National CAE Designated Institution
  • Classroom
  • Online, Instructor-Led

This course provides students with practical experience on computer incident handling, diagnostic reporting, incident response, and cyber defense operations. Students will gain experience in forming effective, cohesive and efficient cyber defense teams. Students will be grouped into teams to configure and secure various types of information systems (e.g., Redhat, Debian, Windows, etc.) that provide on-demand services (such as ftp, http, firewall, etc.) within an organizational setting. In particular, students will follow principles of computer incident handling, reporting and response exercises, as well as operational exercises as part of tabletop incident discussions. Industry-based technical and system-based exercises (e.g., Palo Alto Networks, Redhat etc.) will be simulated in a cloud-based lab environment. The course instructional design is semi-structured but highly interactive. Students are required to work with one another in teams to solve operational and technical problems. Students will also have a chance to participate in on-campus, regional and national Collegiate Cyber Defense Competition (CCDC), with an opportunity to advance their critical thinking and troubleshooting skills in a virtual “sandbox,” for solving current cyber threat issues. Students in graduate programs will be expected to have leadership, management and technical problem-solving skills, and be able to articulate the research problems of cyber defense operations and incidents response with theoretical and methodological approaches.

Learning Objectives

  1. Determine why and how to organize an incident response (IR) team.
  2. Articulate key strategies for making the case to senior management.
  3. Assemble and develop the IR team in organizational hierarchy for maximum effectiveness.
  4. Review best practices for managing attack situations with your IR team.
  5. Construct and develop relationships with other teams, organizations, and law enforcement to improve incident response effectiveness.
  6. Plan how to form, organize and operate as a cyber defense team to deal with system vulnerabilities and assess their severity.
  7. Recognize the differences between vulnerabilities and exploits of various information systems and devices.
  8. Employ techniques on how to coordinate all the entitles involved in incident handling.
  9. Administer and implement the steps for handling system vulnerability.
  10. Adapt strategies and best practices for notifying stakeholders about vulnerabilities and ensuring deployable fixes.

Framework Connections

The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):