| Advanced Windows Scripting 6 Hours | Skill Level: Basic |   | | + Description | | | This course focusses on advanced concepts for writing scripts for the Microsoft Windows operating system. The course covers how to string multiple commands together in traditional BATCH scripts as well as leverage Visual Basic Scripting (VBS) to perform more complex tasks, and includes reinforcing video demonstrations and final assessment.
Training Purpose: Securely Provision, Operate and Maintain
Specialty Areas: Software Development, Systems Administration, Systems Analysis, Customer Service and Technical Support
Training Proficiency Area: Level 1 - Basic
Capture Date: 2015 |
| | + Course Modules/Units | | | | Advanced Windows Scripting Introduction | | Windows BATCH Scripting Overview | | Windows BATCH Advanced Syntax Part 1 of 2 | | Windows BATCH Advanced Syntax Part 2 of 2 | | Windows Scripting Advanced Uses of FOR | | Windows Scripting Syntax Tips and Tricks | | Windows Scripting CALL and START Demo | | Windows Scripting Subroutine Demo | | Windows Scripting SET Demo | | Windows Scripting PUSHD and POPD Demo | | Manipulating In_Outputs | | Stringing Multiple Commands Together | | FOR Loop Generating List Demo | | FOR Loop Recursive Listing Demo | | Taking Action Based on Content of Output | | Action Based on Content Output Demo | | Scripts in Typical Penetration Testing Tasks Part 1 of 2 | | Scripts in Typical Penetration Testing Tasks Part 2 of 2 | | Visual Basic Scripting Syntax and Usage | | Visual Basic Scripting Merge Demo | | VBS Elements_Structure | | VBS Elements_Variables, Arguments, and Conditionals | | VBS Elements_Loops | | VBS Elements_Functions and Operators | | VBS Windows Scripting Host | | VBS Elements_File I_O | | VBS Windows Scripting Demo | | VBS Error Handling and Troubleshooting | | Visual Basic for Applications | | Visual Basic for Application Elements | | Visual Basic for Applications Working with Applications | | VBA Working with Applications Demo | | VBA Error Handling and Troubleshooting | | VBA Error Handling and Troubleshooting Demo | | Advanced Windows Scripting Quiz |
|
|
|
| Analysis Pipeline 6 Hours | Skill Level: Intermediate |   | | + Description | | | This course is designed for network flow data analysts who use or are considering using Analysis Pipeline (http://tools.netsa.cert.org/analysis-pipeline5/index.html). The course aims to help the student better understand how to incorporate streaming network flow analysis into their toolkit for identifying and alerting on events of interest. The focus will be on applying Analysis Pipeline to operational use cases
Training Purpose - Protect and Defend, Collect and Operate, Operate and Maintain
Specialty Areas - Network Services, Cyber Operations, Cyber Defense Analysis
Training Proficiency Area: Level 2 - Intermediate
|
| | + Course Modules/Units | | | | Introduction | | Configuration Files | | Running Pipeline | | Logical Schematics | | Pipeline and Timing and State | | Alerts | | Configuration File Basics | | Filters | | Filters (Exercises and Solutions) | | Evaluations | | Evaluations (Exercises and Solutions) | | Statistics | | Internal Filters | | List Configurations | | Configuration File Basics (Exercises and Solutions) | | Threshold Examples | | Special Evaluations | | Building an Analytic | | Server Profiling Analytic | | Host Discovery Analytic | | Advanced Configurations | | NTP Anomalies | | Unknown SSH Brute Force | | Choose Your Own Adventure | | ICMP Surveying: Thinking it Through | | ICMP Surveying: Building it Out | | DDoS Detection: Thinking it Through | | DDoS Detection: Building it Out | | SSH Compromise: Thinking it Through | | SSH Compromise: Building it Out | | Analysis Pipeline 5 |
|
|
|
| EC-Council Certified Ethical Hacker (CEHv9) Self-Study Prep 31 Hours | Skill Level: Advanced |  | | + Description | | | The CEHv9 certification prep self-study course helps prepare students to sit for the EC-Council Certified Ethical Hacker version 9 certification exam. This course contains materials to aid the student in broadening their knowledge of advanced network assessment techniques including enumeration, scanning and reconnaissance. Updates to v9 from v8 include several new tools and new module on cloud considerations. Topics include reconnaissance, hacking laws, web application hacking, social engineering, packet capture, and scanning. The course then moves on to exploitation of several types of threats and how to cover your tracks, concluding with a practice exam.
Learning Objectives
- Review of the domains and published objectives of the CEHv9
- Supplemental resource for preparation for the EC-Council CEHv9 certification exam
Training Purpose: Operate and Maintain, Protect and Defend, Analyze
Specialty Areas: Systems Analysis, Cyber Defense Infrastructure Support, Vulnerability Assessment and Management, Threat Analysis
Training Proficiency Area: Level 3 - Advanced
Capture Date: 2016 |
| | + Course Modules/Units | | | | Certified Ethical Hacker v9 Intro | | Ethical Hacking Intro and Security Reports | | Security Reports Statistics | | Ethical Hacking Terminology | | IR in Ethical Hacking | | Laws and Regulations | | Ethical Hacking and Threats | | Types of Attacks and Attack Vectors | | Hacking Phases and Vul Research | | Reconnaissance | | Passive Footprinting | | DEMO: WHOIS with BackTrack | | Passive WHOIS Queries | | Google Hacking | | Active Footprinting | | DEMO: Nslookup Example | | Active Footprinting Cont | | DEMO: Active Footprinting with Traceroute | | Network Mapping and Web Mirroring | | Active Footprinting Countermeasures | | Scanning Essentials | | Scanning Essentials Continued | | Port Scanning | | Vulnerability Scanning | | DEMO: Banner Grabbing with Telnet | | Covert Scanning | | DEMO: Scanning with Nmap Demo | | Additional Covert Scanning | | Enumeration Overview Part 1 of 2 | | Enumeration Overview Part 2 of 2 | | Enumeration Tools | | Operating System Account Enumeration | | Protocol Enumeration | | DEMO: NetStat Enumeration and Countermeasures | | Authentication Techniques | | Microsoft Authentication | | Password Cracking | | Password Cracking Techniques | | Privilege Escalation | | DEMO: Rainbow Table Lookup Sites | | Keyloggers | | Spyware and Activity Monitoring | | Packet Sniffing Attacks | | Rootkits | | Covert Hacking | | Covering Tracks | | Virus Examples and Symptoms | | Virus Classifications and Characteristics | | Virus Types and Terminology | | Virus Making Tools | | Famous Worms | | Trojan Terminology and Techniques | | Trojans and Backdoors | | DEMO: Shell Connections via Netcat and BackTrack | | Trojan Analysis | | DEMO: Trojans and Rootkits | | Malware Countermeasures and Tools | | DEMO: Strings Analysis | | Other Malicious Code Types | | Sniffers Terminology and Overview | | Network Overview for Sniffer Placement | | Basic Packet Analysis | | DEMO: Viewing ARP Packets with Packet Builder | | Attacks and Protocols Vulnerable to Sniffing | | Spoofing and Flooding Sniffing Attacks | | MITM Attacks Ports Vul to Sniffing | | Wireshark Overview and Examples | | Evasion in Network Sniffing | | Sniffing Countermeasures and Tools | | DEMO: Hping3 | | DEMO: Wireshark | | Social Engineering Background and Examples | | Human-based Social Engineering | | Additional Human-based SE | | Computer Based Social Engineering | | Computer-Based SE - Social Networking | | Mobile-based Social Engineering | | SE and Identity Theft Countermeasures | | DEMO: Social Engineering Toolkit Demo | | Denial of Service Part 1 of 2 | | Denial of Service Part 2 of 2 | | Categories of Denial of Service | | DEMO: HW and Mobile DoS Options | | Buffer Overflow Terminology and Background | | DEMO: Stack Overflow Testing wil OllyDbg | | Session Hijacking Overview and Examples | | Cross Site Scripting and Other Session Attacks | | Session Hijacking Techniques | | IPSec and Session Hijacking | | Hacking Webservers Terminology and Background | | Webserver Architecture | | Webserver Hacking Tools | | Web Server Attacks | | OWASP Top 10 | | Webserver Hacking Countermeasures | | SQL and Command Injection Web App Hacking | | Non SQL Injection Errors | | Parameter and Form Tampering Web App Hacking | | Cross-site Scripting and Obfuscation Web App Hacks | | Cross-Site Request Forgery and Cookies | | Web Application Methodology | | Web App Attack Tools and Countermeasures | | Buffer Overflow Tools and Countermeasures | | DEMO: BurpSuite | | DEMO: XP cmdshell Demo | | SQL Terminology and Example Statements | | SQL Enumeration | | SQL Injection Attacks | | SQL Injection Tools and Countermeasures | | DEMO: SQL Injection | | Wireless Terminology and Standards | | Wireless Terminology and Antennas | | Wireless Authentication | | Wireless-based Attacks | | Wireless Attack Methodology | | Wireless Attack Methodology Continued | | WEP WPA and Other Wireless Attacks | | Bluetooth Communication Basics | | Wireless Protocols and Signal Modulation | | DEMO: SSID and Channels | | DEMO: WiFi Analyzer Using Mobile Device | | Wireless Hacking Tools and Countermeasures | | Mobile Platform Overview | | Mobile Device Operating Systems | | Hacking Mobile Platforms | | IDS Overview and Detection Methods | | DEMO: Published Snort Rules | | Firewalls and Honeypots | | Firewall Configurations | | Signs of Intrusions | | Evasion Techniques | | IDS Evasion Techniques | | Evasion Testing Techniques | | DEMO: Intrusion Signs | | Cryptography Background and Terminology | | Crypto Keys and Algorithms | | SHA and TLS Algorithms | | DEMO: Hashing with MD5 Sum | | Crypto Keys and Algorithms Continued | | Cryptography Implementations | | Public Key Infrastructure (PKI) | | Cryptanalysis Techniques | | Cryptanalysis Tools | | Cryptographic Attacks | | Steganography Tools | | Security Testing and Assessments | | Penetration Testing Terminology | | Risk Management and Penetration Testing | | Penn Testing Phases and Methodology | | Penetration Testing Walkthrough | | Penetration Testing Tools | | DEMO: Exploits with Armitage | | DEMO: Intro to Armitage | | DEMO: v3 RunningExploitFrom Code | | Introduction to Cloud Computing | | Cloud Security | | Cloud Architectures | | Cloud Testing Tools | | Cloud Threats and Attacks | | CEHv9 Prep Practice Exam |
|
|
|
| Cisco CCENT Self-Study Prep 13 hours | Skill Level: Intermediate | | | + Description | | | The Cisco CCENT Prep course is a self-study resource for learners preparing for the Cisco CCENT certification, one of the prerequisites for the Cisco CCNA certification. Installing, operating, configuring, and verifying a basic IPv4 and IPv6 network will be discussed. Students will also be introduced to configuring a local area network (LAN) switch, configuring an internet protocol (IP) router, and identifying basic security threats. The course includes several reinforcing video demonstrations of concepts discussed, as well as a quiz.
Training Purpose: Operate and Maintain
Specialty Areas: Network Services, Systems Administration, Systems Analysis, Customer Service and Technical Support
Training Proficiency Area: Level 2 - Intermediate
Capture Date: 2015 |
| | + Course Modules/Units | | | | Switched Networks Part 1 of 2 | | Switched Networks Part 2 of 2 | | Collisions and Broadcasts | | DEMO: Viewing an ARP Table | | Basic Switch Configuration | | SSH Operation and Configuration | | Configuring Switch Ports | | Switch Troubleshooting | | Securing a Switch | | Best Practices for Switched Networks | | DEMO: Making an RJ-45 Cable | | VLAN Segmentation Part 1 of 2 | | VLAN Segmentation Part 2 of 2 | | VLAN Implementations | | VLAN Security and Design | | DEMO: Configuring VLANs | | DEMO: Demonstrating VLAN Connectivity | | Functions of a Router Part 1 of 2 | | Functions of a Router Demo | | Functions of a Router Part 2 of 2 | | Configuring Basic Router Settings | | DEMO: IPv4 and IPv6 Subnetting | | Basic Router Settings_IPv6 and Loopback Interfaces | | Verifying Connectivity of Directly Connected Networks | | Switching Packets Between Networks | | Routing Tables and Protocols | | DEMO: IPv6 Header Analysis | | DEMO: MAC Address Table | | DEMO: IPv4 Addresses and Router Interfaces | | DEMO: IPv6 Addressing on Router Interfaces | | Inter-VLAN Routing Configuration | | Layer 3 Switching | | Static Routing | | Configure Static Routing | | Classful Addressing and Routing | | Configuring Summary Routes | | Troubleshooting Static and Default Routes | | DEMO: Static Routing | | Dynamic Routing Protocol Operation | | Routing Protocol Operating Fundamentals | | Types of Routing Protocols | | Types of Distance Vector Routing Protocols | | Configuring the RIP Protocol | | RIPng and Link-State Routing | | DEMO: RIP Version 1 and IPv4 | | DEMO: RIP Version 2 Improvements | | DEMO: Setting up RIP for IPv6 | | Characteristics of OSPF | | OSPF Messages | | OSPF Router IDs | | Configuring and Verifying OSPF | | OSPFv2 versus OSPFv3 | | DEMO: Configuring OSPF | | DEMO: Troubleshooting OSPFv2 | | DEMO: Configuring OSPFv3 | | DHCPv4 Operation | | Configuring and Troubleshooting DHCPv4 | | DEMO: DHCPv4 | | SLAAC and DHCPv6 | | Stateless and Stateful DHCPv6 | | DEMO: Stateless DHCPv6 | | NAT Characteristics and Benefits | | Types of NAT | | Configuring Static and Dynamic NAT | | Configuring PAT and Port Forwarding | | DEMO: Enabling IPv4 NAT | | Configuring and Troubleshooting NAT for IPv6 | | CCENT Prep Practice Exam |
|
|
|
| Cloud Computing Security 1 Hour | Skill Level: Intermediate | | | + Description | | | This course provides an in-depth look at the strengths and weaknesses of cloud computing security as well as the considerations to take in choosing the cloud as a data management solution. Technical and operational risks are explained, along with strategies to mitigate the aforementioned risks. To demonstrate concepts learned, the course closes with a real-world example of how a government agency (Defense Information Systems Agency) utilizes cloud computing solutions.
Training Purpose: Securely Provision, Operate and Maintain
Specialty Areas: Systems Analysis, Network Services, Systems Requirement Planning
Training Proficiency Area: Level 2 - Intermediate
Course Capture Date: 2010 |
| |
|
| Cisco CCNA Security Self-Study Prep 15 Hours | Skill Level: Intermediate | | | + Description | | | The Cisco CCNA Security Self-Study Prep course is aimed at those who already have experience with routers and basic level networking skills, and those who may be interested in taking the Cisco CCNA Security exam. Content covered in the CCNA Security Prep course include protocol sniffers, analyzers, TCP/IP, desktop utilities, Cisco IOS, the Cisco VPN, a Cisco simulation program called Packet Tracer, and some web-based resources. Students will get a theoretical understanding of network security, knowledge and skills designed to implement it. This self-study resource contains several reinforcing video demonstrations and final exam.
Training Purpose: Operate and Maintain
Specialty Areas: Network Services, Systems Administration, Systems Analysis, Customer Service and Technical Support
Training Proficiency Area: Level 2 - Intermediate
Capture Date: 2015
|
| | + Course Modules/Units | | | | Securing Network Devices | | Secure Administrative Access Part 1 of 2 | | Secure Administrative Access Part 2 of 2 | | DEMO: Securing Router Access Methods | | Role-Based CLI Overview | | Password Recovery | | Management Reporting and Logging Considerations | | Implementing Log Messaging for Security | | Configuring NTP | | Disabling Unused Cisco Router Network Services and Interfaces | | AAA Authentication Methods | | Implementing Local AAA Authentication | | Implementing Server-Based AAA Authentication | | Cisco Secure ACS | | Configuring Server-Based AAA Authentication | | Server-Based Authorization and Accounting | | Implementation Firewall Technologies | | Access List Controls (ACLs) | | Extended ACLs and ACL Caveats | | ACL Placement | | Complex ACLs | | Troubleshooting ACLs | | Securing Networks with Firewalls | | Zone-Based Policy Firewalls | | CCP Firewall Wizard and Manual ZPF using CCP | | DEMO: Enabling IOS Firewall | | Implementing Intrusion Prevention Intro | | IPS Signatures | | Signature Trigger and Action for IPS | | Managing and Monitoring IPS | | Configuring and Verifying IOS IPS | | Securing the Local Area Network Intro | | Layer 2 Security Part 1 of 2 | | Layer 2 Security Part 2 of 2 | | Mitigating MAC Spoofing and MAC Table Overflow Attacks | | Mitigating STP Manipulation | | Configuring Storm Control | | Mitigating VLAN Attacks | | Configuring Cisco Switch Port Analyzer | | Private VLAN Edge | | Advanced Technology Security Considerations | | Wireless Networks | | VoIP and SAN Networks | | DEMO: Enabling STP with Voiceover | | Cryptographic Systems and Hashes | | Encryption and Confidentiality | | Public Key Cryptography and PKI | | VPN Terminology and Topologies | | IPSec Frameworks and Key Exchange | | IPSec Tasks | | Configuring IPsec VPN using CCP | | Remote-Access VPNs | | Managing a Secure Network and Addressing Risks | | Operations Security | | Network Security Testing | | Continuity Planning | | SDLC | | Security Policy | | ASA Models and Features | | Basic ASA Configuration and Settings | | Introduction to ASDM | | ASA Objects and Object Groups | | ACLs for ASA | | ASA and NAT | | ASA and PAT | | ASA AAA | | Modular Policy Framework | | ASDM Service Policies Demo | | ASA VPN Features | | ASDM AnyConnect VPN Wizard | | DEMO: ASA Console Config | | DEMO: ASA GUI Config | | DEMO: ASA Traffic Management | | CCNA Security Prep Practice Exam |
|
|
|
| CMaaS Transition Classroom Sessions 5 Hours | Skill Level: Basic | | | + Description | | | This course is part of the CMaaS transitional webinar series conducted via WebEx. Each video focuses on a single tool within the CMaaS solution stack, and includes two major Use Cases for each tool.
Training Proficiency Level: Level 1 - Basic
Capture Date: 2018 |
| |
|
 CompTIA A+ 220-901 Certification
Prep 12 Hours | Skill Level: Basic | | | + Description | | | The CompTIA A+ 901 certification prep course is a self-study resource to help students prepare for the CompTIA A+ certification exam.
The A+ exam covers both 220-901 and 220-902 objectives. Topics covered in the 901 prep include maintenance and configuration of PCs and devices, basics of networking, troubleshooting software and hardware issues, and customer support.
Learning objectives:
- Provide a review of the four knowledge area domains in the CompTIA A+ 220-901 exam objectives.
- Supplemental self-study preparation resource for the CompTIA A+ certification exam.
- Understand the basics of device installation, troubleshooting, and customer support.
Training Purpose: Skill Development
Specialty Areas: (Operate and Maintain) Customer Service and Technical Support, Network Services, System Administration
Training Proficiency Area: Level 1 - Basic
|
| | + Course Modules/Units | | | | CompTIA A+ 220-901 Prep Course Introduction | | Computing System Components | | Central Processing Unit (CPU) | | Sockets and Processing | | Virtualization and Temperature Monitoring | | DEMO: CPU Characteristics and Installation | | RAM Basics and Types of RAM | | Upgrading and Installing RAM | | DEMO: RAM Installation and Verification | | BIOS Components, Configurations and Settings | | DEMO: BIOS Overview | | Motherboard Form Factor, Chipset and Components | | Motherboard Expansion Slots and Card Installation | | Installing New Motherboard | | Power Supply and Connectors | | Display Types and Features | | Display Connector and Cable Types | | Hard Drive Basics | | Hard Drive RAID Types | | Hard Drive Interfaces | | DEMO: Hard Drive Installation and Initializing | | DEMO: Software Virtualization | | Common Peripheral Devices | | Removable Media | | Audio/Video Standards | | PC Configurations | | DEMO: Inside Desktop Computer | | Printer Types | | Printer Languages and Installation | | Printer-Scanner Maintenance and Troubleshooting | | SOHO Network | | Fiber and Coaxial Cables and Connectors | | Patch Panels, Ethernet Standards and LAN | | IP Address, Ports and Protocols Part 1 of 3 | | IP Address, Ports and Protocols Part 2 of 3 | | IP Address, Ports and Protocols Part 3 of 3 | | Wireless Networks and WiFi Standards | | Configuring a SOHO Network | | Network Types | | Network Devices: Routers | | Network Devices: Hubs, Switches and Firewalls | | Hardware Tools for Connectivity Issues | | Laptops and Mobile Devices | | Laptop Expansion Options, Docking and Locks | | Laptop Hardware Replacement | | Laptop Special Functions and Features | | DEMO: Laptop Computer Components | | Characteristics of Various Mobile Device Types | | Mobile Device Ports and Accessories | | Network Troubleshooting Process | | Troubleshooting Hardware, Video, Networks and OS | | DEMO: Troubleshooting Hard Drives | | Network Troubleshooting Methodology | | DEMO: Troubleshooting Network Issues | | Troubleshooting Common Video and Display Issues | | CompTIA A+ 220-901 Prep Practice Exam |
|
|
|
| CompTIA A+ 220-902 Certification Prep 8.5 Hours | Skill Level: Basic | | | + Description | | | The CompTIA A+ 902 certification prep course is a self-study resource to help students prepare for the CompTIA A+ certification exam. The A+ exam covers both 220-901 and 220-902 objectives. Topics covered in the 902 prep installation and configuration of devices and software, networking and security basics, troubleshooting and diagnosing issues, as well as operational procedures.
Learning objectives:
- Provide an overview of the five knowledge area domains in the CompTIA A+ 220-902 exam objectives.
- Supplemental self-study resource for the CompTIA A+ certification exam
- Understand the basics of device configuration, networking, and applying troubleshooting theory.
Training Purpose: Skill Development
Specialty Areas: (Operate and Maintain) Customer Service and Technical Support, Network Services, System Administration
Training Proficiency Area: Level 1 - Basic |
| | + Course Modules/Units | | | | CompTIA A+ 220-902 Prep Course Introduction | | Microsoft Operating System Versions | | Upgrading Windows Operating Systems | | Windows Operating System Features Part 1 of 2 | | DEMO: File Structure and Paths | | DEMO: Creating and Managing Disk Folders | | Windows Operating System Features Part 2 of 2 | | Windows OS Installation Options | | Windows Command-line Tools Part 1 of 2 | | DEMO: Windows Command-Line Tools | | Windows Command-line Tools Part 2 of 2 | | DEMO: Windows OS GUI Tools Part 1 of 2 | | DEMO: Windows OS GUI Tools Part 2 of 2 | | Windows OS GUI Tools Best Practices | | Windows Networking and Resource Sharing | | DEMO: Image Backup and Restore on Windows | | DEMO: Linux Commands | | Best Practices and Common Features of OS X | | Introduction to Cloud Computing | | Cloud Architectures | | Network Services and Protocols | | Mobile Device Security Introduction | | Mobile Device Security Introduction Cont. | | Android Introduction | | Android Security | | Android Application Security | | DEMO: Installing Antivirus | | File System for iOS Devices | | Understanding the Basics of iOS | | Understanding iOS Security Architecture | | iOS Jailbreaking | | Malware and Social Engineering Threats | | Threats to Physical Security | | Physical Security Considerations | | Infrastructure Physical Security | | Laptop Security | | TEMPEST | | Physical Security Access Controls | | Biometric Access Control Devices | | Authentication | | DEMO: Windows Hidden File Properties | | Symptoms, Troubleshooting and Preventing Infection | | Mobile Device Security Best Practices | | Data Destruction and Disposal Methods | | SOHO Network | | PC Troubleshooting Tools | | Troubleshooting Common Symptoms of System Issues | | Troubleshooting System Crash and Failure-to-Boot | | Troubleshooting Mobile Device Issues | | Safety Procedures and Personal Safety | | IT Environmental Controls | | Incident Response Concepts | | Intellectual Property and Licensing | | Professional Communication and Troubleshooting | | CompTIA A+ 220-902 Prep Practice Exam |
|
|
|
| CompTIA Cybersecurity Analyst (CySA+) Prep 12.5 Hours | Skill Level: Intermediate | | | + Description | | | The CompTIA Cybersecurity Analyst (CySA+) self-study certification prep course is designed to help prepare candidates to sit for the CySA+ exam, as well as reinforce concepts for work roles such as Systems Security Analyst, Threat Analyst, and Vulnerability Assessment Analysts. This intermediate-level course focuses on analysis and defense techniques leveraging data and tools to identify risks to an organization, and apply effective mitigation strategies. They CySA+ is an approved baseline certification of the DoD Directive 8570.
Learning objectives:
- Provide a review of the following four skills: threat management, vulnerability management, security architecture and tool sets, and cyber incident response.
- Supplemental self-study preparation resource for the CompTIA CySA+ exam.
- Understand how to configure and use threat detection tools, perform data analysis, identify vulnerabilities, threats and risks, and secure and protect applications and systems within an organization.
Training Purpose: Skill Development
Specialty Areas: (Protect and Defend, Operate and Maintain, Securely Provision) Vulnerability Assessment and Management, Systems Analysis, Cyber Defense Analysis
Training Proficiency Area: Level 2 - Intermediate
Capture Date: 2018 |
| | + Course Modules/Units | | | | CySA Course Introduction | | Reconnaissance | | Port Scanning for Active Reconnaissance | | Environmental Reconnaissance Tools | | Social Engineering for Reconnaissance | | Network Mapping for Active Reconnaissance | | Syslog | | Reviewing Alerts/Detecting Attack Phases | | Common Tasks in Environmental Reconnaissance | | Environmental Reconnaisannce Variables | | Basic Packet Analysis | | Methods of Network Traffic Analysis | | Network Traffic Analysis | | Netflows | | Working with Netflows | | Netflow Tools | | Examining Log Files | | Data Correlation and Analytics | | Analyzing Device Data | | SIEM | | DEMO: Wireshark Packet Analyzer | | Hardening Network Devices | | Network Segmentation and Design | | Honeypot | | Endpoint Security | | Windows Group Policy | | Access Control Models | | Remote Authentication - Radius and Tacacs+ | | Hardening Host and Networked Systems | | Compensating Controls | | Corporate Penetration Testing | | Reverse Engineering Purpose and Practice | | Team Training and Exercises | | Risk Evaluation and Security Controls | | Vulnerability Assessment Introduction | | Vulnerability Management Requirements | | Vulnerability Scanner Configuration | | Vulnerability Assessment Tools | | Scanning and Enumeration with Nmap | | Intro to Vulnerability Scanning with Nessus | | Vulnerability Remediation | | Scanning and Report Viewing with OpenVAS | | Endpoint and Protocol Analysis | | Logging Strategies and Sources | | Reviewing, Analyzing and Correlating Logs | | Network Vulnerabilities | | System Vulnerabilities | | Web Application Vulnerabilities | | Wireless Network Vulnerabilities | | Virtual Infrastructure Vulnerabilities | | Threats to Mobile Devices | | ICS and SCADA Systems Security | | Malware and Social Engineering Threats | | Preparing for Impact Analysis | | Forensics Kit and Incident Response | | Forensic Investigation Suite | | Setting Up an Analysis Environment | | Communication During Incident Response | | Common Symptoms of Host Infection | | Incident Response and Recovery Part 1 of 2 | | Incident Response and Recovery Part 2 of 2 | | Regulatory Compliance and Frameworks | | Control Selection Tailoring and Implementation | | Verification and Quality Control | | Procedures Supporting Policy | | Enterprise Network Authentication Part 1 of 2 | | Enterprise Network Authentication Part 2 of 2 | | Cross-site Scripting and Other Exploits | | Privilege Escalation Exploit | | Technical Processes and Controls | | Software Development Models and SDLC | | Code Review and Testing | | Secure Coding Best Practice Resources | | Preventative Cyber Tools | | Collective Cyber Tools | | Analytical Cyber Tools | | Exploit Cyber Tools | | Forensics Cyber Tools | | CySA Prep Practice Quiz |
|
|
|
| CompTIA Security+ (SY0-501) Certification Prep 17.5 Hours | Skill Level: Basic | | | + Description | | | The CompTIA Security+ (SY0-501) Certification Prep is a self-study resource to help candidates prepare for the Security+ (SY0-501) certification exam. The topics covered are categorized into the six domain areas of the SY0-501 exam objectives: Threats and Vulnerabilities, Technology and Tools, Architecture and Design, Identity and Access Management, Risk Management, and Cryptography.
Learning Objectives:
- Supplemental preparation for the CompTIA Security+ SY0-501 Certification Exam
- List common cyber threats and how scanning and assessment tools and techniques identify potential vulnerabilities
- Explain how various tools and technologies are configured or deployed to support an organization's security posture
- Detail risk management best practices and mitigation strategies
NICCS Specialty Areas:
- Systems Analysis (Operate and Maintain)
- Systems Administration (Operate and Maintain)
- Network Services (Operate and Maintain)
- Vulnerability Assessment and Management (Protect and Defend)
Training Purpose Skill Development
Training Proficiency Area Level 1- Basic
|
| | + Course Modules/Units | | | | Security+ (SY0-501) Course Introduction | | Malware: Viruses | | Malware: Rootkits, Trojans, Botnets | | MITM, DoS, Packet Flooding and Other Attacks | | Backdoor, Spoofing, Replay and Other Attacks | | Password, Birthday, Crypto and Application Attacks | | Social Engineering Techniques | | Wireless Attacks | | Application Attacks | | Threat Actors | | Assessment Tools and Techniques | | Active and Passive Reconnaissance | | Security Testing and Assessment | | Firewall Implementations | | Proxy Server Implementations | | Hubs and Switches | | Routers and Routing Protocols | | Remote Access and VPNs Part 1 of 2 | | Remote Access and VPNs Part 2 of 2 | | Network Intrusion Detection Systems | | Host-Based Intrusion Detection Systems | | Password Cracking Categories and Tools | | Password Cracking Techniques | | DEMO: Local Information Gathering Tools | | DEMO: Network Connectivity Testing Tools | | DEMO: Remote Information Gathering Tools | | Mobile Device Security | | Mobile Device Deployment | | Network Security Protocols | | Network Services and Protocols | | Frameworks and Reference Architectures | | Network Zones | | Demilitarized Zones (DMZ) Implementations | | Security Device and Technology Placement | | Host Security: OS Hardening and Firewalls | | Host Security: Anti Virus, Malware and Spam | | Host Security: Pop Ups and Patch Management | | Secure Static Environment | | Secure Staging Deployment Concepts | | Cloud and Virtualization Concepts | | Cloud Architectures | | Host Security: Virtualization | | Resiliency and Automation to Reduce Risk | | Physical Security and Environmental Controls | | Access Control Categories | | Authentication Services | | Access Control Models | | Authentication and Authorization Concepts | | Biometric Authentication | | Account Management | | Identity Management | | Security Awareness and Training | | Risk and Related Concepts | | Risk and Asset Identification | | Threat and Risk Calculation | | Risk Control Types | | Security Control Types and Categories | | Basic Forensics Procedures | | Incident Handling and Forensics | | Incident Response Preparation | | Risk Management: Business Continuity | | Risk Management: Redundancy and Fault Tolerance | | Risk Management: Disaster Recovery | | Risk Mitigation Strategies | | Data Security | | Data Destruction and Disposal Methods | | Data Sensitivity and Handling | | Mitigation and Deterrence: Logging | | Mitigation and Deterrence: Hardening | | Mitigation and Deterrence: Network Security | | Mitigation and Deterrence: Attack Countermeasures | | Cryptography Part 1 of 2 | | Cryptography Part 2 of 2 | | Wireless Security Evolution | | Wireless Security Best Practices | | Cryptographic Keys and PKI | | Security+ (SY0-501) Certification Prep Exam |
|
|
|
| Demilitarized Zone (DMZ) with IDS/IPS 9 Hours | Skill Level: Intermediate | | | + Description | | | This course introduces the concept of a network Demilitarized Zone (DMZ) and the security benefits it can provide. Best practices for designing and implementing a DMZ is followed with a section on IDS and IPS systems that includes an in-depth look at SNORT for network monitoring. The course concludes with log analysis and management best practices.
Training Purpose: Skill development
Specialty Area: Computer Network Defense Infrastructure Support, Network Services, Systems Security Analysis, System Administration
Training Proficiency Area: Level 2 - Intermediate
Capture Date: 2013 |
| | + Course Modules/Units | | | | Demilitarized Zone (DMZ) Introduction | | DMZ Architecture | | DMZ Components: Firewalls Part 1 of 2 | | DMZ Components: Firewalls Part 2 of 2 | | Setting up a DMZ using IPTables Demo | | DMZ Components: IDS | | DMZ Components: IDS/IPS Placement | | DMZ Components: Proxy Servers | | DMZ Components: Network Servers | | DMZ Architectures | | Attacking the DMZ Part 1 of 2 | | Attacking the DMZ Part 2 of 2 | | DMZ Attack Types Part 1 of 2 | | DMZ Attack Types Part 2 of 2 | | DMZ: Open Source vs Commercial Implementations | | DMZ: Software Subscription Services | | Open Source DMZ Tools Part 1 of 2 | | Open Source DMZ Tools Part 2 of 2 | | Proxy Concepts | | DNS Concepts | | Web Server Concepts | | E-mail Relay and VPN Concepts | | DMZ and Commercial Software - Part 1 | | DMZ and Commercial Software - Part 2 | | Security Capabilities in a DMZ | | Security Capabilities in Procmail Demo | | Network Security Appliances IDS | | Snort Intro and Overview | | Using BASE w Snort DB | | Snort Demo | | Log Mgmt and Analysis Concepts | | SYSLOG Basics | | Using Swatch Overview | | Log Management Best Practices | | Proxy and DNS Log File Concepts | | Analyzing Proxy and DNS Log Files | | DMZ with IDS/IPS Course Quiz |
|
|
|
| DNSSEC Training Workshop 2 Hours | Skill Level: Advanced | | | + Description | | | This course covers the basics of DNSSEC, how it integrates into the existing global DNS and provides a step-by-step process to deploying DNSSEC on existing DNS zones.
Training Purpose: Skill development
Specialty Areas: Enterprise Architecture, Network Services, System Administration
Training Proficiency Area: Level 3 - Advanced
Capture Date: 2015 |
| | + Course Modules/Units | | | | DNSSEC Introduction | | DNS Resolution Steps | | DNS Vulnerabilities and Security Controls | | DNSSEC Mechanisms | | DNS Resource Records (RR) | | Special DNS Resource Records | | DNS Zone Signing | | Secure DNS Zone Configuration-DNSSEC Key Generation | | Prepare the DNS Zone File for Signing | | Signing the DNS Zone file | | Publishing a signed zone | | Testing a signed zone | | Testing a signed zone through a validator | | DNSSEC Chain of Trust | | Setting Up A Secure Resolver | | Adding a trusted key | | Securing the last hop | | ZSK Rollover | | Using pre-published keys | | KSK Rollover | | Conclusions |
|
|
|
| Emerging Cyber Security Threats 12 Hours | Skill Level: Intermediate |  | | + Description | | | This course covers a broad range of cyber security elements that pose threats to information security posture. The various threats are covered in detail, followed by mitigation strategies and best practices. This course will cover what policy is, the role it plays in cyber security, how it is implemented, and cyber security laws, standards, and initiatives. Topics include cyber security policy, knowing your enemy, mobile device security, cloud computing security, Radio Frequency Identification (RFID) security, LAN security using switch features, securing the network perimeter, securing infrastructure devices, security and DNS and IPv6 security. Video demonstrations are included to reinforce concepts.
Training Purpose: Skill Development
Specialty Areas: System Administration, Technology Demonstration, Vulnerability Assessment and Management, Strategic Planning and Policy Development, Cyber Threat Analysis
Training Proficiency Area: Level 2 - Intermediate
Capture Date: 2010 |
| | + Course Modules/Units | | | | Introduction to Cybersecurity Policy | | Types of Security Policy | | Policy Education and Implementation | | Cybersecurity Laws | | Proposed Legislation | | NIST Cybersecurity Standards | | Other Cybersecurity Standards | | Comprehensive National Cybersecurity Initiatives (CNCI) | | Other Federal Cybersecurity Initiatives | | Implementing Cybersecurity Initiatives | | SPAM | | Malware Trends | | Botnets | | Monetization | | Cyber Attack Profiles | | Cyber Crime | | Cyberwarfare | | Cyber Attack Attribution | | Cyber Threat Mitigation | | Mobile Device Trends | | Mobile Device Threats | | Mobile Device Countermeasures | | Exploited Threats | | What is Cloud Computing? | | Technical Risks | | Operational Risks | | Risk Mitigation Strategies | | DISA Cloud Solutions | | RFID Introduction | | RFID Threats | | RFID Countermeasures | | Exploited Threats | | Introduction and MAC Address Monitoring | | MAC Address Spoofing | | Managing Traffic Flows | | VLANs and Security | | 802.1x Port Authentication | | Network Admission Control | | Securing STP | | Securing VLANs and VTP | | Introduction and Edge Security Traffic Design | | Blocking DoS and DDoS Traffic | | Specialized Access Control Lists | | Routers with Firewalls | | Beyond Firewalls: Inspecting Layer 4 and Above | | Securing Routing Protocols and Traffic Prioritization | | Securing Against Single Point of Failures | | Physical and Operating System Security | | Management Traffic Security | | Device Service Hardening | | Securing Management Services | | Device Access Hardening | | Device Access Privileges | | Name Resolution Introduction | | Name Resolution and Security | | DNS Cache | | DNS Security Standards and TSIG | | DNSSEC | | Migrating to DNSSEC | | Issues with Implementing DNSSEC 1 | | Issues with Implementing DNSSEC 2 | | IPv6 Concepts | | IPv6 Threats | | IPv6 Network Reconnaissance | | DEMO: IPv6 Network Reconnaissance | | IPv6 Network Recon Mitigation Strategies | | IPv6 Network Mapping | | DEMO: IPv6 Network Mapping | | IPv6 Network Mapping Mitigation Strategies | | IPv6 Neighbor Discovery | | DEMO: IPv6 Address Assignment | | IPv6 Attacks | | DEMO: IPv6 Alive Hosts | | DEMO: IPv6 Duplicate Address Detection (DAD) | | DEMO: IPv6 DAD Denial of Services (DOS) | | DEMO: IPv6 Fake Router Advertisement | | DEMO: IPv6 Man-in-the-middle | | IPv6 Attack Mitigation Strategies | | IPv6 Tunneling | | IPv6 Windows Teredo Tunneling | | IPv6 Tunneling Mitigation Strategies | | IPv6 Best Practices |
|
|
|
| Introduction to Windows Scripting 4 Hours | Skill Level: Basic | | | + Description | | | This course focusses on writing scripts for the Microsoft Windows operating system. It covers fundamentals and syntax for automating administrative and security monitoring tasks. The course will present the basics of Windows BATCH scripting syntax and structure, along with several Windows command line utilities to harness the powerful capabilities built into Windows.
Training Purpose: Functional Development
Specialty Areas: Network Services, System Administration, Systems Security Analysis
Training Proficiency Area: Level 1 - Basic
Capture Date: 2015 |
| | + Course Modules/Units | | | | Scripting Basics Overview | | Windows BATCH Scripting Basics | | Windows BATCH Scripting_Variables | | Windows BATCH Scripting_Loops | | Windows BATCH Scripting_Functions | | Windows Script Error Handling and Troubleshooting | | Windows Script Best Practices and Examples | | Windows Scripting Demo | | Scripting for Penetration Testing | | Windows Scripting Utilities_xcopy | | Windows Scripting Utilities_findstr | | Windows Scripting Utilities_net Commands | | xcopy Examples Demo | | WMI and WMIC | | PowerShell Commands | | PSExec | | Windows Management Instrumentation Demo | | Intro to Windows BATCH Quiz |
|
|
|
| IPv6 Security Essentials Course 5 Hours | Skill Level: Advanced | | | + Description | | | This Internet Protocol version 6 (IPv6) Security Essentials course begins with a primer of IPv6 addressing and its current deployment state, discusses Internet Control Manager Protocol version 6 (ICMPv6), Dynamic Host Configuration Protocol version 6 (DHCPv6), and Domain Name System version 6 (DNSv6), and concludes with IPv6 Transition Mechanisms, security concerns and management strategies. This course includes several reinforcing video demonstrations, as well as a final knowledge assessment.
Training Purpose: Skill development
Specialty Area(s): Enterprise Architecture, Network Services, System Administration, Computer Network Defense Infrastructure Support, Systems Security Analysis
Training Proficiency Level: Level 3 - Advanced
Capture Date: 2015 |
| | + Course Modules/Units | | | | IPv6 Introduction | | IPv6 Adoption | | DEMO: IPv6 Network Reconnaissance | | IPv6 Addressing Part 1 of 2 | | IPv6 Addressing Part 2 of 2 | | IPv6 Packet Header | | DEMO: IPv6 Header Analysis | | ICMPv6 | | IPv6 Address Assignment | | DEMO: IPv6 Address Assignment | | IPv6 Web Browsing | | IPv6 Transition Mechanisms Part 1 of 2 | | IPv6 Transition Mechanisms Part 2 of 2 | | DEMO: IPv6 Tunneling | | IPv6 Security Concerns | | DEMO: IPv6 Network Mapping | | IPv6 Security Mitigation Strategies | | DEMO: IPv6 Network Monitoring Tools | | IPv6 Ready | | IPv6 Security Essentials Key Takeaways | | DEMO: IPv4 and IPv6 Subnetting | | DEMO: IPv6 Addressing on Router Interfaces | | DEMO: Setting up RIP for IPv6 | | DEMO: Configuring OSPFv3 | | DEMO: IPv6 Alive Hosts | | DEMO: IPv6 Duplicate Address Detection (DAD) | | DEMO: IPv6 DAD Denial of Services (DOS) | | DEMO: IPv6 Fake Router Advertisement | | DEMO: IPv6 Man-in-the-middle | | IPv6 Security Essentials Quiz |
|
|
|
| ISACA Certified Information Security Manager (CISM) Prep 11 Hours | Skill Level: Intermediate | | | + Description | | | The ISACA Certified Information Security Manager (CISM) certification prep self-study resource helps prepare candidates to sit for the management-focused CISM exam, and strengthens students information security management expertise through in-depth lecture topics, reinforcing demonstrations, and practice exam. The course includes concepts from the four job practice areas of the 2017 CISM certification: Information Security Governance, Information Risk Management and Compliance, Information Security Program Development and Management, and Information Security Incident Management.
Learning Objectives:
- Explain how information security governance and supporting processes are used to align security strategy with organizational goals and objectives.
- Detail strategies to manage risk to an acceptable level in support of organization goals and objectives.
- Describe the information security program's role in the organization's security posture by managing and protecting assets while supporting goals.
- Detail means to minimize the impact to operations in the event of a security incident through establishing detection, response and recovery capabilities.
Training Purpose: Skill Development
NICCS Specialty Areas:
- Cybersecurity Management (Oversee and Govern)
- Systems Analysis (Operate and Maintain)
- Program/Project Management and Acquisition (Oversee and Govern)
- Vulnerability Assessment and Management (Protect and Defend)
Training Proficiency Area: Level 2- Intermediate |
| | + Course Modules/Units | | | | CISM Course Introduction | | IS Governance Domain Overview | | Information Security (IS) Management | | Importance of IS Governance Part 1 of 2 | | Importance of IS Governance Part 2 of 2 | | IS Management Metrics | | ISM Strategy Part 1 of 2 | | ISM Strategy Part 2 of 2 | | Elements of IS Strategy | | IS Action Plan for Strategy | | DEMO: Key Goal, Risk, Performance Indicator | | Risk Management Overview and Concepts | | Risk Management Implementation | | Risk Assessment: Models and Analysis | | DEMO: Calculating Total Cost of Ownership | | DEMO: Recovery Time Objective (RTO) | | Compliance Enforcement | | Risk Analysis: Threat Analysis | | IS Controls and Countermeasures | | Other Risk Management Considerations Part 1 of 2 | | Other Risk Management Considerations Part 2 of 2 | | DEMO: Cost Benefit Analysis | | Information Security Program Development | | Information Security Program Management | | Outcomes of Effective Management | | IS Security Program Development Concepts | | Scope and Charter of IS Program Development | | IS Management Framework | | IS Framework Components | | IS Program Roadmap | | Organizational Roles and Responsibilities | | Information Security Manager Responsibilities | | Other Roles and Responsibilities in IS | | Information Security Program Resources | | IS Personnel Roles and Responsibilities | | IS Program Implementation Part 1 of 2 | | IS Program Implementation Part 2 of 2 | | Implementing IS Security Management Part 1 of 2 | | Implementing IS Security Management Part 2 of 2 | | Measuring IS Management Performance | | Common Challenges to IS Management | | Determining the State of IS Management | | Incident Management and Response | | Incident Management Part 1 of 2 | | Incident Management Part 2 of 2 | | IMT IRT Members | | Incident Response Planning Part 1 of 2 | | Incident Response Planning Part 2 of 2 | | DEMO: Phishing Emails | | DEMO: Incident Management Workflow | | Recovery Planning Part 1 of 2 | | Recovery Planning Part 2 of 2 | | DEMO: RTIR Incident Response Tool Part 1 of 2 | | DEMO: RTIR Incident Response Tool Part 2 of 2 | | CISM Practice Exam |
|
|
|
| (ISC)2 (TM) Systems Security Certified Practitioner 16 Hours Prep 2015 | Skill Level: Basic | | | + Description | | | The Systems Security Certified Practitioner (SSCP) certification prep course is a self-study resource for those preparing to take the (ISC)2 SSCP certification exam as well as those looking to increase their understanding of information security concepts and techniques. The certification is described as being ideal for those working toward positions such as network security engineers, security systems analysts, or security administrators. This course, complete with a 100-question practice exam and video demonstrations, was developed based on the seven SSCP domains prior to the April 15, 2015 (ISC)2™ domain update. A new, updated course is currently in development.
Training Purpose: Skill development
Specialty Area(s): Systems Security Analysis, Computer Network Defense, Vulnerability Assessment and Management, Network Services
Training Proficiency Area: Level 1 - Basic Capture Date: 2015 |
| | + Course Modules/Units | | | | SSCP Introduction | | Access Control Terms and Categories | | Access Control Types | | Access Control Administration | | Security Models | | System Permissions | | Identification and Authentication Methods | | Biometrics | | Auditing and Threats | | Attribute based Access Control | | Device Authentication | | Trust Architectures | | Identity Management Lifecycle | | Introduction to Cloud Computing | | Cloud Computing Implementations | | Cloud Computing Security Issues Part 1 of 2 | | Cloud Computing Security Issues Part 2 of 2 | | Big Data | | Big Data with Hadoop Demo | | NoSQL with MongoDB Demo | | Virtual Environments | | Access Controls Domain Knowledge Check | | Security Operations | | Data Classification and Administration | | System Development and Change Cycle | | Certification and Accreditation | | Change Control and Patch Management | | End Point Security | | Securing People and Devices | | Security Awareness and Training | | (ISC)2 Code of Ethics | | Asset Management | | Assessing Physical Security | | Physical Security Defenses | | Security Ops and Admin Knowledge Check | | Monitoring and Analysis | | Monitoring Employees | | Log Management | | Integrity Checking | | Testing and Analysis | | Auditing | | Communicate Findings | | Continuous Monitoring and CAESARS | | Introduction to Continuous Monitoring | | Incident Handling, Response and Recovery | | Incident Handling Knowledge Areas Part 1 of 2 | | Incident Handling Knowledge Areas Part 2 of 2 | | Incident Handling Response | | Incident Handling Countermeasures | | OpenVAS Demo | | Monitoring and Analysis Knowledge Check | | Risk Management | | Risk Assessment | | Security Testing | | Incident Handling | | Forensics | | Volatility Framework | | Business Continuity Planning | | Business Impact Analysis | | Backup and Recovery Strategies | | Redundancy and Storage | | Risk and Response Knowledge Check | | Cryptography Terms | | Requirements for Cryptography Part 1 of 2 | | Requirements for Cryptography Part 2 of 2 | | Steganography | | Hashes, Parity and Checksum | | Secure Protocols and Cryptographic Methods | | Symmetric Cryptosystems | | Symmetric and Asymmetric Cryptosystems | | Public Key Infrastructure (PKI) | | Key Management | | Web of Trust | | Secure Protocols | | Cryptography Knowledge Check | | Network Topology | | Transmission Media | | Crosstalk and Interference | | Network Devices: NIC, Hub, Switches | | Network Devices: Routers, Firewalls, IDS | | OSI and TCP/IP Models | | IP Addressing | | NAT and Subnetting | | TCP, UDP and Common Protocols | | ARP, DHCP, ICMP | | Wireshark Protocol Analysis | | Routers and Routing Protocols | | Network Services | | Network Security Protocols | | VoIP | | VoIP Call Traffic Demo | | WANs | | Remote Access | | Securing SSH | | Wireless Technology | | Network Reliability | | Firewalls and Proxies | | Wireless Attacks and Countermeasures | | Common Attacks and Countermeasures | | Network Access Control | | Wiring Closets | | Mobile Device Physical Security | | Network Segmentation | | Traffic Shaping | | Wireless Security | | Networks and Comm Knowledge Check | | Malicious Code | | Virus Lifecycle and Characteristics | | Botnets: DoS, Packet Flood Attacks | | Botnets: Rootkits and Malware | | Malicious Activity | | Social Engineering Sources and Anatomy of Attack | | Malicious Activity Countermeasures | | SE and Insider Threat Countermeasures | | Infected System Response and Remediation | | Reverse Engineering | | Malicious Code Activity Knowledge Check | | SSCP Course Practice Exam |
|
|
|
| LAN Security Using Switch Features 2 Hours | Skill Level: Intermediate | | | + Description | | | In this course, students learn different methods of how to secure Local Area Networks (LANs) at the connectivity level. Topics include: monitoring media access control (MAC) addresses and port security, limiting MAC & IP spoofing, controlling traffic flows, implementing and enhancing security in virtual local area netorks (VLANs), enabling authentication on connection points, and determining host security health. Examples are used throughout to reinforce concepts
Training Purpose: Skill Development
Specialty Areas: System Administration, Systems Security Analysis, Vulnerability Assessment and Management, Cyber Threat Analysis
Training Proficiency Area: Level 2 - Intermediate
Capture Date: 2010 |
| | + Course Modules/Units | | | | Introduction and MAC Address Monitoring | | MAC Address Spoofing | | Managing Traffic Flows | | VLANs and Security | | 802.1x Port Authentication | | Network Admission Control | | Securing STP | | Securing VLANs and VTP |
|
|
|
| Linux Operating System Security 9 Hours | Skill Level: Advanced | | | + Description | | | This course introduces students to the security features and tools available in Linux as well as the considerations, advantages, and disadvantages of using those features. The class will be based on Red Hat Linux and is designed for IT and security managers, and system administrators who want to increase their knowledge on configuring and hardening Linux from a security perspective.
Training Purpose: Skill Development
Specialty Areas: Vulnerability Assessment and Management, Systems Security Analysis, System Administration
Training Proficiency Area: Level 3 - Advanced Capture Date: 2013 |
| | + Course Modules/Units | | | | Linux OS Security Introduction | | Booting Linux | | Linux Recovery | | Linux Startup Scripts | | Linux Startup Processes | | Linux Runlevels Demo | | Chkconfig_and_Upstart Demo | | Linux Processes and Signals | | Linux Process Monitoring | | PS_and_Netstat Demo | | Linux PS and TOP Demo | | Working with Linux PIDs | | Linux File System Overview | | Linux File Security | | Linux File Access Controls | | File Integrity Demo | | Linux Kernel Tuning | | Linux Host Access Controls | | Linux User and Group Definition | | User Management | | Linux Privilege Escalation | | Sudoers Demo | | Linux Authentication Methods | | Linux Viruses and Worms | | Linux Trojan Horses | | Linux Rootkits | | Linux Misconfigurations | | Linux Software Vulnerabilities | | Linux Social Engineering | | Linux Automated Installation | | Managing Linux Packages | | Package Management Tools Demo | | Repositories and System Management | | Custom Repository Demo | | Linux IPv4 and IPv6 | | Linux Network Configuration | | Linux Tunneling | | Kernel Tuning Demo | | Linux X11 Forwarding | | Linux File Sharing | | Linux Grand Unified Bootloader (GRUB) | | Configuring GRUB Demo | | Security Enhanced Linux | | Introduction to IPTables | | IPTables Rules | | IPFilter | | Linux Packet Sniffers | | Linux NIDS | | Linux HIDS | | Linux Antivirus | | Linux Secure Shell | | Linux Log Management | | Linux Scripting Basics | | BASH Scripting Demo | | IF Statements | | Pipes and Redirection | | Variables and Regular Expressions | | Custom Scripting | | Linux Hardening | | NSA Hardening Guides | | National Vulnerability Database (NVD) | | Common Vulnerabilities and Exposures (CVE) | | Vulnerability Scanning | | Linux Operating System Security Quiz |
|
|
|
| Network Layer 1 & 2 Troubleshooting 3 Hours | Skill Level: Basic | | | + Description | | | This course reviews troubleshooting methods used in Layer 1 and Layer 2 of the OSI Model. The course covers how to detect, trace, identify, and fix network connectivity issues at the Physical and Data Link layers of the OSI stack. The basics of the Physical and Data Link layers will be covered along with a review of the devices, signaling, and cabling which operate at these layers. Students will be presented with methods for tracing connectivity issues back to the source and identifying mitigation solutions.
Training Purpose: Functional Development
Specialty Areas: Network Services, System Administration, Customer Service and Technical Support, Systems Security Architecture
Training Proficiency Area: Level 1 - Basic
Capture Date: 2015 |
| | + Course Modules/Units | | | | Network Layer 1 and 2 Troubleshooting Introduction | | OSI Physical Layer 1 Overview | | Data Transmission Medium Cables and Connectors | | Patch Panels | | Fiber Optic Cables | | Encoding and Signaling Functions | | Network Components | | Physical Network Design/Topology | | Network Troubleshooting Methodology | | Common Layer 1 Issues Part 1 of 2 | | Common Layer 1 Issues Part 2 of 2 | | Layer 2 Data Link Layer Components Overview | | MAC Addresses/Logical Link Control | | Layer 2 Protocols | | Physical Network Design/Topology | | Network Troubleshooting Methodology Review | | Common Layer 2 Issues | | Layer 2 Troubleshooting Tools | | NW Layer 1 and 2 Troubleshooting exam |
|
|
|
| Offensive and Defensive Network Operations 13 Hours | Skill Level: Basic | | | + Description | | | This course focuses on fundamental concepts for offensive and defensive network operations. It covers how offensive and defensive cyber operations are conducted and details U.S. government doctrine for network operations. Topics include network attack planning, methodologies, and tactics and techniques used to plan for, detect, and defend against network attacks.
Learning Objectives
- Apply U.S. government network operations background and doctrine
- Describe offensive and defensive network operations
- Determine offensive network operation missions, planning, and exploitation phases and methodologies
- Derive defensive network operation missions, planning, and methods to detect and defend against network attacks and attackers' methods
Training Purpose: Functional Development
Specialty Areas: Computer Network Defense Analysis, Cyber Operations
Training Proficiency Area: Level 1 - Basic
Capture Date: 2015 |
| | + Course Modules/Units | | | | Cyberspace As A Domain | | Joint Publication 3-12(R), Cyberspace Operations Overview Part 1 of 3 | | Joint Publication 3-12(R), Cyberspace Operations Overview Part 2 of 3 | | Joint Publication 3-12(R), Cyberspace Operations Overview Part 3 of 3 | | Joint Communications Overview and Information Environment | | Joint Force Communication, System Operations, and Management Planning | | Legal Considerations for Cyber Operations Part 1 of 2 | | Legal Considerations for Cyber Operations Part 2 of 2 | | Adversaries in Cyberspace Part 1 of 3 | | Adversaries in Cyberspace Part 2 of 3 | | Adversaries in Cyberspace Part 3 of 3 | | Offensive Cyber Operations Background | | Offensive Cyberspace Operations Definitions | | Offensive Cyberspace Operations Planning and Legal Considerations | | Offensive Methodologies | | Offensive Methodology Planning Examples 1 of 2 | | Offensive Methodology Planning Examples 2 of 2 | | Reconnaissance Methodology Overview | | Social Engineering for Reconnaissance | | Reconn with Automated Correlation Tools and Search Engines Part 1 of 2 | | Reconn with Automated Correlation Tools and Search Engines Part 2 of 2 | | Netowrk Mapping for Active Reconnaissance | | Port Scanning for Active Reconnaissance | | Windows Enumeration Basics | | Linux Enumeration Basics | | Scanning and Enumerating with Nmap | | Exploitation using Direct Exploits and System Misconfiguration | | Exploitation with SET Example | | Exploitation | | Entrenchment | | Exploitation Basics | | Post-Exploitation | | Abuse and Attacks | | Defensive Cyberspace Operations (DCO) | | DCO Types of Operations | | DCO Operational Goals | | DCO Best Practices | | Defensive Methodology: Understanding the Threat | | Defensive Methodology: Tactics | | Defensive Methodology: Defense-in-Depth | | Incident Management Overview | | Incident Management Policies, Plans and Procedures | | Incident Management Team Configuration | | Incident Response Lifecycle | | Defending the Domain | | Perimeter and Host Defenses | | IDS/IPS Defined Including Advantages and Disadvantages | | IDS/IPS Types and Functions | | IDS/IPS Location Placements | | Intrusion Detection using Snort | | Reviewing Alerts and Detecting Attack Phases | | Network Traffic Analysis | | Methods of Network Traffic Analysis | | Wireshark | | Log Analysis Methods and Techniques Part 1 of 2 | | Log Analysis Methods and Techniques Part 2 of 2 | | Detecting Offensive Operations using Log Analysis | | Digital Forensics Overview and Tools | | Digital Forensics Methods and Techniques Part 1 of 2 | | Digital Forensics Methods and Techniques Part 2 of 2 | | Identifying Phases of Attack Using Digital Forensics | | Incident Data: Profile and Analysis | | Incident Reporting | | Offensive and Defensive Network Operations Exam |
|
|
|
| Root Cause Analysis 1 hour | Skill Level: Intermediate | | | + Description | | | This course provides an explanation of root cause analysis for cyber security incidents and an overview of two different root cause analysis models (and approaches used in these models). The course also describes how root cause analysis can benefit other incident management processes (response, prevention, and detection), and details general root cause analysis techniques that can be adopted as methods for analysis of cyber incidents.
Training Purpose: Skill Development
Specialty Areas: Threat Analysis, Computer Network Defense Analysis, Incident Response
Training Proficiency Area: Level 1 - Basic
Capture Date: 2016 |
| | + Course Modules/Units | | | | Root Cause Analysis Fundamentals | | Root Cause Analysis Methods | | Cyber Kill Chain Model for Root Cause Analysis | | Sample Incident Cause Analysis Workflow | | Root Cause Analysis Course Exam |
|
|
|
| Radio Frequency Identification (RFID) Security 1 Hour | Skill Level: Intermediate | | | + Description | | | This course will cover securing radio frequency identification (RFID), different components of RFID, how it works, applications in which it is being used, benefits and weaknesses, and the communication range over which it works will be reviewed. Students will learn specific concerns with RFID, recommendations for RFID, and security issues that have come to light.
Training Purpose: Skill Development
Specialty Areas: System Security Analysis, Vulnerability Assessment and Management
Training Proficiency Area: Level 2 - Intermediate
Capture Date: 2010 |
| |
|
| Securing Infrastructure Devices 1 Hour | Skill Level: Intermediate | | | + Description | | | This course covers physical security, operating system security, management traffic security, device service hardening, securing management services and device access privileges.
Training Purpose: Skill Development
Specialty Areas: Enterprise Architecture, Network Services, System Administration, Computer Network Defense Infrastructure Support, Systems Security Analysis
Training Proficiency Level: Level 2 - Intermediate
Capture Date: 2010 |
| | + Course Modules/Units | | | | Physical and Operating System Security | | Management Traffic Security | | Device Service Hardening | | Securing Management Services | | Device Access Hardening | | Device Access Privileges |
|
|
|
| Securing the Network Perimeter 1 Hour | Skill Level: Intermediate | | | + Description | | | This course covers edge security traffic design, blocking Denial of Service / Distributed Denial of Service (DoS/DDoS) traffic, specialized access control lists, routers and firewalls, securing routing protocols, securing traffic prioritization and securing against Single Point of Failure (SPOF).
Training Purpose: Skill Development
Specialty Areas: Network Services, Computer Network Defense, Incident Response, Digital Forensics, Systems Security Analysis
Training Proficiency Area: Level 2 - Intermediate
Capture Date: 2010 |
| | + Course Modules/Units | | | | Introduction and Edge Security Traffic Design | | Blocking DoS and DDoS Traffic | | Specialized Access Control Lists | | Routers with Firewalls | | Beyond Firewalls: Inspecting Layer 4 and Above | | Securing Routing Protocols and Traffic Prioritization | | Securing Against Single Point of Failures |
|
|
|
| Security and DNS 1 Hour | Skill Level: Advanced | | | + Description | | | This course discusses name resolution principles, name resolution and security, DNS security standards, securing zone transfers with Transaction Signature (TSIG), and DNS Security Extension (DNSSEC) principles, implementation and resources.
Training Purpose: Skill Development
Specialty Areas: Enterprise Architecture, Network Services, System Administration
Training Proficiency Area: Level 3 - Advanced
Capture Date: 2010 |
| | + Course Modules/Units | | | | Name Resolution Introduction | | Name Resolution and Security | | DNS Cache | | DNS Security Standards and TSIG | | DNSSEC | | Migrating to DNSSEC | | Issues with Implementing DNSSEC 1 | | Issues with Implementing DNSSEC 2 |
|
|
|
| Windows Operating System Security 16 Hours | Skill Level: Intermediate | | | + Description | | | This course introduces students to the security aspects of Microsoft Windows. The class begins with an overview of the Microsoft Windows security model and some of the key components such processes, drivers, the Windows registry, and Windows kernel. An overview of the users and group permission structure used in Windows is presented along with a survey of the attacks commonly seen in Windows environments. Patching, networking, and the built-in security features of Windows such as the firewall, anti-malware, and BitLocker are all covered in light detail.
Training Purpose: Skill Development
Specialty Area: Vulnerability Assessment and Management, Systems Security Analysis, System Administration
Training Proficiency Area: Level 2 - Intermediate
Capture Date: 2012
|
| | + Course Modules/Units | | | | Windows OS Security Course Introduction | | Windows Security Module Introduction | | Windows Architecture Overview | | Windows Subsystems Part 1 of 2 | | Windows Subsystems Part 2 of 2 | | Windows Security Development Lifecycle | | Windows API | | Windows Registry | | Viewing Windows Registry Demo | | Windows Services Part 1 of 2 | | Windows Services Demo | | Windows Services Part 2 of 2 | | Multi-tasking | | Sessions, Windows Stations and Desktops | | Programs and Drivers Part 1 of 2 | | Reviewing Drivers in Windows | | Programs and Drivers Part 2 of 2 | | Updating Widows Drives Demo | | Applications, Processes, and Threads | | Buffer Overflow Protection | | Authenticode Part 1 of 2 | | Digital Certificate Details Demo | | Authenticode Part 2 of 2 | | Windows Action Center | | Windows Users and Groups Introduction | | User Account Control | | Windows Users and Groups Part 1 of 2 | | Windows Users and Groups Part 2 of 2 | | Windows Interactive Logon Process | | NTLM Authentication Overview | | Kerberos Authentication Overview | | Types of Authentication | | File Permissions | | Dynamic Access Controls | | Threats and Vulnerabilities Introduction | | OS Vulnerabilities | | CVE Details Demo | | CVE Samples | | Misconfigurations | | Password Configuration Options | | Password DDOS Demo | | Common Misconfigurations | | CCE and the NVD Demo | | Social Engineering | | Viruses and Worms | | Impersonation | | Microsoft Updates and Patching Process Part 1 of 2 | | Double Decode | | Microsoft Updates and Patching Process Part 2 of 2 | | Securing the Update Process | | Update Process Circumvention | | Windows Server Update Service | | Internet Explorer Patching | | Windows Network Connectivity | | Windows Network Profiles | | Windows Network Adapter Settings | | Windows Wireless Settings | | Windows Networking Protocols | | Other Windows Protocols | | Microsoft VPN Part 1 of 2 | | Microsoft VPN Part 2 of 2 | | Microsoft Network Access Protection Part 1 of 2 | | Microsoft Network Access Protection Part 2 of 2 | | How to Configure Windows Update Settings Demo | | Windows Security Features Introduction | | Windows Firewall | | Windows Firewall Wizard Demo | | Windows Firewall with Advanced Security | | Windows Firewall with Advanced Security Demo | | Configuring Windows Firewall Demo | | Windows Defender | | Windows AD and PKI Demo | | Windows Active Directory Certificate Services | | Windows Group Policy | | Windows AppLocker | | Configuring And Using App Locker Demo | | Windows BitLocker | | Configuring And Using Bitlocker Demo | | Windows Secure Boot | | Windows Security Auditing | | Windows Audit Settings and Examples | | SCW Introduction | | Hardening Windows Introduction | | Windows Templates | | Microsoft Baseline Security Analyzer | | Microsoft Security Configuration Wizard | | Microsoft Security Compliance Manager | | Hardening with Group Policy | | NVD Search Demo | | Other Guidelines and Recommendations | | Using Windows Mgmt Intstrumentation Demo | | Using The Security Config Wizard Demo | | PowerShell Introduction | | PowerShell Key Commands | | PowerShell Demo | | Administrative Functions with PowerShell | | Computer and Network Management with PowerShell | | Basic Scripts in PowerShell | | PowerShell Security Settings and Configurations | | Using Powershell Demo | | Windows OS Security Quiz |
|
|
|
| Wireless Network Security (WNS) 9 Hours | Skill Level: Intermediate | | | + Description | | | The purpose of the Wi-Fi Communications and Security course is to teach the technologies of the 802.11 family of wireless networking, including the principles of network connectivity and network security.
Training Purpose: Skill Development
Speciality Areas: Enterprise Architecture, Network Services, System Administration, Customer Service and Technical Support, Computer Network Defense Infrastructure Support
Training Proficiency Area: Level 2 - Intermediate Capture Date: 2013 |
| | + Course Modules/Units | | | | Wi-Fi Communication and Security Intro | | How Wi-Fi Became Ubiquitous | | Wi-Fi Standards - 802.11b | | Wi-Fi Standards - 802.11a | | Wi-Fi Standards - 802.11g n and ac | | Bluetooth Standards | | WiMAX Standards | | LTE HSPA EvDO Network Types | | Spread Spectrum Technology | | 802.11 Transmissions and Wireless Channels | | 802.11 Data Rates | | Wireless Network Topologies | | Wireless Network Hardware | | RF Propagation Principles | | Impacts on Signal Radiation | | Signal Propagation and Objects | | Additional Signal Effects | | Measuring Signal Strength | | Signal Strength and Antennas | | Wireless Coverage and Frequency Reuse | | Wireless Network Design Issues | | Wireless Modes and Service Sets | | Wireless Authentication and Association | | Wireless and Roaming 1 of 2 | | Wireless and Roaming 2 of 2 | | Enterprise 802.11 Solutions | | Key Points of CAPWAP | | Advantages of CAPWAP | | CAPWAP Demo | | 802.11 Security Flaws | | Fixing 802.11 Security | | 802.1x Authentication Protocols | | Additional Issues with 802.11 Encryption | | Additional 802.11 Security Measures | | Other Wireless Threats | | Wireless Best Practices | | Wireless Network Assessment Part 1 of 2 | | Wireless Network Assessment Part 2 of 2 | | Wireless Network Security Quiz |
|
|
|
