This Training equips analysts to prepare better, detect and respond to malicious threats by covering common hacker tactics and strategies. Attacks can often be reduced to step-by-step offensive methods and vectors. Proactive and reactive defenses are essential in each network layer to thwart each stage of an attack. Attack surfaces vary from Windows to Unix, switches, routers, and other systems. Visibility of network, system, and application-level vulnerabilities is essential. Specific organization strategies and tools should be in place to effectively detect multiple attack types. This includes the development of an incident handling process. The team should be prepared for both active engagements and recovery procedures. Recovery and reconstitution should be regularly evaluated in the form of exercises.
Learning Objectives
Define hacking, ethics and best practices|Perform reconnaissance and identify valuable information|Understand network and host enumeration|Identify and select vulnerabilities for use in offensive operations|Understand attack staging and the cyber kill chain|Grasp concepts of offensive cyber evasion|Identify level of system access after exploitation|Escalate privileges on a target system|Cover tracks on a target system|Enumerate and identify running services on a target server|Link misconfigurations to potential attack vectors|Transport files to and from a target system|Understand the availability of offensive resources on the dark web|Identify different types of phishing|Define DNS|Define DNS server hijacking and cache poisoning|Understand the use of keyloggers|Differentiate between types of malware|Explain the resources used to deny service to a target|Categorize the exploitation of browser cookies|Identify common hacking tools|Discover vulnerabilities in programs.|Use the advanced features Wireshark|Understand and exploit on a web Server|How to perform complex attacks|Understand how lateral movements occur|Understand Attack Vectors|Describe a file owner|Contrast access control models|Implement principle of least-privilege|Compare FTP and SMB protocols|Perform anonymous FTP login|Perform local file inclusion|Appropriate least significant bit for steganography|Identify DNS tunneling|Identify covert channels
Framework Connections
The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):
Competency Areas
Work Roles
Feedback
If you would like to provide feedback on this course, please e-mail the NICCS team at NICCS@mail.cisa.dhs.gov. Please keep in mind that NICCS does not own this course or accept payment for course entry. If you have questions related to the details of this course, such as cost, prerequisites, how to register, etc., please contact the course training provider directly. You can find course training provider contact information by following the link that says “Visit course page for more information...” on this page.