Course Description
This course focuses on the fundamentals and the application of threat intelligence to cybersecurity.
Learning Objectives
- Identify basic risk management processes
- Demonstrate the ability to recognize cyber threats and vulnerabilities
- Demonstrate the ability to apply incident response and handling methodologies
- Demonstrate an understanding of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy
- Understand Insider Threat investigations, reporting, investigative tools and laws/regulations
- Understand adversarial tactics, techniques, and procedures.
- Apply knowledge of current and emerging threats/threat vectors
- Understand risk/threat assessment.
- Understand cyber attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks).
- Understand intrusion detection and signature development
- Understand target or cyber threat actors and procedures
- Perform packet-level analysis using appropriate tools
- Apply incident handling methodologies.
- Perform a log review in identifying evidence of past intrusions.
- Utilize security event correlation tools.
- Identify cyber threats which may jeopardize organization and/or partner interests
- Respond and take local actions in response to threat sharing alerts from service providers.
Framework Connections
Specialty Areas
- Cyber Defense Analysis
- Cyber Operations
- Digital Forensics
- Exploitation Analysis
- Incident Response
- Legal Advice and Advocacy
- Targets
- Threat Analysis
Feedback
If you would like to provide feedback for this course, please e-mail the NICCS SO at NICCS@hq.dhs.gov.