National CAE Designated Institution
  • Classroom
  • Online, Instructor-Led

This "Defense-in-Depth" course provides the student detailed understanding of the need for internal and external vulnerability assessment. An integral technical part of any risk management program, this course goes hand-in-hand with the more analytical practices in IAE-674.

Learning Objectives

  • Differentiate among different types of hackers
  • Articulate the difference between hackers and security professionals
  • Understand security vulnerabilities, exposures and risks
  • Understand what social engineering is and how it is done
  • Identify UNIX/Linux and Windows vulnerabilities specifically
  • Understand where firewalls fit in defenses against hackers
  • Have an opportunity to use hacking tools and understand what it is hackers do
  • Understand denial of service attacks and what effect they can have
  • Understand the importance of both vulnerability assessment and penetration testing in assessing the overall security of the system
  • Understand the importance of research methods when applied to vulnerability analysis and mitigation techniques
  • Understand the importance of collaboration and report writing in the conveyance of threat, vulnerability, and impact considerations
  • Understand the basics of the System Security Authorization Agreement (SSAA) process
  • Be competent with tools for network security evaluation.

Framework Connections

The materials within this course focus on the Knowledge Skills and Abilities (KSAs) identified within the Specialty Areas listed below. Click to view Specialty Area details within the interactive National Cybersecurity Workforce Framework.

Feedback

If you would like to provide feedback for this course, please e-mail the NICCS SO at NICCS@hq.dhs.gov.