Once in your environment, adversaries will try to evade your defenses and may rename their code to look like a legitimate executable. They could also encrypt your data with ransomware. Don't let adversaries hold you over a barrel. Get hands-on and learn to detect and mitigate these techniques today.
Learning Objectives
After completing MITRE ATT&CK TTP content, learners should be able to:
- Detect adversary usage of a technique or sub-technique in a hands-on environment.
- Explain possible approaches for setting up detection rules and recommending mitigations for the technique.
- Describe how an adversary might chain this technique together with adjacent or related techniques in order to accomplish objectives on goal.
- Provide examples of real-world procedures that illustrate the techniques.
Framework Connections
Specialty Areas
- Cyber Operations
- Exploitation Analysis
Feedback
If you would like to provide feedback for this course, please e-mail the NICCS SO at NICCS@hq.dhs.gov.