Cyber Defense Ops and Response

This course provides students with practical experience on computer incident handling, diagnostic reporting, incident response, and cyber defense operations. Students will gain experience in forming effective, cohesive and efficient cyber defense teams. Students will be grouped into teams to configure and secure various types of information systems (e.g., Redhat, Debian, Windows, etc.) that provide on-demand services (such as ftp, http, firewall, etc.) within an organizational setting. In particular, students will follow principles of computer incident handling, reporting and response exercises, as well as operational exercises as part of tabletop incident discussions. Industry-based technical and system-based exercises (e.g., Palo Alto Networks, Redhat etc.) will be simulated in a cloud-based lab environment. The course instructional design is semi-structured but highly interactive. Students are required to work with one another in teams to solve operational and technical problems. Students will also have a chance to participate in on-campus, regional and national Collegiate Cyber Defense Competition (CCDC), with an opportunity to advance their critical thinking and troubleshooting skills in a virtual “sandbox,” for solving current cyber threat issues. Students in graduate programs will be expected to have leadership, management and technical problem-solving skills, and be able to articulate the research problems of cyber defense operations and incidents response with theoretical and methodological approaches.

Course Overview

Overall Proficiency Level

3 - Advanced

Course Prerequisites

LIS4774 Intro to Information Security

Training Purpose

Functional Development

Specific Audience

All

Delivery Method

Classroom

Online, Instructor-Led

Course Location

600 W College Avenue
Tallahassee, FL 32306

Course Location Map

Your Location
Providers
Courses
Course and Provider Quantity

National CAE Designated Institution

Classroom
Online, Instructor-Led

Learning Objectives

Determine why and how to organize an incident response (IR) team.
Articulate key strategies for making the case to senior management.
Assemble and develop the IR team in organizational hierarchy for maximum effectiveness.
Review best practices for managing attack situations with your IR team.
Construct and develop relationships with other teams, organizations, and law enforcement to improve incident response effectiveness.
Plan how to form, organize and operate as a cyber defense team to deal with system vulnerabilities and assess their severity.
Recognize the differences between vulnerabilities and exploits of various information systems and devices.
Employ techniques on how to coordinate all the entitles involved in incident handling.
Administer and implement the steps for handling system vulnerability.
Adapt strategies and best practices for notifying stakeholders about vulnerabilities and ensuring deployable fixes.

Framework Connections

The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):

Competency Areas

Work Roles

Feedback

If you would like to provide feedback on this course, please e-mail the NICCS team at NICCS@mail.cisa.dhs.gov. Please keep in mind that NICCS does not own this course or accept payment for course entry. If you have questions related to the details of this course, such as cost, prerequisites, how to register, etc., please contact the course training provider directly. You can find course training provider contact information by following the link that says “Visit course page for more information...” on this page.

Last Published Date: August 12, 2024