|
|
| CDM PMO speaks about ES-3 of the CDM Agency Dashboard .25 Hours | Skill Level: Basic |    | | + Description | | | This video explains the features of the current ES-3 version of the CDM Agency Dashboard.
Date: 2021
Training Proficiency Area: Level 1 - Basic
Training Purpose: Skill Development
Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework
| Category | Specialty Area | Work Roles |
|---|
| Operate and Maintain |
Systems Administration, Systems Analysis |
System Administrator, Systems Security Analyst |
| Oversee and Govern |
Cybersecurity Management |
Oversee and Govern Cybersecurity Management Information Systems Security Manager |
| Oversee and Govern |
Program/Project Management and Acquisition |
IT Investment/Portfolio Manager, IT Program Auditor, IT Project Manager, Product Support Manager, Program Manager |
| Protect and Defend |
Cyber Defense Analysis |
Cyber Defense Analyst |
|
| |
|
| CDM 141 Introduction to the CDM Agency Dashboard - 2 Hours | Skill Level: Beginner | | | + Description | | | This course is a recording of a virtual two-hour course which is the first of six webinars. This course provides participants with the essential knowledge of the ES-2 version of the CDM Agency Dashboard. It explains basic features and navigation within the environment, and includes demonstrations using the new CDM Agency Dashboard to identify and report on vulnerabilities.
Register to join the next live iteration of this course via https://www.cisa.gov/cdm-training.
Learning Objectives:
- Understand CDM Agency Dashboard basic features and functionality
- Instructor demonstrates the CDM Agency Dashboard
Date: 2020
Training Proficiency Area: Level 1 - Beginner
Training Purpose: Skill Development
Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework
| Category | Specialty Area | Work Roles |
|---|
| Operate and Maintain |
Systems Administration, Systems Analysis |
Operate and Maintain Systems Administration, Systems Analysis System Administrator, Systems Security Analyst |
| Oversee and Govern |
Cybersecurity Management |
Information Systems Security Manager |
| Oversee and Govern |
Program/Project Management and Acquisition |
IT Investment/Portfolio Manager, IT Program Auditor, IT Project Manager, Product Support Manager, Program Manager |
| Protect and Defend |
Cyber Defense Analysis |
Cyber Defense Analyst |
|
| |
|
| CDM 142 Asset Management with the CDM Agency Dashboard - 2 Hours | Skill Level: Beginner | | | + Description | | | This course is a recording of a virtual two-hour course which is the second of six webinars. This course presents an ES-2 overview of how the dashboard provides visibility into the metrics and measurements needed for a continuous monitoring program. It explains how to create queries for hardware (HW) and software (SW) assets and introduces a framework for using data reports to inform risk-based decision-making. Register to join the next live iteration of this course via https://www.cisa.gov/cdm-training.
Learning Objectives:
- Understand CDM agency dashboard functionalities around asset management
- Learn how to create asset management queries
- Learn how to create reports
Date: 2021
Training Proficiency Area: Level 1 - Beginner
Training Purpose: Skill Development
Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework
| Category | Specialty Area | Work Roles |
|---|
| Operate and Maintain |
Systems Administration, Systems Analysis |
System Administrator, Systems Security Analyst |
| Oversee and Govern |
Cybersecurity Management |
Information Systems Security Manager |
| Oversee and Govern |
Program/Project Management and Acquisition |
IT Investment/Portfolio Manager, IT Program Auditor, IT Project Manager, Product Support Manager, Program Manager |
| Protect and Defend |
Cyber Defense Analysis |
Cyber Defense Analyst |
|
| |
|
| CDM 143 Vulnerability Management with the CDM Agency Dashboard - 2 Hours | Skill Level: Beginner | | | + Description | | | This course is a recording of a virtual two-hour course which is the second of six webinars covering the ES-2 version of the CDM Agency Dashboard. This course introduces participants to CDM Agency-Wide Adaptive Risk Enumeration (AWARE) and other vulnerability management topics. With the information provided, dashboard users can identify the most critical vulnerabilities and prioritize mitigation activities at their agency. Register to join the next live iteration of this course via https://www.cisa.gov/cdm-training.
Learning Objectives:
- Understand the CDM Agency-Wide Adaptive Risk Enumeration (AWARE) Score
- Walkthrough how to identify vulnerabilities in the CDM Agency Dashboard
Date: 2021
Training Proficiency Area: Level 1 - Beginner
Training Purpose: Skill Development
Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework
| Category | Specialty Area | Work Roles |
|---|
| Operate and Maintain |
Systems Administration, Systems Analysis |
System Administrator, Systems Security Analyst |
| Oversee and Govern |
Cybersecurity Management |
Oversee and Govern Cybersecurity Management Information Systems Security Manager |
| Oversee and Govern |
Program/Project Management and Acquisition |
IT Investment/Portfolio Manager, IT Program Auditor, IT Project Manager, Product Support Manager, Program Manager |
| Protect and Defend |
Cyber Defense Analysis |
Cyber Defense Analyst |
|
| |
|
| AWARE 1.5 and the ES-3 version of the CDM Agency Dashboard .75 Hours | Skill Level: Basic | | | + Description | | | This video explains the features of AWARE 1.5 on the current ES-3 version of the CDM Agency Dashboard.
Date: 2021
Training Proficiency Area: Level 1 - Basic
Training Purpose: Skill Development
Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework
| Category | Specialty Area | Work Roles |
|---|
| Operate and Maintain |
Systems Administration, Systems Analysis |
System Administrator, Systems Security Analyst |
| Oversee and Govern |
Cybersecurity Management |
Oversee and Govern Cybersecurity Management Information Systems Security Manager |
| Oversee and Govern |
Program/Project Management and Acquisition |
IT Investment/Portfolio Manager, IT Program Auditor, IT Project Manager, Product Support Manager, Program Manager |
| Protect and Defend |
Cyber Defense Analysis |
Cyber Defense Analyst |
|
| |
|
| CDM 201 Identity and Access Management Capabilities within the CDM Agency Dashboard - 2 Hours | Skill Level: Intermediate | | | + Description | | | This course is a recording of a virtual two-hour course which is the second of six webinars covering the ES-2 version of the CDM Agency Dashboard. This course introduces participants to the four identity management capabilities - PRIV, CRED, TRUST, and BEHAVE - and to the use of the new CDM Agency Dashboard to reduce risks associated with each. Register to join the next live iteration of this course via https://www.cisa.gov/cdm-training.
Learning Objectives:
- Overview of how the CDM Agency Dashboard addresses user-centric data in addition to hardware and software information
- Strategies for integrating PRIV/CRED/TRUST/BEHAVE capabilities into routine processes workflows to drive increased risk awareness and mitigation.
Date: 2021
Training Proficiency Area: Level 2 - Intermediate
Training Purpose: Skill Development
Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework
| Category | Specialty Area | Work Roles |
|---|
| Operate and Maintain |
Systems Administration, Systems Analysis |
System Administrator, Systems Security Analyst |
| Oversee and Govern |
Cybersecurity Management |
Oversee and Govern Cybersecurity Management Information Systems Security Manager |
| Oversee and Govern |
Program/Project Management and Acquisition |
IT Investment/Portfolio Manager, IT Program Auditor, IT Project Manager, Product Support Manager, Program Manager |
| Protect and Defend |
Cyber Defense Analysis |
Cyber Defense Analyst |
|
| |
|
| IdAM- Identity and Access Management with the CDM Agency Dashboard .5 Hours | Skill Level: Intermediate | | | + Description | | | This 39 minute video is an interview recording of a Mr. Ross Foard, subject matter expert for DHS/CISA, and Identity and Access Management (IAM) . This video provides participants with the essential knowledge of IAM and the CDM Agency Dashboard.
Learning Objectives:
- Understand CDM Agency Dashboard basic features and IAM functionality.
Date: 2021
Training Proficiency Area: Level 2 - Intermediate
Training Purpose: Skill Development
Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework
| Category | Specialty Area | Work Roles |
|---|
| Operate and Maintain |
Systems Administration, Systems Analysis |
Operate and Maintain Systems Administration, Systems Analysis System Administrator, Systems Security Analyst |
| Oversee and Govern |
Cybersecurity Management |
Information Systems Security Manager |
| Oversee and Govern |
Program/Project Management and Acquisition |
IT Investment/Portfolio Manager, IT Program Auditor, IT Project Manager, Product Support Manager, Program Manager |
| Protect and Defend |
Cyber Defense Analysis |
Cyber Defense Analyst |
|
| |
|
| Configuration Settings Management (CSM) with the CDM Agency Dashboard .5 Hours | Skill Level: Basic | | | + Description | | | This video explains the CSM features of the current ES-3 version of the CDM Agency Dashboard.
Date: 2021
Training Proficiency Area: Level 1 - Basic
Training Purpose: Skill Development
Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework
| Category | Specialty Area | Work Roles |
|---|
| Operate and Maintain |
Systems Administration, Systems Analysis |
System Administrator, Systems Security Analyst |
| Oversee and Govern |
Cybersecurity Management |
Oversee and Govern Cybersecurity Management Information Systems Security Manager |
| Oversee and Govern |
Program/Project Management and Acquisition |
IT Investment/Portfolio Manager, IT Program Auditor, IT Project Manager, Product Support Manager, Program Manager |
| Protect and Defend |
Cyber Defense Analysis |
Cyber Defense Analyst |
|
| |
|
|
|
| Advanced Windows Scripting 6 Hours | Skill Level: Beginner |  | | + Description | | | This course focuses on advanced concepts for writing scripts for the Microsoft Windows operating system. The course covers how to string multiple commands together in traditional BATCH scripts, as well as leverage Visual Basic Scripting (VBS) to perform more complex tasks and includes reinforcing video demonstrations and final assessment.
Learning Objectives:
- Understand the fundamentals of Visual Basic Scripting.
- Recognize the concepts of redirection, piping, and how to conduct complex tasks with multiple commands.
- Apply integration of Windows BATCH with Visual Basic Scripting.
- Demonstrate how to access the Windows API from Visual Basic Scripting.
Date: 2015
Training Purpose: Functional Development
Training Proficiency Area: Level 1 - Beginner
Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework
| Category | Specialty Area | Work Roles |
|---|
| Securely Provision |
Software Development |
Software Developer |
| Operate and Maintain |
Systems Administration |
Systems Administrator |
| Operate and Maintain |
Systems Analysis |
Systems Security Analyst |
| Operate and Maintain |
Customer Service and Technical Support |
Technical Support Specialist |
|
| | + Course Modules/Units | | | | Advanced Windows Scripting Introduction | | Windows BATCH Scripting Overview | | Windows BATCH Advanced Syntax Part 1 of 2 | | Windows BATCH Advanced Syntax Part 2 of 2 | | Windows Scripting Advanced Uses of FOR | | Windows Scripting Syntax Tips and Tricks | | Windows Scripting CALL and START Demo | | Windows Scripting Subroutine Demo | | Windows Scripting SET Demo | | Windows Scripting PUSHD and POPD Demo | | Manipulating In_Outputs | | Stringing Multiple Commands Together | | FOR Loop Generating List Demo | | FOR Loop Recursive Listing Demo | | Taking Action Based on Content of Output | | Action Based on Content Output Demo | | Scripts in Typical Penetration Testing Tasks Part 1 of 2 | | Scripts in Typical Penetration Testing Tasks Part 2 of 2 | | Visual Basic Scripting Syntax and Usage | | Visual Basic Scripting Merge Demo | | VBS Elements_Structure | | VBS Elements_Variables, Arguments, and Conditionals | | VBS Elements_Loops | | VBS Elements_Functions and Operators | | VBS Windows Scripting Host | | VBS Elements_File I_O | | VBS Windows Scripting Demo | | VBS Error Handling and Troubleshooting | | Visual Basic for Applications | | Visual Basic for Application Elements | | Visual Basic for Applications Working with Applications | | VBA Working with Applications Demo | | VBA Error Handling and Troubleshooting | | VBA Error Handling and Troubleshooting Demo | | Advanced Windows Scripting Quiz |
|
|
|
| Analysis Pipeline 6 Hours | Skill Level: Intermediate |  | | + Description | | | This course is designed for network flow data analysts who use or are considering using Analysis Pipeline (http://tools.netsa.cert.org/analysis-pipeline5/index.html). The course aims to create a better understanding of how to incorporate streaming network flow analysis into their toolkit for identifying and alerting on events of interest. The focus will be on applying Analysis Pipeline to operational use cases.
Learning Objectives
At the completion of this course analysts will be able to:
- Understand Analysis Pipeline and its role in network flow data streaming analytics and alerting.
- Understand the Analysis Pipeline configuration language.
- Develop and implement network flow data use cases with Analysis Pipeline.
Date: 2016
Training Purpose: Skill Development
Training Proficiency Area: Level 2 - Intermediate
Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework
| Category | Specialty Area | Work Roles |
|---|
| Collect and Operate |
Cyber Operations |
Cyber Operator |
| Operate and Maintain |
Network Services |
Network Operations Specialist |
| Protect and Defend |
Cyber Defense Analysis |
Cyber Defense Analyst |
|
| | + Course Modules/Units | | | | Introduction | | Configuration Files | | Running Pipeline | | Logical Schematics | | Pipeline and Timing and State | | Alerts | | Configuration File Basics | | Filters | | Filters (Exercises and Solutions) | | Evaluations | | Evaluations (Exercises and Solutions) | | Statistics | | Internal Filters | | List Configurations | | Configuration File Basics (Exercises and Solutions) | | Threshold Examples | | Special Evaluations | | Building an Analytic | | Server Profiling Analytic | | Host Discovery Analytic | | Advanced Configurations | | NTP Anomalies | | Unknown SSH Brute Force | | Choose Your Own Adventure | | ICMP Surveying: Thinking it Through | | ICMP Surveying: Building it Out | | DDoS Detection: Thinking it Through | | DDoS Detection: Building it Out | | SSH Compromise: Thinking it Through | | SSH Compromise: Building it Out | | Analysis Pipeline 5 |
|
|
|
| Artificial Intelligence (AI) and Machine Learning (ML) for Cyber 1.5 Hours | Skill Level: Intermediate | | | + Description | | | This course provides the foundational practices and ethical principles of artificial intelligence. Diving into each of the ethical principles along with other technical ethics, it is aimed at reducing risk and unwanted bias to create ethical, transparent, and fair artificial intelligence systems.
Learning Objectives:
- Explain the harm with bias in artificial intelligence.
- Discuss how to reduce risk and unwanted bias.
- Cite several principles of AI and the goals of each.
- Describe how principles are applied to create ethical, transparent, and fair AI.
Date: 2020
Training Purpose: Skill Development
Training Proficiency Area: Level 2 - Intermediate
Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework
| Category | Specialty Area | Work Roles |
|---|
| Collect and Operate |
Cyber Operational Planning |
Cyber Ops Planner |
| Operate and Maintain |
Data Administration |
Data Analyst |
|
| | + Course Modules/Units | | | | AI and ML for Cyber | | Ethical Principles for AI Overview | | Responsible Aspects of Ethics Part 1 of 2 | | Responsible Aspects of Ethics Part 2 of 2 | | Equitable Portion of the Ethics Principles | | Traceable AI | | Reliable AI Part 1 of 2 | | Reliable AI Part 2 of 2 | | How to Make AI Reliable Part 1 of 2 | | How to Make AI Reliable Part 2 of 2 | | Governable AI | | AI and ML for Cyber Review | | Course Test |
|
|
|
| Certified Ethical Hacker Version 10 (CEHv10) Prep 29 Hours | Skill Level: Advanced | | | + Description | | | This self-study course focuses on preparing learners for the EC-Council Certified Ethical Hacker version 10 certification exam. This course contains materials on advanced network assessment techniques including enumeration, scanning, and reconnaissance. It is designed to use the same knowledge and tools as a malicious hacker, but in an ethical and lawful manner to examine an organization's network security posture. The course concludes with a practice exam.
Learning Objectives:
- Learn how to perform a vulnerability analysis to identify security weakness in an organization's network structure.
- Perform a security assessment of a cloud environment to understand cloud computing threats and attacks.
- Understand risks and defensive strategies for IoT platforms and devices.
Date: 2019
Training Purpose: Skill Development
Training Proficiency Area: Level 3 - Advanced
Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework
| Category | Specialty Area | Work Roles |
|---|
| Operate and Maintain |
Systems Analysis |
Systems Analyst |
| Protect and Defend |
Cyber Defense Analysis |
Cyber Defense Analyst |
| Protect and Defend |
Vulnerability Assessment and Management |
Vulnerability Assessment Analyst |
|
| | + Course Modules/Units | | | | CEHv10 Course Introduction | | Information Security Reports | | Ethical Hacking Defined | | Ethical Hacking Terminology | | Hacking Phases and Vul Research | | Types of Attacks and Attack Vectors | | Threat Modeling | | Introduction to Physical Security | | Incident Management Process | | Incident Response Overview | | Security Testing and Assessments | | Pen Testing Phases and Methodology | | Information Security Laws and Standards | | Reconnaissance | | Footprinting Methodologies - Passive | | Footprinting Methodologies - Active | | Advanced Google Hacking Techniques | | Network Mapping | | DEMO: WHOIS with BackTrack | | DEMO: Active Footprinting with Traceroute | | DEMO: Maltego for Information Gathering Part 1 | | DEMO: Maltego for Information Gathering Part 2 | | Footprinting Countermeasures | | DEMO: Windows CMD Information Gathering | | Scanning Essentials | | DEMO: Colasoft Packet Builder | | Port Scanning | | DEMO: Banner Grabbing with Telnet | | Covert Scanning | | Covert Scanning with Proxies | | DEMO: Scanning with Nmap | | Common Enumeration Techniques | | Enumeration Tools | | Protocol Enumeration | | DEMO: Scanning and Enumeration with Nmap | | Understanding System Vulnerabilities | | Passive and Active Vul Scanning | | Vulnerability Assessment Lifecycle and CVSS | | Common Vulnerabilities and Exposures (CVE) | | Vulnerability Scanning | | DEMO: Vulnerability Scanning with Nessus | | Authentication Techniques | | Microsoft Authentication | | Password Cracking | | Privilege Escalation | | DEMO: Rainbow Table Lookup Sites | | Keyloggers | | Spyware and Activity Monitoring | | Packet Sniffing Attacks | | Covert Hacking | | Hiding Files - Rootkits | | DEMO: Kernel-Level Rootkits | | Covering Tracks | | Malware Awareness | | Trojan Terminology and Techniques | | Trojans and Backdoors | | Virus Examples and Symptoms | | Virus Classifications and Characteristics | | Virus Making Tools | | Other Malicious Code Types | | Malware Countermeasures and Tools | | DEMO: Bind and Reverse Shell | | DEMO: Strings Analysis | | Sniffers Terminology and Overview | | Network Overview for Sniffer Placement | | Basic Packet Analysis | | Address Resolution Protocol (ARP) | | DEMO: Viewing ARP Packets with Packet Builder | | Spoofing and Flooding Sniffing Attacks | | MITM Attacks Ports Vul to Sniffing | | Wireshark Overview and Examples | | Evasion in Network Sniffing | | Sniffing Countermeasures and Tools | | DEMO: Hping3 | | DEMO: Wireshark | | Social Engineering Background and Examples | | Human-Based Social Engineering | | Computer-Based Social Engineering | | Computer Based SE - Social Networking | | Social Engineering with Mobile Applications | | SE and Identity Theft Countermeasures | | DEMO: Social Engineering Toolkit | | DEMO: Leveraging Armitage in Phishing Attack | | DoS Impacts and Classifications | | Categories of Denial of Service | | Botnets and Disruption Attacks | | DoS Symptoms and Tools | | Buffer Overflow Terminology and Background | | Session Hijacking Overview and Examples | | Compromising Session Attacks | | Session Hijacking Techniques | | Session Hijacking Tools | | IPSec and Session Hijacking | | Firewalls and Honeypots | | Firewall Configurations | | IDS Overview and Detection Methods | | IDS, Firewall, and Honeypot Evasion | | Evasion Techniques | | Evasion Testing Techniques | | DEMO: Intrusion Signs | | Common Web Server Attack | | Webserver Architecture | | OWASP Top 10 and Beyond | | Webserver Hacking Countermeasures | | SQL and Command Injection Web App Hacking | | Non SQL Injection Errors | | Parameter and Form Tampering Web App Hacking | | Cross-site Scripting and Obfuscation Web App Hacks | | Cross-site Request Forgery and Cookies | | Web Application Pen Test Methodology | | Web App Tools and Countermeasures | | Buffer Overflow Tools and Countermeasures | | DEMO: BurpSuite | | SQL Terminology and Example Statements | | SQL Enumeration | | SQL Injection Attacks | | SQL Injection Tools and Countermeasures | | DEMO: SQL Inject Attacks | | Wireless Terminology and Standards | | Wireless Terminology and Antennas | | Wireless Authentication | | Wireless-Based Attacks | | Wireless Attack Methodology Part 1 of 2 | | Wireless Attack Methodology Part 2 of 2 | | WEP, WPA and Other Wireless Attacks | | Bluetooth Communication Basics | | Wireless Protocols and Signal Modulation | | DEMO: SSID and Channels | | DEMO: Wireless Hacking | | Wireless Hacking Tools | | Wireless Hacking Countermeasures | | Mobile Platform Overview | | OWASP IoT Vuls and Countermeasures | | Mobile Device Operating Systems | | Hacking Mobile Platforms | | Mobile Device Management and Risks | | Mobile Device Security | | Internet of Things (IoT) Concepts | | Internet of Things (IoT) Attacks and Mitigation | | Introduction to Cloud Computing | | Cloud Architectures and Deployment Models | | Cloud Threats and Attacks | | Cloud Security | | Cloud Testing Tools | | Cryptography Background and Terminology | | Crypto Keys and Algorithms | | SHA and TLS Algorithms | | DEMO: Hashing with MD5 Sum | | Cryptography Implementations | | Public Key Infrastructure (PKI) | | Cryptanalysis Techniques | | Crypto Attacks | | DEMO: Encryption with TrueCrypt | | Digital Signatures | | Certified Ethical Hacker Practice Exam | | LAB: Using a Simulated Botnet to Conduct a Distributed Denial of Service |
|
|
|
 CDM PRIVMGMT:
CA PAM for Agency Privileged Users (LT4) 2 Hours | Skill Level: Beginner | | | + Description | | | Privilege Access Management (PRIVMGMT) course is designed for personnel that access or use credentials which have been granted administrative privileges on one or more systems.
This course contains 4 learning tracks that provide Privileged users with
C1 An introduction into the PRIVMGMT solution and how it aligns to CDM goals.
C2 General use of the web portal for requesting, accessing and managing privileged credentials.
C3 Account management features which include account reconciliation and password management.
Training Purpose: Skill Development
Specialty Areas: Knowledge Management
Training Proficiency Area: Level 1 - Basic
|
| |
|
| CDM PRIVMGMT: CyberArk for Agency Privileged Users (LT4) 2 Hours | Skill Level: Beginner | | | + Description | | | Privilege Access Management (PRIVMGMT) course is designed for personnel that access or use credentials which have been granted administrative privileges on one or more systems.
This course contains 4 learning tracks that provide Privileged users with
C1 An introduction into the PRIVMGMT solution and how it aligns to CDM goals.
C2 General use of the web portal for requesting, accessing and managing privileged credentials.
C3 Account management features which include account reconciliation and password management.
Training Purpose: Skill Development
Specialty Areas: Knowledge Management
Training Proficiency Area: Level 1 - Basic |
| |
|
| Cisco CCENT Self-Study Prep 13 hours | Skill Level: Intermediate | | | + Description | | | This course is a self-study resource to help prepare for the Cisco CCENT certification, one of the prerequisites for the Cisco CCNA certification. Installing, operating, configuring, and verifying a basic IPv4 and IPv6 network will be discussed. The course focuses on configuring a local area network (LAN) switch, configuring an internet protocol (IP) router, and identifying basic security threats. It includes several reinforcing video demonstrations of concepts discussed, as well as a quiz.
Learning Objectives:
- Review of objectives for the Cisco Certified Entry Networking Technician certification
- Supplemental preparation for the Cisco CCENT certification exam
Date: 2016
Training Purpose: Operate and Maintain
Training Proficiency Area: Level 2 - Intermediate
Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework
| Category | Specialty Area | Work Roles |
|---|
| Operate and Maintain |
Network Services |
Network Services Specialist |
| Operate and Maintain |
Systems Administration |
Systems Administrator |
| Operate and Maintain |
Systems Analysis |
Systems Security Analyst |
| Operate and Maintain |
Customer Service and Technical Support |
Technical Support Specialist |
|
| | + Course Modules/Units | | | | Switched Networks Part 1 of 2 | | Switched Networks Part 2 of 2 | | Collisions and Broadcasts | | DEMO: Viewing an ARP Table | | Basic Switch Configuration | | SSH Operation and Configuration | | Configuring Switch Ports | | Switch Troubleshooting | | Securing a Switch | | Best Practices for Switched Networks | | DEMO: Making an RJ-45 Cable | | VLAN Segmentation Part 1 of 2 | | VLAN Segmentation Part 2 of 2 | | VLAN Implementations | | VLAN Security and Design | | DEMO: Configuring VLANs | | DEMO: Demonstrating VLAN Connectivity | | Functions of a Router Part 1 of 2 | | Functions of a Router Demo | | Functions of a Router Part 2 of 2 | | Configuring Basic Router Settings | | DEMO: IPv4 and IPv6 Subnetting | | Basic Router Settings_IPv6 and Loopback Interfaces | | Verifying Connectivity of Directly Connected Networks | | Switching Packets Between Networks | | Routing Tables and Protocols | | DEMO: IPv6 Header Analysis | | DEMO: MAC Address Table | | DEMO: IPv4 Addresses and Router Interfaces | | DEMO: IPv6 Addressing on Router Interfaces | | Inter-VLAN Routing Configuration | | Layer 3 Switching | | Static Routing | | Configure Static Routing | | Classful Addressing and Routing | | Configuring Summary Routes | | Troubleshooting Static and Default Routes | | DEMO: Static Routing | | Dynamic Routing Protocol Operation | | Routing Protocol Operating Fundamentals | | Types of Routing Protocols | | Types of Distance Vector Routing Protocols | | Configuring the RIP Protocol | | RIPng and Link-State Routing | | DEMO: RIP Version 1 and IPv4 | | DEMO: RIP Version 2 Improvements | | DEMO: Setting up RIP for IPv6 | | Characteristics of OSPF | | OSPF Messages | | OSPF Router IDs | | Configuring and Verifying OSPF | | OSPFv2 versus OSPFv3 | | DEMO: Configuring OSPF | | DEMO: Troubleshooting OSPFv2 | | DEMO: Configuring OSPFv3 | | DHCPv4 Operation | | Configuring and Troubleshooting DHCPv4 | | DEMO: DHCPv4 | | SLAAC and DHCPv6 | | Stateless and Stateful DHCPv6 | | DEMO: Stateless DHCPv6 | | NAT Characteristics and Benefits | | Types of NAT | | Configuring Static and Dynamic NAT | | Configuring PAT and Port Forwarding | | DEMO: Enabling IPv4 NAT | | Configuring and Troubleshooting NAT for IPv6 | | CCENT Prep Practice Exam |
|
|
|
| Cisco CCNA Security Self-Study Prep 15 Hours | Skill Level: Intermediate | | | + Description | | | This course is the follow-up to Cisco CCENT and is aimed to prepare learners for the Cisco CCNA Security exam. Content covered in this course includes protocol sniffers, analyzers, TCP/IP, desktop utilities, Cisco IOS, the Cisco VPN, a Cisco simulation program called Packet Tracer, and some web-based resources. The course focuses on a theoretical understanding of network security, knowledge, and skills designed to implement it. This course contains several reinforcing video demonstrations and final exam.
Learning Objectives:
- Review of objectives for the Cisco Certified Network Associate certification
- Supplemental preparation for the Cisco CCNA certification exam
Date: 2015
Training Purpose: Skill Development
Training Proficiency Area: Level 2 - Intermediate
Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework
| Category | Specialty Area | Work Roles |
|---|
| Operate and Maintain |
Network Services |
Network Operations Specialist |
| Operate and Maintain |
Systems Administration |
Systems Security Administrator |
| Operate and Maintain |
Systems Analysis |
Systems Analyst |
| Operate and Maintain |
Customer Service and Technical Support |
Technical Support Specialist |
|
| | + Course Modules/Units | | | | Securing Network Devices | | Secure Administrative Access Part 1 of 2 | | Secure Administrative Access Part 2 of 2 | | DEMO: Securing Router Access Methods | | Role-Based CLI Overview | | Password Recovery | | Management Reporting and Logging Considerations | | Implementing Log Messaging for Security | | Configuring NTP | | Disabling Unused Cisco Router Network Services and Interfaces | | AAA Authentication Methods | | Implementing Local AAA Authentication | | Implementing Server-Based AAA Authentication | | Cisco Secure ACS | | Configuring Server-Based AAA Authentication | | Server-Based Authorization and Accounting | | Implementation Firewall Technologies | | Access List Controls (ACLs) | | Extended ACLs and ACL Caveats | | ACL Placement | | Complex ACLs | | Troubleshooting ACLs | | Securing Networks with Firewalls | | Zone-Based Policy Firewalls | | CCP Firewall Wizard and Manual ZPF using CCP | | DEMO: Enabling IOS Firewall | | Implementing Intrusion Prevention Intro | | IPS Signatures | | Signature Trigger and Action for IPS | | Managing and Monitoring IPS | | Configuring and Verifying IOS IPS | | Securing the Local Area Network Intro | | Layer 2 Security Part 1 of 2 | | Layer 2 Security Part 2 of 2 | | Mitigating MAC Spoofing and MAC Table Overflow Attacks | | Mitigating STP Manipulation | | Configuring Storm Control | | Mitigating VLAN Attacks | | Configuring Cisco Switch Port Analyzer | | Private VLAN Edge | | Advanced Technology Security Considerations | | Wireless Networks | | VoIP and SAN Networks | | DEMO: Enabling STP with Voiceover | | Cryptographic Systems and Hashes | | Encryption and Confidentiality | | Public Key Cryptography and PKI | | VPN Terminology and Topologies | | IPSec Frameworks and Key Exchange | | IPSec Tasks | | Configuring IPsec VPN using CCP | | Remote-Access VPNs | | Managing a Secure Network and Addressing Risks | | Operations Security | | Network Security Testing | | Continuity Planning | | SDLC | | Security Policy | | ASA Models and Features | | Basic ASA Configuration and Settings | | Introduction to ASDM | | ASA Objects and Object Groups | | ACLs for ASA | | ASA and NAT | | ASA and PAT | | ASA AAA | | Modular Policy Framework | | ASDM Service Policies Demo | | ASA VPN Features | | ASDM AnyConnect VPN Wizard | | DEMO: ASA Console Config | | DEMO: ASA GUI Config | | DEMO: ASA Traffic Management | | CCNA Security Prep Practice Exam |
|
|
|
| Cloud Computing Security 2.5 Hours | Skill Level: Intermediate | | | + Description | | | This course explores the guidance from the Cloud Security Alliance (CSA), National Institute of Standards and Technology (NIST), National Security Agency (NSA), and several Cloud Service Providers (CSPs). Objectives cover cloud security risks and threats, basic operations, incident response considerations, along with application, data and infrastructure security concepts. Where applicable, demonstrations of cloud provider tools and capabilities will be used to reinforce key points.
Learning Objectives:
- Define cloud models and components.
- Apply CSA security guidance and other best practices to cloud deployments.
- Understand cybersecurity requirements within the Shared Responsibilities model.
- Prepare for cloud computing governance and compliance challenges.
- Relate traditional cybersecurity controls to popular cloud solutions.
- Recognize and prepare for cloud computing threats.
- Review additional cloud security tools and use cases.
Date: 2020
Training Purpose: Skill Development
Training Proficiency Area: Level 2 - Intermediate
Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework
| Category | Specialty Area | Work Roles |
|---|
| Operate and Maintain |
Systems Administration |
System Administrator |
| Operate and Maintain |
Systems Analysis |
Systems Security Analyst |
| Securely Provision |
Systems Architecture |
Security Architect |
| Securely Provision |
Systems Development |
Secure Software Assessor |
|
| | + Course Modules/Units | | | | Cloud Computing Security Course Overview | | Cloud Computing Overview | | Cloud Computing Overview Knowledge Check | | Building a Cloud | | Building a Cloud Knowledge Check | | Securing Your Cloud | | Cloud Security Basics | | Review of Multifactor Authentication | | Review of Monitoring and Security Configurations | | Options for Securing Within the Cloud | | VPC Network ACs and CloudWatch Monitoring | | Compute Instance in Google's Cloud Platform | | Monitoring and Alerting Options in Google Cloud | | Web App and Security Configs in Google Cloud | | Use of Microsoft's Platform as a Service | | Azure Compute Instance Setup | | Securing Your Cloud Knowledge Check | | Review of Two NIST Publications on Cloud Computing | | Guidance for Critical Areas in Cloud Computing | | Cloud Computing Risk Assessment by ENISA | | Resources Knowledge Check |
|
|
|
| ud Computing Concepts | Skill Level: Intermediate | | | + Description | | | The Cloud Computing Concepts course highlights concepts and best practices for cloud architecture, design, security, and operations. Topics include leveraging cloud environments for critical assets or operations, and the impacts on data and application security, as well as legal, risk, and compliance considerations.
Learning Objectives:
- Compare cloud service and deployment models and each’s impact on customer control and responsibilities
- Identify data security strategies within cloud environments
- Explain secure data center design concepts including example risks and security controls
- Describe the Secure Software Development Life Cycle (SDLC) and its relation to applications within cloud environments
- Summarize concepts for building, operating, and managing physical and logical infrastructure for cloud environments
- Outline privacy, legal, and audit requirements with cloud environments, and how it relates to evaluating providers
Date: 2021
Training Purpose: Skill Development
Training Proficiency Area: Level 2 - Intermediate
Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework
| Category | Specialty Area | Work Roles |
|---|
| Securely Provision |
Systems Architecture |
Enterprise Architect |
| Operate and Maintain |
Network Services |
Network Operations Specialist |
| Operate and Maintain |
Systems Analysis |
Systems Security Analyst |
|
| | + Course Modules/Units | | | | Cloud Computing Concepts Course Intro | | Introduction to Cloud Computing | | Cloud Architecture and Deployment Models | | Security in the Cloud (Cloud Security) | | Securing Your Cloud | | Cloud Threats and Attacks | | Data Security Technologies and Classification | | Auditing in a Cloud Environment | | Building a Cloud | | Phys. & Logical Infrastructure for Cloud Environs | | Secure Coding for Cloud Deployments | | Review of Multifactor Authentication | | Anatomy of a Supply Chain Attack | | Options for Securing Within the Cloud | | VPC Network Access Controls and CloudWatch Monitrg | | Compute Instance in Google’s Cloud Platform | | Monitrg and Alerting Options in Google Cloud | | Web Apps in Google Cloud and Adding Security | | Use of Microsoft’s Platform as a Service | | Azure Compute Instance Setup | | Secure Data Center Design | | Review of Monitoring and Security Configurations | | Overview of Two NIST Publications on Cloud Comp | | Security Guidance for Critical Areas in Cloud Comp | | Cloud Security Basics | | Implications of Cloud to Enterprise Risk Mgmt | | DR/BC and Risks with Cloud Strategy | | Evaluating and Legal Requirements for Cloud Services | | Cloud Computing Risk Assessment by ENISA |
|
|
|
| ud Monitoring | Skill Level: Beginner | | | + Description | | | This course introduces concepts around Infrastructure as a Service (IaaS), Platform as a Service (PaaS), Sofware as a Service (SaaS), Multiple Cloud Hosting and Hybrid Cloud Hosting.
Date: 2021
Training Purpose: Skill Development
Training Proficiency Area: Level 1 - Beginner
Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework
| Category | Specialty Area | Work Roles |
|---|
| Securely Provision |
Risk Management |
Authorizing Official/Designating Representative |
| Securely Provision |
Systems Architecture |
Enterprise Architect, Security Architect |
| Securely Provision |
Systems Requirements Planning |
Systems Requirements Planner |
| Securely Provision |
Test and Evaluation |
System Testing and Evaluation Specialist |
| Oversee and Govern |
Cybersecurity Management |
Information Systems Security Manager |
| Protect and Defend |
Incident Response |
Cyber Defense Incident Responder |
|
| | + Course Modules/Units | | | | Introduction - Lecture 1 of 5 | | Shared Responsibility Model - Lecture 2 of 5 | | Use Cases - Lecture 3 of 5 | | Case Study - Lecture 4 of 5 | | Cloud Architectures & Summary - Lecture 5 of 5 | | IaaS Overview - Lecture 1 of 5 | | IaaS: Monitoring Services and Capabilities - Lecture 2 of 5 | | IaaS: Best Practices - Lecture 3 of 5 | | IaaS: Gaps and Considerations - Lecture 4 of 5 | | IaaS: Use Cases, Reflection and Summary - Lecture 5 of 5 | | PaaS Overview - Lecture 1 of 6 | | PaaS: Monitoring Services and Capabilities - Lecture 2 of 6 | | PaaS: Monitoring Examples - Lecture 3 of 6 | | PaaS: Best Practices - Lecture 4 of 6 | | PaaS: Gaps and Considerations - Lecture 5 of 6 | | PaaS: Reflection and Summary - Lecture 6 of 6 | | SaaS Overview - Lecture 1 of 5 | | SaaS: Monitoring Services and Capabilities - Lecture 2 of 5 | | SaaS: Best Practices - Lecture 3 of 5 | | SaaS: Gaps and Considerations - Lecture 4 of 5 | | SaaS: Reflection and Summary - Lecture 5 of 5 | | What is Multiple Cloud - Lecture 1 of 5 | | Security Issues - Lecture 2 of 5 | | Monitoring Capabilities - Lecture 3 of 5 | | Gaps- Lecture 4 of 5 | | Multiple Clouds - Lecture 5 of 5 | | Hybrid Cloud: Security Issues - Lecture 1 of 4 | | Monitoring Capabilities - Lecture 2 of 4 | | Gaps - Lecture 3 of 4 | | Hybrid Clouds in Operation - Lecture 4 of 4 | | Conclusion - Lecture 1 of 1 |
|
|
|
| ud Security – What Leaders Need to Know (Professors in Practice Series) | Skill Level: Beginner | | | + Description | | | This course features National Defense University Professor Robert Richardson who discusses important security and oversight requirements for commercial cloud solutions.
Learning Objectives:
- Overview of the cloud physically, logically, and architecturally.
- Discuss cloud deployment models and characteristics.
- Overview of cloud infrastructure characteristics.
- Cloud Supply Chain Risk Management and considerations of commercial cloud as third-party cloud services; senior leaders should "beware of the gaps and seams."
- Cloud software components - microservices & APIs.
- The driving forces and key technology enablers of commercial cloud services in the Federal Government.
- Must-have security requirements and policies for cloud solutions.
- The top ten cybersecurity cloud risks such as: loss of service, data breaches, human error. As well as non-cybersecurity risks such as: outsourcing risks, personnel security, and supply chain risk management.
- Where Federal Government adoption of commercial cloud is now and predictions for the future.
Date: 2020
Training Purpose: Skill Development
Training Proficiency Area: Level 1 - Beginner
Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework
| Category | Specialty Area | Work Roles |
|---|
| Operate and Maintain |
Network Services |
Network Operations Special |
| Operate and Maintain |
Systems Administration |
System Administrator |
| Operate and Maintain |
Systems Analysis |
Systems Security Analyst |
| Oversee and Govern |
Cybersecurity Management |
Information Systems Security Manager |
| Oversee and Govern |
Executive Cyber Leadership |
Executive Cyber Leadership |
| Oversee and Govern |
Program/Project Management and Acquisition |
IT Investment/Portfolio Manager, IT Program Auditor, IT Project Manager, Product Support Manager, Program Manager |
| Oversee and Govern |
Strategic Planning and Policy |
Cyber Policy and Strategy Planner, Cyber Workforce Developer and Manager |
| Oversee and Govern |
Training, Education, and Awareness |
Cyber Instructional Curriculum Developer, Cyber Instructor |
| Securely Provision |
Risk Management |
Authorizing Official/Designating Representative, Security Control Assessor |
| Securely Provision |
Systems Requirement Planning |
Systems Requirements Planner |
| Securely Provision |
Systems Architecture |
Enterprise Architect, Security Architect |
|
| |
|
| Critical Infrastructure Protection 2 Hours | Skill Level: Beginner | | | + Description | | | This course discusses the influence, impact, and need for cybersecurity when defending the critical infrastructure and key resources of the United States. This course provides the definition of critical infrastructure, examples of cybersecurity threats to critical infrastructure, and information on what is being done to protect critical infrastructure from these cybersecurity threats.
Learning Objectives:
- Define and give examples of critical infrastructure.
- Identify possible cyber threats to critical infrastructure.
- Describe U.S. cybersecurity policies and programs.
- Explain the cybersecurity roles of the Department of Homeland Security (DHS) and other Federal agencies.
Date: 2017
Training Purpose: Skill Development
Training Proficiency Area: Level 1 - Beginner
Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework
| Category | Specialty Area | Work Roles |
|---|
| Operate and Maintain |
Network Services |
Network Operations Specialist |
| Operate and Maintain |
Systems Administration |
Systems Administrator |
| Operate and Maintain |
Systems Analysis |
Systems Analyst |
| Operate and Maintain |
Systems Development |
Information Systems Security Developer |
| Oversee and Govern |
Strategic Planning and Polic |
Cyber Policy and Strategy Planner |
| Protect and Defend |
Cyber Defense Infrastructure Support |
Cyber Defense Infrastructure Support Specialist |
| Protect and Defend |
Cyber Defense Analysis |
Cyber Defense Analyst |
| Securely Provision |
Systems Architecture |
Systems Architect |
| Securely Provision |
Technology R&D |
Research & Development Specialist |
| Securely Provision |
Systems Requirements Planning |
Systems Requirements Planner |
| Securely Provision |
Systems Development |
Systems Developer |
|
| |
|
| Cyber Awareness Challenge 2019 1 hour | Skill Level: Beginner | | | + Description | | | This course provides an overview of cybersecurity threats and best practices to keep information and information systems secure. Every year, authorized users of certain information systems must complete the Cyber Awareness Challenge to maintain awareness of and stay current on new cybersecurity threats. The training also reinforces best practices to keep personal information and information systems secure and stay abreast of changes in general cybersecurity policies.
Date: 2019
Training Purpose: Skill Development
Training Proficiency Area: Level 1 - Beginner
|
| |
|
| Cyber Dark Arts 3 Hours | Skill Level: Intermediate | | | + Description | | | This course highlights 'dark' or deceptive activities that are employed by malicious users via the Internet. Several legitimate purpose technologies and techniques and how they are leveraged, or manipulated for fraudulent purposes, is discussed. Threats from topics such as zero-day attacks, dark web, alternate OSs, VPN/TOR, weaponized psychology, and anonymous services will be detailed, as well as methods for concealing one’s identity. These methods are taught in order for cybersecurity experts to defend against such attacks. The course includes reinforcing video demonstrations.
Learning Objectives:
- Explain several techniques for obfuscating online activities.
- List examples of technologies leveraged for deceptive purposes.
- Detail best practices for prevention and protection from malicious cyber activities.
Date: 2018
Training Purpose: Skill Development
Training Proficiency Area: Level 2 - Intermediate
Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework
| Category | Specialty Area | Work Roles |
|---|
| Collect and Operate |
Cyber Operations |
Cyber Operator |
| Operate and Maintain |
Systems Analysis |
Systems Security Analyst |
| Protect and Defend |
Cyber Defense Analysis |
Cyber Defense Analyst |
|
| | + Course Modules/Units | | | | Cyber Dark Arts | | Weaponized Psychology | | DEMO: Password Cracking Using Hydra | | Scanning for Vulnerable Devices and Networks | | Anonymous Web Hosting, Searching, and Browsing | | Alternative Operating Systems | | Tails, Whonix, and Qubes | | Secure Messaging Services | | Blockchain and Cryptocurrency | | DEMO: Blockchain and Cryptocurrency | | DEMO: Iodine IP over DNS | | DEMO: TOR versus Traditional Tunneling | | Advanced Persistent Threats | | Cyber Dark Arts Exam |
|
|
|
| Cybersecurity for Technical Staff 17.5 Hours | Skill Level: Beginner | | | + Description | | | This course highlights best practices applicable to a wide variety cybersecurity job roles. Topics include risk management, architecture and design, and tools and technologies. This course also covers key concepts for detecting, protecting, and defending from security threats.
Learning Objectives:
- List common cyber threats and how scanning and assessment tools and techniques identify potential vulnerabilities.
- Explain how various tools and technologies are configured or deployed to support an organization's security posture.
- Detail risk management best practices and mitigation strategies.
Date: 2018
Training Purpose: Skill Development
Training Proficiency Area: Level 1 - Beginner
Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework
| Category | Specialty Area | Work Roles |
|---|
| Operate and Maintain |
Network Services |
Network Operations Specialist |
| Operate and Maintain |
Systems Administration |
Systems Administrator |
| Operate and Maintain |
Systems Analysis |
Systems Security Analyst |
| Protect and Defend |
Incident Response |
Cyber Defense Incident Responder |
| Protect and Defend |
Vulnerability Assessment and Management |
Vulnerability Assessment Analyst |
|
| | + Course Modules/Units | | | | Malware: Viruses | | Malware: Rootkits, Trojans, Botnets | | MITM, DoS, Packet Flooding and Other Attacks | | Backdoor, Spoofing, Replay and Other Attacks | | Password, Birthday, Crypto and Application Attacks | | Social Engineering Techniques | | Wireless Attacks | | Application Attacks | | Threat Actors | | Assessment Tools and Techniques | | Active and Passive Reconnaissance | | Security Testing and Assessment | | Firewall Implementations | | Proxy Server Implementations | | Hubs and Switches | | Routers and Routing Protocols | | Remote Access and VPNs Part 1 of 2 | | Remote Access and VPNs Part 2 of 2 | | Network Intrusion Detection Systems | | Host-Based Intrusion Detection Systems | | Password Cracking Categories and Tools | | Password Cracking Techniques | | DEMO: Local Information Gathering Tools | | DEMO: Network Connectivity Testing Tools | | DEMO: Remote Information Gathering Tools | | Mobile Device Security | | Mobile Device Deployment | | Network Security Protocols | | Network Services and Protocols | | Frameworks and Reference Architectures | | Network Zones | | Demilitarized Zones (DMZ) Implementations | | Security Device and Technology Placement | | Host Security: OS Hardening and Firewalls | | Host Security: Anti Virus, Malware and Spam | | Host Security: Pop Ups and Patch Management | | Secure Static Environment | | Secure Staging Deployment Concepts | | Cloud and Virtualization Concepts | | Cloud Architectures | | Host Security: Virtualization | | Resiliency and Automation to Reduce Risk | | Physical Security and Environmental Controls | | Access Control Categories | | Authentication Services | | Access Control Models | | Authentication and Authorization Concepts | | Biometric Authentication | | Account Management | | Identity Management | | Security Awareness and Training | | Risk and Related Concepts | | Risk and Asset Identification | | Threat and Risk Calculation | | Risk Control Types | | Security Control Types and Categories | | Basic Forensics Procedures | | Incident Handling and Forensics | | Incident Response Preparation | | Risk Management: Business Continuity | | Risk Management: Redundancy and Fault Tolerance | | Risk Management: Disaster Recovery | | Risk Mitigation Strategies | | Data Security | | Data Destruction and Disposal Methods | | Data Sensitivity and Handling | | Mitigation and Deterrence: Logging | | Mitigation and Deterrence: Hardening | | Mitigation and Deterrence: Network Security | | Mitigation and Deterrence: Attack Countermeasures | | Cryptography Part 1 of 2 | | Cryptography Part 2 of 2 | | Wireless Security Evolution | | Wireless Security Best Practices | | Cryptographic Keys and PKI | | Course Test |
|
|
|
| p DNS | Skill Level: Beginner | | | + Description | | | This course is an introduction to the Domain Name System, or DNS. DNS is a core infrastructure protocol of the internet, and one of the oldest internet application protocols still in use. In this course, you will learn why DNS was created; the main purposes it currently serves; and how it works. This course is intended for security operations professionals. |
| | + Course Modules/Units | | | | Deep DNS: Purpose, History, and Structure of DNS - Module 1.1 | | Deep DNS: DNS Applications - Module 1.2 | | Deep DNS: DNS Analysis Tools - Module 1.3 | | Deep DNS: DNS Transport Mechanisms - Module 2.1 | | Deep DNS: DNS as a Transport Mechanism - Module 2.2 | | Deep DNS: Subverting DNS Integrity - Module 2.3 |
|
|
|
| Demilitarized Zone (DMZ) with IDS/IPS 9 Hours | Skill Level: Intermediate | | | + Description | | | This course introduces the concept of a network Demilitarized Zone (DMZ) and the security benefits it can provide. This course focuses on best practices for designing and implementing a DMZ and includes a section on Intrusion Detection Systems (IDS) and Intrusion Protection Systems (IPS) that provides an in-depth look at SNORT for network monitoring. The course concludes with log analysis and management best practices.
Learning Objectives:
- Present an overview of the DMZ security model and key components.
- Discuss DMZ structure, purpose, and operation.
- Present different models for implementation to meet network requirements.
- Discuss the network threats that a DMZ can detect and mitigate.
Date: 2013
Training Purpose: Skill Development
Training Proficiency Area: Level 2 - Intermediate
Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework
| Category | Specialty Area | Work Roles |
|---|
| Operate and Maintain |
Network Services |
Network Operations Specialist |
| Operate and Maintain |
Systems Analysis |
Systems Security Analyst |
| Operate and Maintain |
Systems Administration |
Systems Administrator |
| Protect and Defend |
Cyber Defense Infrastructure Support |
Cyber Defense Infrastructure Support Specialist |
|
| | + Course Modules/Units | | | | Demilitarized Zone (DMZ) Introduction | | DMZ Architecture | | DMZ Components: Firewalls Part 1 of 2 | | DMZ Components: Firewalls Part 2 of 2 | | Setting up a DMZ using IPTables Demo | | DMZ Components: IDS | | DMZ Components: IDS/IPS Placement | | DMZ Components: Proxy Servers | | DMZ Components: Network Servers | | DMZ Architectures | | Attacking the DMZ Part 1 of 2 | | Attacking the DMZ Part 2 of 2 | | DMZ Attack Types Part 1 of 2 | | DMZ Attack Types Part 2 of 2 | | DMZ: Open Source vs Commercial Implementations | | DMZ: Software Subscription Services | | Open Source DMZ Tools Part 1 of 2 | | Open Source DMZ Tools Part 2 of 2 | | Proxy Concepts | | DNS Concepts | | Web Server Concepts | | E-mail Relay and VPN Concepts | | DMZ and Commercial Software - Part 1 | | DMZ and Commercial Software - Part 2 | | Security Capabilities in a DMZ | | Security Capabilities in Procmail Demo | | Network Security Appliances IDS | | Snort Intro and Overview | | Using BASE w Snort DB | | Snort Demo | | Log Mgmt and Analysis Concepts | | SYSLOG Basics | | Using Swatch Overview | | Log Management Best Practices | | Proxy and DNS Log File Concepts | | Analyzing Proxy and DNS Log Files | | DMZ with IDS/IPS Course Quiz |
|
|
|
| DNSSEC Training Workshop 2 Hours | Skill Level: Advanced | | | + Description | | | This course covers the basics of Domain Name System Security Extensions (DNSSEC), how it integrates into the existing global DNS and provides a step-by-step process to deploying DNSSEC on existing DNS zones.
Learning Objectives:
- Discuss DNSSEC and supporting mechanisms.
- Sign a DNS zone.
- Configure Delegation Signer (DS) resource records.
- Set up a Secure Resolver.
- Discuss server operational considerations.
Date: 2015
Training Purpose: Skill Development
Training Proficiency Area: Level 3 - Advanced
Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework
| Category | Specialty Area | Work Roles |
|---|
| Securely Provision |
Systems Architecture |
Security Architect |
| Operate and Maintain |
Network Services |
Network Operations Specialist |
| Operate and Maintain |
Systems Administration |
Systems Administrator |
|
| | + Course Modules/Units | | | | DNSSEC Introduction | | DNS Resolution Steps | | DNS Vulnerabilities and Security Controls | | DNSSEC Mechanisms | | DNS Resource Records (RR) | | Special DNS Resource Records | | DNS Zone Signing | | Secure DNS Zone Configuration-DNSSEC Key Generation | | Prepare the DNS Zone File for Signing | | Signing the DNS Zone file | | Publishing a signed zone | | Testing a signed zone | | Testing a signed zone through a validator | | DNSSEC Chain of Trust | | Setting Up A Secure Resolver | | Adding a trusted key | | Securing the last hop | | ZSK Rollover | | Using pre-published keys | | KSK Rollover | | Conclusions |
|
|
|
| Emerging Cyber Security Threats 12 Hours | Skill Level: Intermediate |  | | + Description | | | This course covers a broad range of cybersecurity elements that pose threats to information security posture. The various threats are covered in detail, followed by mitigation strategies and best practices. It will cover what the policies are, the roles it plays in cybersecurity, how they are implemented. The course will also look at cybersecurity laws, standards, and initiatives. Topics include policy, knowing your enemy, mobile device security, cloud computing security, Radio Frequency Identification (RFID) security, LAN security using switch features, securing the network perimeter, securing infrastructure devices, security and DNS and IPv6 security. Video demonstrations are included to reinforce concepts.
Date: 2010
Training Purpose: Skill Development
Training Proficiency Area: Level 2 - Intermediate
Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework
| Category | Specialty Area | Work Roles |
|---|
| Analyze |
Threat Analysis |
Threat/Warning Analysis |
| Operate and Maintain |
Systems Administration |
Systems Administrator |
| Oversee and Govern |
Strategic Planning and Policy |
Cyber Policy and Strategy Planner |
| Protect and Defend |
Vulnerability Assessment and Management |
Vulnerability Assessment Analyst |
|
| | + Course Modules/Units | | | | Introduction to Cybersecurity Policy | | Types of Security Policy | | Policy Education and Implementation | | Cybersecurity Laws | | Proposed Legislation | | NIST Cybersecurity Standards | | Other Cybersecurity Standards | | Comprehensive National Cybersecurity Initiatives (CNCI) | | Other Federal Cybersecurity Initiatives | | Implementing Cybersecurity Initiatives | | SPAM | | Malware Trends | | Botnets | | Monetization | | Cyber Attack Profiles | | Cyber Crime | | Cyberwarfare | | Cyber Attack Attribution | | Cyber Threat Mitigation | | Mobile Device Trends | | Mobile Device Threats | | Mobile Device Countermeasures | | Exploited Threats | | What is Cloud Computing? | | Technical Risks | | Operational Risks | | Risk Mitigation Strategies | | DISA Cloud Solutions | | RFID Introduction | | RFID Threats | | RFID Countermeasures | | Exploited Threats | | Introduction and MAC Address Monitoring | | MAC Address Spoofing | | Managing Traffic Flows | | VLANs and Security | | 802.1x Port Authentication | | Network Admission Control | | Securing STP | | Securing VLANs and VTP | | Introduction and Edge Security Traffic Design | | Blocking DoS and DDoS Traffic | | Specialized Access Control Lists | | Routers with Firewalls | | Beyond Firewalls: Inspecting Layer 4 and Above | | Securing Routing Protocols and Traffic Prioritization | | Securing Against Single Point of Failures | | Physical and Operating System Security | | Management Traffic Security | | Device Service Hardening | | Securing Management Services | | Device Access Hardening | | Device Access Privileges | | Name Resolution Introduction | | Name Resolution and Security | | DNS Cache | | DNS Security Standards and TSIG | | DNSSEC | | Migrating to DNSSEC | | Issues with Implementing DNSSEC 1 | | Issues with Implementing DNSSEC 2 | | IPv6 Concepts | | IPv6 Threats | | IPv6 Network Reconnaissance | | DEMO: IPv6 Network Reconnaissance | | IPv6 Network Recon Mitigation Strategies | | IPv6 Network Mapping | | DEMO: IPv6 Network Mapping | | IPv6 Network Mapping Mitigation Strategies | | IPv6 Neighbor Discovery | | DEMO: IPv6 Address Assignment | | IPv6 Attacks | | DEMO: IPv6 Alive Hosts | | DEMO: IPv6 Duplicate Address Detection (DAD) | | DEMO: IPv6 DAD Denial of Services (DOS) | | DEMO: IPv6 Fake Router Advertisement | | DEMO: IPv6 Man-in-the-middle | | IPv6 Attack Mitigation Strategies | | IPv6 Tunneling | | IPv6 Windows Teredo Tunneling | | IPv6 Tunneling Mitigation Strategies | | IPv6 Best Practices |
|
|
|
| Enterprise Cybersecurity Operations 24 Hours | Skill Level: Intermediate | | | + Description | | | This course highlights technical knowledge and skills required for implementing secure solutions in the enterprise. A broad spectrum of disciplines is covered to aid practitioners in applying frameworks and controls to improve the security posture while supporting the business mission.
Learning Objectives:
- Describe risk management's role in the enterprise and mitigation strategies for specific threats.
- Detail implementing network security strategies and controls for connected devices.
- Explain how cloud technologies are leveraged and can support a secure enterprise architecture.
- List sources and methods to help stay current with cybersecurity best practices and threat trends and analyzing potential impact to the enterprise.
Date: 2018
Training Purpose: Skill Development
Training Proficiency Area: Level 2 - Intermediate
Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework
| Category | Specialty Area | Work Roles |
|---|
| Analyze |
All-Source Analysis |
All-Source Analyst |
| Collect and Operate |
Cyber Operations Planning |
Cyber Ops Planner |
| Operate and Maintain |
Systems Analysis |
Systems Security Analyst |
| Securely Provision |
Risk Management |
Security Control Assessor |
| Securely Provision |
Systems Architecture |
Enterprise Architect |
|
| | + Course Modules/Units | | | | Configuration Strategies w/ Spec Compon | | Cryptographic Terms and Implementations | | Cryptographic Tools and Techniques Part 1 of 2 | | Cryptographic Tools and Techniques Part 2 of 2 | | Hybrid Encryption in SSL Demo | | Encryption Limitations and Key Length Part 1 of 2 | | Encryption Limitations and Key Length Part 2 of 2 | | DEMO: Volume and File Encryption | | Hash Functions and Algorithms | | Digital Signatures | | Digital Certificate Elements | | CAs and Public Key Infrastructure | | Origins For Cryptographic Standards | | Virtual Networking | | Intro to Virtualized Computing Part 1 of 2 | | Intro to Virtualized Computing Part 2 of 2 | | VLANs and Switching | | Storage Types and Considerations | | Enterprise Storage | | Enterprise Storage Connection Terms | | Enterprise Storage and RAID | | Securing iSCSI and FCoE and Managing Storage | | Network Security Concepts | | Network Zones and Remote Access | | NW Components Routers and Firewalls Part 1 of 2 | | NW Components Routers and Firewalls Part 2 of 2 | | NW Components Intrusion Detection Systems | | Networked-based IDS and IPS Deployment | | Securing Wireless Part 1 of 2 | | Securing Wireless Part 2 of 2 | | DMZ Components | | Web Services Concepts | | Web Servers and DNS | | Securing DNS Best Practices | | Proxy Servers and SMTP Relay | | NAT and PAT | | Infra Design : Firewalls and Proxies | | Infra Design : IDS and IPS | | Infra Design : Syslog and SIEMs | | Infra Design : Switch and Router Security | | Infra Design : VPNs and SNMP | | SCADA Environments | | Application Security : VTC and VoIP | | Application Security : Databases and Web Services | | Application Security : IPv6 | | Physical Security Concerns and Controls | | Host Security Controls Part 1 of 2 | | Host Security Controls Part 2 of 2 | | Web Application Security Design | | DEMO: Whitelisting and Blacklisting | | Specific Application Issues | | Client side vs Server side Processing | | Analyzing Business Risk | | Risk Management in New Business Models | | Risk Mitigation Strategies and Controls | | Security Impact of Inter Organizational Change | | Calculating Risk Exposure | | Incident Response Concepts | | Incident Response and Recovery Process | | Privacy Policy and Procedures Part 1 of 2 | | Privacy Policy and Procedures Part 2 of 2 | | Assessment Tools | | Assessment Methods | | Assessment Methodologies | | Cybersecurity Benchmarks | | Security Metrics | | Situational Awareness | | Analyzing Industry Trends Part 1 of 3 | | Analyzing Industry Trends Part 2 of 3 | | Analyzing Industry Trends Part 3 of 3 | | Applying Analysis to Improve Enterprise Security Part 1 of 4 | | Applying Analysis to Improve Enterprise Security Part 2 of 4 | | Applying Analysis to Improve Enterprise Security Part 3 of 4 | | Applying Analysis to Improve Enterprise Security Part 4 of 4 | | Integrating Enterprise Disciplines Part 1 of 2 | | Integrating Enterprise Disciplines Part 2 of 2 | | Security Controls for Communication and Collaboration | | Adv Authentication Tools and Techniques | | Software Development Models | | System Dev Life Cycle and CS | | IT Governance | | Cloud based Deploy Models | | Cloud Security | | Identity Management | | Securing Virtual Environments Part 1 of 3 | | Securing Virtual Environments Part 2 of 3 | | Securing Virtual Environments Part 3 of 3 | | Enterprise Storage Advantages and Security Measures | | Enterprise Network Authentication Part 1 of 2 | | Enterprise Network Authentication Part 2 of 2 | | Practice Exam |
|
|
|
| RAMP — A Leader's Dashboard for Compliance (Professors in Practice Series) | Skill Level: Beginner | | | + Description | | | In this hour-long webinar National Defense University Professor Roxanne Everetts discusses some key leadership decisions around using Federal Risk and Authorization Management Program (FedRAMP) solutions. FedRAMP is a unique government cloud - it is a combination of cloud security, cybersecurity, and risk management.
Learning Objectives:
- Explain FedRAMP and why Federal agencies use FedRAMP. (Hint: It's the law!)
- Discuss knowledge key leaders need for cloud solutions, including: FedRAMP structure, how it helps, and how agencies can leverage it.
- Describe the FedRAMP governing bodies.
- Examine the roles of Cloud Service Providers (CSPs) and Third-Party Assessment Organizations (3PAOs) as FedRAMP participants.
- Identify agency responsibilities, which include ensuring they have an Authority to Operate (ATO) letter on file with the FedRAMP Program Management Office (PMO).
- Explore the FedRAMP Security Framework (SAF), based on the National Institute of Standards and Technology (NIST) Special Publication (SP) 800-37.
- Use the FedRAMP Marketplace to find services that meet agency needs. Any service listed in the Marketplace meets federal security requirements and has already been authorized.
Date: 2020
Training Purpose: Management Development
Training Proficiency Area: Level 1 - Beginner
Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework
| Category | Specialty Area | Work Roles |
|---|
| Oversee and Govern |
Cybersecurity Management |
Information Systems Security Manager |
| Oversee and Govern |
Executive Cyber Leadership |
Executive Cyber Leadership |
| Oversee and Govern |
Program/Project Management and Acquisition |
IT Investment/Portfolio Manager, IT Program Auditor, IT Project Manager, Product Support Manager, Program Manager |
| Oversee and Govern |
Strategic Planning and Policy |
Cyber Policy and Strategy Planner, Cyber Workforce Developer and Manager |
| Oversee and Govern |
Training, Education, and Awareness |
Cyber Instructional Curriculum Developer, Cyber Instructor |
| Operate and Maintain |
Network Services |
Network Operations Specialist |
| Operate and Maintain |
Systems Administration |
Systems Administrator |
| Operate and Maintain |
Systems Analysis |
Systems Security Analyst |
| Securely Provision |
Risk Management |
Authorizing Official/Designating Representative, Security Control Assessor |
| Securely Provision |
Systems Requirement Planning |
Systems Requirements Planner |
|
| |
|
| ider Threat Program Manager: Implementation and Operations  - 7 Hours | Skill Level: Intermediate | | | + Description | | | This course presents a process roadmap that can be followed to build the various parts of a robust Insider Threat Program. It discusses various techniques and methods to develop, implement, and operate program components. The content covered supports organizations implementing and managing insider threat detection and prevention programs based on various government mandates or guidance.
Learning Objectives:
- Identify critical assets and protection schemes.
- Coordinate a cross-organizational team to help develop and implement the Insider Threat Program.
- Develop a framework for the Insider Threat Program.
- Identify methods to gain management support and sponsorship.
- Plan the implementation for their Insider Threat Program.
- Identify organizational policies and processes that require enhancement to accommodate insider threat components.
- Identify data sources and priorities for data collection.
- Identify infrastructure changes and enhancements necessary for implementing and supporting an Insider Threat Program.
- Outline operational considerations and requirements needed to implement the program.
- Build policies and processes to help hire the right staff and develop an organizational culture of security.
- Improve organizational security awareness training.
- Identify training competencies for insider threat team staff.
Date: 2020
Training Purpose: Management Development
Training Proficiency Area: Level 2 - Intermediate
Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework
| Category | Specialty Area | Work Roles |
|---|
| Analyze |
Threat Analysis |
Threat/Warning Analyst |
| Operate and Maintain |
Knowledge Management |
Knowledge Manager |
|
| | + Course Modules/Units | | | | Insider Threat Program Manager Intro | | Principles of Insider Risk Management | | Activities of an Enterprise Risk Mgmt Process | | Controls and Safeguards of Insider Risk Management | | Mitigation Strategies for Insider Risk Management | | Concepts of Initial Planning for an InTP | | Stakeholder Planning and Engagement | | Identify Your Starting Point | | Insider Threat Program Governance | | Roles and Responsibilities in InTP Governance | | Insider Threat Program Governance Challenges | | Building the Insider Threat Program Plan | | Developing a Phased Implementation | | Implementation Options for Insider Threat Program | | Building Your Program with Compliance in Mind | | InTP Placement in Organization | | Naming the InTP | | Developing an InTP in a Classified Environment | | Building the InTP Team | | InTP Team Size | | Key Roles Within the InTP Team | | Insider Threat Hub Operations | | Insider Threat Hub Staffing | | Data Sources Part 1 of 2 | | Data Sources Part 2 of 2 | | Selecting Data Sources | | Using Data Sources | | Protecting Data Sources | | Tools for InTP Teams | | Hub Building Considerations | | Managing Insider Investigations and Incidents | | Considerations: Investigations and Incidents | | Insider Threat Incidents | | Insider Threat Training and Awareness | | General Employee Training and Awareness | | InTP Team and Working Group Training | | Customized Role-Based Training | | Classified Systems and Data Training | | Management and Supervisor Training | | Problems and Considerations | | Measuring Insider Threat Program Effectiveness | | Different Metrics for Different Audiences | | Return on Investment (ROI) | | Making Measurements: Assessments and Evaluations | | Unintended Consequences of InTPs | | Potential Negative Impacts from InTP Activities | | Achieving Balance Using Positive Incentives | | Creating the Proper Culture: Policy and Practice | | InTP Maintenance Part 1 of 3 | | InTP Maintenance Part 2 of 3 | | InTP Maintenance Part 3 of 3 | | Insider Threat Program Manager Wrap-Up |
|
|
|
|
| Introduction to Windows Scripting 4 Hours | Skill Level: Beginner | | | + Description | | | This course focuses on writing scripts for the Microsoft Windows operating system. It covers fundamentals and syntax for automating administrative and security monitoring tasks. The course presents the basics of Windows BATCH scripting syntax and structure, along with several Windows command line utilities to harness the powerful capabilities built into Windows.
Learning Objectives:
- Understand fundamentals of Windows BATCH scripting, including syntax and structure.
- Perform redirection, piping, standard input / output, error handling, conditional statements, jumps, and command line parameters.
- Apply built-in commands like net, netsh, xcopy, and findstr to perform more complex functions.
- Understand best practices for writing and debugging Windows scripts.
Date: 2015
Training Purpose: Functional Development
Training Proficiency Area: Level 1 - Beginner
Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework
| Category | Specialty Area | Work Roles |
|---|
| Operate and Maintain |
Network Services |
Network Operations Specialist |
| Operate and Maintain |
Systems Administration |
Systems Administrator |
| Operate and Maintain |
Systems Analysis |
Systems Security Analyst |
|
| | + Course Modules/Units | | | | Scripting Basics Overview | | Windows BATCH Scripting Basics | | Windows BATCH Scripting_Variables | | Windows BATCH Scripting_Loops | | Windows BATCH Scripting_Functions | | Windows Script Error Handling and Troubleshooting | | Windows Script Best Practices and Examples | | Windows Scripting Demo | | Scripting for Penetration Testing | | Windows Scripting Utilities_xcopy | | Windows Scripting Utilities_findstr | | Windows Scripting Utilities_net Commands | | xcopy Examples Demo | | WMI and WMIC | | PowerShell Commands | | PSExec | | Windows Management Instrumentation Demo | | Intro to Windows BATCH Quiz |
|
|
|
| IPv6 Security Essentials Course 5 Hours | Skill Level: Advanced | | | + Description | | | This course begins with a primer of IPv6 addressing and its current deployment state, discusses Internet Control Manager Protocol version 6 (ICMPv6), Dynamic Host Configuration Protocol version 6 (DHCPv6), and Domain Name System version 6 (DNSv6), and concludes with IPv6 Transition Mechanisms, security concerns, and management strategies. This course includes several reinforcing video demonstrations, as well as a final knowledge assessment.
Learning Objectives:
- Primer of IPv6 addressing
- Describe current deployment state
- Explain ICMPv6, DHCPv6, and DNSv6
- Explore IPv6 Transition mechanisms
- Identify security concerns
- Incorporate management strategies
Date: 2015
Training Purpose: Skill Development
Training Proficiency Area: Level 3 - Advanced
Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework
| Category | Specialty Area | Work Roles |
|---|
| Operate and Maintain |
Network Services |
Network Operations Specialist |
| Operate and Maintain |
Systems Administration |
Systems Administration |
| Operate and Maintain |
Systems Analysis |
Systems Security Analyst |
| Protect and Defend |
Cyber Defense Infrastructure Support |
Cyber Defense Infrastructure Support Specialist |
| Securely Provision |
Systems Architecture |
Systems Architect |
|
| | + Course Modules/Units | | | | IPv6 Introduction | | IPv6 Adoption | | DEMO: IPv6 Network Reconnaissance | | IPv6 Addressing Part 1 of 2 | | IPv6 Addressing Part 2 of 2 | | IPv6 Packet Header | | DEMO: IPv6 Header Analysis | | ICMPv6 | | IPv6 Address Assignment | | DEMO: IPv6 Address Assignment | | IPv6 Web Browsing | | IPv6 Transition Mechanisms Part 1 of 2 | | IPv6 Transition Mechanisms Part 2 of 2 | | DEMO: IPv6 Tunneling | | IPv6 Security Concerns | | DEMO: IPv6 Network Mapping | | IPv6 Security Mitigation Strategies | | DEMO: IPv6 Network Monitoring Tools | | IPv6 Ready | | IPv6 Security Essentials Key Takeaways | | DEMO: IPv4 and IPv6 Subnetting | | DEMO: IPv6 Addressing on Router Interfaces | | DEMO: Setting up RIP for IPv6 | | DEMO: Configuring OSPFv3 | | DEMO: IPv6 Alive Hosts | | DEMO: IPv6 Duplicate Address Detection (DAD) | | DEMO: IPv6 DAD Denial of Services (DOS) | | DEMO: IPv6 Fake Router Advertisement | | DEMO: IPv6 Man-in-the-middle | | IPv6 Security Essentials Quiz |
|
|
|
| ISACA Certified Information Security Manager (CISM) Prep 11 Hours | Skill Level: Intermediate | | | + Description | | | The self-study resource prepares learners for the CISM exam. This course focuses on information security management expertise through in-depth lecture topics, reinforcing demonstrations, and a practice exam. This course includes concepts from the four job practice areas: Information Security Governance, Information Risk Management and Compliance, Information Security Program Development and Management, and Information Security Incident Management.
Learning Objectives:
- Explain how information security governance and supporting processes are used to align security strategy with organizational goals and objectives.
- Detail strategies to manage risk to an acceptable level in support of organization goals and objectives.
- Describe the information security program's role in the organization's security posture by managing and protecting assets while supporting goals.
- Detail means to minimize the impact to operations in the event of a security incident through establishing detection, response, and recovery capabilities.
Date: 2015
Training Purpose: Skill Development
Training Proficiency Area: Level 2 - Intermediate
Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework
| Category | Specialty Area | Work Roles |
|---|
| Oversee and Govern |
Cybersecurity Management |
Information Systems Security Manager |
| Oversee and Govern |
Program/Project Management and Acquisition |
Program Manager |
| Operate and Maintain |
Systems Analysis |
Systems Security Analyst |
| Protect and Defend |
Vulnerability Assessment and Management |
Vulnerability Assessment Analyst |
|
| | + Course Modules/Units | | | | CISM Course Introduction | | IS Governance Domain Overview | | Information Security (IS) Management | | Importance of IS Governance Part 1 of 2 | | Importance of IS Governance Part 2 of 2 | | IS Management Metrics | | ISM Strategy Part 1 of 2 | | ISM Strategy Part 2 of 2 | | Elements of IS Strategy | | IS Action Plan for Strategy | | DEMO: Key Goal, Risk, Performance Indicator | | Risk Management Overview and Concepts | | Risk Management Implementation | | Risk Assessment: Models and Analysis | | DEMO: Calculating Total Cost of Ownership | | DEMO: Recovery Time Objective (RTO) | | Compliance Enforcement | | Risk Analysis: Threat Analysis | | IS Controls and Countermeasures | | Other Risk Management Considerations Part 1 of 2 | | Other Risk Management Considerations Part 2 of 2 | | DEMO: Cost Benefit Analysis | | Information Security Program Development | | Information Security Program Management | | Outcomes of Effective Management | | IS Security Program Development Concepts | | Scope and Charter of IS Program Development | | IS Management Framework | | IS Framework Components | | IS Program Roadmap | | Organizational Roles and Responsibilities | | Information Security Manager Responsibilities | | Other Roles and Responsibilities in IS | | Information Security Program Resources | | IS Personnel Roles and Responsibilities | | IS Program Implementation Part 1 of 2 | | IS Program Implementation Part 2 of 2 | | Implementing IS Security Management Part 1 of 2 | | Implementing IS Security Management Part 2 of 2 | | Measuring IS Management Performance | | Common Challenges to IS Management | | Determining the State of IS Management | | Incident Management and Response | | Incident Management Part 1 of 2 | | Incident Management Part 2 of 2 | | IMT IRT Members | | Incident Response Planning Part 1 of 2 | | Incident Response Planning Part 2 of 2 | | DEMO: Phishing Emails | | DEMO: Incident Management Workflow | | Recovery Planning Part 1 of 2 | | Recovery Planning Part 2 of 2 | | DEMO: RTIR Incident Response Tool Part 1 of 2 | | DEMO: RTIR Incident Response Tool Part 2 of 2 | | CISM Practice Exam |
|
|
|
| (ISC)2 (TM) CISSP (R) Certification Prep 2018 22.5 Hours | Skill Level: Advanced | | | + Description | | | This course prepares learners for the CISSP certification exam. This course focuses on the information security field, exam objectives, and the eight domains upon which the exam is based. This course includes reinforcing video demonstrations and a final practice exam.
Learning Objectives:
- Explain and apply concepts to design, implement, and manage secure cyber operations.
- Develop, document, and implement security policy, standards, procedures, and guidelines.
- Apply risk management concepts.
Date: 2019
Training Purpose: Management Development
Training Proficiency Area: Level 3 - Advanced
Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework
| Category | Specialty Area | Work Roles |
|---|
| Operate and Maintain |
Network Services |
Network Operations Specialist |
| Oversee and Govern |
Strategic Planning and Policy |
Cyber Policy and Strategy Planner |
| Securely Provision |
Systems Architecture |
Enterprise Architecture |
|
| | + Course Modules/Units | | | | CISSP Course Introduction | | Security and Risk Management Concepts | | Regulatory Compliance and Frameworks | | Organizational Privacy Responsibilities | | Acquisition Strategies | | Computer Crime and Incident Response | | International Laws Pertaining to Security | | Legal Regulations and Privacy | | (ISC)2 Code of Ethics and Ethic Bases | | Legal Regulations and Ethics | | Policy and Components Overview | | BC and DR Initiation and Management | | BCP Business Impact Analysis | | Vendor Management | | System Threats and Countermeasures | | Risk Assessment and Countermeasures | | Access Control Types | | RMF Security Control Assessment Process | | Conducting Security Control Assessments | | Security Assessment Report | | Asset Valuation | | Threat Modeling and Reduction Analysis | | Security Awareness and Training | | DEMO: Security Policy Review | | Data Classification | | Data Ownership and Retention | | Privacy Protection and Data Governance | | Security Control Application and Tailoring | | Security Control Selection | | Data Protection Method (DLP) | | Secure Design Principles | | Secure Design Standards and Models | | Database System | | Key Crypto Concepts and Definitions | | Securing ICS and SCADA Systems | | Industrial Control System Security | | DEMO: SCADA Honeynet | | Cloud Computing | | Cloud Computing Security Issues | | Distributed Systems | | Parallel and Distributed Systems Security Issues | | Internet of Things | | Assess and Mitigate Vulnerabilities in Mobile Systems | | Cryptographic Lifecycle | | Cryptographic Methods | | Symmetric Ciphers | | Asymmetric Ciphers | | Public Key Infrastructure (PKI) | | Key Management Practices | | Digital Signatures | | Hashes and Other Integrity Controls | | Salting Hashes | | Methods of Cryptanalytic Attacks | | Digital Rights Management | | Site and Facility Design Criteria | | Physical Security Controls | | Physical and Environmental Threats | | OSI and TCP/IP Models | | Telecom and NW Security Layer 1 | | Telecom and NW Security Layer 2 | | Telecom and NW Security Layer 3 | | Telecom and NW Security Layer 4 and 5 | | Telecom and NW Security Layer 6 and 7 | | Multilayer and Converged Protocols | | Mobile and Wireless Security | | Content Distribution Networks | | Implementing and Using Remote Access | | Virtualization | | Access Control Technologies | | Access Control Types | | Access Control System Strategies | | Building Access Control | | Operations Area Access Control | | Credential Management Systems | | Third-Party Identification Service | | Cloud Identity | | Data Authorization Mechanisms | | Rule-Based Access Control | | Audit and Assurance Mechanisms | | Synthetic Transactions | | Code Review and Testing | | Misuse Case Testing | | Test Coverage Analysis | | Interface Testing | | Security Audits and Agreements | | Digital Investigation and Evidence Analysis | | Legal System Investigation Types | | Electronic Discovery | | Intrusion Detection and Prevention | | Continuous Monitoring | | Egress Monitoring | | Security Operations Concepts | | Security Operations Incident Management | | Managing Security Services Effectively | | DEMO: Whitelisting and Blacklisting | | Security Operations Resource Protection | | Disaster Recovery Strategy | | Maintaining Operational Resilience | | Managing Recovery Communications | | Test Disaster Recovery Plans (DRP) | | Security Education Training and Awareness | | Perimeter Security | | Perimeter Intrusion Detection | | Biometrics and Authentication Accountability | | Personnel Privacy and Safety | | DEMO: Intro to Dshell Toolkit | | SDLC Phases | | Software Development Models | | System Security Protections and Controls | | Agile Development Models | | Maturity Models | | Integrated Product Teams | | Security Environment and Controls | | SW Development Security and Malware | | Impact of Acquired Software | | DEMO: Automated Code Review | | CISSP Practice Exam |
|
|
|
| (ISC)2 (TM) CISSP Concentration: ISSEP Prep 7 Hours | Skill Level: Advanced | | | + Description | | | This course is focused on applying security and systems engineering principles into business functions. This self-study prep course is designed to help learners prepare for the specialized Information Systems Security Engineering Professional (ISSEP) certification exam. The topics in the course cover the five domain areas of the CISSP-ISSEP.
Learning Objectives:
- Incorporate security into business processes and information systems.
- Demonstrate subject matter expertise in security engineering.
- Apply engineering principles into business functions.
Date: 2018
Training Purpose: Skill Development
Training Proficiency Area: Level 3 - Advanced
Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework
| Category | Specialty Area | Work Roles |
|---|
| Collect and Operate |
Cyber Operational Planning |
Cyber Ops Planner |
| Operate and Maintain |
Systems Analysis |
Systems Security Analyst |
| Oversee and Govern |
Cybersecurity Management |
Information Systems Security Manager |
|
| | + Course Modules/Units | | | | ISSEP Course Introduction | | ISSE Responsibilities and Principles | | ISSE and IATF | | Security Design Principles | | Elements of Defense in Depth | | RMF Characteristics | | Maintaining Operational Resilience | | Risk Management Overview | | Assessing Risk Part 1 of 2 | | Assessing Risk Part 2 of 2 | | Determining Risks | | Categorizing Information Systems | | Stakeholder Roles and Responsibilities | | Requirements Analysis | | Using Common and Tailored Controls | | Assessing Security Controls | | Implementing Security Controls | | Authorizing Information Systems | | Systems Verification and Validation | | Monitor, Manage, and Decommissioning | | Defense Acquisition System Overview | | Acquisitions Process | | System Development Process Models | | Project Processes | | Project Management | | ISSEP Practice Exam |
|
|
|
| (ISC)2(TM) Systems Security Certified Practitioner 12 Hours | Skill Level: Beginner | | | + Description | | | This course serves as a preparation for the Systems Security Certified Practitioner (SSCP) certification exam, by demonstrating advanced technical skills and knowledge required to implement and administer infrastructure using security best practices, policies, and procedures.
Learning Objectives:
- Demonstrate knowledge of security operations and administration.
- Implement risk monitoring, analysis, and mitigation strategies.
- Develop and implement incident response and recovery plans.
Date: 2018
Training Purpose: Skill Development
Training Proficiency Area: Level 1 - Beginner
Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework
| Category | Specialty Area | Work Roles |
|---|
| Operate and Maintain |
Systems Analysis |
Systems Security Analyst |
| Operate and Maintain |
Systems Administration |
Systems Administrator |
| Securely Provision |
Systems Requirements Planning |
Systems Requirements Planner |
|
| | + Course Modules/Units | | | | SSCP Introduction | | Authentication Methods | | Single Sign-On and Federated Access | | Attribute Based Access Control | | Device Authentication | | Trust Architectures | | Identity Management Lifecycle | | Implementing Access Controls | | (ISC)2 Code of Ethics | | Security Concepts and Controls | | Asset Management | | Security Control Implementation | | Assessing Physical Security | | Physical Security Defenses | | Administrative Controls | | Auditing | | System Development and Change Cycle | | Change Control and Patch Management | | Security Awareness and Training | | Risk Management | | Risk and Security Assessment | | Security Testing and Assessment | | Monitoring and Analysis | | Monitoring Employees | | Log Management | | Integrity Checking | | Testing and Analysis | | Auditing Methodologies | | Communicate Findings | | Continuous Monitoring and CAESARS | | Introduction to Continuous Monitoring | | Incident Handling, Response and Recovery | | Incident Handling Knowledge Areas Part 1 of 2 | | Incident Handling Knowledge Areas Part 2 of 2 | | Incident Handling Response | | Incident Handling Countermeasures | | DEMO: OpenVAS | | Forensics | | Business Continuity Planning | | Business Impact Analysis | | Backup and Recovery Strategies | | Redundancy and Storage | | Cryptography Terms | | Requirements for Cryptography Part 1 of 2 | | Requirements for Cryptography Part 2 of 2 | | Steganography | | Hashes, Parity and Checksum | | Secure Protocols and Cryptographic Methods | | Symmetric Cryptosystems | | Symmetric and Asymmetric Cryptosystems | | Public Key Infrastructure (PKI) | | Key Management | | Web of Trust | | Secure Protocols | | OSI and TCP/IP Models | | Network Topology | | Transmission Media | | TCP, UDP and Common Protocols | | ARP, DHCP and ICMP | | Routers and Routing Protocols | | Network Security Protocols | | SSCP Exam |
|
|
|
| LAN Security Using Switch Features 2 Hours | Skill Level: Intermediate | | | + Description | | | This course focuses on different methods of how to secure Local Area Networks (LANs) at the connectivity level. Topics include monitoring media access control (MAC) addresses and port security, limiting MAC & IP spoofing, controlling traffic flows, implementing and enhancing security in virtual local area networks (VLANs), enabling authentication on connection points, and determining host security health. Examples are used throughout to reinforce concepts.
Learning Objectives:
- Identify the vulnerabilities and best practices in securing LAN connections.
- Understand the management and decision-making processes within the NAC Framework.
- Discuss methods of defending against attacks to STP, VLAN, and VTP switch configurations.
Date: 2010
Training Purpose: Skill Development
Training Proficiency Area: Level 2 - Intermediate
Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework
| Category | Specialty Area | Work Roles |
|---|
| Operate and Maintain |
Systems Administration |
Systems Administrator |
| Operate and Maintain |
Systems Analysis |
Systems Security Analyst |
| Protect and Defend |
Vulnerability Assessment and Management |
Vulnerability Assessment Analyst |
| Protect and Defend |
Cyber Defense Analysis |
Cyber Defense Analyst |
|
| | + Course Modules/Units | | | | Introduction and MAC Address Monitoring | | MAC Address Spoofing | | Managing Traffic Flows | | VLANs and Security | | 802.1x Port Authentication | | Network Admission Control | | Securing STP | | Securing VLANs and VTP |
|
|
|
| Linux Operating System Security 9 Hours | Skill Level: Advanced | | | + Description | | | This course focuses on the security features and tools available in Linux as well as the considerations, advantages, and disadvantages of using those features. This course is based on Red Hat Linux and is designed for IT and security managers, and system administrators who want to increase their knowledge on configuring and hardening Linux from a security perspective.
Learning Objectives:
- Describe the basic architecture of a Linux system (e.g. kernel, file system formats, permissions, etc.).
- Characterize a Linux system (identify distribution, installed packages, active accounts, etc.).
- List and explain how to use common command line utilities on a Linux system for analysis purposes.
- Operate a Linux system, including patching, modifying services, and other administration tasks.
- Use a Linux system to perform analysis work such as malware and incident response analysis.
Date: 2013
Training Purpose: Skill Development
Training Proficiency Area: Level 3 - Advanced
Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework
| Category | Specialty Area | Work Roles |
|---|
| Operate and Maintain |
Systems Analysis |
Systems Security Analyst |
| Operate and Maintain |
Systems Administration |
Systems Administrator |
| Protect and Defend |
Vulnerability Assessment and Management |
Vulnerability Assessment Analyst |
|
| | + Course Modules/Units | | | | Linux OS Security Introduction | | Booting Linux | | Linux Recovery | | Linux Startup Scripts | | Linux Startup Processes | | Linux Runlevels Demo | | Chkconfig_and_Upstart Demo | | Linux Processes and Signals | | Linux Process Monitoring | | PS_and_Netstat Demo | | Linux PS and TOP Demo | | Working with Linux PIDs | | Linux File System Overview | | Linux File Security | | Linux File Access Controls | | File Integrity Demo | | Linux Kernel Tuning | | Linux Host Access Controls | | Linux User and Group Definition | | User Management | | Linux Privilege Escalation | | Sudoers Demo | | Linux Authentication Methods | | Linux Viruses and Worms | | Linux Trojan Horses | | Linux Rootkits | | Linux Misconfigurations | | Linux Software Vulnerabilities | | Linux Social Engineering | | Linux Automated Installation | | Managing Linux Packages | | Package Management Tools Demo | | Repositories and System Management | | Custom Repository Demo | | Linux IPv4 and IPv6 | | Linux Network Configuration | | Linux Tunneling | | Kernel Tuning Demo | | Linux X11 Forwarding | | Linux File Sharing | | Linux Grand Unified Bootloader (GRUB) | | Configuring GRUB Demo | | Security Enhanced Linux | | Introduction to IPTables | | IPTables Rules | | IPFilter | | Linux Packet Sniffers | | Linux NIDS | | Linux HIDS | | Linux Antivirus | | Linux Secure Shell | | Linux Log Management | | Linux Scripting Basics | | BASH Scripting Demo | | IF Statements | | Pipes and Redirection | | Variables and Regular Expressions | | Custom Scripting | | Linux Hardening | | NSA Hardening Guides | | National Vulnerability Database (NVD) | | Common Vulnerabilities and Exposures (CVE) | | Vulnerability Scanning | | Linux Operating System Security Quiz |
|
|
|
| Mobile and Device Security (2015) 22 Hours | Skill Level: Beginner |  | | + Description | | | This course focuses on mobile devices, how they operate, and their security implications. This course includes topics such as signaling types, application stores, managing mobile devices, and emerging trends and security and privacy concerns with social media.
Learning Objectives:
- Discover mobile device technology components and architectures and how to properly secure them.
- Examine historical and current threats to mobile devices and methods for remediating against them.
- Establish best practices and procedures for performing mobile device forensic investigations.
Date: 2015
Training Purpose: Skill Development
Training Proficiency Area: Level 1 - Beginner
Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework
| Category | Specialty Area | Work Roles |
|---|
| Investigate |
Digital Forensics |
Cyber Defense Forensics Analyst |
| Operate and Maintain |
Customer Service and Technical Support |
Technical Support Specialist |
| Operate and Maintain |
Systems Analysis |
Systems Security Analyst |
| Oversee and Govern |
Legal Advice and Advocacy |
Privacy Officer/Privacy Compliance Manager |
|
| | + Course Modules/Units | | | | Mobile Security Course Introduction | | Cellular Network Generations | | Network Standards Introduction | | CDMA TDMA and GSM Introduction | | GPRS Edge and UMTS Introduction | | Additional Network Standards | | Bluetooth and Wi-Fi | | Cellular Network Components | | Mobile Switching Center Database | | Authentication and Government Standards | | 4G LTE | | Mobile Device Components | | Mobile Device Operating Systems | | Android Customization | | Wireless Technology Introduction | | WiFi Standards | | Wi-Fi Standards : 802.11ac | | WiFi Types | | Wireless Fidelity Part 2 | | WiFi Channels and SSIDs | | WiFi Signals and Hardware | | Bluetooth | | WiMAX | | Additional Standards | | Near Field Communication | | Introduction to Threats | | Lost and Stolen Devices | | Additional Device-Level Threats | | Near Field Communications and Mobile Threats | | Application-Level Threats | | Rogue Applications | | Network-Level Threats | | Pineapple Router | | Malicious Hotspot | | Malicious Use Threats | | Mobile Hacking Tools | | Mobile Device Security Introduction | | Mobile Device Security Introduction Cont. | | Android Introduction | | Android Security | | Android Application Security | | Google Android OS Features | | Installing Antivirus | | iOS Security Model and Platform | | iOS Application Security | | Jailbreaking iOS | | iOS Application Security Cont. | | Apple iOS Update Part 1 of 2 | | Apple iOS Update Part 2 of 2 | | Windows Phone Security Model and Platform | | Windows Implementation and Application Security | | Windows Phone Update | | WiFi Security | | WiMax and Bluetooth | | Bluetooth Attack | | Protecting Data | | Encryption | | Android Encryption | | iOS Encryption | | Email Security | | Android and iOS Email Security | | Windows Email Security | | iOS Hardening | | iOS Hardening Cont | | Blackberry Hardening | | Android Hardening | | Android Hardening Cont. | | Windows Phone Hardening | | Windows Phone Password and Cookies | | Windows Phone Wi-Fi | | Windows Phone - Find, Wipe, and Backup | | Device Security Policies | | Exchange and BES | | Mobile Device Management | | Mobile Device Management Cont. | | McAfee Mobility Management | | Forensics Overview | | Forensics Role and Framework | | Device Identification | | Device Identification Cont. | | Network Data | | Network Data Cont. | | Preservation | | Preservation Cont. | | Acquisition | | Acquisition Cont. | | Device Specific Acquisition | | Hashing | | Hashing Cont. | | Analysis | | Archiving and Reporting | | Cellebrite | | Forensics Demonstration | | XRY/XACT | | Oxygen and CellXtract | | Paraben and MOBILedit! | | Additional Methods | | Subscriber Data | | Benefits of Social Media | | Risks of Social Media | | Liabilities Associated with Social Media | | Social Media Controls | | Emerging Trends | | Emerging Trends Cont. | | New Technologies in Mobile Devices | | Mobile Devices and the Cloud | | Mobile Security Course Quiz |
|
|
|
|
| Network Layer 1 & 2 Troubleshooting 3 Hours | Skill Level: Beginner | | | + Description | | | This course reviews troubleshooting methods used in Layer 1 and Layer 2 of the Open Systems Interconnection (OSI) Model. This course covers how to detect, trace, identify, and fix network connectivity issues at the Physical and Data Link layers of the OSI stack. The basics of the Physical and Data Link layers will be covered along with a review of the devices, signaling, and cabling which operate at these layers. Learners will be presented with methods for tracing connectivity issues back to the source and identifying mitigation solutions.
Learning Objectives:
- Understand basic overview of components of the first two layers of the OSI model.
- Recognize common issues associated with Layer 1 & 2 of the OSI model.
- Apply troubleshooting methods associated with the Physical and Data Link Layer.
Date: 2015
Training Purpose: Functional Development
Training Proficiency Area: Level 1 - Beginner
Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework
| Category | Specialty Area | Work Roles |
|---|
| Operate and Maintain |
Network Services |
Network Operations Specialist |
| Operate and Maintain |
Systems Administration |
Systems Administrator |
| Operate and Maintain |
Customer Service and Technical Support |
Technical Support Specialist |
| Securely Provision |
Systems Architecture |
Security Architect |
|
| | + Course Modules/Units | | | | Network Layer 1 and 2 Troubleshooting Introduction | | OSI Physical Layer 1 Overview | | Data Transmission Medium Cables and Connectors | | Patch Panels | | Fiber Optic Cables | | Encoding and Signaling Functions | | Network Components | | Physical Network Design/Topology | | Network Troubleshooting Methodology | | Common Layer 1 Issues Part 1 of 2 | | Common Layer 1 Issues Part 2 of 2 | | Layer 2 Data Link Layer Components Overview | | MAC Addresses/Logical Link Control | | Layer 2 Protocols | | Physical Network Design/Topology | | Network Troubleshooting Methodology Review | | Common Layer 2 Issues | | Layer 2 Troubleshooting Tools | | NW Layer 1 and 2 Troubleshooting exam |
|
|
|
| Network Security 18 Hours | Skill Level: Beginner | | | + Description | | | This self-study resource is designed to help learners prepare for the Networking certification exams. This course is focused on IT infrastructure and networking concepts for junior to mid-level IT professionals in the cyber workforce. Objectives include network operations, security, troubleshooting and tools, as well as infrastructure support.
Learning Objectives:
- Design and implement a functional network.
- Configure, manage, and maintain network security, standards, and protocols.
- Troubleshoot network issues.
- Create and support virtualized networks.
Date: 2019
Training Purpose: Skill Development
Training Proficiency Area: Level 1 - Beginner
Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework
| Category | Specialty Area | Work Roles |
|---|
| Operate and Maintain |
Network Services |
Network Operations Specialist |
| Operate and Maintain |
Systems Administration |
Systems Administrator |
| Operate and Maintain |
Customer Service and Technical Support |
Technical Support Specialist |
|
| | + Course Modules/Units | | | | Ports and Protocols Part 1 of 2 | | Ports and Protocols Part 2 of 2 | | OSI Layers | | Properties of Network Traffic | | VLANs and VTP | | Routers and Routing Protocols | | Routing Tables and Types | | IP Addressing – IPv6 | | Traffic Filtering and Port Mirroring | | Network Performance Optimization | | IP Addressing Components | | Subnetting | | Network Topologies | | Technologies that Facilitate IOT | | Wireless Standards Part 1 of 2 | | Wireless Standards Part 2 of 2 | | DEMO: Wireless Architecture | | Introduction to Cloud Computing | | Cloud Security | | DNS Service | | Dynamic Host Configuration Protocol (DHCP) | | Ethernet Standards | | Cables and Wires | | Cable Termination and Fiber Optic | | DEMO: Cables and Connectors | | Firewall Implementations | | Network Components – Hubs and Switches | | DEMO: Contrasting Hubs, Switches,VLANS | | Router Setup and MAC Filtering | | Installing and Configuring Wireless Networks | | SOHO Network | | Telephony, VoIP | | Network Security Appliances IDS | | Advanced Security Devices | | Virtual Environments | | Network Storage Connection Types | | Network Storage and Jumbo Frames | | Wide Area Network Technologies | | Configuration Management Documentation | | Business Continuity and Disaster Recovery | | Fault Tolerance and Availability Concepts | | Maintainability: MTTR and MTBF | | Security Device and Technology Placement | | DEMO: Introduction to SNMP | | Network Access Security | | Remote Access Methods | | Operations Policies and Best Practices | | Mobile Device Deployment Models | | Physical Security Devices | | Authentication Services | | PKI Public Key Infrastructure | | Examples of PKI Use | | Network Access Control | | Wireless Encryption and Authentication | | DoS and MITM Attacks | | Wireless Threats and Mitigation | | Understanding Insider Threat | | DEMO: Malware and Social Engineering Threats | | Hardening Network Devices | | Switch Loop Protocol | | Network Segmentation and Design | | Honeypot | | Corporate Penetration Testing | | Network Troubleshooting Methodology | | Hardware Tools for Connectivity Issues | | Software Tools for Connectivity Issues | | DEMO: NSlookup Dig Google Toolbox | | Physical Connectivity Problems | | Cable Troubleshooting | | Wireless Troubleshooting | | Troubleshooting Routers and Switches | | Technologies that Facilitate IOT | | Practice Exam |
|
|
|
|
| Radio Frequency Identification (RFID) Security 1 Hour | Skill Level: Beginner | | | + Description | | | This course focuses on securing radio frequency identification (RFID), different components of RFID, how it works, applications in which it is being used, benefits and weaknesses, and the communication range over which it works will be reviewed. Topics include specific concerns with RFID, recommendations for RFID, and security issues that have come to light.
Learning Objectives:
- Explain the components, operation, and application of RFID technology.
- Understand the privacy implications with using RFID-embedded items.
- Differentiate across threat categories.
- Describe different security recommendations to secure RFID.
- Familiarity with real-world examples of how RFID has been exploited.
Date: 2016
Training Purpose: Skill Development
Training Proficiency Area: Level 1 - Beginner
Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework
| Category | Specialty Area | Work Roles |
|---|
| Operate and Maintain |
Systems Analysis |
Systems Security Analyst |
| Protect and Defend |
Vulnerability Assessment and Management |
Vulnerability Assessment Analyst |
|
| |
|
| Securing Infrastructure Devices 1 Hour | Skill Level: Intermediate | | | + Description | | | This course focuses on physical security, operating system security, management traffic security, device service hardening, securing management services, and device access privileges.
Learning Objectives:
- Understand considerations for securing physical assets, patch management and change management.
- Apply methods for securing network management traffic.
- Understanding of securing management services such as NTP, SNMP, Syslog.
- Understand hardware device hardening.
Date: 2010
Training Purpose: Skill Development
Training Proficiency Area: Level 2 - Intermediate
Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework
| Category | Specialty Area | Work Roles |
|---|
| Operate and Maintain |
Network Services |
Network Operations Specialist |
| Operate and Maintain |
Systems Administration |
Systems Administrator |
| Operate and Maintain |
Systems Analysis |
Systems Security Analyst |
| Protect and Defend |
Cyber Defense Infrastructure Support |
Cyber Defense Infrastructure Support Specialist |
| Securely Provision |
Systems Architecture |
Security Architect |
|
| | + Course Modules/Units | | | | Physical and Operating System Security | | Management Traffic Security | | Device Service Hardening | | Securing Management Services | | Device Access Hardening | | Device Access Privileges |
|
|
|
| Securing Internet- Accessible Systems 1 Hours | Skill Level: Beginner | | | + Description | | | This course focuses on Internet-accessible systems or "Internet of Things" (IoT). Each of these systems and devices can be targeted by threat actors and used to conduct malicious activity if they are unsecured, or worse, these systems can leave vulnerabilities and sensitive information open to exploitation if not properly configured and maintained. This course explains the vulnerabilities of internet-accessible systems and how to prepare for, mitigate, and respond to a potential attack. This course provides key knowledge to inform organizational awareness of internet-accessible system attacks as well as best practices that minimize the likelihood of a successful attack and enable effective response and recovery if an attack occurs.
This webinar is accessible to non-technical learners including managers and business leaders and offers an organizational perspective useful to technical specialists.
Learning Objectives
Enable learners to better defend their internet-accessible systems through awareness of common vulnerabilities, best practices, CISA guidance, and resources:
- Define Internet-Accessible Systems and common vulnerabilities
- Explain cyber hygiene best practices that prevent attacks.
- Understand the impacts of real-life cyberattacks and what an effective organizational response looks like.
- Learn steps to identify, mitigate, and recover from Internet-Accessible System attacks.
Date: 2020
Training Purpose: Skill Development
Training Proficiency Area: Level 1 - Beginner
Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework
| Category | Specialty Area | Work Roles |
|---|
| Operate and Maintain |
Data Administration |
Data Analyst, Database Administrator |
| Operate and Maintain |
Systems Administration |
Systems Administrator |
| Operate and Maintain |
Systems Analysis |
Systems Security Analyst |
| Oversee and Govern |
Cybersecurity Management |
Communications Security Manager; Information Systems Security Manager |
| Oversee and Govern |
Program Management and Acquisition |
IT Investment Manager, IT Program Auditor, IT Project Manager, Product Support Manager, Program Manager |
| Oversee and Govern |
Strategic Planning and Policy |
Cyber Policy and Strategy Planner; Cyber Workforce Developer and Manager |
| Protect and Defend |
Cyber Defense Infrastructure Support |
Cyber Defense Infrastructure Support Specialist |
| Protect and Defend |
Incident Response |
Cyber Defense Incident Responder |
| Protect and Defend |
Vulnerability Assessment Analyst |
| Securely Provision |
Risk Management |
Authorizing Official/Designating Representative; Security Control Assessor |
| Securely Provision |
System Requirements Planning |
System Requirements Planner |
|
| |
|
| Securing the Network Perimeter 1 Hour | Skill Level: Intermediate | | | + Description | | | This course focuses on edge security traffic design, blocking Denial of Service / Distributed Denial of Service (DoS/DDoS) traffic, specialized access control lists, routers and firewalls, securing routing protocols, securing traffic prioritization, and securing against Single Point of Failure (SPOF).
Learning Objectives:
- Identify perimeter and the approach to protecting that perimeter.
- Understand methods to consider for blocking DoS and DDos traffic.
- Apply specialized Access Control List considerations.
- Implement firewalls and differentiate types to protect the perimeter.
- Understand routing protocols and traffic prioritization for networks.
Date: 2010
Training Purpose: Skill Development
Training Proficiency Area: Level 2 - Intermediate
Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework
| Category | Specialty Area | Work Roles |
|---|
| Investigate |
Digital Forensics |
Cyber Defense Forensics Analyst |
| Operate and Maintain |
Network Services |
Network Operations Specialist |
| Operate and Maintain |
Systems Analysis |
Systems Security Analyst |
| Protect and Defend |
Cyber Defense Analysis |
Cyber Defense Analyst |
| Protect and Defend |
Incident Response |
Cyber Defense Incident Responder |
|
| | + Course Modules/Units | | | | Introduction and Edge Security Traffic Design | | Blocking DoS and DDoS Traffic | | Specialized Access Control Lists | | Routers with Firewalls | | Beyond Firewalls: Inspecting Layer 4 and Above | | Securing Routing Protocols and Traffic Prioritization | | Securing Against Single Point of Failures |
|
|
|
| Security and DNS 1 Hour | Skill Level: Advanced | | | + Description | | | This course discusses name resolution principles, name resolution and security, DNS security standards, securing zone transfers with Transaction Signature (TSIG), and DNS Security Extension (DNSSEC) principles, implementation, and resources.
Learning Objectives:
- Understand DNS (Doman Name System) and its purpose.
- Familiarity with DNS Standards documents, DNS deployment best practices and TSIG.
- Explain DNSSEC and its origins, role and implementation.
- Understand migrating to DNSSEC and its challenges.
Date: 2010
Training Purpose: Skill Development
Training Proficiency Area: Level 3 - Advanced
Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework
| Category | Specialty Area | Work Roles |
|---|
| Operate and Maintain |
Network Services |
Network Operations Specialist |
| Operate and Maintain |
Systems Administration |
System Administrator |
| Operate and Maintain |
Systems Analyst |
Systems Security Analyst |
| Securely Provision |
Systems Architecture |
Security Architect |
|
| | + Course Modules/Units | | | | Name Resolution Introduction | | Name Resolution and Security | | DNS Cache | | DNS Security Standards and TSIG | | DNSSEC | | Migrating to DNSSEC | | Issues with Implementing DNSSEC 1 | | Issues with Implementing DNSSEC 2 |
|
|
|
|
|
|
|
|
| Understanding DNS Attacks 1 Hours | Skill Level: Beginner | | | + Description | | | The Domain Name System, commonly known as DNS, is often referred to as the "phone book" of the Internet. Every time we access the Internet to visit our favorite websites, shop and pay bills online, or access online portals for healthcare or banking, we depend on DNS infrastructure to securely route us to our intended destinations. While this shared infrastructure is incredibly powerful and useful, it also presents a rich attack surface for threat actors: allowing them to shut down websites and online services, replace legitimate website content with threats and extortion attempts, or even route traffic to a carbon copy of a legitimate website to steal any information entered by users intending to conduct business as usual. "Understanding DNS Attacks" provides key information you need to know to protect yourself and your organization from DNS infrastructure tampering including common vulnerabilities, how to identify a potential attack, and guidance and best practices to mitigate the likelihood and impact of a successful DNS attack.
This webinar is accessible to non-technical learners including managers and business leaders, and offers an organizational perspective useful to technical specialists.
Learning Objectives:
Enable learners to prevent, flag, and protect themselves and their organizations from DNS infrastructure attacks through awareness of common attack schemes, best practices, CISA guidance, and resources.
- Define DNS Tampering and explain common attack methods
- Identify signs of a DNS attack
- Learn mitigation steps for DNS attacks
- Understand the process to recover from a DNS attack
- Explore impacts of DNS attacks through case studies
Date: 2021
Training Proficiency Area: Level 1 - Beginner
Training Purpose: Skill Development
Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework
| Category | Specialty Area | Work Roles |
|---|
| Analyze |
All-Source Analysis |
Mission Assessment Specialist |
| Collect and Operate |
Collection Operations |
All-Source Collection Manager, All-Source Collection Requirements Manager |
| Operate and Maintain |
Customer Service and Technical Support |
Technical Support Specialist |
| Operate and Maintain |
Data Administration |
Data analyst, database administrator |
| Operate and Maintain |
Knowledge Management |
Knowledge Manager |
| Operate and Maintain |
Network Services |
Network Operation Specialist |
| Operate and Maintain |
Systems Administration |
System Administrator |
| Oversee and Govern |
Cybersecurity Management |
Communications security manager; information systems security manager |
| Oversee and Govern |
Program Management and Acquisition |
IT investment manager, IT program auditor, IT project manager, product support manager, program manager |
| Oversee and Govern |
Strategic Planning and Policy |
Cyber policy and strategy planner; cyber workforce developer and manager |
| Oversee and Govern |
Training, Education, and Awareness |
Cyber Instructional Curriculum Developer |
| Protect and Defend |
Cyber Defense Infrastructure Support |
Cyber Defense Infrastructure Support Specialist |
| Protect and Defend |
Incident Response |
Cyber Defense Incident Responder |
| Protect and Defend |
Vulnerability Assessment and Management |
Vulnerability Assessment Analyst |
| Securely Provision |
Risk Management |
Authorizing official; security control assessor |
| Securely Provision |
Systems Architecture |
Enterprise Architect, Security Architect |
| Securely Provision |
Systems Requirements Planning |
Systems Requirements Planner |
| Securely Provision |
Test and Evaluation |
System Testing and Evaluation Specialist |
|
| |
|
| Understanding Web and Email Server Security 1 Hours | Skill Level: Beginner | | | + Description | | | Web and email servers are the workhorses of the Internet: we couldn't run government, businesses, or our personal lives without them! However, the information exchanged through web and email servers can offer a tempting target for cyber attackers. Participants can request 1 CPE credit for completing this course.
This webinar includes the following information and more:
- Attack methods: Hackers can target and decode victims' web and email traffic, compromise email security to make phishing attempts more likely to succeed, or can even use botnets to shut down access to websites and conduct large-scale campaigns of malicious activity.
- Key Guidance for Organizations: CISA provides resources and best practices to help individuals and organizations secure their web and email infrastructure.
- Case studies: Explore the methods and impacts of real-life cyberattacks, and how the victims responded and recovered.
- Incident Response overview: Key steps to identify a potential attack, mitigate damage through proper preparation and response, and recover after an attack occurs.
Learning Objectives:
Enable learners to prevent, flag, and protect themselves and their organizations from web and email server cyberattacks through awareness of common attack schemes, best practices, CISA guidance, and resources.
- Define web and email server infrastructure, and explain common attack methods
- Identify signs of a potential attack
- Learn mitigation steps for web and email server attacks
- Understand the process to recover from a web or email server attack
- Explore impacts of web and email server attacks through case studies
Date: 2020
Training Proficiency Area: Level 1 - Beginner
Training Purpose: Skill Development
Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework
| Category | Specialty Area | Work Roles |
|---|
| Analyze |
All-Source Analysis |
All-source analysis |
| Analyze |
Threat Analysis |
Threat/ warning analyst |
| Collect and Operate |
Collection Operations |
All Source Collection Manager; All Source Collection Requirements Manager |
| Collect and Operate |
Cyber Operational Planning |
Cyber Intel Planner; Cyber Ops Planner; Partner Integration Planner |
| Operate and Maintain |
Data Administration |
Data analyst, database administrator |
| Operate and Maintain |
Knowledge Management |
Knowledge Manager |
| Operate and Maintain |
Network Services |
Network Operations Specialist |
| Operate and Maintain |
Systems Administration |
System Administrator |
| Operate and Maintain |
Systems Analysis |
Systems Security Analyst |
| Oversee and Govern |
Cybersecurity Management |
Communications security manager; information systems security manager |
| Oversee and Govern |
Program Management and Acquisition |
IT investment manager, IT program auditor, IT project manager, product support manager, program manager |
| Oversee and Govern |
Strategic Planning and Policy |
Cyber policy and strategy planner; cyber workforce developer and manager |
| Protect and Defend |
Cyber Defense Analysis |
Cyber Defense Analyst |
| Protect and Defend |
Cyber Defense Infrastructure Support |
Cyber Defense Infrastructure Support specialist |
| Protect and Defend |
Incident Response |
Cyber defense incident responder |
| Protect and Defend |
Vulnerability Assessment and Management |
Vulnerability assessment analyst |
| Securely Provision |
Risk Management |
Authorizing official; security control assessor |
| Securely Provision |
Systems Architecture |
Enterprise Architect; Security Architect |
| Securely Provision |
System Requirements Planning |
System requirements planner |
|
| |
|
| Windows Operating System Security 16 Hours | Skill Level: Intermediate | | | + Description | | | This course focuses on the security aspects of Microsoft Windows. The class begins with an overview of the Microsoft Windows security model and some of the key components such processes, drivers, the Windows registry, and Windows kernel. An overview of the users and group permission structure used in Windows is presented along with a survey of the attacks commonly seen in Windows environments. Patching, networking, and the built-in security features of Windows such as the firewall, anti-malware, and BitLocker are all covered in light detail.
Learning Objectives:
- Understanding of the Windows security model and its key components.
- Introduction and best practice recommendations for using and configuring users and groups.
- Overview of the Data Access Control technology in Windows Server 2012.
- Survey common attacks seen in a Windows environment.
- Understanding of the Microsoft update and patching process
Date: 2012
Training Purpose: Skill Development
Training Proficiency Area: Level 2 - Intermediate
Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework
| Category | Specialty Area | Work Roles |
|---|
| Operate and Maintain |
Systems Analysis |
Systems Security Analyst |
| Operate and Maintain |
Systems Administration |
System Administrator |
| Protect and Defend |
Vulnerability Assessment and Management |
Vulnerability Assessment Analyst |
|
| | + Course Modules/Units | | | | Windows OS Security Course Introduction | | Windows Security Module Introduction | | Windows Architecture Overview | | Windows Subsystems Part 1 of 2 | | Windows Subsystems Part 2 of 2 | | Windows Security Development Lifecycle | | Windows API | | Windows Registry | | Viewing Windows Registry Demo | | Windows Services Part 1 of 2 | | Windows Services Demo | | Windows Services Part 2 of 2 | | Multi-tasking | | Sessions, Windows Stations and Desktops | | Programs and Drivers Part 1 of 2 | | Reviewing Drivers in Windows | | Programs and Drivers Part 2 of 2 | | Updating Widows Drives Demo | | Applications, Processes, and Threads | | Buffer Overflow Protection | | Authenticode Part 1 of 2 | | Digital Certificate Details Demo | | Authenticode Part 2 of 2 | | Windows Action Center | | Windows Users and Groups Introduction | | User Account Control | | Windows Users and Groups Part 1 of 2 | | Windows Users and Groups Part 2 of 2 | | Windows Interactive Logon Process | | NTLM Authentication Overview | | Kerberos Authentication Overview | | Types of Authentication | | File Permissions | | Dynamic Access Controls | | Threats and Vulnerabilities Introduction | | OS Vulnerabilities | | CVE Details Demo | | CVE Samples | | Misconfigurations | | Password Configuration Options | | Password DDOS Demo | | Common Misconfigurations | | CCE and the NVD Demo | | Social Engineering | | Viruses and Worms | | Impersonation | | Microsoft Updates and Patching Process Part 1 of 2 | | Double Decode | | Microsoft Updates and Patching Process Part 2 of 2 | | Securing the Update Process | | Update Process Circumvention | | Windows Server Update Service | | Internet Explorer Patching | | Windows Network Connectivity | | Windows Network Profiles | | Windows Network Adapter Settings | | Windows Wireless Settings | | Windows Networking Protocols | | Other Windows Protocols | | Microsoft VPN Part 1 of 2 | | Microsoft VPN Part 2 of 2 | | Microsoft Network Access Protection Part 1 of 2 | | Microsoft Network Access Protection Part 2 of 2 | | How to Configure Windows Update Settings Demo | | Windows Security Features Introduction | | Windows Firewall | | Windows Firewall Wizard Demo | | Windows Firewall with Advanced Security | | Windows Firewall with Advanced Security Demo | | Configuring Windows Firewall Demo | | Windows Defender | | Windows AD and PKI Demo | | Windows Active Directory Certificate Services | | Windows Group Policy | | Windows AppLocker | | Configuring And Using App Locker Demo | | Windows BitLocker | | Configuring And Using Bitlocker Demo | | Windows Secure Boot | | Windows Security Auditing | | Windows Audit Settings and Examples | | SCW Introduction | | Hardening Windows Introduction | | Windows Templates | | Microsoft Baseline Security Analyzer | | Microsoft Security Configuration Wizard | | Microsoft Security Compliance Manager | | Hardening with Group Policy | | NVD Search Demo | | Other Guidelines and Recommendations | | Using Windows Mgmt Intstrumentation Demo | | Using The Security Config Wizard Demo | | PowerShell Introduction | | PowerShell Key Commands | | PowerShell Demo | | Administrative Functions with PowerShell | | Computer and Network Management with PowerShell | | Basic Scripts in PowerShell | | PowerShell Security Settings and Configurations | | Using Powershell Demo | | Windows OS Security Quiz |
|
|
|
| Wireless Network Security (WNS) 9 Hours | Skill Level: Intermediate | | | + Description | | | This course focuses on the technologies of the 802.11 family of wireless networking, including the principles of network connectivity and network security.
Learning Objectives:
- Understand the difference between Wi-Fi and other wireless technologies.
- Identify the major protocols within the family of 802.11 protocols.
- Understand how radio frequency properties affect Wi-Fi network design and operation.
- Understand the operation of enterprise Wi-Fi networks and the evolution of CAPWAP.
- Understand the major Wi-Fi security and methods and be able to create a Wi-Fi security monitoring plan.
Date: 2013
Training Purpose: Skill Development
Training Proficiency Area: Level 2 - Intermediate
Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework
| Category | Specialty Area | Work Roles |
|---|
| Operate and Maintain |
Network Services |
Network Operations Specialist |
| Operate and Maintain |
Systems Administration |
Systems Administrator |
| Operate and Maintain |
Customer Service and Technical Support |
Technical Support Specialist |
| Protect and Defend |
Cyber Defense Infrastructure Support |
Cyber Defense Infrastructure Support Specialist |
| Securely Provision |
Systems Architecture |
Systems Architect |
|
| | + Course Modules/Units | | | | Wi-Fi Communication and Security Intro | | How Wi-Fi Became Ubiquitous | | Wi-Fi Standards - 802.11b | | Wi-Fi Standards - 802.11a | | Wi-Fi Standards - 802.11g n and ac | | Bluetooth Standards | | WiMAX Standards | | LTE HSPA EvDO Network Types | | Spread Spectrum Technology | | 802.11 Transmissions and Wireless Channels | | 802.11 Data Rates | | Wireless Network Topologies | | Wireless Network Hardware | | RF Propagation Principles | | Impacts on Signal Radiation | | Signal Propagation and Objects | | Additional Signal Effects | | Measuring Signal Strength | | Signal Strength and Antennas | | Wireless Coverage and Frequency Reuse | | Wireless Network Design Issues | | Wireless Modes and Service Sets | | Wireless Authentication and Association | | Wireless and Roaming 1 of 2 | | Wireless and Roaming 2 of 2 | | Enterprise 802.11 Solutions | | Key Points of CAPWAP | | Advantages of CAPWAP | | CAPWAP Demo | | 802.11 Security Flaws | | Fixing 802.11 Security | | 802.1x Authentication Protocols | | Additional Issues with 802.11 Encryption | | Additional 802.11 Security Measures | | Other Wireless Threats | | Wireless Best Practices | | Wireless Network Assessment Part 1 of 2 | | Wireless Network Assessment Part 2 of 2 | | Wireless Network Security Quiz |
|
|
|
