• Classroom
  • Online, Instructor-Led
  • Online, Self-Paced
Course Description

This course surveys the cybersecurity landscape and introduces the student to terminology needed to be successful in the industry.

Learning Objectives

Module 1: Cybersecurity Overview

  • Supply and Demand - Jobs
  • Cybersecurity Field is Growing
  • Competitive Workforce
  • Typical Salaries
  • Hacking Overview
  • Managements Perspective
  • Peeling the Onion - Layered Approach
  • CIA Triad

Module 2: Network Defense

  • Operating Systems - Linux vs. Windows
  • OSI Model
  • TCP vs. UDP
  • TCP Three Way Handshake
  • Identification and Authentication
  • Firewalls
  • Host Based and Network Based IDS

Module 3: Applied Encryption

  • Plaintext vs. Ciphertext
  • Cryptosystems
  • Steganography
  • Session Keys
  • Algorithms - DES and AES
  • LANMAN, NTLM
  • Hashes
  • Disk Encryption
  • Digital Signatures
  • PKI
  • VPN - IPSEC, IKE

Module 4: Access control

  • Methods
  • Implicit Deny
  • Least Privilege
  • Separation of Duties
  • Job Rotation
  • MAC vs. DAC
  • Role Based and Rule Based
  • Logical vs. Physical Access Control
  • Strong Authentication
  • Biometrics

Module 5: Intrusion detection systems (IDS)

  • Alerts and Alarms
  • Noise
  • NIDS vs. HIDS
  • Intruders, Masquerader
  • Passive vs. Active
  • IPS, Statistical, Signature, Heuristics, Anomalies

Module 6: Applied Systems Hardening

  • Privilege Escalation
  • Spyware, Adware, Rootkits
  • Malicious Code, Worms, Virus
  • DDOS, Smurf, Teardrop
  • Botnets, RATs, Trojans
  • OS Hardening Techniques

Module 7: Incident Response

  • Events - Normal, Escalation, Emergency
  • Incident Response - TIGER TEAM
  • Network Monitoring
  • Investigation
  • Recovery
  • Reporting

Module 8: Digital Forensics

  • Computer Crime
  • Forensics
  • Legal Cases
  • The Forensics Process
  • Tools
  • Chain of Custody
  • Reporting

Module 9: Advanced Business Continuity Planning

  • Due diligence, Due Care, Due Process
  • Threats
  • Business Continuity
  • Boy Scout Method - Be Prepared
  • MTBF, MTTR, Single Points of Failure
  • RAID
  • Power and Backups

Module 10: Applying your skills

  • Capture the Flag - Virtual Machines

Framework Connections

The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):

Specialty Areas

  • Risk Management
  • Program/Project Management and Acquisition
  • Vulnerability Assessment and Management

Specialty Areas have been removed from the NICE Framework. With the recent release of the new NICE Framework data, updates to courses are underway. Until this course can be updated, this historical information is provided to give better context as to how it can help you with your cybersecurity goals.

Feedback

If you would like to provide feedback on this course, please e-mail the NICCS team at NICCS@hq.dhs.gov. Please keep in mind that NICCS does not own this course or accept payment for course entry. If you have questions related to the details of this course, such as cost, prerequisites, how to register, etc., please contact the course training provider directly. You can find course training provider contact information by following the link that says “Visit course page for more information...” on this page.