Tools Demo
Repositories and System Management
Custom Repository Demo
Linux IPv4 and IPv6
Linux Network Configuration
Linux Tunneling
Kernel Tuning Demo
Linux X11 Forwarding
Linux File Sharing
Linux Grand Unified Bootloader (GRUB)
Configuring GRUB Demo
Security Enhanced Linux
Introduction to IPTables
IPTables Rules
IPFilter
Linux Packet Sniffers
Linux NIDS
Linux HIDS
Linux Antivirus
Linux Secure Shell
Linux Log Management
Linux Scripting Basics
BASH Scripting Demo
IF Statements
Pipes and Redirection
Variables and Regular Expressions
Custom Scripting
Linux Hardening
NSA Hardening Guides
National Vulnerability Database (NVD)
Common Vulnerabilities and Exposures (CVE)
Vulnerability Scanning
Linux Operating System Security Quiz
Network Layer 1 & 2 Troubleshooting  3 HoursSkill Level: Basic
+ Description
 This course reviews troubleshooting methods used in Layer 1 and Layer 2 of the OSI Model. The course covers how to detect, trace, identify, and fix network connectivity issues at the Physical and Data Link layers of the OSI stack. The basics of the Physical and Data Link layers will be covered along with a review of the devices, signaling, and cabling which operate at these layers. Students will be presented with methods for tracing connectivity issues back to the source and identifying mitigation solutions.

Training Purpose: Functional Development

Specialty Areas: Network Services, System Administration, Customer Service and Technical Support, Systems Security Architecture

Training Proficiency Area: Level 1 - Basic

Capture Date: 2015

+ Course Modules/Units
 
Network Layer 1 and 2 Troubleshooting Introduction
OSI Physical Layer 1 Overview
Data Transmission Medium Cables and Connectors
Patch Panels
Fiber Optic Cables
Encoding and Signaling Functions
Network Components
Physical Network Design/Topology
Network Troubleshooting Methodology
Common Layer 1 Issues Part 1 of 2
Common Layer 1 Issues Part 2 of 2
Layer 2 Data Link Layer Components Overview
MAC Addresses/Logical Link Control
Layer 2 Protocols
Physical Network Design/Topology
Network Troubleshooting Methodology Review
Common Layer 2 Issues
Layer 2 Troubleshooting Tools
NW Layer 1 and 2 Troubleshooting exam
Offensive and Defensive Network Operations 13 HoursSkill Level: Basic  
+ Description
 

This course focuses on fundamental concepts for offensive and defensive network operations. It covers how offensive and defensive cyber operations are conducted and details U.S. government doctrine for network operations. Topics include network attack planning, methodologies, and tactics and techniques used to plan for, detect, and defend against network attacks.

Learning Objectives

  • Apply U.S. government network operations background and doctrine
  • Describe offensive and defensive network operations
  • Determine offensive network operation missions, planning, and exploitation phases and methodologies
  • Derive defensive network operation missions, planning, and methods to detect and defend against network attacks and attackers' methods

Training Purpose: Functional Development

Specialty Areas: Computer Network Defense Analysis, Cyber Operations

Training Proficiency Area: Level 1 - Basic

Capture Date: 2015

+ Course Modules/Units
 
Cyberspace As A Domain
Joint Publication 3-12(R), Cyberspace Operations Overview Part 1 of 3
Joint Publication 3-12(R), Cyberspace Operations Overview Part 2 of 3
Joint Publication 3-12(R), Cyberspace Operations Overview Part 3 of 3
Joint Communications Overview and Information Environment
Joint Force Communication, System Operations, and Management Planning
Legal Considerations for Cyber Operations Part 1 of 2
Legal Considerations for Cyber Operations Part 2 of 2
Adversaries in Cyberspace Part 1 of 3
Adversaries in Cyberspace Part 2 of 3
Adversaries in Cyberspace Part 3 of 3
Offensive Cyber Operations Background
Offensive Cyberspace Operations Definitions
Offensive Cyberspace Operations Planning and Legal Considerations
Offensive Methodologies
Offensive Methodology Planning Examples 1 of 2
Offensive Methodology Planning Examples 2 of 2
Reconnaissance Methodology Overview
Social Engineering for Reconnaissance
Reconn with Automated Correlation Tools and Search Engines Part 1 of 2
Reconn with Automated Correlation Tools and Search Engines Part 2 of 2
Netowrk Mapping for Active Reconnaissance
Port Scanning for Active Reconnaissance
Windows Enumeration Basics
Linux Enumeration Basics
Scanning and Enumerating with Nmap
Exploitation using Direct Exploits and System Misconfiguration
Exploitation with SET Example
Exploitation
Entrenchment
Exploitation Basics
Post-Exploitation
Abuse and Attacks
Defensive Cyberspace Operations (DCO)
DCO Types of Operations
DCO Operational Goals
DCO Best Practices
Defensive Methodology: Understanding the Threat
Defensive Methodology: Tactics
Defensive Methodology: Defense-in-Depth
Incident Management Overview
Incident Management Policies, Plans and Procedures
Incident Management Team Configuration
Incident Response Lifecycle
Defending the Domain
Perimeter and Host Defenses
IDS/IPS Defined Including Advantages and Disadvantages
IDS/IPS Types and Functions
IDS/IPS Location Placements
Intrusion Detection using Snort
Reviewing Alerts and Detecting Attack Phases
Network Traffic Analysis
Methods of Network Traffic Analysis
Wireshark
Log Analysis Methods and Techniques Part 1 of 2
Log Analysis Methods and Techniques Part 2 of 2
Detecting Offensive Operations using Log Analysis
Digital Forensics Overview and Tools
Digital Forensics Methods and Techniques Part 1 of 2
Digital Forensics Methods and Techniques Part 2 of 2
Identifying Phases of Attack Using Digital Forensics
Incident Data: Profile and Analysis
Incident Reporting
Offensive and Defensive Network Operations Exam
Root Cause Analysis 1 hourSkill Level: Intermediate  
+ Description
 This course provides an explanation of root cause analysis for cyber security incidents and an overview of two different root cause analysis models (and approaches used in these models). The course also describes how root cause analysis can benefit other incident management processes (response, prevention, and detection), and details general root cause analysis techniques that can be adopted as methods for analysis of cyber incidents.

Training Purpose: Skill Development

Specialty Areas: Threat Analysis, Computer Network Defense Analysis, Incident Response

Training Proficiency Area: Level 1 - Basic

Capture Date: 2016

+ Course Modules/Units
 
Root Cause Analysis Fundamentals
Root Cause Analysis Methods
Cyber Kill Chain Model for Root Cause Analysis
Sample Incident Cause Analysis Workflow
Root Cause Analysis Course Exam
Radio Frequency Identification (RFID) Security 1 HourSkill Level: Intermediate 
+ Description
 This course will cover securing radio frequency identification (RFID), different components of RFID, how it works, applications in which it is being used, benefits and weaknesses, and the communication range over which it works will be reviewed. Students will learn specific concerns with RFID, recommendations for RFID, and security issues that have come to light.

Training Purpose: Skill Development

Specialty Areas: System Security Analysis, Vulnerability Assessment and Management

Training Proficiency Area: Level 2 - Intermediate

Capture Date: 2010

+ Course Modules/Units
 
RFID Introduction
RFID Threats
RFID Countermeasures
Exploited Threats
Securing Infrastructure Devices 1 HourSkill Level: Intermediate  
+ Description
 This course covers physical security, operating system security, management traffic security, device service hardening, securing management services and device access privileges.

Training Purpose: Skill Development

Specialty Areas: Enterprise Architecture, Network Services, System Administration, Computer Network Defense Infrastructure Support, Systems Security Analysis

Training Proficiency Level: Level 2 - Intermediate

Capture Date: 2010

+ Course Modules/Units
 
Physical and Operating System Security
Management Traffic Security
Device Service Hardening
Securing Management Services
Device Access Hardening
Device Access Privileges
Securing the Network Perimeter 1 HourSkill Level: Intermediate 
+ Description
 This course covers edge security traffic design, blocking Denial of Service / Distributed Denial of Service (DoS/DDoS) traffic, specialized access control lists, routers and firewalls, securing routing protocols, securing traffic prioritization and securing against Single Point of Failure (SPOF).

Training Purpose: Skill Development

Specialty Areas: Network Services, Computer Network Defense, Incident Response, Digital Forensics, Systems Security Analysis

Training Proficiency Area: Level 2 - Intermediate

Capture Date: 2010

+ Course Modules/Units
 
Introduction and Edge Security Traffic Design
Blocking DoS and DDoS Traffic
Specialized Access Control Lists
Routers with Firewalls
Beyond Firewalls: Inspecting Layer 4 and Above
Securing Routing Protocols and Traffic Prioritization
Securing Against Single Point of Failures
Security and DNS 1 HourSkill Level: Advanced 
+ Description
 This course discusses name resolution principles, name resolution and security, DNS security standards, securing zone transfers with Transaction Signature (TSIG), and DNS Security Extension (DNSSEC) principles, implementation and resources.

Training Purpose: Skill Development

Specialty Areas: Enterprise Architecture, Network Services, System Administration

Training Proficiency Area: Level 3 - Advanced

Capture Date: 2010

+ Course Modules/Units
 
Name Resolution Introduction
Name Resolution and Security
DNS Cache
DNS Security Standards and TSIG
DNSSEC
Migrating to DNSSEC
Issues with Implementing DNSSEC 1
Issues with Implementing DNSSEC 2
Windows Operating System Security 16 HoursSkill Level: Intermediate 
+ Description
 This course introduces students to the security aspects of Microsoft Windows. The class begins with an overview of the Microsoft Windows security model and some of the key components such processes, drivers, the Windows registry, and Windows kernel. An overview of the users and group permission structure used in Windows is presented along with a survey of the attacks commonly seen in Windows environments. Patching, networking, and the built-in security features of Windows such as the firewall, anti-malware, and BitLocker are all covered in light detail.

Training Purpose: Skill Development

Specialty Area: Vulnerability Assessment and Management, Systems Security Analysis, System Administration

Training Proficiency Area: Level 2 - Intermediate

Capture Date: 2012

+ Course Modules/Units
 
Windows OS Security Course Introduction
Windows Security Module Introduction
Windows Architecture Overview
Windows Subsystems Part 1 of 2
Windows Subsystems Part 2 of 2
Windows Security Development Lifecycle
Windows API
Windows Registry
Viewing Windows Registry Demo
Windows Services Part 1 of 2
Windows Services Demo
Windows Services Part 2 of 2
Multi-tasking
Sessions, Windows Stations and Desktops
Programs and Drivers Part 1 of 2
Reviewing Drivers in Windows
Programs and Drivers Part 2 of 2
Updating Widows Drives Demo
Applications, Processes, and Threads
Buffer Overflow Protection
Authenticode Part 1 of 2
Digital Certificate Details Demo
Authenticode Part 2 of 2
Windows Action Center
Windows Users and Groups Introduction
User Account Control
Windows Users and Groups Part 1 of 2
Windows Users and Groups Part 2 of 2
Windows Interactive Logon Process
NTLM Authentication Overview
Kerberos Authentication Overview
Types of Authentication
File Permissions
Dynamic Access Controls
Threats and Vulnerabilities Introduction
OS Vulnerabilities
CVE Details Demo
CVE Samples
Misconfigurations
Password Configuration Options
Password DDOS Demo
Common Misconfigurations
CCE and the NVD Demo
Social Engineering
Viruses and Worms
Impersonation
Microsoft Updates and Patching Process Part 1 of 2
Double Decode
Microsoft Updates and Patching Process Part 2 of 2
Securing the Update Process
Update Process Circumvention
Windows Server Update Service
Internet Explorer Patching
Windows Network Connectivity
Windows Network Profiles
Windows Network Adapter Settings
Windows Wireless Settings
Windows Networking Protocols
Other Windows Protocols
Microsoft VPN Part 1 of 2
Microsoft VPN Part 2 of 2
Microsoft Network Access Protection Part 1 of 2
Microsoft Network Access Protection Part 2 of 2
How to Configure Windows Update Settings Demo
Windows Security Features Introduction
Windows Firewall
Windows Firewall Wizard Demo
Windows Firewall with Advanced Security
Windows Firewall with Advanced Security Demo
Configuring Windows Firewall Demo
Windows Defender
Windows AD and PKI Demo
Windows Active Directory Certificate Services
Windows Group Policy
Windows AppLocker
Configuring And Using App Locker Demo
Windows BitLocker
Configuring And Using Bitlocker Demo
Windows Secure Boot
Windows Security Auditing
Windows Audit Settings and Examples
SCW Introduction
Hardening Windows Introduction
Windows Templates
Microsoft Baseline Security Analyzer
Microsoft Security Configuration Wizard
Microsoft Security Compliance Manager
Hardening with Group Policy
NVD Search Demo
Other Guidelines and Recommendations
Using Windows Mgmt Intstrumentation Demo
Using The Security Config Wizard Demo
PowerShell Introduction
PowerShell Key Commands
PowerShell Demo
Administrative Functions with PowerShell
Computer and Network Management with PowerShell
Basic Scripts in PowerShell
PowerShell Security Settings and Configurations
Using Powershell Demo
Windows OS Security Quiz
Wireless Network Security (WNS) 9 HoursSkill Level: Intermediate 
+ Description
 The purpose of the Wi-Fi Communications and Security course is to teach the technologies of the 802.11 family of wireless networking, including the principles of network connectivity and network security.

Training Purpose: Skill Development

Speciality Areas: Enterprise Architecture, Network Services, System Administration, Customer Service and Technical Support, Computer Network Defense Infrastructure Support

Training Proficiency Area: Level 2 - Intermediate

Capture Date: 2013

+ Course Modules/Units
 
Wi-Fi Communication and Security Intro
How Wi-Fi Became Ubiquitous
Wi-Fi Standards - 802.11b
Wi-Fi Standards - 802.11a
Wi-Fi Standards - 802.11g n and ac
Bluetooth Standards
WiMAX Standards
LTE HSPA EvDO Network Types
Spread Spectrum Technology
802.11 Transmissions and Wireless Channels
802.11 Data Rates
Wireless Network Topologies
Wireless Network Hardware
RF Propagation Principles
Impacts on Signal Radiation
Signal Propagation and Objects
Additional Signal Effects
Measuring Signal Strength
Signal Strength and Antennas
Wireless Coverage and Frequency Reuse
Wireless Network Design Issues
Wireless Modes and Service Sets
Wireless Authentication and Association
Wireless and Roaming 1 of 2
Wireless and Roaming 2 of 2
Enterprise 802.11 Solutions
Key Points of CAPWAP
Advantages of CAPWAP
CAPWAP Demo
802.11 Security Flaws
Fixing 802.11 Security
802.1x Authentication Protocols
Additional Issues with 802.11 Encryption
Additional 802.11 Security Measures
Other Wireless Threats
Wireless Best Practices
Wireless Network Assessment Part 1 of 2
Wireless Network Assessment Part 2 of 2
Wireless Network Security Quiz