FedVTE Course Catalog

101 Courses - Basic level courses
NICE Cybersecurity Workforce Framework Category - Analyze
NICE Cybersecurity Workforce Framework Category - Collect and Operate
NICE Cybersecurity Workforce Framework Category - Investigate
NICE Cybersecurity Workforce Framework Category - Operate and Maintain
NICE Cybersecurity Workforce Framework Category - Oversee and Govern
NICE Cybersecurity Workforce Framework Category - Protect and Defend
NICE Cybersecurity Workforce Framework Category - Securely Provision

The NICE Cybersecurity Workforce Framework can be found at: https://niccs.us-cert.gov/workforce-development/cyber-security-workforce-framework

Limit to NICE Cybersecurity Workforce Framework Category or subject:
101 Courses - Basic level courses Analyze Collect and Operate
Investigate Operate and Maintain Oversee and Govern
Protect and Defend Securely Provision
Show All Courses in All Categories

Expand/Collapse All
.25 Hours
 
Micro Learn: CDM PMO speaks about the CDM Agency Dashboard
Skill Level: Basic  
+ Description
 

This video explains the features of the current ES-3 version of the CDM Agency Dashboard.

Date: 2021

Training Proficiency Area: Level 1 - Basic

Training Purpose: Skill Development

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

CategorySpecialty AreaWork Roles
Operate and Maintain Systems Administration, Systems Analysis System Administrator, Systems Security Analyst
Oversee and Govern Cybersecurity Management Oversee and Govern Cybersecurity Management Information Systems Security Manager
Oversee and Govern Program/Project Management and Acquisition IT Investment/Portfolio Manager, IT Program Auditor, IT Project Manager, Product Support Manager, Program Manager
Protect and Defend Cyber Defense Analysis Cyber Defense Analyst
+ Course Modules/Units
 
CDM PMO speaks about ES-3 of the CDM Agency Dashboard
.25 Hours
 
Micro Learn: CISA’s Binding Operative Directive (BOD) 22-01 and the Known Exploited Vulnerabilities (KEV) catalog
Skill Level: Basic  
+ Description
 

In this video, Mr. Dave Otto, the Risk expert of the CDM program, explains the Binding Operational Directive 22-01, the CISA KEV (Known Exploited Vulnerabilities) Catalog, and how agencies can better protect their assets.

Date: 2022

Training Proficiency Area: Level 1 - Basic

Training Purpose: Skill Development

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

CategorySpecialty AreaWork Roles
Operate and Maintain Systems Administration, Systems Analysis System Administrator, Systems Security Analyst
Oversee and Govern Cybersecurity Management Information Systems Security Manager
Oversee and Govern Program/Project Management and Acquisition IT Investment/Portfolio Manager, IT Program Auditor, IT Project Manager, Product Support Manager, Program Manager
Protect and Defend Cyber Defense Analysis Cyber Defense Analyst
+ Course Modules/Units
 
Micro Learn: CISA’s Binding Operative Directive (BOD) 22-01 and the Known Exploited Vulnerabilities (KEV) catalog
.25 Hours
 
Micro Learn: The CDM PMO speaks about CDM Enabled Threat Hunting (CETH) and the CDM Agency Dashboard
Skill Level: Basic  
+ Description
 

In this video, Mr. Richard Grabowski, acting CDM PMO, explains CDM Enabled Threat Hunting (CETH) and how CETH benefits the federal agencies. He also discusses how the CDM Dashboard supports the implementation of Endpoint Detection and Response (EDR).

Date: 2022

Training Proficiency Area: Level 1 - Basic

Training Purpose: Skill Development

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

CategorySpecialty AreaWork Roles
Operate and Maintain Systems Administration, Systems Analysis System Administrator, Systems Security Analyst
Oversee and Govern Cybersecurity Management Information Systems Security Manager
Oversee and Govern Program/Project Management and Acquisition IT Investment/Portfolio Manager, IT Program Auditor, IT Project Manager, Product Support Manager, Program Manager
Protect and Defend Cyber Defense Analysis Cyber Defense Analyst
+ Course Modules/Units
 
Micro Learn: The CDM PMO speaks about CDM Enabled Threat Hunting (CETH) and the CDM Agency Dashboard
2 Hours
 
CDM 141 – Introduction to the CDM Agency Dashboard
Skill Level: Beginner  
+ Description
 

This course is a recording of a virtual two-hour course which provides participants with the essential knowledge of the ES-4 version of the CDM Agency Dashboard. It explains basic features and navigation within the environment, and includes demonstrations using the new CDM Agency Dashboard to identify and report on vulnerabilities.

Register to join the next live iteration of this course via https://www.cisa.gov/cdm-training.

Learning Objectives:

  • Understand CDM Agency Dashboard basic features and functionality
  • Instructor demonstrates the CDM Agency Dashboard

Date: March 2022

Training Proficiency Area: Level 1 - Beginner

Training Purpose: Skill Development

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

CategorySpecialty AreaWork Roles
Operate and Maintain Systems Administration, Systems Analysis Operate and Maintain Systems Administration, Systems Analysis System Administrator, Systems Security Analyst
Oversee and Govern Cybersecurity Management Information Systems Security Manager
Oversee and Govern Program/Project Management and Acquisition IT Investment/Portfolio Manager, IT Program Auditor, IT Project Manager, Product Support Manager, Program Manager
Protect and Defend Cyber Defense Analysis Cyber Defense Analyst
+ Course Modules/Units
 
Introduction to the CDM Agency Dashboard
2 Hours
 
CDM 142 – Asset Management with the CDM Agency Dashboard
Skill Level: Beginner  
+ Description
 This course is a recording of a virtual two-hour course and presents an ES-4 overview of how the dashboard provides visibility into the metrics and measurements needed for a continuous monitoring program. It explains how to create queries for hardware (HW) and software (SW) assets and introduces a framework for using data reports to inform risk-based decision-making. Register to join the next live iteration of this course via https://www.cisa.gov/cdm-training.

Learning Objectives:

  • Understand CDM agency dashboard functionalities around asset management
  • Learn how to create asset management queries
  • Learn how to create reports

Date: March 2022

Training Proficiency Area: Level 1 - Beginner

Training Purpose: Skill Development

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

CategorySpecialty AreaWork Roles
Operate and Maintain Systems Administration, Systems Analysis System Administrator, Systems Security Analyst
Oversee and Govern Cybersecurity Management Information Systems Security Manager
Oversee and Govern Program/Project Management and Acquisition IT Investment/Portfolio Manager, IT Program Auditor, IT Project Manager, Product Support Manager, Program Manager
Protect and Defend Cyber Defense Analysis Cyber Defense Analyst
+ Course Modules/Units
 
Asset Management with the CDM Agency Dashboard
Micro Learn: CDM Dashboard Interface ES-5 Overview
Skill Level: Beginner  
+ Description
 

This CDM Agency Dashboard video will provide a foundation level of knowledge and background that will help end users of the dashboard better understanding the functionality of ES-5 of the CDM Agency Dashboard.

Learning Objectives:

  • Understand the Header Section of the CDM Agency Dashboard ES-5
  • Utilize the Tool Bar feature the dashboard
  • Provide an overview of the Query Bar
  • Become familiar with the Time Filter of the dashboard
  • Understand the Navigation Panel and Navigation Drawer features of the dashboard

Date: May 2022

Length: 10 minutes

Training Proficiency Area: Level 1 - Beginner

Training Purpose: Skill Development

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

CategorySpecialty AreaWork Roles
Oversee and Govern Cybersecurity Management Information Systems Security Manager
Oversee and Govern Program/Project Management and Acquisition IT Investment/Portfolio Manager, IT Program Auditor, IT Project Manager, Product Support Manager, Program Manager
Securely Provision Risk Management Authorizing Official/Designating Representative, Security Control Assessor
+ Course Modules/Units
 
CDM Agency Dashboard Interface - Video
2 Hours
 
CDM 143 – Vulnerability Management with the CDM Agency Dashboard
Skill Level: Beginner  
+ Description
 

This course is a recording of a virtual two-hour course covering the ES-4 version of the CDM Agency Dashboard. This course introduces participants to the updated version 1.5 of the CDM Agency-Wide Adaptive Risk Enumeration (AWARE) and other vulnerability management topics. With the information provided, dashboard users can identify the most critical vulnerabilities and prioritize mitigation activities at their agency.

Register to join the next live iteration of this course via https://www.cisa.gov/cdm-training.

Learning Objectives:

  • Understand the CDM Agency-Wide Adaptive Risk Enumeration (AWARE) Score
  • Walkthrough how to identify vulnerabilities in the CDM Agency Dashboard

Date: April 2022

Training Proficiency Area: Level 1 - Beginner

Training Purpose: Skill Development

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

CategorySpecialty AreaWork Roles
Operate and Maintain Systems Administration, Systems Analysis System Administrator, Systems Security Analyst
Oversee and Govern Cybersecurity Management Oversee and Govern Cybersecurity Management Information Systems Security Manager
Oversee and Govern Program/Project Management and Acquisition IT Investment/Portfolio Manager, IT Program Auditor, IT Project Manager, Product Support Manager, Program Manager
Protect and Defend Cyber Defense Analysis Cyber Defense Analyst
+ Course Modules/Units
 
Vulnerability Management with the CDM Agency Dashboard
.25 Hours
 
Micro Learn: The AWARE 1.5 Risk Scoring Overview Using the CDM Agency Dashboard
Skill Level: Beginner  
+ Description
 

In this video, the AWARE 1.5 risk scoring overview is described and how it can benefit the federal agencies.

Date: May 2022

Training Purpose: Skill Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

CategorySpecialty AreaWork Roles
Operate and Maintain Systems Administration, Systems Analysis System Administrator, Systems Security Analyst
Oversee and Govern Cybersecurity Management Oversee and Govern Cybersecurity Management, Information Systems Security Manager
Oversee and Govern Program/Project Management and Acquisition IT Investment/Portfolio Manager, IT Program Auditor, IT Project Manager, Product Support Manager, Program Manager
Protect and Defend Cyber Defense Analysis Cyber Defense Analyst
+ Course Modules/Units
 
The AWARE 1.5 Risk Scoring Overview Using the CDM Agency Dashboard
.5 Hours
 
Micro Learn: Understanding AWARE 1.5 and the CDM Agency Dashboard
Skill Level: Beginner  
+ Description
 

This video explains the new AWARE 1.5 scoring and features.

Date: 2022

Training Purpose: Skill Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

CategorySpecialty AreaWork Roles
Operate and Maintain Systems Administration, Systems Analysis System Administrator, Systems Security Analyst
Oversee and Govern Cybersecurity Management Oversee and Govern Cybersecurity Management, Information Systems Security Manager
Oversee and Govern Program/Project Management and Acquisition IT Investment/Portfolio Manager, IT Program Auditor, IT Project Manager, Product Support Manager, Program Manager
Protect and Defend Cyber Defense Analysis Cyber Defense Analyst
+ Course Modules/Units
 
Micro Learn: Understanding AWARE 1.5 and the CDM Agency Dashboard
.75 Hours
 
Micro Learn: AWARE 1.5 and the ES-3 version of the CDM Agency Dashboard
Skill Level: Basic  
+ Description
 

This video explains the features of AWARE 1.5 on the current ES-3 version of the CDM Agency Dashboard.

Date: 2021

Training Proficiency Area: Level 1 - Basic

Training Purpose: Skill Development

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

CategorySpecialty AreaWork Roles
Operate and Maintain Systems Administration, Systems Analysis System Administrator, Systems Security Analyst
Oversee and Govern Cybersecurity Management Oversee and Govern Cybersecurity Management Information Systems Security Manager
Oversee and Govern Program/Project Management and Acquisition IT Investment/Portfolio Manager, IT Program Auditor, IT Project Manager, Product Support Manager, Program Manager
Protect and Defend Cyber Defense Analysis Cyber Defense Analyst
+ Course Modules/Units
 
AWARE 1.5 and the ES-3 version of the CDM Agency Dashboard
CDM 201 – Identity and Access Management Capabilities within the CDM Agency Dashboard
Skill Level: Intermediate  
+ Description
 

This course is a recording of a virtual two-hour course covering the ES-4 version of the CDM Agency Dashboard. This course introduces participants to the four identity management capabilities - PRIV, CRED, TRUST, and BEHAVE - and to the use of the new CDM Agency Dashboard to reduce risks associated with each.

Register to join the next live iteration of this course via https://www.cisa.gov/cdm-training.

Learning Objectives:

  • Overview of how the CDM Agency Dashboard addresses user-centric data in addition to hardware and software information
  • Strategies for integrating PRIV/CRED/TRUST/BEHAVE capabilities into routine processes workflows to drive increased risk awareness and mitigation.

Date: March 2022

Training Proficiency Area: Level 2 - Intermediate

Training Purpose: Skill Development

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

CategorySpecialty AreaWork Roles
Operate and Maintain Systems Administration, Systems Analysis System Administrator, Systems Security Analyst
Oversee and Govern Cybersecurity Management Oversee and Govern Cybersecurity Management Information Systems Security Manager
Oversee and Govern Program/Project Management and Acquisition IT Investment/Portfolio Manager, IT Program Auditor, IT Project Manager, Product Support Manager, Program Manager
Protect and Defend Cyber Defense Analysis Cyber Defense Analyst
+ Course Modules/Units
 
Identity and Access Management Capabilities within the CDM Agency Dashboard
.5 Hours
 
Micro Learn: IdAM- Identity and Access Management with the CDM Agency Dashboard
Skill Level: Intermediate  
+ Description
 

This 39 minute video is an interview recording of a Mr. Ross Foard, subject matter expert for DHS/CISA, and Identity and Access Management (IAM) . This video provides participants with the essential knowledge of IAM and the CDM Agency Dashboard.

Learning Objectives:

  • Understand CDM Agency Dashboard basic features and IAM functionality.

Date: 2021

Training Proficiency Area: Level 2 - Intermediate

Training Purpose: Skill Development

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

CategorySpecialty AreaWork Roles
Operate and Maintain Systems Administration, Systems Analysis Operate and Maintain Systems Administration, Systems Analysis System Administrator, Systems Security Analyst
Oversee and Govern Cybersecurity Management Information Systems Security Manager
Oversee and Govern Program/Project Management and Acquisition IT Investment/Portfolio Manager, IT Program Auditor, IT Project Manager, Product Support Manager, Program Manager
Protect and Defend Cyber Defense Analysis Cyber Defense Analyst
+ Course Modules/Units
 
IAM- Identity and Access Management with the CDM Agency Dashboard
2 Hours
 
CDM 202 – Managing Configuration Settings with the CDM Agency Dashboard
Skill Level: Intermediate 
+ Description
 

This 2-hour course demonstrates the configuration settings management (CSM) capability within version ES-4 of the CDM Agency Dashboard. In this course students are shown the basic concepts associated with CSM, the importance of Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIGs), how CSM scoring is incorporated into the AWARE calculations, and gain an understanding of how the CSM capability of the CDM Agency Dashboard can be used to reduce the misconfiguration of assets in their inventory.

Learning Objectives:

  • Overview of the importance of Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIGs) and how CSM scoring is incorporated into the AWARE calculations.
  • Walkthrough of how CSM scoring affect the AWARE algorithm and can reduce asset misconfiguration.

Date: March 2022

Training Proficiency Area: Level 2 - Intermediate

Training Purpose: Skill Development

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

CategorySpecialty AreaWork Roles
Oversee and Govern Cybersecurity Management Oversee and Govern Cybersecurity Management Information Systems Security Manager
Oversee and Govern Program/Project Management and Acquisition IT Investment/Portfolio Manager, IT Program Auditor, IT Project Manager, Product Support Manager, Program Manager
Securely Provision Risk Management Authorizing Official/Designating Representative, Security Control Assessor
+ Course Modules/Units
 
Managing Configuration Settings with the CDM Agency Dashboard
.5 Hours
 
Micro Learn: CSM – Concepts of Configuration
Skill Level: Beginner  
+ Description
 

This video provides an overview of the configuration settings management (CSM) capability and how CSM helps to reduce cyber-attacks in software and hardware assets within the Continuous Diagnostics and Mitigation (CDM) Program.

Date: 2022

Training Purpose: Skill Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

CategorySpecialty AreaWork Roles
Operate and Maintain Systems Administration, Systems Analysis System Administrator, Systems Security Analyst
Oversee and Govern Cybersecurity Management Oversee and Govern Cybersecurity Management Information Systems Security Manager
Oversee and Govern Program/Project Management and Acquisition IT Investment/Portfolio Manager, IT Program Auditor, IT Project Manager, Product Support Manager, Program Manager
Protect and Defend Cyber Defense Analysis Cyber Defense Analyst
+ Course Modules/Units
 
Micro Learn: CSM – Concepts of Configuration
.5 Hours
 
Micro Learn: CSM – Understanding Benchmarks and STIGS
Skill Level: Beginner  
+ Description
 

This video discusses the need for standardized benchmarks in the federal government and the use of Defense Information Systems Agency’s (DISA) Security Technical Implementation Guides (STIGs) for integration within the CDM solution. A review of DISA’s role, authority, and DISA STIG compliance levels is provided as well.

Date: 2022

Training Purpose: Skill Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

CategorySpecialty AreaWork Roles
Operate and Maintain Systems Administration, Systems Analysis System Administrator, Systems Security Analyst
Oversee and Govern Cybersecurity Management Oversee and Govern Cybersecurity Management Information Systems Security Manager
Oversee and Govern Program/Project Management and Acquisition IT Investment/Portfolio Manager, IT Program Auditor, IT Project Manager, Product Support Manager, Program Manager
Protect and Defend Cyber Defense Analysis Cyber Defense Analyst
+ Course Modules/Units
 
Micro Learn: CSM – Understanding Benchmarks and STIGS
.5 Hours
 
Micro Learn: Configuration Settings Management (CSM) with the CDM Agency Dashboard
Skill Level: Basic  
+ Description
 

This video explains the CSM features of the current ES-3 version of the CDM Agency Dashboard.

Date: 2021

Training Proficiency Area: Level 1 - Basic

Training Purpose: Skill Development

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

CategorySpecialty AreaWork Roles
Operate and Maintain Systems Administration, Systems Analysis System Administrator, Systems Security Analyst
Oversee and Govern Cybersecurity Management Oversee and Govern Cybersecurity Management Information Systems Security Manager
Oversee and Govern Program/Project Management and Acquisition IT Investment/Portfolio Manager, IT Program Auditor, IT Project Manager, Product Support Manager, Program Manager
Protect and Defend Cyber Defense Analysis Cyber Defense Analyst
+ Course Modules/Units
 
Configuration Settings Management (CSM) with the CDM Agency Dashboard
2 Hours
 
CDM 203 – CDM Dashboard Role-Based Training – System Security Analyst
Skill Level: Intermediate 
+ Description
 

This 2-hour demonstrates the continuous monitoring and analysis capability with version ES-4 of the CDM Agency Dashboard. This is a role-based course for those in the cybersecurity workforce that use the dashboard routinely. In this course students are shown concepts associated with continuous monitoring and analysis of the top issues that affect networks. Topics include an overview of the responsibilities of the Security analyst, continuous monitoring, how the CDM Agency Dashboard can be used to identify vulnerabilities, AWARE scoring, the reporting function, and possible courses of action.

Learning Objectives:

  • Overview of the importance of the CDM Agency Dashboard role of system security analyst, which includes monitoring and vulnerability identification.
  • Strategies for securing agency assets and creating report functionality using the CDM Agency Dashboard.

Date: March 2022

Training Proficiency Area: Level 2 - Intermediate

Training Purpose: Skill Development

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

CategorySpecialty AreaWork Roles
Oversee and Govern Cybersecurity Management Oversee and Govern Cybersecurity Management Information Systems Security Manager
Oversee and Govern Program/Project Management and Acquisition IT Investment/Portfolio Manager, IT Program Auditor, IT Project Manager, Product Support Manager, Program Manager
Securely Provision Risk Management Authorizing Official/Designating Representative, Security Control Assessor
+ Course Modules/Units
 
CDM Dashboard Role-Based Training – System Security Analyst
2 Hours
 
CDM 301 – Management Overview of the CDM Agency Dashboard
Skill Level: Intermediate 
+ Description
 

This two hour course provides managers with an overview of the CDM Agency Dashboard. In this course students are shown concepts associated with the CDM Agency Dashboard and how to create appropriate reports.

Target Audience: This course is applicable to workforce Executives and Senior-level Managers who need to understand how Information Assurance and cybersecurity principles affect their agencies, how the CDM program helps support those principles, and how their CDM Agency Dashboard can help establish a cybersecurity baseline and identify and reduce their attack surface.

The National Initiative for Cybersecurity Education (NICE) roles of: Authorizing Official/Designated Representative, Executive Cyber Leadership, Program Managers, and other senior management roles responsible for cybersecurity within their agency will benefit from this course.

Learning Objectives:

  • Discuss the principles of information assurance
  • Discuss Federal laws and required executive and Senior-level management responsibilities
  • Discuss the purpose and function of the CDM Program
  • Discuss the purpose and benefit of the CDM Agency and Federal Dashboards
  • Reviewing the CDM Agency Dashboard information to make risk-based decisions Includes lab exercises

Date: April 2022

Training Proficiency Area: Level 1 - Beginner

Training Purpose: Skill Development

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

CategorySpecialty AreaWork Roles
Oversee and Govern Cybersecurity Management Oversee and Govern Cybersecurity Management Information Systems Security Manager
Oversee and Govern Program/Project Management and Acquisition IT Investment/Portfolio Manager, IT Program Auditor, IT Project Manager, Product Support Manager, Program Manager
Securely Provision Risk Management Authorizing Official/Designating Representative, Security Control Assessor
+ Course Modules/Units
 
CDM 301 – Management Overview of the CDM Agency Dashboard
.5 Hours
 
Micro Learn: System Security Analyst Overview
Skill Level: Beginner  
+ Description
 

This video presents an overview of the System Security Analyst role and the six key responsibilities associated with that role. The importance of these six key responsibilities is covered including adherence to agency policy and assessing metrics and data.

Date: 2022

Training Purpose: Skill Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

CategorySpecialty AreaWork Roles
Operate and Maintain Systems Administration, Systems Analysis System Administrator, Systems Security Analyst
Oversee and Govern Cybersecurity Management Oversee and Govern Cybersecurity Management Information Systems Security Manager
Oversee and Govern Program/Project Management and Acquisition IT Investment/Portfolio Manager, IT Program Auditor, IT Project Manager, Product Support Manager, Program Manager
Protect and Defend Cyber Defense Analysis Cyber Defense Analyst
+ Course Modules/Units
 
Micro Learn: System Security Analyst Overview
.5 Hours
 
Micro Learn: System Security Analyst Methodology
Skill Level: Beginner  
+ Description
 

This video presents cybersecurity concepts associated with continuous monitoring of issues that affect networks. A review of workplan concepts, checks and reviews, and mitigation recommendations is also covered.

Date: 2022

Training Purpose: Skill Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

CategorySpecialty AreaWork Roles
Operate and Maintain Systems Administration, Systems Analysis System Administrator, Systems Security Analyst
Oversee and Govern Cybersecurity Management Oversee and Govern Cybersecurity Management Information Systems Security Manager
Oversee and Govern Program/Project Management and Acquisition IT Investment/Portfolio Manager, IT Program Auditor, IT Project Manager, Product Support Manager, Program Manager
Protect and Defend Cyber Defense Analysis Cyber Defense Analyst
+ Course Modules/Units
 
Micro Learn: System Security Analyst Methodology
Advanced Data Packet Analysis
Skill Level: Advanced   
+ Description
 

This course orients analysts to analyzing common protocols, identifying suspicious or malicious traffic and provides an introduction to the Wireshark packet filter syntax.

+ Course Modules/Units
 
Advanced Data Packet Analysis: Overview
Module 1.2: Identification of Suspicious and/or Malicious Traffic
Module 1.3: Wireshark Packet Filters and Syntax
Advanced Network Flow Analysis
Skill Level: Beginner   
+ Description
 

By the end of this course, you should be able to use network flow data to do the following:

  • Evaluate the correct implementation of application traffic on the network.
  • Find anomalous traffic on a large network.
  • Find malicious activity given additional network and intelligence data sources.
  • Identify potential malicious activity on a network.
  • Provide input for appropriate techniques in an operational environment.
+ Course Modules/Units
 
Module 1: Anomaly Detection with Flow
Module 2: Reading Protocols
Module 3: Threat Hunting
Module 4: SOC Application
New Course Offering
Analysis of a Cyber Incident
Skill Level: Beginner  
+ Description
 

This three-module course teaches the beginner analyst how to develop the analytical skills and capabilities needed to handle a potential cyber incident— from analysis to reporting findings.

Learning Objectives: By the end of this course, participants will be familiar with

  • How to think about the approach to analysis
  • Writing a proper hypothesis and prediction
  • The Importance of Organizational Context
  • Impact of the Organization Environment
  • Gathering the necessary information to analyze an incident
  • Analyzing the Functional elements of an incident
  • Analyzing the Strategic elements of an incident
  • Assembling the elements to solve the cyber puzzle
  • Reporting the finding results of the analysis
  • Accessing CISA resources for incident and vulnerability cases.

Date: 2022

Training Purpose: Skill Development

Training Proficiency Area: Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

CategorySpecialty AreaWork Roles
AnalyzeExploitation AnalysisExploitation Analyst
Protect and DefendCyber Defense AnalysisCyber Defense Analyst
+ Course Modules/Units
 
Analysis of a Cyber Incident
Bash Scripting
Skill Level: Beginner   
+ Description
 The Bash scripting series of videos introduces the fundamental concepts of input, flow control, processing and output. Each video adds features to these so the student has a richer set of scripting components with which to work. Most of the example scripts involve SiLK analytics of increasing complexity so the student can immediately apply what was learned in a meaningful way.
+ Course Modules/Units
 
Module 1: Bash Scripting - Introduction
Module 2
Module 3
Module 4
Module 5
Module 6
.5 Hours
 
Micro Learn: CDM Agency Dashboard Videos (4 Videos)
Skill Level: Intermediate 
+ Description
 

This short CDM Agency Dashboard video will provide a foundation level of knowledge and background that will help end users of the dashboard prepare for training demonstrations and hands-on activities, as well as the implementation of the Elastic dashboard.

Learning Objectives:

  • Become familiar with the Kibana User Interface of the CDM Agency Dashboard
  • Better understand the CDM Agency Dashboard architecture and data flow
  • Understand the general architecture, data flow, and data structure and schema
  • Become familiar with JSON Documents

Date: 2022

Training Proficiency Area: Level 1 - Beginner

Training Purpose: Skill Development

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

CategorySpecialty AreaWork Roles
Oversee and Govern Cybersecurity Management Information Systems Security Manager
Oversee and Govern Program/Project Management and Acquisition IT Investment/Portfolio Manager, IT Program Auditor, IT Project Manager, Product Support Manager, Program Manager
Securely Provision Risk Management Authorizing Official/Designating Representative, Security Control Assessor
+ Course Modules/Units
 
CDM Agency Dashboard – Kibana User Interface
CDM Agency Dashboard Architecture and Data Flow
CDM Agency Dashboard Data Structure and Schema
Understanding JSON Documents
Cloud Monitoring
Skill Level: Beginner   
+ Description
 

This course introduces concepts around Infrastructure as a Service (IaaS), Platform as a Service (PaaS), Software as a Service (SaaS), Multiple Cloud Hosting and Hybrid Cloud Hosting.

Date: 2021

Training Purpose: Skill Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

CategorySpecialty AreaWork Roles
Securely Provision Risk Management Authorizing Official/Designating Representative
Securely Provision Systems Architecture Enterprise Architect, Security Architect
Securely Provision Systems Requirements Planning Systems Requirements Planner
Securely Provision Test and Evaluation System Testing and Evaluation Specialist
Oversee and Govern Cybersecurity Management Information Systems Security Manager
Protect and Defend Incident Response Cyber Defense Incident Responder
+ Course Modules/Units
 
Introduction - Lecture 1 of 5
Shared Responsibility Model - Lecture 2 of 5
Use Cases - Lecture 3 of 5
Case Study - Lecture 4 of 5
Cloud Architectures & Summary - Lecture 5 of 5
IaaS Overview - Lecture 1 of 5
IaaS: Monitoring Services and Capabilities - Lecture 2 of 5
IaaS: Best Practices - Lecture 3 of 5
IaaS: Gaps and Considerations - Lecture 4 of 5
IaaS: Use Cases, Reflection and Summary - Lecture 5 of 5
PaaS Overview - Lecture 1 of 6
PaaS: Monitoring Services and Capabilities - Lecture 2 of 6
PaaS: Monitoring Examples - Lecture 3 of 6
PaaS: Best Practices - Lecture 4 of 6
PaaS: Gaps and Considerations - Lecture 5 of 6
PaaS: Reflection and Summary - Lecture 6 of 6
SaaS Overview - Lecture 1 of 5
SaaS: Monitoring Services and Capabilities - Lecture 2 of 5
SaaS: Best Practices - Lecture 3 of 5
SaaS: Gaps and Considerations - Lecture 4 of 5
SaaS: Reflection and Summary - Lecture 5 of 5
What is Multiple Cloud - Lecture 1 of 5
Security Issues - Lecture 2 of 5
Monitoring Capabilities - Lecture 3 of 5
Gaps- Lecture 4 of 5
Multiple Clouds - Lecture 5 of 5
Hybrid Cloud: Security Issues - Lecture 1 of 4
Monitoring Capabilities - Lecture 2 of 4
Gaps - Lecture 3 of 4
Hybrid Clouds in Operation - Lecture 4 of 4
Conclusion - Lecture 1 of 1
Cloud Security – What Leaders Need to Know (Professors in Practice Series)
Skill Level: Beginner  
+ Description
 

This course features National Defense University Professor Robert Richardson who discusses important security and oversight requirements for commercial cloud solutions.

Learning Objectives:

  • Overview of the cloud physically, logically, and architecturally.
  • Discuss cloud deployment models and characteristics.
  • Overview of cloud infrastructure characteristics.
  • Cloud Supply Chain Risk Management and considerations of commercial cloud as third-party cloud services; senior leaders should "beware of the gaps and seams."
  • Cloud software components - microservices & APIs.
  • The driving forces and key technology enablers of commercial cloud services in the Federal Government.
  • Must-have security requirements and policies for cloud solutions.
  • The top ten cybersecurity cloud risks such as: loss of service, data breaches, human error. As well as non-cybersecurity risks such as: outsourcing risks, personnel security, and supply chain risk management.
  • Where Federal Government adoption of commercial cloud is now and predictions for the future.

Date: 2020

Training Purpose: Skill Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

CategorySpecialty AreaWork Roles
Operate and Maintain Network Services Network Operations Special
Operate and Maintain Systems Administration System Administrator
Operate and Maintain Systems Analysis Systems Security Analyst
Oversee and Govern Cybersecurity Management Information Systems Security Manager
Oversee and Govern Executive Cyber Leadership Executive Cyber Leadership
Oversee and Govern Program/Project Management and Acquisition IT Investment/Portfolio Manager, IT Program Auditor, IT Project Manager, Product Support Manager, Program Manager
Oversee and Govern Strategic Planning and Policy Cyber Policy and Strategy Planner, Cyber Workforce Developer and Manager
Oversee and Govern Training, Education, and Awareness Cyber Instructional Curriculum Developer, Cyber Instructor
Securely Provision Risk Management Authorizing Official/Designating Representative, Security Control Assessor
Securely Provision Systems Requirement Planning Systems Requirements Planner
Securely Provision Systems Architecture Enterprise Architect, Security Architect
+ Course Modules/Units
 
Cloud Security: What Leaders Need to Know – with Professor Robert Richardson
Cover Your Assets: Securing Critical and High-Value Assets
Skill Level: Beginner 
+ Description
 

Think about your organization’s most critical functions: what do others depend on you to provide? Your high-value assets (HVAs), also known as critical assets across many industries, are the information or information systems that have serious impact to your organization’s ability to conduct its mission or business operations if lost, corrupted, or inaccessible. Across sectors and industries, data and information systems that underpin core business and operational functions- or those systems that connect to core functionalities- make highly tempting targets for sophisticated criminal, politically motivated, or state-sponsored actors to exploit directly or compromise to undermine public trust.

The HVA program was established by CISA to help organizations gain a comprehensive understanding of the risks that dynamic threat actors pose and identify the high-value information and systems that are likely targets.

This webinar provides an overview of the following key information:

  • HVA and critical asset overview: Define high-value assets, and how to assess and prioritize risks.
  • Common threats: Understand the most likely threats to HVAs and how to mitigate associated vulnerabilities.
  • CISA guidance: Learn the steps and parameters to identify, categorize, prioritize, and secure your HVAs or critical assets.
  • Case studies: Explore the impacts of documented critical or high-value asset cyberattacks, and the success of resulting response and recovery efforts.

This course is accessible to a non-technical audience including managers and business leaders and provides an organizational perspective useful to technical specialists.

Date: July 2021

Training Purpose: Skill Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

CategorySpecialty AreaWork Roles
Operate and Maintain Customer Service and Technical Support Technical Support Specialist
Operate and Maintain Systems Administration System Administrator
Operate and Maintain Knowledge Management Knowledge Manager
Operate and Maintain Network Services Network Operations Specialist
Oversee and Govern Cybersecurity Management Communications security manager; information systems security manager
Oversee and Govern Executive Cyber Leadership Executive Cyber Leadership
Oversee and Govern Program Management and Acquisition IT investment manager, IT program auditor, IT project manager, product support manager, program manager
Oversee and Govern Training, Education, and Awareness Cyber Instructional Curriculum Developer
+ Course Modules/Units
 
Cover Your Assets: Securing Critical and High-Value Assets
2 Hours
 
Critical Infrastructure Protection
Skill Level: Beginner   
+ Description
 

This course discusses the influence, impact, and need for cybersecurity when defending the critical infrastructure and key resources of the United States. This course provides the definition of critical infrastructure, examples of cybersecurity threats to critical infrastructure, and information on what is being done to protect critical infrastructure from these cybersecurity threats.

Learning Objectives:

  • Define and give examples of critical infrastructure.
  • Identify possible cyber threats to critical infrastructure.
  • Describe U.S. cybersecurity policies and programs.
  • Explain the cybersecurity roles of the Department of Homeland Security (DHS) and other Federal agencies.

Date: 2017

Training Purpose: Skill Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

CategorySpecialty AreaWork Roles
Operate and Maintain Network Services Network Operations Specialist
Operate and Maintain Systems Administration Systems Administrator
Operate and Maintain Systems Analysis Systems Analyst
Operate and Maintain Systems Development Information Systems Security Developer
Oversee and Govern Strategic Planning and Policy Cyber Policy and Strategy Planner
Protect and Defend Cyber Defense Infrastructure Support Cyber Defense Infrastructure Support Specialist
Protect and Defend Cyber Defense Analysis Cyber Defense Analyst
Securely Provision Systems Architecture Systems Architect
Securely Provision Technology R&D Research & Development Specialist
Securely Provision Systems Requirements Planning Systems Requirements Planner
Securely Provision Systems Development Systems Developer
+ Course Modules/Units
 
Critical Infrastructure Protection
3 Hours
 
Creating a Computer Security Incident Response Team (CSIRT)
Skill Level: Beginner 
+ Description
 

This course was developed for organizations and individuals who are at the beginning of their planning and implementation process for creating a computer security incident response team or an incident management capability. This course begins with definitions and context for defining a CSIRT framework, followed by services that may be provided and building an action plan. An attendee workbook is included with questions and exercises to use in conjunction with the training.

Learning Objectives:

  • Understand the function of Computer Security Incident Response Teams (CSIRTs) and the philosophy behind them.
  • Understand the role of CSIRT in the incident management process.
  • Identify the requirements to establish an effective CSIRT.
  • Appreciate the key issues and decisions that must be addressed when creating a CSIRT.
  • Learn to strategically plan the development and implementation of your CSIRT.

Date: 2017

Training Purpose: Management Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

CategorySpecialty AreaWork Roles
Analyze All-Source Analysis All-Source Analyst
Oversee and Govern Executive Cyber Leadership Executive Cyber Leadership
+ Course Modules/Units
 
Create a Computer Security Incident Response Team
Defining Incident Management Part 1 of 2
Defining Incident Management Part 2 of 2
Defining CSIRTs
Types of CSIRTs
Setting the Context
Defining Your Framework Part 1 of 2
Defining Your Framework Part 2 of 2
Capability Strategies
CSIRT Components
CSIRT Components: Organizational Issues
CSIRT Components: Resources
Range and Level of Services
Policy and Procedure Examples
Range and Level of Services Summary
Ideas for Your Action Plan
Taking the Next Steps
CSIRTs Resource Overview
1 Hour
 
CyberEssentials
Skill Level: Beginner
+ Description
 

This course focuses on how leaders can develop actionable items to start implementing organizational cybersecurity practices and introduces the six essential elements of building a culture of cyber readiness.

Learning Objectives:

  • Identify actionable items to reduce your organization's cyber risks through a holistic approach.
  • Identify the six essential elements of building a culture of cyber readiness.
  • Identify the steppingstones to building a culture of cyber readiness.

Date: 2019

Training Purpose: Skill Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

CategorySpecialty AreaWork Roles
Oversee and Govern Training, Education, and Awareness Cyber Instructional Curriculum Developer
Oversee and Govern Strategic Planning and Policy Strategic Planning and Policy Planner
Oversee and Govern Executive Cyber Leadership Executive Cyber Leadership
Oversee and Govern Program/Project Management and Acquisition Program Manager
Oversee and Govern Cybersecurity Management Information Systems Security Manager
+ Course Modules/Units
 
CyberEssentials - 1 Hour
2 Hours
 
Cyber Supply Chain Risk Management
Skill Level: Beginner  
+ Description
 

This course focuses on cyber supply chain risk management, also known as C-SCRM, and the role it plays within our society today. This course will explain how to securely provision, analyze, oversee and govern, protect and defend a supply chain.

Learning Objectives:

  • Describe product supply chains and life cycles.
  • Identify the role of adversaries in supply chain risk management.
  • Define the risks associated with supply chains.
  • State the principles of supply chain management.
  • Identify security measures taken to protect a supply chain.
  • Apply suggested tools to address supply chain vulnerabilities.
  • Explain how knowledge of the 'internet of things' (IoT) is used to evaluate products as IoT devices.
  • Recognize potential dangers posed by various devices brought to work.
  • Identify the threats outlined for acquisitions personnel through the Federal Acquisition Regulation (FAR).
  • Define how to personally safeguard your organization's cybersecurity.

Date: 2019

Training Purpose: Skill Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

CategorySpecialty AreaWork Roles
Analyze All-Source Analysis All-Source Analyst
Analyze Exploitation Analysis Exploitation Analyst
Analyze Threat Analysis Threat/Warning Analysis
Analyze Targets Target Developer, Target Network Analyst
Oversee and Govern Program/Project Management and Acquisition Program Manager
Oversee and Govern Strategic Planning and Policy Cyber Policy and Strategy Planner
Oversee and Govern Cybersecurity Management Information Systems Security Manager
Protect and Defend Cyber Defense Analysis Cyber Defense Analyst
Protect and Defend Cyber Defense Infrastructure Support Cyber Defense Infrastructure Support Specialist
Securely Provision Software Development Software Developer
Securely Provision Systems Development Systems Developer
+ Course Modules/Units
 
Supply Chain Risk Management
Deep DNS
Skill Level: Beginner   
+ Description
 This course is an introduction to the Domain Name System, or DNS. DNS is a core infrastructure protocol of the internet, and one of the oldest internet application protocols still in use. In this course, you will learn why DNS was created; the main purposes it currently serves; and how it works. This course is intended for security operations professionals.
+ Course Modules/Units
 
Deep DNS: Purpose, History, and Structure of DNS - Module 1.1
Deep DNS: DNS Applications - Module 1.2
Deep DNS: DNS Analysis Tools - Module 1.3
Deep DNS: DNS Transport Mechanisms - Module 2.1
Deep DNS: DNS as a Transport Mechanism - Module 2.2
Deep DNS: Subverting DNS Integrity - Module 2.3
4 Hours
 
Develop and Publish a Vulnerability Disclosure Policy for Federal Agencies (CISA BOD 20-01)
Skill Level: Beginner      
+ Description
 

This 1/2-day course is a joint collaboration of the Cybersecurity & Infrastructure Security Agency (CISA) and the CERT Division of the Software Engineering Institute at Carnegie Mellon University. The purpose of this training is to help federal civilian agencies meet required actions of BOD 20-01, the Binding Operational Directive to Develop and Publish a Vulnerability Disclosure Policy (VDP) by covering the knowledge of and providing resources for:

  • Vulnerability report receipt and intake
  • Developing and publishing a vulnerability disclosure policy
  • Developing vulnerability disclosure handling procedures
  • Developing a vulnerability disclosure capability development
  • Reporting metrics

After completing this course, participants should be able to

  • Describe agency requirements for developing and publishing a vulnerability disclosure policy (VDP).
  • Describe the minimum capacity needed to support your vulnerability disclosure handling process.
  • Explain how vulnerability disclosure and handling is dependent on successful human interaction.
  • Explain the importance of establishing trust and good relationships with reporters and stakeholders.
  • List the key resources that can help your agency build your VDP and supporting processes.
  • Meet the requirements to develop and publish a VDP and supporting handling process.
  • Understand how and when to work with CISA for assistance and escalation.

Date: 2022

Training Purpose: Skill Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

CategorySpecialty AreaWork Roles
Protect and Defend Vulnerability Management Vulnerability Manager
+ Course Modules/Units
 
Develop and Publish a Vulnerability Disclosure Policy
Module 2: Overview of CISA BOD 20-01
Module 3: Essentials of VDP
Module 4: Developing A Vulnerability Disclosure Handling Capability
Module 5: Reporting and Metrics
Module 6: Challenges and Additional Considerations
Module 7: Summary and Wrap-up
3.5 Hours
 
Elections and IT – Embrace your role as a Manager
Skill Level: Beginner  
+ Description
 

This course is a collaboration between the U.S. Election Assistance Commission (EAC) and the U.S. Department of Homeland Security (DHS) and provides an opportunity to learn why election officials must view themselves as IT managers. The course serves as an overview of information technology and how to ensure security is included in the planning, procuring, designing, implementing, and maintaining of interconnected electronic election systems, including public-facing websites. The content introduces the key concepts of identifying vulnerabilities and how to protect election systems from internal and external threats and provides information on cybersecurity resources available from the EAC and DHS.

Date: 2018

Training Purpose: Management Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

CategorySpecialty AreaWork Roles
Oversee and Govern Cybersecurity Management Information Systems Security Manager
Protect and Defend Incident Response Cyber Defense Incident Responder
Securely Provision Risk Management Authorizing Official/Designating Representative
+ Course Modules/Units
 
Professionalizing Election Admin Intro
Being an IT Manager
Election Systems
Procuring IT
Testing and Audits
Election Security
Principles of Information Security
Cybersecurity and Elections
Risk Management and Elections
Phishing and Elections
Election Infrastructure Security
DHS Cyber Security Tools and Services
EAC Resources
4 Hours
 
The Election Official as IT Manager
Skill Level: Beginner  
+ Description
 

This course focuses on why Election Officials must view themselves as IT systems managers and introduces the knowledge and skills necessary to effectively function as an IT manager. The course includes a review of Election Systems, Election Night Reporting, and Interconnected Election Systems vulnerabilities and liabilities. The content also covers Social Media and Website best practices, vulnerabilities, and liabilities, and addresses Procuring IT, Vendor Selection, Testing and Audits, Security Measures, and Risk Assessments. In addition, this course includes a review of resources available to the election community from the Department of Homeland Security.

Date: 2018

Training Purpose: Management Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

CategorySpecialty AreaWork Roles
Oversee and Govern Cybersecurity Management Information Systems Security Manager
Protect and Defend Incident Response Cyber Defense Incident Responder
Securely Provision Risk Management Authorizing Official/Designating Representative
+ Course Modules/Units
 
Professionalizing Election Admin Intro
Being an IT Manager
Election Systems
Technology and the Election Office
Procuring IT
Testing and Audits
Election Security
Principles of Information Security
Physical Security
Cybersecurity and Elections
Human Security
Risk Management and Elections
Incident Response Scenarios and Exercises
Phishing and Elections
DDOS Attacks and Elections
Website Defacing
Election Infrastructure Security
DHS Cyber Security Tools and Services
EAC Resources
12 Hours
 
Emerging Cyber Security Threats
Skill Level: Intermediate   
+ Description
 

This course covers a broad range of cybersecurity elements that pose threats to information security posture. The various threats are covered in detail, followed by mitigation strategies and best practices. It will cover what the policies are, the roles it plays in cybersecurity, how they are implemented. The course will also look at cybersecurity laws, standards, and initiatives. Topics include policy, knowing your enemy, mobile device security, cloud computing security, Radio Frequency Identification (RFID) security, LAN security using switch features, securing the network perimeter, securing infrastructure devices, security and DNS and IPv6 security. Video demonstrations are included to reinforce concepts.

Date: 2010

Training Purpose: Skill Development

Training Proficiency Area: Level 2 - Intermediate

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

CategorySpecialty AreaWork Roles
Analyze Threat Analysis Threat/Warning Analysis
Operate and Maintain Systems Administration Systems Administrator
Oversee and Govern Strategic Planning and Policy Cyber Policy and Strategy Planner
Protect and Defend Vulnerability Assessment and Management Vulnerability Assessment Analyst
+ Course Modules/Units
 
Introduction to Cybersecurity Policy
Types of Security Policy
Policy Education and Implementation
Cybersecurity Laws
Proposed Legislation
NIST Cybersecurity Standards
Other Cybersecurity Standards
Comprehensive National Cybersecurity Initiatives (CNCI)
Other Federal Cybersecurity Initiatives
Implementing Cybersecurity Initiatives
SPAM
Malware Trends
Botnets
Monetization
Cyber Attack Profiles
Cyber Crime
Cyberwarfare
Cyber Attack Attribution
Cyber Threat Mitigation
Mobile Device Trends
Mobile Device Threats
Mobile Device Countermeasures
Exploited Threats
What is Cloud Computing?
Technical Risks
Operational Risks
Risk Mitigation Strategies
DISA Cloud Solutions
RFID Introduction
RFID Threats
RFID Countermeasures
Exploited Threats
Introduction and MAC Address Monitoring
MAC Address Spoofing
Managing Traffic Flows
VLANs and Security
802.1x Port Authentication
Network Admission Control
Securing STP
Securing VLANs and VTP
Introduction and Edge Security Traffic Design
Blocking DoS and DDoS Traffic
Specialized Access Control Lists
Routers with Firewalls
Beyond Firewalls: Inspecting Layer 4 and Above
Securing Routing Protocols and Traffic Prioritization
Securing Against Single Point of Failures
Physical and Operating System Security
Management Traffic Security
Device Service Hardening
Securing Management Services
Device Access Hardening
Device Access Privileges
Name Resolution Introduction
Name Resolution and Security
DNS Cache
DNS Security Standards and TSIG
DNSSEC
Migrating to DNSSEC
Issues with Implementing DNSSEC 1
Issues with Implementing DNSSEC 2
IPv6 Concepts
IPv6 Threats
IPv6 Network Reconnaissance
DEMO: IPv6 Network Reconnaissance
IPv6 Network Recon Mitigation Strategies
IPv6 Network Mapping
DEMO: IPv6 Network Mapping
IPv6 Network Mapping Mitigation Strategies
IPv6 Neighbor Discovery
DEMO: IPv6 Address Assignment
IPv6 Attacks
DEMO: IPv6 Alive Hosts
DEMO: IPv6 Duplicate Address Detection (DAD)
DEMO: IPv6 DAD Denial of Services (DOS)
DEMO: IPv6 Fake Router Advertisement
DEMO: IPv6 Man-in-the-middle
IPv6 Attack Mitigation Strategies
IPv6 Tunneling
IPv6 Windows Teredo Tunneling
IPv6 Tunneling Mitigation Strategies
IPv6 Best Practices
FedRAMP — A Leader's Dashboard for Compliance (Professors in Practice Series)
Skill Level: Beginner  
+ Description
 

In this hour-long webinar National Defense University Professor Roxanne Everetts discusses some key leadership decisions around using Federal Risk and Authorization Management Program (FedRAMP) solutions. FedRAMP is a unique government cloud - it is a combination of cloud security, cybersecurity, and risk management.

Learning Objectives:

  • Explain FedRAMP and why Federal agencies use FedRAMP. (Hint: It's the law!)
  • Discuss knowledge key leaders need for cloud solutions, including: FedRAMP structure, how it helps, and how agencies can leverage it.
  • Describe the FedRAMP governing bodies.
  • Examine the roles of Cloud Service Providers (CSPs) and Third-Party Assessment Organizations (3PAOs) as FedRAMP participants.
  • Identify agency responsibilities, which include ensuring they have an Authority to Operate (ATO) letter on file with the FedRAMP Program Management Office (PMO).
  • Explore the FedRAMP Security Framework (SAF), based on the National Institute of Standards and Technology (NIST) Special Publication (SP) 800-37.
  • Use the FedRAMP Marketplace to find services that meet agency needs. Any service listed in the Marketplace meets federal security requirements and has already been authorized.

Date: 2020

Training Purpose: Management Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

CategorySpecialty AreaWork Roles
Oversee and Govern Cybersecurity Management Information Systems Security Manager
Oversee and Govern Executive Cyber Leadership Executive Cyber Leadership
Oversee and Govern Program/Project Management and Acquisition IT Investment/Portfolio Manager, IT Program Auditor, IT Project Manager, Product Support Manager, Program Manager
Oversee and Govern Strategic Planning and Policy Cyber Policy and Strategy Planner, Cyber Workforce Developer and Manager
Oversee and Govern Training, Education, and Awareness Cyber Instructional Curriculum Developer, Cyber Instructor
Operate and Maintain Network Services Network Operations Specialist
Operate and Maintain Systems Administration Systems Administrator
Operate and Maintain Systems Analysis Systems Security Analyst
Securely Provision Risk Management Authorizing Official/Designating Representative, Security Control Assessor
Securely Provision Systems Requirement Planning Systems Requirements Planner
+ Course Modules/Units
 
FedRAMP: A Leaders Dashboard for Compliance – with Professor Roxanne Everetts
2 Hours
 
Foundations of Cybersecurity for Managers
Skill Level: Beginner 
+ Description
 

This course is designed for managers and other stakeholders who may be involved in decision making that would include considerations for security in a cyber environment but do not have a strong technical background. Discussions focus on cybersecurity concepts and methodologies that are part of building a resilient cyber enterprise. This course explains how people and technology work together to protect mission-critical assets, and the frameworks leveraged to assess and apply security controls. Beginning with governance, laws, and regulations, the course progresses into threats to the environment and identifying corresponding controls and countermeasures, concluding with strategies for business continuity.

Learning Objectives:

  • Know key concepts of cybersecurity and its relation to the business mission.
  • Recall risk management strategies and related frameworks.
  • Identify how cloud services are leveraged and pros and cons of doing so.
  • Describe common threats, threat actor types, and mitigation techniques.

Date: 2020

Training Purpose: Skill Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

CategorySpecialty AreaWork Roles
Collect and Operate Cyber Operational Planning Cyber Ops Planner
Oversee and Govern Cybersecurity Management Information Systems Security Manager
Oversee and Govern Program/Project Management and Acquisition Program Manager
+ Course Modules/Units
 
Cybersecurity Introduction
Cybersecurity Workforce
Cybersecurity Governance
Cybersecurity Guidance Resources
Laws and Cybersecurity
Common Cyber Threats
Threat Actors
Cybersecurity and Mobile Devices
Security Controls
Security Tools and Measures
Introduction to Cloud Computing
Cloud Architectures and Deployment Models
Cloud Threats and Attacks
Cloud Security
Risk Management Overview
Incident Response and Digital Evidence Types
Risk and Planning Strategies
Foundations of Cybersecurity for Managers Exam
6 Hours
 
Fundamentals of Cyber Risk Management
Skill Level: Beginner  
+ Description
 

This course focuses on key concepts, issues, and considerations for managing risk. Discussions include identifying critical assets and operations, risk assessment and analysis methodologies, risk management frameworks, and how to determine threats to your business function, mitigation strategies, and response and recovery.

Learning Objectives:

  • Describe key concepts related to cyber risk management.
  • Detail risk assessment and analysis methodologies and frameworks.
  • Identify security controls and countermeasures to mitigate risks and support response and recovery.

Date: 2020

Training Purpose: Skill Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

CategorySpecialty AreaWork Roles
Oversee and Govern Cybersecurity Management Information Systems Security Manager
Protect and Defend Incident Response Cyber Defense Incident Responder
Securely Provision Risk Management Security Control Assessor
+ Course Modules/Units
 
Fundamentals of Cyber Risk Management Course Introduction
Risk Management Overview
Standards for Risk Management
OCTAVE
CERT Resilience Management Model Overview
Critical Assets and Operations
Threat Overview
Vulnerabilities
Threat Scenarios
Risk and Impact Analysis
Considerations for Responding to Risks
Risk Mitigation Strategies
Control Methods and Types of Security Controls
Administrative Controls
Selecting Security Controls
Security Control Assessment
Mitigation Strategy and Maintenance
Security Testing and Assessments
Incident Response Terms and Life Cycle
Incident Response Phase 1 of 6 - Preparation
Incident Response Phase 2 of 6 – Detection and Analysis
Incident Response Phase 3 of 6 – Containment
Incident Response Phases 4-5 of 6 – Eradication and Recovery
Incident Response Phase 6 of 6 – Lessons Learned
Business Continuity Plans and Procedures
Disaster Recovery Plans and Procedures
Fundamentals of Cyber Risk Management Exam
1 Hour
 
Incident Response 101
Skill Level: Beginner  
+ Description
 

This course focuses on cyberattacks, specifically compromises via ransomware. Implementing strategies to defend against attacks as well as preparations for response and recovery in the event of an incident is critical to an organization’s resilience. This course reviews malware types and vectors for compromise, common issues hindering an effective response, best practices for preparing and responding to an infection incident, and defensive measures to strengthen the cybersecurity posture.

Learning Objectives:

  • Identify the various types of disruptionware, vectors for compromise, and the impact of an infection on business operations.
  • Recognize the common problems that can hinder effective incident response and prevention activities.
  • Know the ordered steps in following documented incident reporting procedures including immediate actions and communication.
  • Explain the importance of defense-in-depth layered strategy for protecting the enterprise with examples of implementation.

Date: 2020

Training Purpose: Skill Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

CategorySpecialty AreaWork Roles
Oversee and Govern Cybersecurity Management Information Systems Security Manager
Protect and Defend Incident Response Cyber Defense Incident Responder
+ Course Modules/Units
 
Malware Attacks and Vectors of Compromise
Incident Response - Common Problems/Issues
Ransomware Immediate Infection Response
Incident Response Backups
Cyberattack Defensive Strategies
IR Course Exam
Introduction to Data Packet Analysis
Skill Level: Intermediate   
+ Description
 

This course orients analysts to the various types of information that can be found in packets, uses Wireshark as the packet capture and analysis tool, and explains why data available in packets can be affected by the location of the packet capture in the network environment.

+ Course Modules/Units
 
Introduction to Data Packet Analysis
Module 1.2: Wireshark Operation
Module 1.3: Analyzing Packets with Wireshark
Module 1.4: The Effect of Location on Packet Capture and Analysis
Module 1.5: What Wireshark Packet Analysis Can Reveal and What It Can't
11 Hours
 
ISACA Certified Information Security Manager (CISM) Prep
Skill Level: Intermediate  
+ Description
 

The self-study resource prepares learners for the CISM exam. This course focuses on information security management expertise through in-depth lecture topics, reinforcing demonstrations, and a practice exam. This course includes concepts from the four job practice areas: Information Security Governance, Information Risk Management and Compliance, Information Security Program Development and Management, and Information Security Incident Management.

Learning Objectives:

  • Explain how information security governance and supporting processes are used to align security strategy with organizational goals and objectives.
  • Detail strategies to manage risk to an acceptable level in support of organization goals and objectives.
  • Describe the information security program's role in the organization's security posture by managing and protecting assets while supporting goals.
  • Detail means to minimize the impact to operations in the event of a security incident through establishing detection, response, and recovery capabilities.

Date: 2015

Training Purpose: Skill Development

Training Proficiency Area: Level 2 - Intermediate

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

CategorySpecialty AreaWork Roles
Oversee and Govern Cybersecurity Management Information Systems Security Manager
Oversee and Govern Program/Project Management and Acquisition Program Manager
Operate and Maintain Systems Analysis Systems Security Analyst
Protect and Defend Vulnerability Assessment and Management Vulnerability Assessment Analyst
+ Course Modules/Units
 
CISM Course Introduction
IS Governance Domain Overview
Information Security (IS) Management
Importance of IS Governance Part 1 of 2
Importance of IS Governance Part 2 of 2
IS Management Metrics
ISM Strategy Part 1 of 2
ISM Strategy Part 2 of 2
Elements of IS Strategy
IS Action Plan for Strategy
DEMO: Key Goal, Risk, Performance Indicator
Risk Management Overview and Concepts
Risk Management Implementation
Risk Assessment: Models and Analysis
DEMO: Calculating Total Cost of Ownership
DEMO: Recovery Time Objective (RTO)
Compliance Enforcement
Risk Analysis: Threat Analysis
IS Controls and Countermeasures
Other Risk Management Considerations Part 1 of 2
Other Risk Management Considerations Part 2 of 2
DEMO: Cost Benefit Analysis
Information Security Program Development
Information Security Program Management
Outcomes of Effective Management
IS Security Program Development Concepts
Scope and Charter of IS Program Development
IS Management Framework
IS Framework Components
IS Program Roadmap
Organizational Roles and Responsibilities
Information Security Manager Responsibilities
Other Roles and Responsibilities in IS
Information Security Program Resources
IS Personnel Roles and Responsibilities
IS Program Implementation Part 1 of 2
IS Program Implementation Part 2 of 2
Implementing IS Security Management Part 1 of 2
Implementing IS Security Management Part 2 of 2
Measuring IS Management Performance
Common Challenges to IS Management
Determining the State of IS Management
Incident Management and Response
Incident Management Part 1 of 2
Incident Management Part 2 of 2
IMT IRT Members
Incident Response Planning Part 1 of 2
Incident Response Planning Part 2 of 2
DEMO: Phishing Emails
DEMO: Incident Management Workflow
Recovery Planning Part 1 of 2
Recovery Planning Part 2 of 2
DEMO: RTIR Incident Response Tool Part 1 of 2
DEMO: RTIR Incident Response Tool Part 2 of 2
CISM Practice Exam
11 Hours
 
(ISC)2 (TM) CAP Certification Prep Self Study 2014
Skill Level: Intermediate 
+ Description
 

This course prepares learners for the Information Security Certification (ISC)2 Certified Authorization Professional (CAP) certification exam. This course focuses on the process of authorizing and maintaining information systems. Topics include understanding the Risk Management Framework (RMF), selection, implementation, and monitoring of security controls as well as the categorization of information systems. A practice exam is included.

Learning Objectives:

  • Provide a review of the 7 (ISC)2 CAP domains.
  • Supplemental preparation for the (ISC)2 CAP certification exam.

Date: 2014

Training Purpose: Skill Development

Training Proficiency Area: Level 2 - Intermediate

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

CategorySpecialty AreaWork Roles
Oversee and Govern Cybersecurity Management Information Systems Security Manager
Protect and Defend Incident Response Cyber Defense Incident Responder
Protect and Defend Vulnerability Assessment and Management Vulnerability Assessment Analyst
+ Course Modules/Units
 
CAP Course Introduction
Risk Management Approach to Security Authorization
Risk Management Framework Steps
Risk Management Framework Phases
RMF Roles and Responsibilities
Organization Wide Risk Management
Managing Risk
Assessor Independence and External Environments
System Development Life Cycle
Alignment of RMF with SDLC Review
RMF Legal and Regulatory Requirements
NIST Publications
Continuous Monitoring Strategies
RMF Guidance Review
Defining Categorization
Categorization Examples
Categorization Process
Security Plans and Registration
Categorize
Selection Step Tasks
Selection Step Definitions
Security Controls Guidance
Privacy and Security Controls
Control Selection and Supplemental Guidance
Tailoring Security Controls
Control Assurance and Monitoring
Control Assurance and Monitoring - Continued
Select
Implementing Security Controls Overview
Integrating Implementation
Implement
Preparing for Control Assessments
Conducting Control Assessments
Security Assessment Report
Remediation Actions and Process Review
Assess
Authorization Documentation
Risk Determination and Acceptance Part 1 of 3
Risk Determination and Acceptance Part 2 of 3
Risk Determination and Acceptance Part 3 of 3
Authorization Decisions
Prioritized Risk Mitigation and Authorization Review
Authorize
Assessments and Configuration Management
Ongoing Security Control Assessments
Monitor
CAP Certification Prep Practice Exam
22.5 Hours
 
(ISC)2 (TM) CISSP (R) Certification Prep 2018
Skill Level: Advanced  
+ Description
 

This course prepares learners for the CISSP certification exam. This course focuses on the information security field, exam objectives, and the eight domains upon which the exam is based. This course includes reinforcing video demonstrations and a final practice exam.

Learning Objectives:

  • Explain and apply concepts to design, implement, and manage secure cyber operations.
  • Develop, document, and implement security policy, standards, procedures, and guidelines.
  • Apply risk management concepts.

Date: 2019

Training Purpose: Management Development

Training Proficiency Area: Level 3 - Advanced

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

CategorySpecialty AreaWork Roles
Operate and Maintain Network Services Network Operations Specialist
Oversee and Govern Strategic Planning and Policy Cyber Policy and Strategy Planner
Securely Provision Systems Architecture Enterprise Architecture
+ Course Modules/Units
 
CISSP Course Introduction
Security and Risk Management Concepts
Regulatory Compliance and Frameworks
Organizational Privacy Responsibilities
Acquisition Strategies
Computer Crime and Incident Response
International Laws Pertaining to Security
Legal Regulations and Privacy
(ISC)2 Code of Ethics and Ethic Bases
Legal Regulations and Ethics
Policy and Components Overview
BC and DR Initiation and Management
BCP Business Impact Analysis
Vendor Management
System Threats and Countermeasures
Risk Assessment and Countermeasures
Access Control Types
RMF Security Control Assessment Process
Conducting Security Control Assessments
Security Assessment Report
Asset Valuation
Threat Modeling and Reduction Analysis
Security Awareness and Training
DEMO: Security Policy Review
Data Classification
Data Ownership and Retention
Privacy Protection and Data Governance
Security Control Application and Tailoring
Security Control Selection
Data Protection Method (DLP)
Secure Design Principles
Secure Design Standards and Models
Database System
Key Crypto Concepts and Definitions
Securing ICS and SCADA Systems
Industrial Control System Security
DEMO: SCADA Honeynet
Cloud Computing
Cloud Computing Security Issues
Distributed Systems
Parallel and Distributed Systems Security Issues
Internet of Things
Assess and Mitigate Vulnerabilities in Mobile Systems
Cryptographic Lifecycle
Cryptographic Methods
Symmetric Ciphers
Asymmetric Ciphers
Public Key Infrastructure (PKI)
Key Management Practices
Digital Signatures
Hashes and Other Integrity Controls
Salting Hashes
Methods of Cryptanalytic Attacks
Digital Rights Management
Site and Facility Design Criteria
Physical Security Controls
Physical and Environmental Threats
OSI and TCP/IP Models
Telecom and NW Security Layer 1
Telecom and NW Security Layer 2
Telecom and NW Security Layer 3
Telecom and NW Security Layer 4 and 5
Telecom and NW Security Layer 6 and 7
Multilayer and Converged Protocols
Mobile and Wireless Security
Content Distribution Networks
Implementing and Using Remote Access
Virtualization
Access Control Technologies
Access Control Types
Access Control System Strategies
Building Access Control
Operations Area Access Control
Credential Management Systems
Third-Party Identification Service
Cloud Identity
Data Authorization Mechanisms
Rule-Based Access Control
Audit and Assurance Mechanisms
Synthetic Transactions
Code Review and Testing
Misuse Case Testing
Test Coverage Analysis
Interface Testing
Security Audits and Agreements
Digital Investigation and Evidence Analysis
Legal System Investigation Types
Electronic Discovery
Intrusion Detection and Prevention
Continuous Monitoring
Egress Monitoring
Security Operations Concepts
Security Operations Incident Management
Managing Security Services Effectively
DEMO: Whitelisting and Blacklisting
Security Operations Resource Protection
Disaster Recovery Strategy
Maintaining Operational Resilience
Managing Recovery Communications
Test Disaster Recovery Plans (DRP)
Security Education Training and Awareness
Perimeter Security
Perimeter Intrusion Detection
Biometrics and Authentication Accountability
Personnel Privacy and Safety
DEMO: Intro to Dshell Toolkit
SDLC Phases
Software Development Models
System Security Protections and Controls
Agile Development Models
Maturity Models
Integrated Product Teams
Security Environment and Controls
SW Development Security and Malware
Impact of Acquired Software
DEMO: Automated Code Review
CISSP Practice Exam
7 Hours
 
(ISC)2 (TM) CISSP Concentration: ISSEP Prep
Skill Level: Advanced  
+ Description
 

This course is focused on applying security and systems engineering principles into business functions. This self-study prep course is designed to help learners prepare for the specialized Information Systems Security Engineering Professional (ISSEP) certification exam. The topics in the course cover the five domain areas of the CISSP-ISSEP.

Learning Objectives:

  • Incorporate security into business processes and information systems.
  • Demonstrate subject matter expertise in security engineering.
  • Apply engineering principles into business functions.

Date: 2018

Training Purpose: Skill Development

Training Proficiency Area: Level 3 - Advanced

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

CategorySpecialty AreaWork Roles
Collect and Operate Cyber Operational Planning Cyber Ops Planner
Operate and Maintain Systems Analysis Systems Security Analyst
Oversee and Govern Cybersecurity Management Information Systems Security Manager
+ Course Modules/Units
 
ISSEP Course Introduction
ISSE Responsibilities and Principles
ISSE and IATF
Security Design Principles
Elements of Defense in Depth
RMF Characteristics
Maintaining Operational Resilience
Risk Management Overview
Assessing Risk Part 1 of 2
Assessing Risk Part 2 of 2
Determining Risks
Categorizing Information Systems
Stakeholder Roles and Responsibilities
Requirements Analysis
Using Common and Tailored Controls
Assessing Security Controls
Implementing Security Controls
Authorizing Information Systems
Systems Verification and Validation
Monitor, Manage, and Decommissioning
Defense Acquisition System Overview
Acquisitions Process
System Development Process Models
Project Processes
Project Management
ISSEP Practice Exam
12.5 Hours
 
(ISC)2 (TM) CISSP:ISSMP Prep 2018
Skill Level: Advanced
+ Description
 

This course is intended for individuals with strong management and leadership skills and interested in focusing on establishing, presenting, and governing information security programs. This self-study prep course reviews the six common body of knowledge domains for the Information Security System Management Professional (CISSP-ISSMP) certification exam.

Learning Objectives:

  • Demonstrate ability to apply leadership and management skills to manage an organization information security program.
  • Apply the security lifecycle management processes and principles into the system Development lifecycles.
  • Apply contingency management practices to plan and implement processes to reduce the impact of adverse events.

Date: 2018

Training Purpose: Management Development

Training Proficiency Area: Level 3 - Advanced

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

CategorySpecialty AreaWork Roles
Oversee and Govern Cybersecurity Management Information Systems Security Manager
Oversee and Govern Strategic Planning and Policy Cyber Policy and Strategy Planner
+ Course Modules/Units
 
ISSMP Course Introduction
Security’s Role - Culture, Vision and Mission
Security’s Role – Management, Support and Commitment
Security’s Role – Board of Dir, Steering Committee
Security Role – IT, HR and Legal
Security’s Role – Strategic Alignment
IS Governance Defined
IS Governance Goals Part 1 of 2
IS Governance Goals Part 2 of 2
Importance of IS Governance
Information Security Strategies
Data Classification and Privacy
Threats to Data Privacy
Data Classification and Privacy Implementations
Security Policy Framework and Lifecycle
Security Requirements in Contracts and Agreements
Security Awareness and Training Programs
Managing the Security Organization
Security Metrics
Security Metrics Indicators
Integrating Project Management with SDLC
System Development Life Cycle (SDLC)
Systems Engineering (CMM)
Vulnerability Management and Security Controls
Service Oriented Architecture Controls
Oversee System Security Testing
Managing Change Control
Risk Management
Risk Management – Threats and Vulnerabilities
Risk Management – Risk Assessments
Calculating Risks
Mitigating Risks
Cyber Threat Intelligence
Detection of Attack Sources
Discovery Challenges and Escalation
DEMO: Escalating Event to Incident
Common Attack Vectors
Root Cause and Investigation
Incident Management Concepts
Incident Management Process
Incident Management Classification
Financial Impact of Incidents
Investigation and Forensic Evidence
Investigations, IH and Response
DEMO: Ditigal Forensics Investigation
Security Compliance Frameworks
Auditing Introduction and Preparation
Evidence Reporting and Auditors
Exception Management
Continuity and Disaster Recovery Planning
Understanding the Business
Insurance
Critical Processes Recovery Objectives
Recovery Obligation Considerations
BCM Site and IT Strategies
Personnel and Recommended Strategies
Design and Testing BCP and COOP
Implementing Continuity and Recovery Plans
Intellectual Property and Licensing
(ISC)2 Code of Ethics
DEMO: Verification and Quality Control
Audit Planning Process
ISSMP Self Study Practice Exam
A Leader's Approach to Assessment & Authorization (A&A) (Professors in Practice Series)
Skill Level: Beginner 
+ Description
 

This hour-long webinar recorded on July 31, 2020 features National Defense University Professor Mark Duke discussing some key leadership decisions when assessing and authorizing systems. The Assessment & Authorization (A&A) process is a comprehensive assessment of policies, technical and non-technical security components, and a system's technical controls followed by leadership agreement that the system meets adequate risk levels before the system is authorized to go into full production.

Learning Objectives:

  • Explain why we have to do Assessment & Authorization.
  • Explain Roles & Responsibilities of Assessment & Authorization.
  • Introduce seven major components of Assessment & Authorization.
  • Establish Authorization Boundaries.
  • Introduce Assessment Scanning Tools.
  • Explain the Role of Security Technical Implementation Guides (STIGs) as potential criteria for Assessment activities.

Date: 2020

Training Purpose: Skill Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

CategorySpecialty AreaWork Roles
Oversee and Govern Cybersecurity Management Information Systems Security Manager
Oversee and Govern Executive Cyber Leadership Executive Cyber Leadership
Oversee and Govern Program/Project Management and Acquisition IT Investment/Portfolio Manager, IT Program Auditor, IT Project Manager, Product Support Manager, Program Manager
Oversee and Govern Strategic Planning and Policy Cyber Policy and Strategy Planner, Cyber Workforce Developer and Manager
Oversee and Govern Training, Education, and Awareness Cyber Instructional Curriculum Developer, Cyber Instructor
Securely Provision Risk Management Authorizing Official/Designating Representative, Security Control Assessor
Securely Provision Systems Requirement Planning Systems Requirements Planner
Securely Provision Systems Architecture Enterprise Architect, Security Architect
+ Course Modules/Units
 
A Leader's Approach to Assessment an Authorization (A&A) – with Professor Mark Duke
8.5 Hours
 
Managing Computer Security Incident Response Teams (CSIRTs)
Skill Level: Intermediate 
+ Description
 

This course focuses on the type and nature of work the CSIRTs may be expected to handle. It provides an overview of the incident response field, including the nature of incident response activities and an overview of the incident handling processes. The course focuses on foundation material, staffing issues, incident management processes, and other issues such as working with law enforcement, insider threat, and publishing information.

Learning Objectives:

  • Provide an overview of the incident response arena, the nature of incident response activities, and incident handling processes.
  • Guide learners to understand technical issues from a management perspective, problems and pitfalls to avoid, and best practices where applicable.
  • Emphasize the importance of CSIRT management predefined policies and procedures.
  • Discuss what is needed to operate an effective CSIRT.

Date: 2020

Training Purpose: Management Development

Training Proficiency Area: Level 2 - Intermediate

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

CategorySpecialty AreaWork Roles
Analyze All-Source Analysis All-Source Analyst
Oversee and Govern Cybersecurity Management Information Systems Security Manager
+ Course Modules/Units
 
Managing CSIRTS Introduction
CSIRT Management Issues
CSIRT Environment Introduction Part 1 of 2
CSIRT Environment Introduction Part 2 of 2
Formalization of Incident Management
The Incident Handling Process
CSIRT Environment Terms
The Incident Handling Roles and Responsibilities
CSIRT Environment Summary
CSIRT Environment Resources and Summary
CSIRT Staffing
How to Grow & Retain Staff
CSIRT Code of Conduct Part 1 of 2
CSIRT Code of Conduct Part 2 of 2
Media Issues Part 1 of 2
Media Issues Part 2 of 2
Managing the CSIRT Infrastructure Components
Data Security
Physical Security
Equipment for CSIRT Staff
Network and Systems for CSIRT Staff
CSIRT Tools
Incident Management Processes Introduction
IM Processes: Prepare, Sustain, and Improve
IM Processes: Protect Infrastructure
IM Processes: Detect
Situational Awareness
Network and System Monitoring
Critical Information
IM Process: Triage
Triage Activities
IM Process: Response
Response Actions
Response Process Issues
Handling Major Events Part 1 of 2
Handling Major Events Part 2 of 2
Building a Crisis Communication Plan
Publishing Information
Publishing Document Types
Information Sharing
Publishing Information Summary
General Guidance for Measuring and Evaluating
Types of Evaluations
Building a Quality Assurance Framework
Issues to Consider in Your Framework
Resources for Building an Assurance Framework
What Is Insider Threat?
Types of Insider Threat Activities
Malicious Insider Activity Examples
How Bad Is Insider Threat?
CERT Insider Threat Research
Insider Threat Mitigation
Mitigation Security Controls and Practices
Insider Threat Summary
Working with Law Enforcement Part 1 of 2
Working with Law Enforcement Part 2 of 2
Managing CSIRTs Wrap-Up
Video [CSIRTs Resource Overview] (required)
1.5 Hours
 
Measuring What Matters: Security Metrics Workshop
Skill Level: Beginner  
+ Description
 

This workshop focuses on how to measure the right things in order to make informed management decisions, take the appropriate actions, and change behaviors. But how do managers figure out what those right things are? Public and private organizations today often base cyber risk management decisions on fear, uncertainty, and doubt (FUD), and the latest attack. The Measuring What Matters: Security Metrics Workshop, the learner will learn how to refine a strategic or business objective that meets that S.M.A.R.T.E.R. criteria: Specific, Measurable, Achievable, Relevant, Time-bound, Evaluated, Reviewed, and can be used to initiate the Goal - Question - Indicator - Metric (GQIM) process.

Learning Objectives:

  • Identify a core set of business goals, based on the business objective, to which the cybersecurity risk measurement program will be applied.
  • Formulate one or more key questions for each business goal, and use them to help determine the extent to which the goal is being achieved.
  • Identify one or more indicators for each business goal key question.
  • Identify one or more metrics for each indicator that most directly inform the answer to one or more questions.

Date: 2020

Training Purpose: Skill Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

CategorySpecialty AreaWork Roles
Collect and Operate Cyber Operational Planning Cyber Ops Planner
Oversee and Govern Cybersecurity Management Information Systems Security Manager
Securely Provision Risk Management Security Control Assessor
+ Course Modules/Units
 
Measuring What Matters Course Introduction
Why Measure?
Measurement Defined
GQIM Overview
Selecting Business Objectives
Objectives to Goals
Goals to Question
Questions to Indicators
Indicators to Metrics
The Big Picture: Putting It All in Context
Validate Current Questions or Metrics
Getting Started with GQIM
Appendix Cybersecurity Metrics Template
GQIM Process Template
Migration and Security Strategies for FedRAMP Cloud Computing
Skill Level: Intermediate  
+ Description
 

The Migration and Security Strategies for FedRAMP Cloud Computing course is designed to introduce students to the structure and employment of cloud computing using the Federal Risk and Authorization Management Program, or FedRAMP. Topics include cloud computing architecture, FedRAMP structure and roles, FedRAMP security implementations, and FedRAMP-approved cloud deployment options.

Learning Objectives:

  • Describe the three major deployment models for cloud computing
  • Discuss cybersecurity issues related to cloud computing
  • Explain the authority, structure, and roles of major parties that make up FedRAMP
  • Explain how Cloud Service Providers (CSPs) and FedRAMP processes work to meet federal security requirements
  • Describe how the FedRAMP framework of "do once, use many times" allows government agencies to reuse previously-approved security documents and structures to simplify data deployments to the cloud
  • Describe how FedRAMP processes enable a second agency to use a previously approved CSP.
  • Identify how FedRAMP processes map to and are designed to assure compliance with applicable standards outlined by the National Institute for Standards and Technology (NIST) in its Special Publications 800 series of documents.

Date: 2021

Training Purpose: Management Development

Training Proficiency Area: Level 2 - Intermediate

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

CategorySpecialty AreaWork Roles
Securely Provision Risk Management Authorizing Official/Designating Representative
Securely Provision Systems Architecture Enterprise Architect, Security Architect
Securely Provision Systems Requirements Planning Systems Requirements Planner
Securely Provision Test and Evaluation System Testing and Evaluation Specialist
Oversee and Govern Cybersecurity Management Information Systems Security Manager
Protect and Defend Incident Response Cyber Defense Incident Responder
+ Course Modules/Units
 
Cloud Security Through FedRAMP
The FedRAMP Authorization Process
FedRAMP Security Assessment Framework (SAF)
22 Hours
 
Mobile and Device Security (2015)
Skill Level: Beginner  
+ Description
 

This course focuses on mobile devices, how they operate, and their security implications. This course includes topics such as signaling types, application stores, managing mobile devices, and emerging trends and security and privacy concerns with social media.

Learning Objectives:

  • Discover mobile device technology components and architectures and how to properly secure them.
  • Examine historical and current threats to mobile devices and methods for remediating against them.
  • Establish best practices and procedures for performing mobile device forensic investigations.

Date: 2015

Training Purpose: Skill Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

CategorySpecialty AreaWork Roles
Investigate Digital Forensics Cyber Defense Forensics Analyst
Operate and Maintain Customer Service and Technical Support Technical Support Specialist
Operate and Maintain Systems Analysis Systems Security Analyst
Oversee and Govern Legal Advice and Advocacy Privacy Officer/Privacy Compliance Manager
+ Course Modules/Units
 
Mobile Security Course Introduction
Cellular Network Generations
Network Standards Introduction
CDMA TDMA and GSM Introduction
GPRS Edge and UMTS Introduction
Additional Network Standards
Bluetooth and Wi-Fi
Cellular Network Components
Mobile Switching Center Database
Authentication and Government Standards
4G LTE
Mobile Device Components
Mobile Device Operating Systems
Android Customization
Wireless Technology Introduction
WiFi Standards
Wi-Fi Standards : 802.11ac
WiFi Types
Wireless Fidelity Part 2
WiFi Channels and SSIDs
WiFi Signals and Hardware
Bluetooth
WiMAX
Additional Standards
Near Field Communication
Introduction to Threats
Lost and Stolen Devices
Additional Device-Level Threats
Near Field Communications and Mobile Threats
Application-Level Threats
Rogue Applications
Network-Level Threats
Pineapple Router
Malicious Hotspot
Malicious Use Threats
Mobile Hacking Tools
Mobile Device Security Introduction
Mobile Device Security Introduction Cont.
Android Introduction
Android Security
Android Application Security
Google Android OS Features
Installing Antivirus
iOS Security Model and Platform
iOS Application Security
Jailbreaking iOS
iOS Application Security Cont.
Apple iOS Update Part 1 of 2
Apple iOS Update Part 2 of 2
Windows Phone Security Model and Platform
Windows Implementation and Application Security
Windows Phone Update
WiFi Security
WiMax and Bluetooth
Bluetooth Attack
Protecting Data
Encryption
Android Encryption
iOS Encryption
Email Security
Android and iOS Email Security
Windows Email Security
iOS Hardening
iOS Hardening Cont
Blackberry Hardening
Android Hardening
Android Hardening Cont.
Windows Phone Hardening
Windows Phone Password and Cookies
Windows Phone Wi-Fi
Windows Phone - Find, Wipe, and Backup
Device Security Policies
Exchange and BES
Mobile Device Management
Mobile Device Management Cont.
McAfee Mobility Management
Forensics Overview
Forensics Role and Framework
Device Identification
Device Identification Cont.
Network Data
Network Data Cont.
Preservation
Preservation Cont.
Acquisition
Acquisition Cont.
Device Specific Acquisition
Hashing
Hashing Cont.
Analysis
Archiving and Reporting
Cellebrite
Forensics Demonstration
XRY/XACT
Oxygen and CellXtract
Paraben and MOBILedit!
Additional Methods
Subscriber Data
Benefits of Social Media
Risks of Social Media
Liabilities Associated with Social Media
Social Media Controls
Emerging Trends
Emerging Trends Cont.
New Technologies in Mobile Devices
Mobile Devices and the Cloud
Mobile Security Course Quiz
Mothra 101
Skill Level: Beginner    
+ Description
 

At the end of this course, participants will be able to

  • list the characteristics that distinguish Mothra from SiLK,
  • identify the major architectural features of Mothra,
  • describe how analysis can be performed in Mothra, and
  • discuss the advantages of using a Jupyter Notebook for collaborative analysis.
+ Course Modules/Units
 
Module 1: Mothra 101 - Introduction
Module 2: Mothra Architecture and Design
Module 3: Analysis with Mothra
Module 4: Demo of Spark with Mothra
4 Hours
 
Overview of Creating and Managing Computer Security Incident Response Teams (CSIRTs)
Skill Level: Beginner  
+ Description
 

This course focuses on what is needed to create and operate a Computer Security Incident Response Team (CSIRT). The intended audience is individuals tasked with creating a CSIRT and those who may be new to CSIRT issues and processes. Objectives within the course include the benefits and limitations of a CSIRT, CSIRT requirements, services, common policies and procedures, and operational best practices. Previous incident handling experience is not required to partake in this course.

Learning Objectives:

  • Identify managerial, organizational, procedural, and operational issues regarding the CSIRT role and function.
  • Describe the issues involved with creating and operating a CSIRT.
  • Discuss specific topics regarding CSIRT benefits and limitations, requirements and framework, services, policies and procedures, and operational best practices.

Date: 2020

Training Purpose: Skill Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

CategorySpecialty AreaWork Roles
Analyze Threat Analysis Threat/Warning Analyst
Oversee and Govern Cybersecurity Management Communications Security Manager
Protect and Defend Incident Response Cyber Defense Incident Responder
Protect and Defend Cyber Defense Analysis Cyber Defense Analyst
+ Course Modules/Units
 
Creating and Managing CSIRTS Introduction
Defining the Problem
Defining Incident Management
Effective Incident Management Processes
Defining Terms Used Throughout the Course
Institutionalizing IM Capabilities
Incident Handling Terms Used Throughout the Course
Defining CSIRTs
Creating an Effective CSIRT
Building a CSIRT: Action Plan Part 1 of 2
Building a CSIRT: Action Plan Part 2 of 2
Building a CSIRT: Where to Begin
Lessons Learned and Team Maturity
CSIRT Components
CSIRT Organizational Models Part 1 of 2
CSIRT Organizational Models Part 2 of 2
CSIRT Policies and Procedures
CSIRT Staffing and Hiring
CSIRT Facilities and Infrastructure
Incident Management Processes Overview
IM Process: Prepare, Sustain, and Improve
IM Process: Protect Infrastructure
IM Process: Detect Events
IM Process: Triage Events
IM Process: Triage Best Practices
IM Process: Respond
IM Process: Respond Issues
IM Process: Best Practices
Creating and Managing CSIRTs Summary
Creating and Managing CSIRTs Resources
Pure Data for Traffic Analysts
Skill Level: Beginner   
+ Description
 This course covers tables, basic search methods, tips, scripting, working across tables and queries.
+ Course Modules/Units
 
Module 1: Introduction
Module 2: Tables
Module 3: Basic Search
Module 4: Tips
Module 5: Scripting
Module 6: Working Across Databases
Module 7: Comp Queries and Temp. Tables
1 Hour
 
Risk Management Framework for Leaders (Professors in Practice Series)
Skill Level: Beginner 
+ Description
 

This webinar recorded on July 10, 2020 features National Defense University Professor Mark Duke discussing key leadership decisions to implement the NIST Risk Management Framework (RMF). The RMF is a risk-based approach to implement security within an existing enterprise - it is leadership’s responsibility to ensure adequate and effective system security.

Learning Objectives:

  • How to prepare your component or organization to initiate the RMF.
  • How to define, understand, and manage risk to your Information Systems by identifying your threats and vulnerabilities.
  • Understand the link to the RMF with Supply Chain Risk Management (SCRM) and the Software Development Life Cycle (SDLC).
  • Understand the new "Prepare" step of the National Institute of Standards and Technology (NIST) Special Publication (SP) 800-37 v2 RMF.
  • Explain managers’ roles and involvement in each step of the RMF.

Date: 2020

Training Purpose: Skill Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

CategorySpecialty AreaWork Roles
Oversee and Govern Cybersecurity Management Information Systems Security Manager
Oversee and Govern Executive Cyber Leadership Executive Cyber Leadership
Oversee and Govern Program/Project Management and Acquisition IT Investment/Portfolio Manager, IT Program Auditor, IT Project Manager, Product Support Manager, Program Manager
Oversee and Govern Strategic Planning and Policy Cyber Policy and Strategy Planner, Cyber Workforce Developer and Manager
Oversee and Govern Training, Education, and Awareness Cyber Instructional Curriculum Developer, Cyber Instructor
Securely Provision Risk Management Authorizing Official/Designating Representative, Security Control Assessor
Securely Provision Systems Architecture Enterprise Architect, Security Architect
Securely Provision Systems Requirement Planning Systems Requirements Planner
+ Course Modules/Units
 
Risk Management Framework for Leaders – with Professor Mark Duke
1 Hours
 
Securing Internet- Accessible Systems
Skill Level: Beginner   
+ Description
 

This course focuses on Internet-accessible systems or "Internet of Things" (IoT). Each of these systems and devices can be targeted by threat actors and used to conduct malicious activity if they are unsecured, or worse, these systems can leave vulnerabilities and sensitive information open to exploitation if not properly configured and maintained. This course explains the vulnerabilities of internet-accessible systems and how to prepare for, mitigate, and respond to a potential attack. This course provides key knowledge to inform organizational awareness of internet-accessible system attacks as well as best practices that minimize the likelihood of a successful attack and enable effective response and recovery if an attack occurs.

This webinar is accessible to non-technical learners including managers and business leaders and offers an organizational perspective useful to technical specialists.

Learning Objectives
Enable learners to better defend their internet-accessible systems through awareness of common vulnerabilities, best practices, CISA guidance, and resources:

  • Define Internet-Accessible Systems and common vulnerabilities
  • Explain cyber hygiene best practices that prevent attacks.
  • Understand the impacts of real-life cyberattacks and what an effective organizational response looks like.
  • Learn steps to identify, mitigate, and recover from Internet-Accessible System attacks.

Date: 2020

Training Purpose: Skill Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

CategorySpecialty AreaWork Roles
Operate and Maintain Data Administration Data Analyst, Database Administrator
Operate and Maintain Systems Administration Systems Administrator
Operate and Maintain Systems Analysis Systems Security Analyst
Oversee and Govern Cybersecurity Management Communications Security Manager; Information Systems Security Manager
Oversee and Govern Program Management and Acquisition IT Investment Manager, IT Program Auditor, IT Project Manager, Product Support Manager, Program Manager
Oversee and Govern Strategic Planning and Policy Cyber Policy and Strategy Planner; Cyber Workforce Developer and Manager
Protect and Defend Cyber Defense Infrastructure Support Cyber Defense Infrastructure Support Specialist
Protect and Defend Incident Response Cyber Defense Incident Responder
Protect and Defend Vulnerability Assessment and Management Vulnerability Assessment Analyst
Securely Provision Risk Management Authorizing Official/Designating Representative; Security Control Assessor
Securely Provision System Requirements Planning System Requirements Planner
+ Course Modules/Units
 
Securing Internet- Accessible Systems
Sensors 101 for Traffic Analysts
Skill Level: Beginner    
+ Description
 

At the end of this course, participants will be able to:

  • List several types of sensors in use on modern computer networks
  • Identify what fields and information are available in the data from each type of sensor
  • Characterize some of the analysis of data from each type of sensor
  • Discuss potential issues with the use of data from each type of sensor, and how to deal with the issues in analysis
+ Course Modules/Units
 
Sensors 101 for Traffic Analysts - Introduction
Sensors 101 for Traffic Analysts - Module 2: Packet Sensors
Sensors 101 for Traffic Analysts - Module 3: Alert Sensors
Sensors 101 for Traffic Analysts - Module 4: Flow Sensors
Sensors 101 for Traffic Analysts - Module 5: Enhanced Flow Sensors
Sensors 101 for Traffic Analysts - Module 6: Application-Level Sensors
Sensors 101 for Traffic Analysts - Module 7: Other Sensors
7 Hours
 
SiLK Traffic Analysis
Skill Level: Intermediate 
+ Description
 

This course is designed for analysts involved in daily response to potential cybersecurity incidents, and who have access to the Einstein environment. The course begins with an overview of network flow and how the SiLK tools collect and store data. The next session focuses specifically on the Einstein environment. The basic SiLK tools are covered next, giving the analyst the ability to create simple analyses of network flow. Advanced SiLK tools follow and cover how to create efficient and complex queries. The course culminates with a lab where learners use their new skills to profile a network.

Learning Objectives:

  • Use of the SiLK network flow analysis tool suite to perform tasks such as querying for records related to a specific incident or indicator, creating sets of indicators for batch analysis, and leveraging network flow to provide basic network situational awareness.

Date: 2013

Training Purpose: Skill Development

Training Proficiency Area: Level 2 - Intermediate

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

CategorySpecialty AreaWork Roles
Oversee and Govern Cybersecurity Management Information Systems Security Manager
Protect and Defend Cyber Defense Infrastructure Support Cyber Defense Infrastructure Support Specialist
Protect and Defend Vulnerability Assessment and Management Vulnerability Assessment Analyst
+ Course Modules/Units
 
Introduction to SiLK
iSiLK
What is Network Flow?
Interpreting SiLK Network Flow
SiLK Flows
SiLK Traffic Analysis Quiz 1
The SiLK Repository
Basic SiLK Tools
SiLK Traffic Analysis Quiz 2
rwfilter
rwfilter Examples
rwfilter Demo
rwfilter Continued
SiLK Traffic Analysis Quiz 3
rwcount
rwcount Demo
rwstats
rwstats Demo 1
rwstats Continued 1
rwstats Demo 2
rwstats Continued 2
rwuniq
SiLK Traffic Analysis Quiz 4
PySiLK
Python Expressions and SilkPython
SiLK Traffic Analysis Quiz 5
IP Sets
Bags
SiLK Traffic Analysis Quiz 6
Prefix Maps
Tupples
SiLK Traffic Analysis Quiz 7
rwgroup
rwmatch
SiLK File Utilities
IPv6 in SiLK
SiLK Traffic Analysis Quiz 8
Network Profiling Introduction
10 Hours
 
Software Assurance Executive Course (SAE)
Skill Level: Intermediate 
+ Description
 

This course is designed for executives and managers who wish to learn more about software assurance as it relates to acquisition and development. The purpose of this course is to expose participants to concepts and resources available now for their use to address software security assurance across the acquisition and development life cycles.

Learning Objectives:

  • Understanding of software assurance practices and challenges.
  • Advice for organizations and the future of software assurance.
  • Understanding of software supply chain risk management.
  • Awareness of agile methods and adopting software trustworthiness.

Date: 2013

Training Purpose: Skill Development

Training Proficiency Area: Level 2 - Intermediate

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

CategorySpecialty AreaWork Roles
Oversee and Govern Cybersecurity Management Cybersecurity Manager
Oversee and Govern Executive Cyber Leadership Executive Cyber Leader
Securely Provision Software Development Software Developer
+ Course Modules/Units
 
Interview with William Scherlis: Introduction and Background
Software Assurance Challenges
Encouraging Adoption of Software Assurance Practices Through People and Incentives
The Path Toward Software Assurance: Advice for Organizations
Learning from Failure
The Future of Software Assurance
Introduction, Current Software Assurance Activities by DHS, and Current SW Assurance Environment
Managing Risks in a Connected World
A Need for Diagnostic Capabilities and Standards
Changing Behavior: Resources
Establishing a Foundation for Software Assurance
Conclusion: The Rugged Manifesto and Challenge
Introduction to Software Assurance
Software Assurance Landscape
Software Assurance Principles
Current Software Realities
Introduction to Software Assurance, Part 2
Building Security In
Microsoft Secure Development Lifecycle (MS SDL)
Requirements Engineering
Security Requirements Methods
Threat Modeling: STRIDE (used by Microsoft)
Industry Case Study in Threat Modeling: Ford Motor Company
Topic Summary
Creating and Selling the Security Development Lifecycle (SDL)
Managing the Process
Making a Difference
Introduction and Key Components of Agile Development
Traditional & Agile Acquisition Life Cycles
Common Agile Methods and Scrum - the Most Adopted Agile Method
Challenges to Agile Adoption
Suggestions for Successful Use of Agile Methods in DHS Acquisition
Agile Summary
Software Assurance, Introduction to Part 3: Mission Assurance
What Does Mission Failure Look Like?
Mission Thread Analysis for Assurance
Applying Mission Thread Analysis Example 1
Applying Mission Thread Analysis Example 2
Applying Mission Thread Analysis
Software Assurance, Introduction to Part 4: SwA for Acquisition
Software Supply Chain Challenges
Supply Chain Risk Mitigations for Products
System Supply Chains
SCRM Standards
Summary
Software Assurance in the Software Development Process and Supply Chain: Introduction
Scope of the Problem
Governance for System and Software Assurance
Strategy Solutions: System Security Engineering, Software Sustainment
Process Solutions
Introduction, History, and Current State of Software
Trustworthy Software
The UK Trustworthy Software Initiative (TSI)
Trustworthy Software Framework
Current Focus and Future Direction of UK TSI
Questions and Answers
SQL for Traffic Analysts
Skill Level: Beginner   
+ Description
 

SQL for Traffic Analysis covers basic SQL topics such as selecting data from a table, ordering results, using multiple tables, grouping results, calculating aggregate values, and creating new tables.

+ Course Modules/Units
 
SQL for Traffic Analysts: Module 1
Selecting Data From A Table: Module 2
Ordering Results: Module 3
Multiple Tables: Module 4
Calculating Aggregate Values: Module 5
Grouping Query Results: Module 6
Generating New Tables: Module 7
2 Hours
 
Static Code Analysis using HPE Fortify
Skill Level: Beginner 
+ Description
 

This course focuses on integrating static code analysis tools into the software development process from a developer's/cybersecurity professional's perspective. The course demonstrates how Fortify is used to identify and remove Common Weakness Enumeration (CWE) from applications in which the source code is available.

Learning Objectives:

  • Understand how static code analysis tools work.
  • Utilize integrated development environment (IDE) plugins in order to find CWE in source code during the development phase.
  • Apply visualization tools available to developers and security professionals.
  • Participate in accreditation reporting.

Date: 2014

Training Purpose: Skill Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

CategorySpecialty AreaWork Roles
Oversee and Govern Legal Advice and Advocacy Privacy Officer/Privacy Compliance Manager
Securely Provision Systems Development Systems Developer
+ Course Modules/Units
 
AppSec with HPE Product Overview and Workflow
HPE Fortify Static Code Analyzer Suite Overview
HPE Static Code Analyzer Command Line Demo
Audit Workbench Demo
Fortify SCA Process Flow
Audit Workbench Demo Continued
STIG Reporting with Audit Workbench
IDE Plugin
Questions and Answers
Fortify Priority
Software Security Center
1.5 Hours
 
Static Code Analysis using Synopsis Coverity
Skill Level: Beginner 
+ Description
 

This course focuses on integrating static code analysis tools into the software development process. This course explains how developers can use tools such as Coverity to identify and remove Common Weakness Enumeration (CWE) from applications in which the source code is available, prior to deployment.

Learning Objectives:

  • Understand how static code analysis tools work.
  • The use of integrated development environment (IDE) plugins in order to find CWE in source code during the development phase.
  • Visualization tools available to developers and security.

Date: 2014

Training Purpose: Skill Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

CategorySpecialty AreaWork Roles
Oversee and Govern Legal Advice and Advocacy Privacy Officer/Privacy Compliance Manager
Securely Provision Systems Development Systems Developer
Securely Provision Test and Evaluation System Testing and Evaluation Specialist
+ Course Modules/Units
 
Overview of Synopsis Software Integrity Platform
Demonstration
Questions and Answers
Closing
2.5 Hours
 
Supply Chain Assurance using Sonatype Nexus
Skill Level: Beginner 
+ Description
 

This course focuses on integrating static code analysis tools into the software development process from both a developer's and a security professional's perspective. This course demonstrates how tools such as Sonatype can be used to evaluate the software supply chain in order to identify and remove components with known Common Vulnerabilities and Exposures (CVE) from applications in which the source code is available.

Learning Objectives:

  • Understand why software supply chain is important.
  • Utilize integrated development environment (IDE) plugins in order to identify and avoid the use of libraries, applications, tools, etc. with known CVE used by an application.
  • Apply tools to enforce organizational security policies and governance.

Date: 2014

Training Purpose: Skill Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

CategorySpecialty AreaWork Roles
Oversee and Govern Legal Advice and Advocacy Privacy Officer/Privacy Compliance Manager
Securely Provision Systems Development Systems Developer
Securely Provision Test and Evaluation System Testing and Evaluation Specialist
+ Course Modules/Units
 
Overview of Sonatype Success Engineering
Developer Perspective
Policies
Dashboard
Repository Manager
Questions and Answers
Success from the Start
Preparing for Deployment - Overview
Preparing for Deployment - Licenses
Preparing for Deployment - Architectural Risk
Preparing for Deployment - Evaluation
Preparing for Deployment - Policy Elements
Preparing for Deployment - Default Policy Demo
Preparing for Deployment - Policy Demo
Survival SiLK Series
Skill Level: Intermediate   
+ Description
 

This series of videos presents topics of interest to analysts with a working knowledge of SilK who wish to learn more. Each video covers one area of NetFlow analysis. The topics are:

  • Displaying NetFlow Records in SiLK (tips for using rwcut)
  • Host Profiling (what can you learn about a host and its activity from NetFlow?)
  • Protocol Profiling: ICMP (here is how analysis of ICMP can be different from TCP and UDP)
  • Rwmatch (for those who need to work with both sides of a network connection)
  • The SiLK Application Label (The App Label uses Deep Packet Inspection to make an educated guess as to what service the flow supports)
+ Course Modules/Units
 
Survival SiLK Series - Module 1
Host Profiling - Module 2
Protocol Profiling: ICMP - Module 3
Using rwmatch - Module 4
Using the SiLK Application Label - Module 5
TCP/IP Fundamentals for Network Traffic Analysts
Skill Level: Beginner   
+ Description
 

In this course you will learn about:

  • Describe how the history of TCP/IP has led to security issues
  • Describe the layered architecture of TCP/IP
  • Describe characteristics of
    • Address Resolution Protocol (ARP)
    • Internet Protocol (IP)
    • User Datagram Protocol (UDP)
    • Service Ports
    • Transmission Control Protocol (TCP)
    • Internet Control Messages Protocol (ICMP)
    • Fragmentation
  • Explain how common services operate with network protocols
  • Forecast how IPv6 affects network traffic analysis
+ Course Modules/Units
 
TCP/IP Fundamentals for Network Traffic Analysts
TCP/IP Module 2: Internet Protocol
TCP/IP Module 3: IP Addresses
TCP/IP Module 4: Transport Protocols
TCP/IP Module 5: Common Services
TCP/IP Module 6: IPv6
Thinking Like an Analyst
Skill Level: Beginner   
+ Description
 

On completion of this course, a participant will be able to:

  • Describe a model of the analysis process, with distinct stages
  • Identify selected processes and results associated with each stage
  • Characterize key thinking issues (biases) that can affect analysis results
  • Apply the analysis process to a body of data
+ Course Modules/Units
 
Thinking Like an Analyst: Introduction
Module 2: Thinking Like an Analyst - Context
Module 3: Thinking Like an Analyst - Gathering Data
Module 4: Thinking Like an Analyst - Microanalysis
Module 5: Thinking Like an Analyst - Macroanalysis
Module 6: Thinking Like an Analyst - Reporting
1 Hours
 
Trusted Internet Connections
Skill Level: Beginner 
+ Description
 

The Trusted Internet Connections (TIC) 3.0 course is designed to provide students with an overview of the modernized TIC initiative as defined by the Office of Management and Budget (OMB) Memorandum (M) 19-26 and how agencies can leverage the new TIC 3.0 guidance to secure their networks. The training also explains how the TIC 3.0 guidance can be used to securely transition to the cloud and as a pathway to implementing zero trust.

Learning Objectives:

  • Identify the goals of the modernized TIC initiative and the guidance available to help agencies.
  • Learn about how to implement the TIC 3.0 guidance and how it complements other federal initiatives.
  • Leverage the flexibilities available in TIC 3.0 to secure hybrid and cloud environments.
  • Understand how to use the TIC 3.0 guidance as a pathway to implementing zero trust.

Date: 2021

Training Proficiency Area: Level 1 - Beginner

Training Purpose: Skill Development

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

CategorySpecialty AreaWork Roles
Securely Provision Risk Management (RSK) Authorizing Official/Designating Representative, Security Control Assessor
Securely Provision Systems Architecture (ARC) Enterprise Architect, Security Architect
Securely Provision Systems Requirements Planning (SRP) Systems Requirements Planner
Securely Provision Systems Development (SYS) Information Systems Security Developer, Systems Developer
Oversee and Govern Cybersecurity Management (MGT) Information Systems Security Manager
Oversee and Govern Strategic Planning and Policy (SPP) Cyber Policy and Strategy Planner
Oversee and Govern Executive Cyber Leadership (EXL) Executive Cyber Leadership
+ Course Modules/Units
 
Module 1 - Introduction to TIC
Module 2 - How can Agencies Implement TIC?
Module 3 - TIC and Other Federal Initiatives
Module 4 - TIC and the Cloud
Module 5 - TIC the Roadmap to Zero-Trust
1 Hours
 
Understanding DNS Attacks
Skill Level: Beginner     
+ Description
 

The Domain Name System, commonly known as DNS, is often referred to as the "phone book" of the Internet. Every time we access the Internet to visit our favorite websites, shop and pay bills online, or access online portals for healthcare or banking, we depend on DNS infrastructure to securely route us to our intended destinations. While this shared infrastructure is incredibly powerful and useful, it also presents a rich attack surface for threat actors: allowing them to shut down websites and online services, replace legitimate website content with threats and extortion attempts, or even route traffic to a carbon copy of a legitimate website to steal any information entered by users intending to conduct business as usual. "Understanding DNS Attacks" provides key information you need to know to protect yourself and your organization from DNS infrastructure tampering including common vulnerabilities, how to identify a potential attack, and guidance and best practices to mitigate the likelihood and impact of a successful DNS attack.

This webinar is accessible to non-technical learners including managers and business leaders, and offers an organizational perspective useful to technical specialists.

Learning Objectives:
Enable learners to prevent, flag, and protect themselves and their organizations from DNS infrastructure attacks through awareness of common attack schemes, best practices, CISA guidance, and resources.

  • Define DNS Tampering and explain common attack methods
  • Identify signs of a DNS attack
  • Learn mitigation steps for DNS attacks
  • Understand the process to recover from a DNS attack
  • Explore impacts of DNS attacks through case studies

Date: 2021

Training Proficiency Area: Level 1 - Beginner

Training Purpose: Skill Development

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

CategorySpecialty AreaWork Roles
Analyze All-Source Analysis Mission Assessment Specialist
Collect and Operate Collection Operations All-Source Collection Manager, All-Source Collection Requirements Manager
Operate and Maintain Customer Service and Technical Support Technical Support Specialist
Operate and Maintain Data Administration Data analyst, database administrator
Operate and Maintain Knowledge Management Knowledge Manager
Operate and Maintain Network Services Network Operation Specialist
Operate and Maintain Systems Administration System Administrator
Oversee and Govern Cybersecurity Management Communications security manager; information systems security manager
Oversee and Govern Program Management and Acquisition IT investment manager, IT program auditor, IT project manager, product support manager, program manager
Oversee and Govern Strategic Planning and Policy Cyber policy and strategy planner; cyber workforce developer and manager
Oversee and Govern Training, Education, and Awareness Cyber Instructional Curriculum Developer
Protect and Defend Cyber Defense Infrastructure Support Cyber Defense Infrastructure Support Specialist
Protect and Defend Incident Response Cyber Defense Incident Responder
Protect and Defend Vulnerability Assessment and Management Vulnerability Assessment Analyst
Securely Provision Risk Management Authorizing official; security control assessor
Securely Provision Systems Architecture Enterprise Architect, Security Architect
Securely Provision Systems Requirements Planning Systems Requirements Planner
Securely Provision Test and Evaluation System Testing and Evaluation Specialist
+ Course Modules/Units
 
Understanding DNS Attacks
0.25 Hours
 
What is CDM and the DCM Agency Dashboard?
Skill Level: Beginner  
+ Description
 

This short video (5-11 minutes) of the new CDM Agency Dashboard will provide a foundation level of knowledge and background that will help end users of the dashboard prepare for training demonstrations and hands-on activities, as well as the implementation of the new dashboard.

Learning Objectives:

  • Understand what are CDM and the CDM Agency Dashboard
  • Understand the New CDM Agency Dashboard
  • Provide an overview on the AWARE Scoring Algorithm 1.0

Date: 2021

Training Proficiency Area: Level 1 - Beginner

Training Purpose: Skill Development

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

CategorySpecialty AreaWork Roles
Oversee and Govern Cybersecurity Management Information Systems Security Manager
Oversee and Govern Program/Project Management and Acquisition IT Investment/Portfolio Manager, IT Program Auditor, IT Project Manager, Product Support Manager, Program Manager
Securely Provision Risk Management Authorizing Official/Designating Representative, Security Control Assessor
+ Course Modules/Units
 
What is CDM and the CDM Agency Dashboard?
0.25 Hours
 
Introduction to the New CDM Agency Dashboard
Skill Level: Beginner  
+ Description
 

This short video (5-11 minutes) of the new CDM Agency Dashboard will provide a foundation level of knowledge and background that will help end users of the dashboard prepare for training demonstrations and hands-on activities, as well as the implementation of the new dashboard.

Learning Objectives:

  • Understand the New CDM Agency Dashboard

Date: 2021

Training Proficiency Area: Level 1 - Beginner

Training Purpose: Skill Development

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

CategorySpecialty AreaWork Roles
Oversee and Govern Cybersecurity Management Information Systems Security Manager
Oversee and Govern Program/Project Management and Acquisition IT Investment/Portfolio Manager, IT Program Auditor, IT Project Manager, Product Support Manager, Program Manager
Securely Provision Risk Management Authorizing Official/Designating Representative, Security Control Assessor
+ Course Modules/Units
 
Introduction to the New CDM Agency Dashboard
0.25 Hours
 
Introduction to the AWARE Scoring Algorithm
Skill Level: Beginner  
+ Description
 

This short video (5-11 minutes) of the new CDM Agency Dashboard will provide a foundation level of knowledge and background that will help end users of the dashboard prepare for training demonstrations and hands-on activities, as well as the implementation of the new dashboard.

Learning Objectives:

  • Provide an overview on the AWARE Scoring Algorithm 1.0

Date: 2021

Training Proficiency Area: Level 1 - Beginner

Training Purpose: Skill Development

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

CategorySpecialty AreaWork Roles
Oversee and Govern Cybersecurity Management Information Systems Security Manager
Oversee and Govern Program/Project Management and Acquisition IT Investment/Portfolio Manager, IT Program Auditor, IT Project Manager, Product Support Manager, Program Manager
Securely Provision Risk Management Authorizing Official/Designating Representative, Security Control Assessor
+ Course Modules/Units
 
Introduction to the AWARE Scoring Algorithm 1.0
0.25 Hours
 
AWARE Scoring Algorithm Details
Skill Level: Beginner  
+ Description
 

This short video (5-11 minutes) of the new CDM Agency Dashboard will provide a foundation level of knowledge and background that will help end users of the dashboard prepare for training demonstrations and hands-on activities, as well as the implementation of the new dashboard.

Learning Objectives:

  • Provide an overview on the AWARE Scoring Algorithm 1.0

Date: 2021

Training Proficiency Area: Level 1 - Beginner

Training Purpose: Skill Development

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

CategorySpecialty AreaWork Roles
Oversee and Govern Cybersecurity Management Information Systems Security Manager
Oversee and Govern Program/Project Management and Acquisition IT Investment/Portfolio Manager, IT Program Auditor, IT Project Manager, Product Support Manager, Program Manager
Securely Provision Risk Management Authorizing Official/Designating Representative, Security Control Assessor
+ Course Modules/Units
 
AWARE Scoring Algorithm 1.0 Details
1 Hours
 
Understanding Web and Email Server Security
Skill Level: Beginner    
+ Description
 

Web and email servers are the workhorses of the Internet: we couldn't run government, businesses, or our personal lives without them! However, the information exchanged through web and email servers can offer a tempting target for cyber attackers. Participants can request 1 CPE credit for completing this course.

This webinar includes the following information and more:

  • Attack methods: Hackers can target and decode victims' web and email traffic, compromise email security to make phishing attempts more likely to succeed, or can even use botnets to shut down access to websites and conduct large-scale campaigns of malicious activity.
  • Key Guidance for Organizations: CISA provides resources and best practices to help individuals and organizations secure their web and email infrastructure.
  • Case studies: Explore the methods and impacts of real-life cyberattacks, and how the victims responded and recovered.
  • Incident Response overview: Key steps to identify a potential attack, mitigate damage through proper preparation and response, and recover after an attack occurs.

Learning Objectives:
Enable learners to prevent, flag, and protect themselves and their organizations from web and email server cyberattacks through awareness of common attack schemes, best practices, CISA guidance, and resources.

  • Define web and email server infrastructure, and explain common attack methods
  • Identify signs of a potential attack
  • Learn mitigation steps for web and email server attacks
  • Understand the process to recover from a web or email server attack
  • Explore impacts of web and email server attacks through case studies

Date: 2020

Training Proficiency Area: Level 1 - Beginner

Training Purpose: Skill Development

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

CategorySpecialty AreaWork Roles
Analyze All-Source Analysis All-source analysis
Analyze Threat Analysis Threat/ warning analyst
Collect and Operate Collection Operations All Source Collection Manager; All Source Collection Requirements Manager
Collect and Operate Cyber Operational Planning Cyber Intel Planner; Cyber Ops Planner; Partner Integration Planner
Operate and Maintain Data Administration Data analyst, database administrator
Operate and Maintain Knowledge Management Knowledge Manager
Operate and Maintain Network Services Network Operations Specialist
Operate and Maintain Systems Administration System Administrator
Operate and Maintain Systems Analysis Systems Security Analyst
Oversee and Govern Cybersecurity Management Communications security manager; information systems security manager
Oversee and Govern Program Management and Acquisition IT investment manager, IT program auditor, IT project manager, product support manager, program manager
Oversee and Govern Strategic Planning and Policy Cyber policy and strategy planner; cyber workforce developer and manager
Protect and Defend Cyber Defense Analysis Cyber Defense Analyst
Protect and Defend Cyber Defense Infrastructure Support Cyber Defense Infrastructure Support specialist
Protect and Defend Incident Response Cyber defense incident responder
Protect and Defend Vulnerability Assessment and Management Vulnerability assessment analyst
Securely Provision Risk Management Authorizing official; security control assessor
Securely Provision Systems Architecture Enterprise Architect; Security Architect
Securely Provision System Requirements Planning System requirements planner
+ Course Modules/Units
 
Understanding Web and Email Server Security