• Online, Self-Paced
Course Description

Firewalls are one layer of defense against unauthorized access to networks and hosts. Intrusion detection and prevention can be used to increase security at both the host and network levels. In this course, you'll learn about these security mitigations as well as malware and how to use digital forensic tools.

Learning Objectives


  • start the course
  • recognize the purpose of various firewall types
  • recognize how firewall rules are created based on what type of traffic should or should not be allowed
  • recognize how packet filters work
  • configure a packet filtering firewall
  • explain the purpose of a proxy server
  • explain the purpose of a security appliance
  • recognize the unique capabilities of web application firewalls

Detecting Intrusions

  • explain the importance of intrusion detection and prevention
  • recognize when to use HIDS
  • recognize when to use NIDS
  • recognize when to use NIPS


  • identify different types of malware
  • identify viruses
  • identify worms
  • identity spyware and adware
  • explain how ransomware works
  • mitigate malware using antimalware solutions
  • explain why user training and awareness is one of the most important security defenses

Digital Forensics

  • describe digital forensics
  • determine which forensic hardware is best suited for a specific situation
  • determine which forensic software is best suited for a specific situation
  • explain how forensic tools can be used against data stored on media
  • distinguish common forensic tools from one another
  • explain the sequence of steps that should be followed when conducting mobile device forensics
  • create a memory dump
  • retrieve and view deleted files

Practice: Install Firewalls

  • prevent threat materialization and follow proper forensic procedures

Framework Connections

The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):

Specialty Areas

  • All-Source Analysis
  • Cyber Defense Analysis
  • Cyber Defense Infrastructure Support
  • Cybersecurity Management
  • Exploitation Analysis
  • Systems Analysis
  • Systems Architecture
  • Vulnerability Assessment and Management