The Cyber Network Defense (CND) course provides trainees with the background knowledge, skills, and abilities to perform cyber operations against an emulated adversary using the Cyberoperations Enhanced Network & Training Systems (CENTS) as the training environment. The course includes a well-rounded approach to the organization’s cybersecurity program and its support to cyber incident response. The course will culminate in an exercise that takes trainees through the cyber kill chain prompting them to respond by using tactics, techniques and procedures learned throughout the course. The course provides an overall definition of the organization’s cyber security program.
• An introduction to the CENTS platforms that support exercises and training.
• Discussion on current events, critical thinking, and the use of Open-Source Research to aid in troubleshooting, research and incident response.
• Knowledge of the organizational reporting structures for cyber incident response and reporting.
• Discussion of how the IT Security Policy Framework of the organization supports compliance with international law and creating a security baseline.
• Identifying risks, threats and vulnerabilities within the network and the use of network management frameworks to bolster the cybersecurity program.
• The fundamentals of cybersecurity and the tactics, techniques and procedures of malicious actors.
• Detecting and analyzing network traffic to identify possible malicious activity.
• Efforts to contain, eradicate and recover from a cyber incident.
• Tools used to remotely log into devices on the network to perform cyber network defense and administration.
• Discussion of the tools and devices housed within the normal enterprise network and the CENTS architecture to be used during the Cyber Network Defense exercises in this course.
• Cyber network defense exercises that train students in the tactics and techniques used by adversarial actors and the defense against those tactics and techniques.