101 Courses - Basic level courses
NICE Cybersecurity Workforce Framework Category - Analyze
NICE Cybersecurity Workforce Framework Category - Collect and Operate
NICE Cybersecurity Workforce Framework Category - Investigate
NICE Cybersecurity Workforce Framework Category - Operate and Maintain
NICE Cybersecurity Workforce Framework Category - Oversee and Govern
NICE Cybersecurity Workforce Framework Category - Protect and Defend
NICE Cybersecurity Workforce Framework Category - Securely Provision

The NICE Cybersecurity Workforce Framework can be found at: https://niccs.us-cert.gov/workforce-development/cyber-security-workforce-framework

FedVTE Course Catalog
Limit to NICE Cybersecurity Workforce Framework Category or subject:
101 Courses - Basic level courses Analyze Collect and Operate
Investigate Operate and Maintain Oversee and Govern
Protect and Defend Securely Provision
Show All Courses in All Categories

Expand/Collapse All
Advanced Windows Scripting 6 HoursSkill Level: Basic 
+ Description
 This course focusses on advanced concepts for writing scripts for the Microsoft Windows operating system. The course covers how to string multiple commands together in traditional BATCH scripts as well as leverage Visual Basic Scripting (VBS) to perform more complex tasks, and includes reinforcing video demonstrations and final assessment. Training Purpose: Securely Provision, Operate and Maintain

Specialty Areas: Software Development, Systems Administration, Systems Analysis, Customer Service and Technical Support

Training Proficiency Area: Level 1 - Basic

Capture Date: 2015

+ Course Modules/Units
 
Advanced Windows Scripting Introduction
Windows BATCH Scripting Overview
Windows BATCH Advanced Syntax Part 1 of 2
Windows BATCH Advanced Syntax Part 2 of 2
Windows Scripting Advanced Uses of FOR
Windows Scripting Syntax Tips and Tricks
Windows Scripting CALL and START Demo
Windows Scripting Subroutine Demo
Windows Scripting SET Demo
Windows Scripting PUSHD and POPD Demo
Manipulating In_Outputs
Stringing Multiple Commands Together
FOR Loop Generating List Demo
FOR Loop Recursive Listing Demo
Taking Action Based on Content of Output
Action Based on Content Output Demo
Scripts in Typical Penetration Testing Tasks Part 1 of 2
Scripts in Typical Penetration Testing Tasks Part 2 of 2
Visual Basic Scripting Syntax and Usage
Visual Basic Scripting Merge Demo
VBS Elements_Structure
VBS Elements_Variables, Arguments, and Conditionals
VBS Elements_Loops
VBS Elements_Functions and Operators
VBS Windows Scripting Host
VBS Elements_File I_O
VBS Windows Scripting Demo
VBS Error Handling and Troubleshooting
Visual Basic for Applications
Visual Basic for Application Elements
Visual Basic for Applications Working with Applications
VBA Working with Applications Demo
VBA Error Handling and Troubleshooting
VBA Error Handling and Troubleshooting Demo
Advanced Windows Scripting Quiz
CDM Module 1 : Overview 2 HoursSkill Level: Basic  
+ Description
 This course is designed for managers, staff and other stakeholders who may be involved in implementation and/or decision making regarding Continuous Diagnostics and Mitigation (CDM). The course aims to help the student better understand how CDM can help a department or agency (D/A) better manage risk and protect mission critical assets and to more effectively evaluate their cybersecurity posture.

The course provides a high level overview of the CDM program. Topics covered include basic CDM concepts, how CDM relates to NIST 800-53 and other NIST SPs, CDM Concept of Operations, the CDM Environment, and CDM’s Phases and Capabilities.

Training Purpose: Securely Provision, Oversee and Govern, Protect and Defend

Specialty Areas: Risk Management, Cybersecurity Management, Vulnerability Assessment and Management, Cyber Defense Analysis

Proficiency: Level 1 - Basic

Capture Date: 2015

+ Course Modules/Units
 
What is the CDM program?
What problem does CDM address?
How does the CDM program support Departments and Agencies
Why does CDM focus on Automation?
What is the CDM "Desired State" Specification?
What is the Actual State?
What is a Defect Check?
What is an Assessment Object?
What is a Defect instance?
What is an Object Container?
What is a CDM Security Capability?
How Do 800-53 Controls Map to CDM Security Capabilities?
How do I use the CDM Security Capabilities to Improve Security?
How does CDM relate to NISTs 800-53 Catalogue of Controls?
How does CDM relate to NISTs 800-53 Suggested Control Assessment Methods?
How does CDM relate to NISTs guidance on ISCM (800-137)?
How does CDM relate to NIST guidance on Risk Management 800-30 and 800-39?
How does CDM relate to NISTs RMF?
How does CDM operate in a department or agency?
What is the CDM Concept of Operations?
Where does the "Desired State" Specification come from?
What does the actual state concept in CDM mean for our department or agency?
Where does the Actual State Data come from?
How does CDM discover defects?
How does Scoring work with CDM and how am I affected?
How does CDM know who is responsible for fixing defects?
Will the CDM "System(s)" be A&Aed?
How will CDM sensors affect my Network(s)? Performance? Security?
What are CDM shared services?
Why is CDM divided into phases?
How do the security capabilities fit into phases?
What are the Phase 1 capabilities?
What are the Phase 2 capabilities?
What are the Phase 3 capabilities?
What does the CDM D/A Dashboard provide?
How Does the CDM D/A Dashboard Work with Other D/A Dashboards?
How Do I Get the Information My D/A Needs from the CDM D/A Dashboard?
CDM Module 2: Hardware Asset Management 1 HourSkill Level: Basic  
+ Description
 This course is designed for managers, staff and other stakeholders who may be involved in implementation and/or decision making regarding Continuous Diagnostics and Mitigation (CDM). The course aims to help the student better understand how CDM can help a department or agency (D/A) better manage risk and protect mission critical assets and to more effectively evaluate their cybersecurity posture.

The course begins by defining Hardware Asset Management (HWAM) and why it is critical to the implementation of a robust cybersecurity program. The training highlights the criteria for monitoring and managing hardware assets using CDM. It then transitions into HWAM implementation criteria and discusses the generic CDM concept of operations specific to HWAM. Topics covered include Actual State, Desired State, and Defects.

Training Purpose: Securely Provision, Oversee and Govern, Protect and Defend

Specialty Areas: Risk Management, Cybersecurity Management, Vulnerability Assessment and Management, Cyber Defense Analysis

Proficiency: Level 1 - Basic

Capture Date: 2015

+ Course Modules/Units
 
What is Hardware Asset Management (HWAM)?
What Are the Purpose and Results?
What Types of Attacks Does HWAM Thwart for Our Organization?
What Objects Does HWAM Assess?
How Does the HWAM Concept of Operations (CONOPS) work?
How Does HWAM Relate to Other Phase 1 Capabilities?
What HWAM Roles and Responsibilities Will My Organization Implement?
How Does an Organization Use the HWAM Capability?
What Techniques Are Used to Search for HWAM Devices?
What Types of Data Does the HWAM Actual State Collect?
What Types of Data Are Used to Identify Network Addressable Devices?
How Do Agencies Get Desired State Specification Data for the HWAM Capability?
What Types of Data Does the HWAM Desired State Specification Collect?
Can Agencies Specify How to Group Results?
What Are the HWAM Defect Checks?
Which HWAM Defect Checks Are at the Federal Level?
Which HWAM Defect Checks Are at the Local Level?
CDM Module 3: Software Asset Management 1.5 HoursSkill Level: Basic  
+ Description
 This course is designed for managers, staff and other stakeholders who may be involved in implementation and/or decision making regarding Continuous Diagnostics and Mitigation (CDM). The course aims to help the student better understand how CDM can help a department or agency (D/A) better manage risk and protect mission critical assets and to more effectively evaluate their cybersecurity posture.

The course begins by defining SWAM and why it is critical to the implementation of a robust cyber-security program. It covers new roles and responsibilities which the department or agency (D/A) must implement. It then transitions into SWAM implementation criteria, and discusses the generic CDM concept of operations specific to SWAM Actual State, Desired State, and Defects. It includes high level discussions of software lists (white, gray, black) and how software can be identified and tracked in CDM through the use of Common Platform Enumeration (CPE) and Software Identification (SWID) tags by Software package down to executables.

Training Purpose: Securely Provision, Oversee and Govern, Protect and Defend

Specialty Areas: Risk Management, Cybersecurity Management, Vulnerability Assessment and Management, Cyber Defense Analysis

Proficiency: Level 1 - Basic

Capture Date: 2015

+ Course Modules/Units
 
What is the Software Asset Management (SWAM) Capability?
What Purpose Does SWAM Serve?
What Types of Results Will SWAM Accomplish?
What Types of Attacks Does SWAM Thwart?
What Objects Does SWAM Assess?
How Does the SWAM Concept of Operations (CONOPS) Work?
How Does SWAM Relate to Other Phase 1 Capabilities?
How Does SWAM Block Many Zero Day and APT Attacks?
What Techniques Are Used to Search for SWAM Devices?
How Does CDM Identify Software Products and Executables?
How Does CDM Use Digital Fingerprints?
What Is a Whitelist?
How Do I Use a Software Whitelist?
What Is a Graylist?
How Do I Use a Software Graylist?
What Is a Blacklist?
How Do I Use a Software Blacklist?
What Does Locational Whitelisting Mean to Me?
What Is a Trust Library and How Does SWAM Use It?
How Is Desired State Specification Determined for Mobile Code in CDM?
How Does SWAM Use Hashes?
How Does SWAM Use Common Platform Enumeration (CPE)?
How Does SWAM Use Software IDs (SWIDs)?
What Are the SWAM Defect Checks?
Which SWAM Defect Checks Are at the Federal Level?
Which SWAM Defect Checks Are at the Local Level?
What Mitigation Options Might My Department or Agency Use with SWAM?
CDM Module 4: Configuration Settings Management .5 HoursSkill Level: Basic  
+ Description
 This course is designed for managers, staff and other stakeholders who may be involved in implementation and/or decision making regarding Continuous Diagnostics and Mitigation (CDM). The course aims to help the student better understand how CDM can help a department or agency (D/A) better manage risk and protect mission critical assets and to more effectively evaluate their cybersecurity posture.

The course begins by outlining the Cyber Security Manager position (CSM) and highlighting the types of attacks CSM can help prevent. It then transitions into CSM methods and criteria, where it reviews Actual State, Desired State, and Defect Checks specific to the capability area. It explains how CSM builds upon the other capabilities and how defect checks differ at the local and federal levels.

Training Purpose: Securely Provision, Oversee and Govern, Protect and Defend

Specialty Areas: Risk Management, Cybersecurity Management, Vulnerability Assessment and Management, Cyber Defense Analysis

Proficiency: Level 1 - Basic

Capture Date: 2015

+ Course Modules/Units
 
What Is the Configuration Settings Management Security Capability?
What Types of Results Will CSM Accomplish?
How Does CSM Thwart Attacks?
What Objects Does the CSM Security Capability Assess?
How Does CSM Work?
How Does HWAM and SWAM Support CSM?
What Methods Will CSM Use to Determine Actual State Information?
What Elements Does the Organization Require to Define the Actual State?
How Does CSM Define the Desired State?
What Methods Will CSM Use to Determine Desired State?
What Is a Common Configuration Enumeration (CCE)?
What Is a CSM Defect Check?
Which CSM Defect Checks Are at the Federal Level?
Which CSM Defect Checks Are at the Local Level?
CDM Module 5: Vulnerability Management .5 HoursSkill Level: Basic  
+ Description
 The course aims to help the student better understand how vulnerability management (VULN) identifies the existence of vulnerable software products in the boundary to allow an organization to mitigate and thwart common attacks that exploit those vulnerabilities.

The course begins by defining VULN, how it applies to the target environment, and how a fully implemented VULN capability impacts a Department or Agency. It then transitions into VULN criteria and methods, where it reviews Actual State, Desired State, and Defect Checks specific to the capability area. It explains how VULN builds upon the other capabilities areas, the types of defects, and how those defect checks differ at the local and federal levels.

Training Purpose: Securely Provision, Oversee and Govern, Protect and Defend

Specialty Areas: Risk Management, Cybersecurity Management, Vulnerability Assessment and Management, Cyber Defense Analysis

Proficiency: Level 1 - Basic

Capture Date: 2015

+ Course Modules/Units
 
What Is the Vulnerability Management (VULN) Capability?
What Is a CVE (Common Vulnerabilities and Exposures)?
What Is a CWE (Common Weakness Enumeration)?
What Types of Results Will VULN Accomplish?
How Can VULN Thwart Attacks?
What Types of VULN Objects Are Assessed?
How Does the VULN Capability Work?
How Does VULN Relate to SWAM?
How Will My Organization Use the VULN Capability?
What Methods Will VULN Use to Determine Actual State?
What Is the CDM Actual State?
How Does VULN Define the Desired State?
What Methods Will VULN Use to Determine Desired State?
What Is the National Vulnerability Database (NVD)?
What Are the VULN Defect Checks?
Which VULN Defect Checks Are at the Federal Level?
Which VULN Defect Checks Are at the Local Level?
Cloud Computing Security 1 HourSkill Level: Intermediate 
+ Description
 This course provides an in-depth look at the strengths and weaknesses of cloud computing security as well as the considerations to take in choosing the cloud as a data management solution. Technical and operational risks are explained, along with strategies to mitigate the aforementioned risks. To demonstrate concepts learned, the course closes with a real-world example of how a government agency (Defense Information Systems Agency) utilizes cloud computing solutions.

Training Purpose: Securely Provision, Operate and Maintain

Specialty Areas: Systems Analysis, Network Services, Systems Requirement Planning

Training Proficiency Area: Level 2 - Intermediate

Course Capture Date: 2010

+ Course Modules/Units
 
What is Cloud Computing?
Technical Risks
Operational Risks
Risk Mitigation Strategies
New Course OfferingCompTIA Cybersecurity Analyst (CySA+) Prep 12.5 HoursSkill Level: Intermediate  
+ Description
 The CompTIA Cybersecurity Analyst (CySA+) self-study certification prep course is designed to help prepare candidates to sit for the CySA+ exam, as well as reinforce concepts for work roles such as Systems Security Analyst, Threat Analyst, and Vulnerability Assessment Analysts. This intermediate-level course focuses on analysis and defense techniques leveraging data and tools to identify risks to an organization, and apply effective mitigation strategies. They CySA+ is an approved baseline certification of the DoD Directive 8570.
Learning objectives:
  • Provide a review of the following four skills: threat management, vulnerability management, security architecture and tool sets, and cyber incident response.
  • Supplemental self-study preparation resource for the CompTIA CySA+ exam.
  • Understand how to configure and use threat detection tools, perform data analysis, identify vulnerabilities, threats and risks, and secure and protect applications and systems within an organization.
Training Purpose: Skill Development
Specialty Areas: (Protect and Defend, Operate and Maintain, Securely Provision) Vulnerability Assessment and Management, Systems Analysis, Cyber Defense Analysis
Training Proficiency Area: Level 2 - Intermediate
Capture Date: 2018
+ Course Modules/Units
 
CySA Course Introduction
Reconnaissance
Port Scanning for Active Reconnaissance
Environmental Reconnaissance Tools
Social Engineering for Reconnaissance
Network Mapping for Active Reconnaissance
Syslog
Reviewing Alerts/Detecting Attack Phases
Common Tasks in Environmental Reconnaissance
Environmental Reconnaisannce Variables
Basic Packet Analysis
Methods of Network Traffic Analysis
Network Traffic Analysis
Netflows
Working with Netflows
Netflow Tools
Examining Log Files
Data Correlation and Analytics
Analyzing Device Data
SIEM
DEMO: Wireshark Packet Analyzer
Hardening Network Devices
Network Segmentation and Design
Honeypot
Endpoint Security
Windows Group Policy
Access Control Models
Remote Authentication - Radius and Tacacs+
Hardening Host and Networked Systems
Compensating Controls
Corporate Penetration Testing
Reverse Engineering Purpose and Practice
Team Training and Exercises
Risk Evaluation and Security Controls
Vulnerability Assessment Introduction
Vulnerability Management Requirements
Vulnerability Scanner Configuration
Vulnerability Assessment Tools
Scanning and Enumeration with Nmap
Intro to Vulnerability Scanning with Nessus
Vulnerability Remediation
Scanning and Report Viewing with OpenVAS
Endpoint and Protocol Analysis
Logging Strategies and Sources
Reviewing, Analyzing and Correlating Logs
Network Vulnerabilities
System Vulnerabilities
Web Application Vulnerabilities
Wireless Network Vulnerabilities
Virtual Infrastructure Vulnerabilities
Threats to Mobile Devices
ICS and SCADA Systems Security
Malware and Social Engineering Threats
Preparing for Impact Analysis
Forensics Kit and Incident Response
Forensic Investigation Suite
Setting Up an Analysis Environment
Communication During Incident Response
Common Symptoms of Host Infection
Incident Response and Recovery Part 1 of 2
Incident Response and Recovery Part 2 of 2
Regulatory Compliance and Frameworks
Control Selection Tailoring and Implementation
Verification and Quality Control
Procedures Supporting Policy
Enterprise Network Authentication Part 1 of 2
Enterprise Network Authentication Part 2 of 2
Cross-site Scripting and Other Exploits
Privilege Escalation Exploit
Technical Processes and Controls
Software Development Models and SDLC
Code Review and Testing
Secure Coding Best Practice Resources
Preventative Cyber Tools
Collective Cyber Tools
Analytical Cyber Tools
Exploit Cyber Tools
Forensics Cyber Tools
CySA Prep Practice Quiz
Cyber Risk Management for Technicians 11 HoursSkill Level: Basic 
+ Description
 This course presents the concept of managing cyber risk from a technical perspective. An overview of cyber risk management opens the class, followed by foundational material on conducting a risk assessment of considerations such as threats, vulnerabilities, impacts, and likelihood. Various technical methods for conducting a risk assessment are presented, to include vulnerability assessments and penetration tests, with a focus on continuous monitoring of security controls and how to assess those security controls using the National Institute of Standards and Technology Special Publication 800-53 and 800-53a as a guide.

Training Purpose: Skill Development

Specialty Areas: Information System Security Management, Security Program Management, Strategic Planning and Policy Development

Training Proficiency Area: Level 1 - Basic

Capture Date: 2013

+ Course Modules/Units
 
Cyber Risk Management for Technicians Course Intro
Risk Management and NIST SP 800-30
Tiers of Risk Management
Terms Associated with Risk Management 1 of 2
Terms Associated with Risk Management 2 of 2
Risk and Operational Resilience
Risk Management Components and Outcomes
NIST SP 800 30 Risk Assessment
NIST SP 800 30 Risk Mitigation
NIST SP 800 39 Risk Management Guidelines
NIST SP 800 37 Risk Management Framework
OCTAVE Risk Based Assessment Methodology
CERT Resilience Management Model
Overview of Assessing Risk
Determining Critical Assets and Operations
Threat Analysis Overview
Critical Assets and Threats
Determining Impact and Risk Analysis
Security Testing and Assessment Methodologies
Vulnerability Assessments vs Penetration Testing
Risk Assessment Tools
Information Categorization
Security Controls and NIST SP 800 53
Control Selection Tailoring and Implementation
Management Control Examples
Operational Control Examples
Technical Control Examples
Assessing A Tech Control Solution Demo
Installing Cyber Tech Control Demo
Continuous Monitoring Concepts 1 of 2
Continuous Monitoring Concepts 2 of 2
Continuous Monitoring and Log Management
Network Monitoring Control Examples
Process of Assessing Security Controls
Developing Security Assessment Plans
Conducting Security Control Assessments
Security Controls Post Assessments
Assessing Security Control Examples
Detecting Network Changes: Syslog
Detecting Network Changes : Swatch and OSSEC
Analyzing NW Changes : Creating a Baseline
Analyzing NW Changes : Host Integrity
Analyzing Host Characteristics
Best Practices for Detecting NW Changes
Update Mgmt with MBSA Demo
Log Analysis with Syslog and Swatch
Determining and Managing Risks
Managing Risk : Cost Benefit Analysis
Vulnerability Remediation
Vulnerability Management Systems
Intro to Vul Scanning with Nessus Demo
Cyber Risk Mgmt for Technicians Course Exam
Cyber Risk Management for Managers 6 HoursSkill Level: Basic 
+ Description
 Cyber Risk Management for Managers covers key concepts, issues, and considerations for managing risk from a manager’s perspective. Discussions include identifying critical assets and operations, a primer on cyber threats and how to determine threats to your business function, mitigation strategies, and response and recovery.

Training Purpose: Skill Development

Specialty Areas: Information System Security Management, Security Program Management, Strategic Planning and Policy Development, Training

Training Proficiency Area: Level 1 - Basic

Capture Date: 2012

+ Course Modules/Units
 
Overview of Risk Management
Risk and Business Impact Analysis
Operational Resilience and Risk
Outcomes of Risk Management
NIST SPs and Risk Assessment Process
NIST SP 800-30 Risk Mitigation Steps
NIST SP 800-39 and 800-37
OCTAVE and OCTAVE Allegro
CERT-RMM and SSE CMM
Critical Assets and Ops : Identifying
Critical Assets and Ops : Prioritizing
Asset Criticality Demo
Identifying Assets Lab
Cyber Risk : Common Threats Part 1 of 2
Cyber Risk : Common Threats Part 2 of 2
Cyber Risk and Mobile Devices
Cyber Risk and Cloud Computing
Common Threat Controls and Countermeasures
Identifying Threats and Their Impact
Identifying Sources of Vulnerabilities
Impact Analysis and Threat Scenario
Assessing Impact : Risk Analysis
Risk Mitigation and Managing Risks
General Risk Mitigation Strategies
Control Methods Overview
Common Technical Controls Part 1 of 2
Common Technical Controls Part 2 of 2
Common Physical Controls
Common Administrative Controls
Classes of Security Controls
Selecting Security Controls
Security Controls and Federal Guidelines
Implementing Security Measures
Mitigation Strategy Maintenance
Security Testing and Assessment
Response and Recovery
Phases of Incident Response
IR Phase 1 : Preparation
IR Phase 2 : Detection and Analysis
IR Phase 3 : Containment
IR Phase 4 : Eradication
IR Phase 5 : Recovery
IR Phase 6 : Lessons Learned
BCP and Procedures
DRP and Procedures
DRP : Backups and Alternate Sites
Using RT-IR for Incident Response
Cyber Risk Management Quiz
DB Evaluations using AppDetectivePro and dbProtect 1.5 HoursSkill Level: Basic
+ Description
 This course introduces students to basic database security concepts and methodology. The course demonstrates how tools such as AppDetectivePRO and DbProtect can be used to scan databases in order to uncover configuration mistakes, identification and access control issues, missing patches or any toxic combination of settings that could lead to escalation-of-privilege or denial-of-service attacks, data leakage or unauthorized modification of data.

Training Purpose: Skill development

Specialty Areas: Information Assurance Compliance, Software Assurance and Security Engineering, Systems Development, Test and Evaluation

Training Proficiency Area: Level 1 - Basic

+ Course Modules/Units
 
Importance of Databases Security
Databases Security Methodology
AppDetectivePRO Overview
DbProtect Overview
DbProtect Deployment Model
DbProtect Features
DbProtect Demonstration
Dynamic Testing using HPE WebInspect 1.5 hoursSkill Level: Basic
+ Description
 This course introduces students to dynamic testing tools for web applications and demonstrates how they can be used to identify, evaluate, and mitigate a web application’s potential security vulnerabilities. The focus is on using HPE WebInspect in order to perform and manage dynamic security vulnerability testing and address results from both a developer and cyber security professional perspective.

Training Purpose: Skill development

Specialty Areas: Information Assurance Compliance, Software Assurance and Security Engineering, Systems Development, Test and Evaluation

Training Proficiency Area: Level 1 - Basic

Capture Date: 2014

+ Course Modules/Units
 
Application Security
WebInspect Dynamic Analysis
Installing WebInspect
Run a WebInspect Scan
WebInspect Demonstration
Policy Manager Demonstration
Default Settings Demonstration
Reports
Application Settings and Tools
Comparing Scans
Testing in a Closed versus Open Network
WebInspect Agent, Web Services
New Course OfferingThe Election Official as IT Manager 4 HoursSkill Level: Basic  
+ Description
 In this course, you will learn why Election Officials must view themselves as IT systems managers, and be introduced to the knowledge and skills necessary to effectively function as an IT manager. The course includes a review of Election Systems, Election Night Reporting, and Interconnected Election Systems vulnerabilities and liabilities. The course also covers Social Media and Website best practices, vulnerabilities, and liabilities, and will also address Procuring IT, Vendor Selection, Testing and Audits, Security Measures, and Risk Assessments. In addition, the course also includes a review of resources available to the election community from the Department of Homeland Security.

Training Purpose: Management Development

Specialty Areas: Cybersecurity Management, Incident Response, Risk Management

Training Proficiency Area: Level 1 - Basic

Capture Date: 2018

+ Course Modules/Units
 
Professionalizing Election Admin Intro
Being an IT Manager
Election Systems
Technology and the Election Office
Procuring IT
Testing and Audits
Election Security
Principles of Information Security
Physical Security
Cybersecurity and Elections
Human Security
Risk Management and Elections
Incident Response Scenarios and Exercises
Phishing and Elections
DDOS Attacks and Elections
Website Defacing
Election Infrastructure Security
DHS Cyber Security Tools and Services
EAC Resources
(ISC)2 (TM) CISSP (R) Prep 2015 25 HoursSkill Level: Advanced 
+ Description
 The (ISC)2 Certified Information Systems Security Professional (CISSP) certification self-study prep course is a resource for individuals preparing for the CISSP certification exam or expanding their knowledge in the information security field. The course reflects the 2015 published CISSP exam objectives and the eight domains upon which the exam is based. This course also includes domain quizzes, reinforcing video demonstrations, as well as a final practice exam.

Training Purpose: Skill development

Specialty Areas: Information System Security Management, Security Program Management, Strategic Planning and Policy Development, Enterprise Architecture, Information Assurance Compliance

Training Proficiency Area: Level 3 - Advanced

Capture Date: 2015

+ Course Modules/Units
 
CISSP Course Introduction
Access Control Concepts
Access Control Methodology Types
Governance Management and Compliance
Policy and Components Overview
Managing Security Functions
Major Legal Systems
International Legal Issues
Legal Regulations and Privacy
Computer Crime and Incident Response
Digital Investigations
Audits and Contractual Agreements
Legal Regulations and Ethics
(ISC)2 Code of Ethics and Ethic Bases
BC and DR Initiation and Management
BC and DR Financial Regulations and Legal Standards
BCP Business Impact Analysis
Disaster Recovery Strategy
Documenting the DRP
Managing Recovery Communications
Recovery Exercising
Vendor Management
Addressing Risk
Risk Assessment and Countermeasures
Threat Modeling and Reduction Analysis
Acquisition Strategies
Training Review and Improvement
Security and RM Knowledge Check
Privacy Protection, Data Collection Limitations and Retention
Organizational Privacy Responsibilities
Data Classification
Data Ownership and Retention
Security Control Selection
Security Control Application and Tailoring
Security Control and Selection Examples
Policy Review Demo
Asset Security Knowledge Check
Basics of Secure Design
Secure Design Standards and Models
Enterprise Security Architecture
System Security Architecture
System Threats and Countermeasures
Parallel and Distributed Systems
Virtualization
Parallel and Distributed Systems Security Issues
Industrial Control System Security
Securing ICS and SCADA Systems
SCADA Honeynet Demo
Internet of Things
Mobile System Security
Wireless Vulnerabilities, Attacks and Attack Vectors
Wireless Device and Application Threats and Issues
Emerging Trends in Wireless Devices and Security
Key Crypto Concepts and Definitions
Cryptography History
Encryption Systems
Symmetric Ciphers
Asymmetric Ciphers
Message Integrity Controls
Salting Hashes
Digital Signature Overview
Encryption Management - Keys
Public Key Infrastructure (PKI)
Cryptographic Lifecycle
Digital Rights Management
Crypto Attack and Countermeasures
Site and Facility Design Criteria
Physical and Environ Location Threats
Perimeter Security
Perimeter Intrusion Detection
Access Control Systems (ACS) Cameras and Guards
ACS: Doors and Locks
ACS: Secure Operational Areas
Personnel Privacy and Safety
Wiring Closets
Security Engineering Knowledge Check
Telecom and Network Security Concepts
Telecom and NW Security Layer 1
Telecom and NW Security Layer 2
Telecom and NW Security Layer 3
Telecom and NW Security Layer 4 and 5
Telecom and NW Security Layer 6 and 7
Multilayer and Converged Protocols
Content Distribution Networks
Implementing and Using Remote Access
Comm and NW Security Knowledge Check
Access Control System Strategies
Biometrics and Authentication Accountability
Access Controls - Kerberos
Data Access Controls
Access Control Threats
Session Management
Credential Management Systers
Cloud Identity (Identity as a Service)
Third Party Identification
Rule-Based Access Control
ID and Access Management Knowledge Check
Synthetic Transactions
Code Review and Testing
Misuse Case Testing
Interface Testing
Test Coverage Analysis
Security Testing Knowledge Check
Security Operations Concepts
Security Operations Resource Protection
Security Operations Incident Response
Managing Security Services Effectively
Maintaining Operational Resilience
Electronic Discover (E-Discovery)
Cloud Computing
Cloud Computing Security Issues
Continuous Monitoring
Data Leak Prevention (DLP)
Watermarking
Egress Monitoring
Intro to Dshell Toolkit Demo
Security Operations Knowledge Check
SDLC Phases
Software Development Models
Security Environment and Controls
Additional Security Protections and Controls
Audit and Assurance Mechanisms
SW Development Security and Malware
Agile Development Models
Maturity Models
Integrated Product Teams
Impact of Acquired Software
Automated Code Review Demo
Software Dev Security Knowledge Check
CISSP Course Practice Exam
Mobile and Device Security (2015) 22 HoursSkill Level: Basic 
+ Description
 The Mobile and Device Security course introduces students to mobile devices, how they operate, and their security implications. This course includes topics such as signaling types, application stores, managing mobile devices, and emerging trends and security and privacy concerns with social media.

Training Purpose: Skill Development

Specialty Areas: Customer Service and Technical Support, Digital Forensics, Information Assurance Compliance, Information Systems Security Operations

Training Proficiency Area: Level 1 - Basic

Capture Date: 2015

+ Course Modules/Units
 
Mobile Security Course Introduction
Cellular Network Generations
Network Standards Introduction
CDMA TDMA and GSM Introduction
GPRS Edge and UMTS Introduction
Additional Network Standards
Bluetooth and Wi-Fi
Cellular Network Components
Mobile Switching Center Database
Authentication and Government Standards
4G LTE
Mobile Device Components
Mobile Device Operating Systems
Android Customization
Wireless Technology Introduction
WiFi Standards
Wi-Fi Standards : 802.11ac
WiFi Types
Wireless Fidelity Part 2
WiFi Channels and SSIDs
WiFi Signals and Hardware
Bluetooth
WiMAX
Additional Standards
Near Field Communication
Introduction to Threats
Lost and Stolen Devices
Additional Device-Level Threats
Near Field Communications and Mobile Threats
Application-Level Threats
Rogue Applications
Network-Level Threats
Pineapple Router
Malicious Hotspot
Malicious Use Threats
Mobile Hacking Tools
Mobile Device Security Introduction
Mobile Device Security Introduction Cont.
Android Introduction
Android Security
Android Application Security
Google Android OS Features
Installing Antivirus
iOS Security Model and Platform
iOS Application Security
Jailbreaking iOS
iOS Application Security Cont.
Apple iOS Update Part 1 of 2
Apple iOS Update Part 2 of 2
Windows Phone Security Model and Platform
Windows Implementation and Application Security
Windows Phone Update
WiFi Security
WiMax and Bluetooth
Bluetooth Attack
Protecting Data
Encryption
Android Encryption
iOS Encryption
Email Security
Android and iOS Email Security
Windows Email Security
iOS Hardening
iOS Hardening Cont
Blackberry Hardening
Android Hardening
Android Hardening Cont.
Windows Phone Hardening
Windows Phone Password and Cookies
Windows Phone Wi-Fi
Windows Phone - Find, Wipe, and Backup
Device Security Policies
Exchange and BES
Mobile Device Management
Mobile Device Management Cont.
McAfee Mobility Management
Forensics Overview
Forensics Role and Framework
Device Identification
Device Identification Cont.
Network Data
Network Data Cont.
Preservation
Preservation Cont.
Acquisition
Acquisition Cont.
Device Specific Acquisition
Hashing
Hashing Cont.
Analysis
Archiving and Reporting
Cellebrite
Forensics Demonstration
XRY/XACT
Oxygen and CellXtract
Paraben and MOBILedit!
Additional Methods
Subscriber Data
Benefits of Social Media
Risks of Social Media
Liabilities Associated with Social Media
Social Media Controls
Emerging Trends
Emerging Trends Cont.
New Technologies in Mobile Devices
Mobile Devices and the Cloud
Mobile Security Course Quiz
Securing Infrastructure Devices 1 HourSkill Level: Intermediate  
+ Description
 This course covers physical security, operating system security, management traffic security, device service hardening, securing management services and device access privileges.

Training Purpose: Skill Development

Specialty Areas: Enterprise Architecture, Network Services, System Administration, Computer Network Defense Infrastructure Support, Systems Security Analysis

Training Proficiency Level: Level 2 - Intermediate

Capture Date: 2010

+ Course Modules/Units
 
Physical and Operating System Security
Management Traffic Security
Device Service Hardening
Securing Management Services
Device Access Hardening
Device Access Privileges
Software Assurance Executive Course (SAE) 10 HoursSkill Level: Intermediate 
+ Description
 This course is designed for executives and managers who wish to learn more about software assurance as it relates to acquisition and development. The purpose of this course is to expose participants to concepts and resources available now for their use to address software security assurance across the acquisition and development life cycles.

Training Purpose: Skill Development

Specialty Areas: Software Assurance, Software Assurance Management, Acquisition

Training Proficiency Area: Level 2 - Intermediate

Capture Date: 2013

+ Course Modules/Units
 
Interview with William Scherlis: Introduction and Background
Software Assurance Challenges
Encouraging Adoption of Software Assurance Practices Through People and Incentives
The Path Toward Software Assurance: Advice for Organizations
Learning from Failure
The Future of Software Assurance
Introduction, Current Software Assurance Activities by DHS, and Current SW Assurance Environment
Managing Risks in a Connected World
A Need for Diagnostic Capabilities and Standards
Changing Behavior: Resources
Establishing a Foundation for Software Assurance
Conclusion: The Rugged Manifesto and Challenge
Introduction to Software Assurance
Software Assurance Landscape
Software Assurance Principles
Current Software Realities
Introduction to Software Assurance, Part 2
Building Security In
Microsoft Secure Development Lifecycle (MS SDL)
Requirements Engineering
Security Requirements Methods
Threat Modeling: STRIDE (used by Microsoft)
Industry Case Study in Threat Modeling: Ford Motor Company
Topic Summary
Creating and Selling the Security Development Lifecycle (SDL)
Managing the Process
Making a Difference
Introduction and Key Components of Agile Development
Traditional & Agile Acquisition Life Cycles
Common Agile Methods and Scrum - the Most Adopted Agile Method
Challenges to Agile Adoption
Suggestions for Successful Use of Agile Methods in DHS Acquisition
Agile Summary
Software Assurance, Introduction to Part 3: Mission Assurance
What Does Mission Failure Look Like?
Mission Thread Analysis for Assurance
Applying Mission Thread Analysis Example 1
Applying Mission Thread Analysis Example 2
Applying Mission Thread Analysis
Software Assurance, Introduction to Part 4: SwA for Acquisition
Software Supply Chain Challenges
Supply Chain Risk Mitigations for Products
System Supply Chains
SCRM Standards
Summary
Software Assurance in the Software Development Process and Supply Chain: Introduction
Scope of the Problem
Governance for System and Software Assurance
Strategy Solutions: System Security Engineering, Software Sustainment
Process Solutions
Introduction, History, and Current State of Software
Trustworthy Software
The UK Trustworthy Software Initiative (TSI)
Trustworthy Software Framework
Current Focus and Future Direction of UK TSI
Questions and Answers
Static Code Analysis using HPE Fortify 2 HoursSkill Level: Basic
+ Description
 This course introduces students to the idea of integrating static code analysis tools into the software development process from both a developer's and a security professional's perspective. The course demonstrates how Fortify is used to identify and remove Common Weakness Enumeration (CWE) from applications in which the source code is available.

Training Purpose: Skill Development

Specialty Areas: Information Assurance Compliance, Software Assurance and Security Engineering, Systems Development

Training Proficiency Area: Level 1 - Basic

Capture Date: 2014

+ Course Modules/Units
 
AppSec with HPE Product Overview and Workflow
HPE Fortify Static Code Analyzer Suite Overview
HPE Static Code Analyzer Command Line Demo
Audit Workbench Demo
Fortify SCA Process Flow
Audit Workbench Demo Continued
STIG Reporting with Audit Workbench
IDE Plugin
Questions and Answers
Fortify Priority
Software Security Center
Static Code Analysis using Synopsis Coverity 1.5 HoursSkill Level: Basic
+ Description
 This course introduces students to the idea of integrating static code analysis tools into the software development process. The focus is on how developers can use tools such as Coverity to identify and remove Common Weakness Enumeration (CWE) from applications in which the source code is available, prior to deployment.

Training Purpose: Skill Development

Specialty Areas: Information Assurance Compliance, Software Assurance and Security Engineering, Systems Development, Test and Evaluation

Training Proficiency Area: Level 1 - Basic

Capture Date: 2014

+ Course Modules/Units
 
Overview of Synopsis Software Integrity Platform
Demonstration
Questions and Answers
Closing
Supply Chain Assurance using Sonatype Nexus 2.5 HoursSkill Level: Basic
+ Description
 This course introduces students to the idea of integrating static code analysis tools into the software development process from both a developer's and a security professional's perspective. The course demonstrates how tools such as Sonatype can be used to evaluate the software supply chain in order to identify and remove components with known Common Vulnerabilities and Exposures (CVE) from applications in which the source code is available.

Training Purpose: Skill Development

Specialty Areas: Information Assurance Compliance, Software Assurance and Security Engineering, Systems Development, Test and Evaluation

Training Area: Level 1 - Basic

Capture Date: 2014

+ Course Modules/Units
 
Overview of Sonatype Success Engineering
Developer Perspective
Policies
Dashboard
Repository Manager
Questions and Answers
Success from the Start
Preparing for Deployment - Overview
Preparing for Deployment - Licenses
Preparing for Deployment - Architectural Risk
Preparing for Deployment - Evaluation
Preparing for Deployment - Policy Elements
Preparing for Deployment - Default Policy Demo
Preparing for Deployment - Policy Demo