fedvte training catalog - boots to...

Winter2017

1

WelcometotheFederalVirtualTrainingEnvironment(FedVTE)CourseCatalog!

FedVTEcoursesareonlineatfedvte.usalearning.gov.Forassistance,[email protected](202)558-2203ortoll-free(888)804-4510,Monday-Friday,8:30AMto6:00PMEastern,exceptholidays.

TheFedVTEcourseinformationincludes:• Coursedescription• Courselength• Proficiencylevel• WorkforceFrameworkcategory• WorkforceFrameworkspecialtyarea

AbouttheWorkforceFrameworkTheNationalCybersecurityWorkforceFramework(WorkforceFramework)providesablueprinttocategorize,organize,anddescribecybersecurityworkintoSpecialtyAreas,tasks,andknowledge,skills,andabilities(KSAs).TheWorkforceFrameworkprovidesacommonlexicontospeakaboutcybersecurityrolesandjobsandhelpsdefineprofessionalrequirementsincybersecurity.TheWorkforceFrameworkorganizescybersecurityprofessionalrolesintosevenhigh-levelCategories,eachcomprisedofseveralSpecialtyAreas.FedVTEcoursesaremappedtotheSpecialtyAreas(andcorrespondingCategories)oftheWorkforceFramework.Thisallowsacybersecurityprofessionaltoquicklyidentifythecoursesneededtoadvancewithinhisorhercareerortransferhisorherskillstoanothercybersecuritytrack.

2

Contents

AdvancedPCAPAnalysisandSignatureDev(APA)-1Hour...............................................................................4

AdvancedWindowsScripting-6Hours..............................................................................................................4

AnalysisPipeline-6Hours……………..……………....................................................................................................4

CDMModule1:Overview-2Hours…................................................................................................................4

CDMModule2:HardwareAssetManagement-1Hour.....................................................................................5

CDMModule3:SoftwareAssetManagement-1.5Hours.................................................................................5

CDMModule4:ConfigurationSettingsManagement-.5Hour..........................................................................6

CDMModule5:VulnerabilityManagement-.5Hour........................................................................................6

CertifiedEthicalHackerv8(CEHv8)-24Hours..................................................................................................6

CertifiedInformationSecurityManager2013Self-StudyCourse-11Hours.......................................................7

CiscoCCNETSelf-StudyPrep-13Hours.............................................................................................................7

CiscoCCNASecuritySelf-StudyPrep-15Hours.................................................................................................7

CloudComputingSecurity-1Hour……...............................................................................................................8

CMaaSOverview-.5Hour……………………...........................................................................................................8

CompTIAA+(220-801)CertificationPrep-12Hours........................................................................................8

CompTIAA+(220-802)CertificationPrep-11Hours........................................................................................9

CompTIAAdvancedSecurityPractitioner(CASP)-20Hours...............................................................................9

CompTIANetwork+(N10-005)CertificationPrep-17Hours..............................................................................9

CompTIASecurity+(SYO-401)CertificationPrep-19Hours...............................................................................9

CyberRiskManagementforManagers-6Hours.............................................................................................10

CyberRiskManagementforTechnicians-11Hours.........................................................................................10

CyberSecurityInvestigations-9Hours............................................................................................................10

CyberSecurityOverviewforManagers-6Hours.............................................................................................11

DBEvaluationsusingAppDetectiveProanddbProtect-1.5Hours...................................................................11

DemilitarizedZone(DMZ)withIDS/IPS-9Hours.............................................................................................11

DISAHBSSBriefsforNon-Administrators-2Hours..........................................................................................12

DISASIM(SecurityInformationManager)-3Hours.........................................................................................12

DISASymantecEndpointProtection-14Hours................................................................................................12

DoDIABootCamp-12Hours…………………….....................................................................................................13

DynamicTestingusingHPEWebInspect-1.5Hours.........................................................................................13

EmergingCyberSecurityThreats-12Hours.....................................................................................................14

FoundationsofIncidentManagement-10.5Hours.........................................................................................14

3

IntroductiontoInvestigationofDigitalAssets-4Hours..................................................................................14

IntroductiontoThreatHuntingTeams-1.5Hours...........................................................................................14

IntroductiontoWindowsScripting-4Hours...................................................................................................15

IPv6SecurityEssentials-5Hours……………………………………………………………………………………………………………..…...15

(ISC)2™CAP(R)CertificationPrep-11Hours...................................................................................................15

(ISC)2™CSSLP:CertificationPrep-20Hours....................................................................................................16

(ISC)2™CISSP®:ISSEPCertificationPrep-12Hours..........................................................................................16

(ISC)2™CISSP®:ISSAPCertificationPrep-15Hours.........................................................................................16

(ISC)2™CISSP®:ISSMPCertificationPrep(2014)-14Hours.............................................................................16

(ISC)2™CISSP®Prep2015-25Hours...............................................................................................................17

(ISC)2™SystemsSecurityCertifiedPractitioner-16Hours..............................................................................17

ISACACertifiedInformationSystemsAuditor(CISA)-20Hours........................................................................18

LANSecurityUsingSwitchFeatures-2Hours..................................................................................................18

LinuxOperatingSystemSecurity-9Hours.......................................................................................................18

MobileandDeviceSecurity-22Hours.............................................................................................................18

NetworkLayer1&2Troubleshooting-3Hours...............................................................................................19

NetworkMonitoringwithOpenSourceTools-5Hours...................................................................................19

OffensiveandDefensiveNetworkOperations-13Hours.................................................................................19

PenetrationTesting-14Hours……….….............................................................................................................20

RadioFrequencyIdentification(RFID)Security-1Hour...................................................................................20

RootCauseAnalysis-1Hour………………………………………………………………………………………………………………………..…20

SecuringInfrastructureDevices-1Hour..........................................................................................................20

SecuringtheNetworkPerimeter-1Hour........................................................................................................21

SecurityandDNS-1Hour………………................................................................................................................21

SILKTrafficAnalysis-7Hours…………................................................................................................................21

SoftwareAssuranceExecutiveCourse(SAE)-10Hours....................................................................................22

StaticCodeAnalysisusingHPEFortify-2Hours...............................................................................................22

StaticCodeAnalysisusingSynopsisCoverity-1.5Hours..................................................................................22

SupplyChainAssuranceusingSonatypeNexus-2.5Hours..............................................................................23

WindowsOperatingSystemSecurity-16Hours..............................................................................................23

WirelessNetworkSecurity(WNS)-9Hours.....................................................................................................23

4

AdvancedPCAPAnalysisandSignatureDev(APA) 1HourThiscoursetakesusersthroughanintroductiontorules,goesoverexamplesyntax,protocolsandexpressions.Itcontainsseveralsupportingvideodemonstrationsaswellaslabexerciseswritingandtestingbasicrules.

ProficiencyLevel:- Intermediate

FrameworkCategory:- ProtectandDefend- Analyze

SpecialtyAreas:- ComputerNetworkDefenseAnalysis- ExploitationAnalysis- IncidentResponse

AdvancedWindowsScripting 6HoursThiscoursefocusesonadvancedconceptsforwritingscriptsfortheMicrosoftWindowsoperatingsystem.ThecoursecovershowtostringmultiplecommandstogetherintraditionalBATCHscriptsaswellasleverageVisualBasicScripting(VBS)toperformmorecomplextasks,andincludesreinforcingvideodemonstrationsandfinalassessment.ProficiencyLevel- Basic

Framework- OperateandMaintain

SpecialtyAreas:- NetworkServices- SystemAdministration- SystemsSecurityAnalysis

AnalysisPipeline 6HoursThiscourseisdesignedfornetworkflowdataanalystswhouseorareconsideringusingAnalysisPipeline.Thecourseaimstohelpthestudentbetterunderstandhowtoincorporatestreamingnetworkflowanalysisintotheirtoolkitforidentifyingandalertingoneventsofinterest.ThefocuswillbeonapplyingAnalysisPipelinetooperationalusecases.ProficiencyLevel- Intermediate

Framework- ProtectandDefend

SpecialtyAreas:- NetworkDefenseAnalysis- ComputerNetworkDefense- InfrastructureSupport- VulnerabilityAssessmentandManagement

CDMModule1:Overview 2HoursThiscourseisdesignedformanagers,staffandotherstakeholderswhomaybeinvolvedinimplementationand/ordecisionmakingregardingContinuousDiagnosticsandMitigation(CDM).ThecourseaimstohelpthestudentbetterunderstandhowCDMcanhelpadepartmentoragency(D/A)bettermanageriskandprotectmissioncriticalassetsandtomoreeffectivelyevaluatetheircybersecurityposture.ThecourseprovidesahighleveloverviewoftheCDMprogram.TopicscoveredincludebasicCDMconcepts,howCDMrelatestoNIST800-53andotherNISTSPs,CDMConceptofOperations,theCDMEnvironment,andCDM’sPhasesandCapabilities.

5

ProficiencyLevel- Basic

Framework- SecurelyProvision- Oversightand

Development

SpecialtyAreas:- InformationAssuranceCompliance- InformationSystemsSecurityOperations

(InformationSystemsSecurityOfficer)- SecurityProgramManagement(Chief

InformationSecurityOfficer)

CDMModule2:HardwareAssetManagement 1HourThiscourseisdesignedformanagers,staffandotherstakeholderswhomaybeinvolvedinimplementationand/ordecisionmakingregardingContinuousDiagnosticsandMitigation(CDM).Thecourseaimstohelpthestudentbetterunderstandhowpeopleanddevicesworktogethertoprotectmissioncriticalassetsandtomoreeffectivelyevaluatetheircybersecurityposture.ThecoursebeginsbydefiningHardwareAssetManagement(HWAM)andwhyitiscriticaltotheimplementationofarobustcybersecurityprogram.ThetraininghighlightsthecriteriaformonitoringandmanaginghardwareassetsusingCDM.ItthentransitionsintoHWAMimplementationcriteriaanddiscussesthegenericCDMconceptofoperationsspecifictoHWAM.TopicscoveredincludeActualState,DesiredState,andDefects.ProficiencyLevel- Basic


Development




CDMModule3:SoftwareAssetManagement 1.5HoursThiscourseisdesignedformanagers,staffandotherstakeholderswhomaybeinvolvedinimplementationand/ordecisionmakingregardingCDM.Thecourseaimstohelpthestudentbetterunderstandhowpeopleandsoftwareworktogethertoprotectmissioncriticalassetsandtomoreeffectivelyevaluatetheircybersecurityposture.ThecoursebeginsbydefiningSoftwareAssetManagement(SWAM)andwhyitiscriticaltotheimplementationofarobustcybersecurityprogram.ItcoversnewrolesandresponsibilitieswhichtheD/Amustimplement.ItthentransitionsintoSWAMimplementationcriteria,anddiscussesthegenericCDMconceptofoperationsspecifictoSWAMActualState,DesiredState,andDefects.Itincludeshighleveldiscussionsofsoftwarelists(white,gray,black)andhowsoftwarecanbeidentifiedandtrackedinCDMthroughtheuseofCommonPlatformEnumeration(CPE)andSoftwareIdentification(SWID)tagsbysoftwarepackagedowntoexecutables.ProficiencyLevel- Basic

Framework- Securely

Provision- Oversightand

Development




6

CDMModule4:ConfigurationSettingsManagement .5HourThiscourseisdesignedformanagers,staffandotherstakeholderswhomaybeinvolvedinimplementationand/ordecisionmakingregardingCDM.ThecourseaimstohelpthestudentbetterunderstandCSM,provideorganizationvisibilityintorisksassociatedwithimproperornon-compliantsecurity-relatedconfigurationsettingsforauthorizedhardwareandsoftware.ThecoursebeginsbyoutliningtheCyberSecurityManagerposition(CSM)andhighlightingthetypesofattacksCSMcanhelpprevent.ItthentransitionsintoCSMmethodsandcriteria,whereitreviewsActualState,DesiredState,andDefectChecksspecifictothecapabilityarea.ItexplainshowCSMbuildsupontheothercapabilitiesandhowdefectchecksdifferatthelocalandfederallevels.ProficiencyLevel- Basic


Development



InformationSecurityOfficer)CDMModule5:VulnerabilityManagement .5HourThiscourseisdesignedformanagers,staffandotherstakeholderswhomaybeinvolvedinimplementationand/ordecisionmakingregardingCDM.Thecourseaimstohelpthestudentbetterunderstandhowvulnerabilitymanagement(VULN)identifiestheexistenceofvulnerablesoftwareproductsintheboundarytoallowanorganizationtomitigateandthwartcommonattacksthatexploitthosevulnerabilities.ThecoursebeginsbydefiningVULN,howitappliestothetargetenvironment,andhowafullyimplementedVULNcapabilityimpactsaDepartmentorAgency.ItthentransitionsintoVULNcriteriaandmethods,whereitreviewsActualState,DesiredState,andDefectChecksspecifictothecapabilityarea.ItexplainshowVULNbuildsupontheothercapabilitiesareas,thetypesofdefects,andhowthosedefectchecksdifferatthelocalandfederallevels.ProficiencyLevel- Basic


Development




CertifiedEthicalHackerv8(CEHv8) 24HoursTheCertifiedEthicalHacker(CEHv8)certificationprepcoursepreparesstudentstositfortheEC-CouncilCertifiedEthicalHackerversion8certificationexam.Thiscoursecontainsmaterialstoaidthestudentinbroadeningtheirknowledgeofadvancednetworkassessmenttechniquesincludingenumeration,scanningandreconnaissance.Updatestov8fromv7includeseveralnewtoolsandhowtousethemtoperformvarioustechniques.Topicsincludeactiveandpassivereconnaissance,hackinglaws,Googlehacking,socialengineering,packetcaptureandscanning.Thecoursethenmovesontoexploitationofseveraltypesandthreatsandhowtocoveryourtracks.

7

ProficiencyLevel- Advanced

Framework- ProtectandDefend- Operateand

Maintain

SpecialtyAreas:- ComputerNetworkDefenseAnalysis- SystemsSecurityAnalysis- VulnerabilityAssessmentandManagement

CertifiedInformationSecurityManager2013Self-StudyCourse 11HoursTheInformationSystemsAuditandControlAssociation(ISACA)CertifiedInformationSecurityManager(CISM)certificationprepcoursepreparesstudentstositforthemanagement-focusedCISMexamaswellasstrengthenstheirinformationsecuritymanagementexpertisethroughthein-depthcoursewareandreinforcingdemonstrations.Topicsincludeinformationsecuritygovernance,informationriskmanagementandcompliance,informationsecurityprogramdevelopmentandmanagement,andinformationsecurityincidentmanagement.

ProficiencyLevel- Intermediate

Framework- Oversightand

Development

SpecialtyAreas:- InformationSystemsSecurityOperations


InformationSecurityOfficer)- StrategicPlanningandPolicyDevelopment

CiscoCCNETSelf-StudyPrep 13HoursTheCiscoCCENTPrepcourseisaself-studyresourceforlearnerspreparingfortheCiscoCCENTcertification,oneoftheprerequisitesfortheCiscoCCNAcertification.Installing,operating,configuring,andverifyingabasicIPv4andIPv6networkwillbediscussed.Studentswillalsobeintroducedtoconfiguringalocalareanetwork(LAN)switch,configuringaninternetprotocol(IP)router,andidentifyingbasicsecuritythreats.Thecourseincludesseveralreinforcingvideodemonstrationsofconceptsdiscussed,aswellasaquiz.


Framework- OperateandMaintain- SecurelyProvision

SpecialtyAreas:- CustomerServiceandTechnicalSupport- NetworkServices- SystemsSecurityArchitecture

CiscoCCNASecuritySelf-StudyPrep 15HoursTheCiscoCCNASecuritySelf-StudyPrepcourseisaimedatthosewhoalreadyhaveexperiencewithroutersandbasiclevelnetworkingskills,andthosewhomaybeinterestedintakingtheCiscoCCNASecurityexam.ContentcoveredintheCCNASecurityPrepcourseincludeprotocolsniffers,analyzers,TCP/IP,desktoputilities,CiscoIOS,theCiscoVPN,aCiscosimulationprogramcalledPacketTracer,andsomeweb-basedresources.Studentswillgetatheoreticalunderstandingofnetworksecurity,knowledgeandskillsdesignedtoimplementit.Thisself-studyresourcecontainsseveralreinforcingvideodemonstrationsandfinalexam.

8



SpecialtyAreas:- CustomerServiceandTechnicalSupport- NetworkServices- SystemAdministration

CloudComputingSecurity 1HourThiscourseprovidesanin-depthlookatthestrengthsandweaknessesofcloudcomputingsecurityaswellastheconsiderationstotakeinchoosingthecloudasadatamanagementsolution.Technicalandoperationalrisksareexplained,alongwithstrategiestomitigatetheaforementionedrisks.Todemonstrateconceptslearned,thecoursecloseswithareal-worldexampleofhowagovernmentagency(DefenseInformationSystemsAgency)utilizescloudcomputingsolutions.ProficiencyLevel- Intermediate

Framework- ProtectandDefend- OperateandMaintain


CMaaSOverview .5HourThiscourseisdesignedformanagers,staffandotherstakeholderswhomaybeinvolvedinimplementationand/ordecisionmakingregardingCDM.ThecourseaimstohelpthestudentbetterunderstandhowContinuousMonitoringasaService(CMaaS)relatestotheCDMprogram.ProficiencyLevel- Basic


Development- ProtectandDefend

SpecialtyAreas:- InformationSystemsSecurityOperations- SecurityProgramManagement- ComputerNetworkDefenseAnalysis- ComputerNetworkDefenseInfrastructure

Support- IncidentResponse- VulnerabilityAssessmentandManagement

*CMaasOverviewCourseisavailabletoDHSemployees.CompTIAA+(220-801)CertificationPrep 12HoursTheA+220-801CertificationPrepSelf-StudyisanintroductorycoursepresentingdomainknowledgeandobjectivesforthefivedomainsfeaturedintheA+220-801portionoftheA+certificationexam.




9

CompTIAA+(220-802)CertificationPrep 11HoursTheA+220-802CertificationPrepSelf-Studycourseisforentry-levelITprofessionalswithatleast12monthsexperienceinthefield.KnowledgerequiredforA+candidatesincludeinstallation,configuration,andmaintenanceofdevices,PCs,andsoftwareforendusers.ThiscoursecontainsmaterialsforthefourA+802domainstoaidthecandidateinexampreparation.




CompTIAAdvancedSecurityPractitioner(CASP) 20HoursThiscertificationprepcoursehelpstopreparestudentstositfortheCompTIACASPCAS-001certificationexambycoveringtechnicalknowledgeandskillsrequiredindesigningandengineeringsecuresolutionsinenterpriseenvironments.Abroadspectrumofsecuritydisciplinesarediscussedtohelpwithcriticalthinkingwhenconsideringsecureenterprisesolutionsandmanagingrisk.




CompTIANetwork+(N10-005)CertificationPrep 17HoursCompTIA’sNetwork+certificationprepcoursewasdevelopedforthecurrentNetwork+examcodeN10-005.TopicscoveredontheNetwork+N10-005examaswellasinthisFedVTEprepcourseincludenetworktechnologies,installationandconfiguration,mediaandtopologies,managementandsecurity.Thiscertificationprepcourseincludesvideodemonstrations,apracticeexam,andhands-onlabs.



SpecialtyAreas:- ComputerNetworkDefenseInfrastructureSupport- CustomerServiceandTechnicalSupport- NetworkServices

CompTIASecurity+(SYO-401)CertificationPrep 19HoursThiscertificationprepcoursepreparesstudentstositfortheCompTIASecurity+(SY0-401)certificationexamaswellasteachesconceptsandtechniquesthatarevaluabletotheworkplace.Topicscoveredinthecourse,andcompetenciestestedontheexamincludenetworksecurity,complianceandoperationalsecurity,threatsandvulnerabilities,application,dataandhostsecurity,accesscontrolandidentitymanagement,andcryptography.Thiscertificationprepcourseincludesseveralreinforcingvideodemonstrationsaswellasapracticequiz.

10




CyberRiskManagementforManagers 6HoursCyberRiskManagementforManagerscoverskeyconcepts,issues,andconsiderationsformanagingriskfromamanager’sperspective.Discussionsincludeidentifyingcriticalassetsandoperations,aprimeroncyberthreatsandhowtodeterminethreatstoyourbusinessfunction,mitigationstrategies,andresponseandrecovery.



Development


(InformationSystemsSecurityOfficer)- LegalAdviceandAdvocacy- StrategicPlanningandPolicyDevelopment

CyberRiskManagementforTechnicians 11HoursThiscoursepresentstheconceptofmanagingcyberriskfromatechnicalperspective.Anoverviewofcyberriskmanagementopenstheclass,followedbyfoundationalmaterialonconductingariskassessmentofconsiderationssuchasthreats,vulnerabilities,impacts,andlikelihood.Varioustechnicalmethodsforconductingariskassessmentarepresented,toincludevulnerabilityassessmentsandpenetrationtests,withafocusoncontinuousmonitoringofsecuritycontrolsandhowtoassessthosesecuritycontrolsusingtheNationalInstituteofStandardsandTechnologySpecialPublication800-53and800-53aasaguide.



Development




CyberSecurityInvestigations 9HoursThiscoursediscussesthebasicconceptsofcybersecurityanddigitalforensicsinvestigationpractices.Topicsincludeperformingcollectionandtriageofdigitalevidenceinresponsetoanincident,evidencecollectionmethodologies,andforensicbestpractices.Thisisanintroductorycoursereviewingtheprocesses,methods,techniquesandtoolsinsupportofcybersecurityinvestigations.

11


Framework- CollectandOperate- Investigate- ProtectandDefend

SpecialtyAreas:- CyberOperations- DigitalForensics- IncidentResponse

CyberSecurityOverviewforManagers 6HoursCybersecurityOverviewforManagersisdesignedformanagersandotherstakeholderswhomaybeinvolvedindecisionmakingregardingtheircyberenvironmentbutdonothaveastrongtechnicalbackground.Discussionswillnotfocusonspecifictechnologiesorimplementationtechniques,butrathercybersecuritymethodologiesandtheframeworkforprovidingaresilientcyberpresence.Thecourseaimstohelpmanagersbetterunderstandhowpeopleanddevicesworktogethertoprotectmissioncriticalassetsandmoreeffectivelyevaluatetheircyberposture.



Development




DBEvaluationsusingAppDetectiveProanddbProtect 1.5HoursThiscourseintroducesstudentstobasicdatabasesecurityconceptsandmethodology.ThecoursedemonstrateshowtoolssuchasAppDetectivePROandDbProtectcanbeusedtoscandatabasesinordertouncoverconfigurationmistakes,identificationandaccesscontrolissues,missingpatches,oranytoxiccombinationofsettingswhichcouldleadtoescalation-of-privilegeordenial-of-serviceattacks,dataleakage,orunauthorizedmodificationofdata.


Framework- SecurelyProvision

SpecialtyAreas:- InformationAssuranceCompliance- SoftwareAssuranceandSecurityEngineering- SystemsDevelopment- TestandEvaluation

DemilitarizedZone(DMZ)withIDS/IPS 9HoursThiscourseintroducestheconceptofanetworkDemilitarizedZone(DMZ)andthesecuritybenefitsitcanprovide.BestpracticesfordesigningandimplementingaDMZisfollowedwithasectiononIDSandIPSsystemsthatincludesanin-depthlookatSNORTfornetworkmonitoring.Thecourseconcludeswithloganalysisandmanagementbestpractices.

12



SpecialtyAreas:- ComputerNetworkDefenseInfrastructure

Support- NetworkServices- SystemsSecurityAnalysis

DISAHBSSBriefsforNon-Administrators 2HoursThiscourseisintendedforindividualsthatdonothaveadministrativeresponsibilitiesoverHostBasedSecuritySystems(HBSS)butstillrequireknowledgeofthecapabilityanditspurpose.Thecourseismadeupofthreeindividualcomponents–ashortoverviewofthesystemforthoseinSeniorLeadershippositions,a35minuteoverviewforInformationAssuranceManagersandOfficers,anda20minutebriefforthosethatspecificallyneedtouseHBSSforComputerNetworkDefensecompliance.ProficiencyLevel- Intermediate


SpecialtyAreas:- SystemAdministration- CustomerServiceandTechnicalSupport- SystemsSecurityAnalysis- NetworkServices- ComputerNetworkDefenseAnalysis

*DISAcoursesareavailabletoDISAemployees.DISASIM(SecurityInformationManager) 3HoursThis3-hourcourseisintendedtoprovidestudentswithanoverviewofDISA’sSIMprogramanditsprimarytool–ArcSightESM.Itwilldescribehowtogainaccess,login,analyzeevents,createdashboardsandreports,andcreatecontent.Thecoursecontainsalabthatallowsstudentstointeractwiththesystemandaquizthatmustbepassedbeforethestudentcanobtainacompletioncertificate.ProficiencyLevel- Intermediate

Framework- CollectandOperate- ProtectandDefend

SpecialtyAreas:- CollectionOperations- CyberOperations- IncidentResponse

*DISAcoursesareavailabletoDISAemployees.DISASymantecEndpointProtection 14HoursThiscourseisintendedforindividualsestablishingandadministeringSymantecEndpointProtection12.1withintheirenvironment.Itwillpresentstudentswithinstructiononserverinstallation,clientinstallation,clientadministration,clientremoval,databaseadministration,threatconfigurations,threatidentification,threatresponses,andvariousothertopics.

13


Framework- ProtectandDefend

SpecialtyAreas:- ComputerNetworkDefenseAnalysis- ComputerNetworkDefenseInfrastructure

Support- IncidentResponse

*DISAcoursesareavailabletoDISAemployees.

DNSSECTrainingWorkshop 2HoursThiscoursecoversthebasicsofDNSSEC,howitintegratesintotheexistingglobalDNSandprovidesastep-by-stepprocesstodeployingDNSSEConexistingDNSzones.ProficiencyLevel- Advanced


Development

SpecialtyAreas:- SystemsSecurityArchitecture- NetworkServices- SystemAdministrator

DoDIABootCamp 12HoursTheDepartmentofDefenseInsuranceAssurance(DoDIA)BootCampisanin-depthstudyprogramdesignedsostudentsmaysuccessfullyperformtheirdutiesasIAprofessionals,toincludeInformationAssuranceManagers,InformationAssuranceOfficers,orSystemAdministratorswithIAduties.ThiscoursewillprovidethestudentwithDoDpolicyguidanceasrelatedtolaw,policy,technicalimplementationguidance,documentationrequirements,andreferencesnecessarytosupportasuccessfulDoDIAprogram.



Development

SpecialtyAreas:- InformationAssuranceCompliance- StrategicPlanningandPolicyDevelopment

DynamicTestingusingHPEWebInspect 1.5HoursThiscourseintroducesstudentstodynamictestingtoolsforwebapplicationsanddemonstrateshowtheycanbeusedtoidentify,evaluate,andmitigateawebapplication’spotentialsecurityvulnerabilities.ThefocusisonusingHPEWebInspect;inordertoperformandmanagedynamicsecurityvulnerabilitytestingandaddressresultsfrombothadeveloperandcybersecurityprofessionalperspective.



SpecialtyAreas:- InformationAssuranceCompliance- SoftwareAssuranceandSecurityEngineering- SystemsDevelopment- TestandEvaluation

14

EmergingCyberSecurityThreats 12HoursThiscoursecoversabroadrangeofcybersecurityelementsthatposethreatstoinformationsecurityposture.Thevariousthreatsarecoveredindetail,followedbymitigationstrategiesandbestpractices.Thiscoursewillcoverwhatpolicyis,theroleitplaysincybersecurity,howitisimplemented,andcybersecuritylaws,standards,andinitiatives.Topicsincludecybersecuritypolicy,knowingyourenemy,mobiledevicesecurity,cloudcomputingsecurity,RadioFrequencyIdentification(RFID)security,LANsecurityusingswitchfeatures,securingthenetworkperimeter,securinginfrastructuredevices,securityandDNSandIPv6security.Videodemonstrationsareincludedtoreinforceconcepts.ProficiencyLevel- Intermediate


Development- OperateandMaintain- ProtectandDefend

SpecialtyAreas:- StrategicPlanningandPolicyDevelopment- SystemAdministration- VulnerabilityAssessmentandManagement

FoundationsofIncidentManagement 10.5HoursThiscourseprovidesanintroductiontothebasicconceptsandfunctionsofincidentmanagement.Thecourseaddresseswhereincidentmanagementactivitiesfitintheinformationassuranceorinformationsecurityecosystemandcoversthekeystepsintheincidenthandlinglifecyclewithpracticestoenablearesilientincidentmanagementcapability.


Framework- Protectand

Defend

SpecialtyAreas:- ComputerNetworkDefenseInfrastructure

Support- IncidentResponse

IntroductiontoInvestigationofDigitalAssets 4HoursThiscourseisdesignedfortechnicalstaffwhoarenewtotheareaofDigitalMediaAnalysisandInvestigations.Itprovidesanoverviewofthedigitalinvestigationprocessandkeyactivitiesperformedthroughouttheprocessandvarioustoolsthatcanbeusedtoperformeachactivity.


Framework- Collectand

Operate- Investigate

SpecialtyAreas:- CollectionOperations- DigitalForensics- Investigation

IntroductiontoThreatHuntingTeams 1.5HoursThiscourseprovidesbasicdefinitions,activities,andexamplesofteamshuntingthreatsinthecyberdomain.Thecourseaddressesthedifferencesbetweenhuntingteamactivitiesandthoseofincidentmanagementteamsorpenetrationtestingteams.Thecontentcovershowhuntingteamsestablishgoals,methodsusedbythreathuntingteams,andsourcesavailabletohelpreadandinterpretthethreatlandscape.

15


Framework- Protectand

Defend- Analyze

SpecialtyAreas:- ComputerNetworkDefenseAnalysis- ThreatAnalysis

IntroductiontoWindowsScripting 4HoursThiscoursefocusesonwritingscriptsfortheMicrosoftWindowsoperatingsystem.Itcoversfundamentalsandsyntaxforautomatingadministrativeandsecuritymonitoringtasks.ThecoursewillpresentthebasicsofWindowsBATCHscriptingsyntaxandstructure,alongwithseveralWindowscommandlineutilitiestoharnessthepowerfulcapabilitiesbuiltintoWindows.


Framework- Operateand

Maintain


IPv6SecurityEssentials 5HoursThisInternetProtocolversion6(IPv6)SecurityEssentialscoursebeginswithaprimerofIPv6addressinganditscurrentdeploymentstate,discussesInternetControlManagerProtocolversion6(ICMPv6),DynamicHostConfigurationProtocolversion6(DHCPv6),andDomainNameSystemversion6(DNSv6),andconcludeswithIPv6TransitionMechanisms,securityconcernsandmanagementstrategies.Thiscourseincludesseveralreinforcingvideodemonstrations,aswellasafinalknowledgeassessment.



Maintain

SpecialtyAreas:- ComputerNetworkDefenseAnalysis- NetworkServices- SystemAdministration

(ISC)2™CAP(R)CertificationPrep 11HoursThiscertificationprepcourseisdesignedtohelppreparestudentsfortheInformationSecurityCertification(ISC)2CertifiedAuthorizationProfessional(CAP)certificationexamaswellasstrengthentheirknowledgeandskillsintheprocessofauthorizingandmaintaininginformationsystems.TopicsincludeunderstandingtheRiskManagementFramework(RMF),selection,implementation,andmonitoringofsecuritycontrolsaswellasthecategorizationofinformationsystems.Thecourseincludesapracticeexam.



Maintain


16

(ISC)2™CSSLP:CertificationPrep 20HoursThiscertificationprepcoursehelpspreparestudentstositforthe(ISC)2CSSLPcertificationexambycoveringapplicationsecurityconceptsandthesoftwaredevelopmentlifecycle(SDLC).Thiscourseisforindividualswithatleastfouryearsofexperienceinsecuresoftwareconcepts,softwarerequirements,softwaredesign,andsoftwareimplementation.



Development- OperateandMaintain

SpecialtyAreas:- SoftwareAssuranceandSecurity

Engineering- StrategicPlanningandPolicy

Development- SystemsSecurityAnalysis

(ISC)2™CISSP®:ISSEPCertificationPrep 12HoursTheInformationSystemsSecurityEngineeringProfessional(ISSEP)concentrationoftheCertifiedInformationSystemsSecurityProfessional(CISSP)certificationprepcoursepreparesstudentswithsystemssecurityengineeringexperiencetositforthe(ISC)2ISSEPcertificationexam.Thiscourseincludesa100-questionpracticeexamandwasdevelopedfollowingthefourdomainsoftheISSEP.


Framework- OversightandDefend- OperateandMaintain- SecurelyProvision

SpecialtyAreas:- StrategicPlanningandPolicy

Development- SystemAdministration- SystemsRequirementsPlanning

(ISC)2™CISSP®:ISSAPCertificationPrep 15HoursTheInformationSystemsSecurityArchitectureProfessional(ISSAP)concentrationoftheCISSPcertificationprepcoursepreparesstudentswithsecurityarchitectandanalystexperiencetositforthe(ISC)2ISSAPcertificationexam.ThiscourseincludesapracticeexamandreinforcingvideodemonstrationsformanyofthetopicsincludedinthesixdomainsoftheISSAP.


Framework- OperateandMaintain- SecurelyProvision

SpecialtyAreas:- SystemAdministration- SystemsRequirementsPlanning- SystemsSecurityArchitecture

(ISC)2™CISSP®:ISSMPCertificationPrep(2014) 14HoursTheInformationSystemsSecurityManagementProfessional(ISSMP)concentrationoftheCISSPcertificationprepcoursepreparesstudentswithmanagementexperiencetositforthe(ISC)2ISSMPcertificationexam.This

17

courseincludesa100-questionpracticeexamandincludesvideodemonstrationsreinforcingmanyofthetopicsincludedinthefivedomainsoftheISSMP.



Development

SpecialtyAreas:- InformationSystemsSecurity

Operations(InformationSystemsSecurityOfficer)

- SecurityProgramManagement(ChiefInformationSecurityOfficer)

- StrategicPlanningandPolicyDevelopment

(ISC)2™CISSP®Prep2015 25HoursThe(ISC)2CertifiedInformationSystemsSecurityProfessional(CISSP)certificationself-studyprepcourseisaresourceforindividualspreparingfortheCISSPcertificationexamorexpandingtheirknowledgeintheinformationsecurityfield.Thecoursereflectsthe2015publishedCISSPexamobjectivesandtheeightdomainsuponwhichtheexamisbased.Thiscoursealsoincludesdomainquizzes,reinforcingvideodemonstrations,aswellasafinalpracticeexam.



Development

SpecialtyAreas:- InformationAssuranceCompliance- InformationSystemsSecurity

Operations(InformationSystemsSecurityOfficer)

- SecurityProgramManagement(ChiefInformationSecurityOfficer)

(ISC)2™SystemsSecurityCertifiedPractitioner 16HoursTheSystemsSecurityCertifiedPractitioner(SSCP)certificationprepcourseisaself-studyresourceforthosepreparingtotakethe(ISC)2SSCPcertificationexamaswellasthoselookingtoincreasetheirunderstandingofinformationsecurityconceptsandtechniques.Thecertificationisdescribedasbeingidealforthoseworkingtowardpositionssuchasnetworksecurityengineers,securitysystemsanalysts,orsecurityadministrators.Thiscourse,completewitha100-questionpracticeexamandvideodemonstrations,wasdevelopedbasedonthesevenSSCPdomainspriortotheApril15,2015(ISC)2™domainupdate.Anew,updatedcourseiscurrentlyindevelopment.



SpecialtyAreas:- ComputerNetworkDefenseAnalysis- NetworkServices- SystemsSecurityAnalysis

18

ISACACertifiedInformationSystemsAuditor(CISA) 20Hours TheInformationSystemsAuditingprepcourseisaself-studyresourcedesignedtohelpstudentspreparetositfortheISACACertifiedInformationSystemsAuditor(CISA)exam.ProficiencyLevel- Intermediate


SpecialtyAreas:- ComputerNetworkDefenseAnalysis- SystemsSecurityAnalysis- VulnerabilityAssessmentand

Management

LANSecurityUsingSwitchFeatures 2HoursInthiscourse,studentslearndifferentmethodsofhowtosecureLocalAreaNetworks(LANs)attheconnectivitylevel.Topicsinclude:monitoringmediaaccesscontrol(MAC)addressesandportsecurity,limitingMAC&IPspoofing,controllingtrafficflows,implementingandenhancingsecurityinvirtuallocalareanetwork(VLANs),enablingauthenticationonconnectionpoints,anddetermininghostsecurityhealth.Examplesareusedthroughouttoreinforceconcepts.ProficiencyLevel- Intermediate

Framework- OperateandMaintain- ProtectandDefend

SpecialtyAreas:- SystemAdministration- SystemsSecurityAnalysis- VulnerabilityAssessmentand

Management

LinuxOperatingSystemSecurity 9HoursThiscourseintroducesstudentstothesecurityfeaturesandtoolsavailableinLinuxaswellastheconsiderations,advantages,anddisadvantagesofusingthosefeatures.TheclasswillbebasedonRedHatLinuxandisdesignedforITandsecuritymanagers,andsystemadministratorswhowanttoincreasetheirknowledgeonconfiguringandhardeningLinuxfromasecurityperspective.


Framework- Investigate- ProtectandDefend- OperateandMaintain

SpecialtyAreas:- DigitalForensics- IncidentResponse- SystemsSecurityAnalysis

MobileandDeviceSecurity 22HoursUpdatedin2015,theMobileandDeviceSecuritycourseintroducesstudentstomobiledevices,howtheyoperate,andtheirsecurityimplications.Thiscourseincludestopicssuchassignalingtypes,applicationstores,managingmobiledevices,andemergingtrendsandsecurityandprivacyconcernswithsocialmedia.

19


Framework- OperateandMaintain- Investigate- SecurelyProvision

SpecialtyAreas:- CustomerServiceandTechnical

Support- DigitalForensics- InformationAssuranceCompliance

NetworkLayer1&2Troubleshooting 3HoursThiscoursereviewstroubleshootingmethodsusedinLayer1andLayer2oftheOSIModel.Thecoursecovershowtodetect,trace,identify,andfixnetworkconnectivityissuesatthePhysicalandDataLinklayersoftheOSIstack.ThebasicsofthePhysicalandDataLinklayerswillbecoveredalongwithareviewofthedevices,signaling,andcablingwhichoperateattheselayers.Studentswillbepresentedwithmethodsfortracingconnectivityissuesbacktothesourceandidentifyingmitigationsolutions.




Support- NetworkServices- SystemAdministration

NetworkMonitoringwithOpenSourceTools 5HoursTheNetworkMonitoringwithOpenSourceToolscoursewasdesignedtogivethelearnerageneralawarenessofnetworksecurityandmonitoringconcepts.Discussionsanddemonstrationsfocusonnetworkthreats,andthecapabilitiesoftools.Aftercompletionofthecourse,studentsshouldbeabletodetectattacksusingnetworkmonitoringtools.



SpecialtyAreas:- ComputerNetworkDefenseAnalysis- IncidentResponse- SystemsSecurityAnalysis

OffensiveandDefensiveNetworkOperations 13HoursThiscoursefocusesonfundamentalconceptsforoffensiveanddefensivenetworkoperations.ItcovershowoffensiveanddefensivecyberoperationsareconductedanddetailsU.S.governmentdoctrinefornetworkoperations.Topicsincludenetworkattackplanning,methodologies,andtacticsandtechniquesusedtoplanfor,detect,anddefendagainstnetworkattacks.


Framework- ProtectandDefend- CollectandOperate

SpecialtyAreas:- ComputerNetworkDefenseAnalysis- CyberOperations

20

PenetrationTesting 14HoursThePenetrationTestingcoursediscussesconcepts,tools,andtechniquesforconductingapenetrationtest.Thecourselaysthegroundworkwithfamiliarethicalhackingconcepts,movesintopenetrationtestingmethods,anddeterminesthemosteffectivepenetrationtoolforthedesiredgoal.



SpecialtyAreas:- ComputerNetworkDefenseAnalysis- SystemsSecurityAnalysis- VulnerabilityAssessmentand

Management

RadioFrequencyIdentification(RFID)Security 1HourThiscoursewillcoversecuringradiofrequencyidentification(RFID).DifferentcomponentsofRFID,howitworks,applicationsinwhichitisbeingused,benefitsandweaknesses,andthecommunicationrangeoverwhichitworkswillbereviewed.StudentswilllearnspecificconcernswithRFID,recommendationsforRFID,andsecurityissuesthathavecometolight.ProficiencyLevel- Intermediate


SpecialtyAreas:- SystemsSecurityAnalysis- VulnerabilityAssessmentand

Management

RootCauseAnalysis 1HourThiscourseprovidesanexplanationofrootcauseanalysisforcybersecurityincidentsandanoverviewoftwodifferentrootcauseanalysismodels(andapproachesusedinthesemodels).Thecoursealsodescribeshowrootcauseanalysiscanbenefitotherincidentmanagementprocesses(response,prevention,anddetection),anddetailsgeneralrootcauseanalysistechniquesthatcanbeadoptedasmethodsforanalysisofcyberincidents.




Engineering

SecuringInfrastructureDevices 1HourThiscoursecoversphysicalsecurity,operatingsystemsecurity,managementtrafficsecurity,deviceservicehardening,securingmanagementservicesanddeviceaccessprivileges.

21


Framework- ProtectandDefend- OperateandMaintain- SecurelyProvision

SpecialtyAreas:- ComputerNetworkDefense

InfrastructureSupport- NetworkServices- SystemsSecurityArchitecture

SecuringtheNetworkPerimeter 1HourThiscoursecoversedgesecuritytrafficdesign,blockingdenialofservice/distributeddenialofservice(DoS/DDoS)traffic,specializedaccesscontrollists,routersandfirewalls,securingroutingprotocols,securingtrafficprioritizationandsecuringagainstsinglepointoffailure(SPOF).ProficiencyLevel- Intermediate


SpecialtyAreas:- ComputerNetworkDefenseAnalysis- IncidentResponse- NetworkServices

SecurityandDNS 1HourThiscoursediscussesnameresolutionprinciples,nameresolutionandsecurity,DNSsecuritystandards,securingzonetransferswithtransactionsignature(TSIG),andDNSSecurityExtension(DNSSEC)principles,implementationandresources.ProficiencyLevel- Advanced


SpecialtyAreas:- NetworkServices- SystemAdministration

SILKTrafficAnalysis 7HoursThiscourseisdesignedforanalystsinvolvedindailyresponsetopotentialcybersecurityincidents,andwhohaveaccesstotheEinsteinenvironment.ThecoursebeginswithanoverviewofnetworkflowandhowtheSiLKtoolscollectandstoredata.ThenextsessionfocusesspecificallyontheEinsteinenvironment.ThebasicSiLKtoolsarecoverednext,givingtheanalysttheabilitytocreatesimpleanalysesofnetworkflow.AdvancedSiLKtoolsfollow,andcoverhowtocreateefficientandcomplexqueries.Thecourseculminateswithalabwherestudentsusetheirnewskillstoprofileanetwork.


Framework- ProtectandDefend- Analyze

SpecialtyAreas:- ComputerNetworkDefenseAnalysis- ExploitationAnalysis- VulnerabilityAssessmentandManagement

22

SoftwareAssuranceExecutiveCourse(SAE) 10HoursThiscourseisdesignedforexecutivesandmanagerswhowishtolearnmoreaboutsoftwareassuranceasitrelatestoacquisitionanddevelopment.Thepurposeofthiscourseistoexposeparticipantstoconceptsandresourcesavailablenowfortheirusetoaddresssoftwaresecurityassuranceacrosstheacquisitionanddevelopmentlifecycles.




Engineering- SystemsRequirementsPlanning- TechnologyResearchand

Development

StaticCodeAnalysisusingHPEFortify 2HoursThiscourseintroducesstudentstotheideaofintegratingstaticcodeanalysistoolsintothesoftwaredevelopmentprocessfrombothadeveloper’sandasecurityprofessional’sperspective.ThecoursedemonstrateshowHPEFortifyisusedtoidentifyandremoveCommonWeaknessEnumeration(CWE)fromapplicationsinwhichthesourcecodeisavailable.



SpecialtyAreas:- InformationAssuranceCompliance- SoftwareAssuranceandSecurity

Engineering- SystemsDevelopment

StaticCodeAnalysisusingSynopsisCoverity 1.5HoursThiscourseintroducesstudentstotheideaofintegratingstaticcodeanalysistoolsintothesoftwaredevelopmentprocess.ThefocusisonhowdeveloperscanusetoolssuchasCoveritytoidentifyandremoveCommonWeaknessEnumeration(CWE)fromapplicationsinwhichthesourcecodeisavailable,priortodeployment.




Engineering- SystemsDevelopment- TestandEvaluation

23

SupplyChainAssuranceusingSonatypeNexus 2.5HoursThiscourseintroducesstudentstotheideaofintegratingstaticcodeanalysistoolsintothesoftwaredevelopmentprocessfromboth,adeveloper’sandasecurityprofessional’sperspective.ThecoursedemonstrateshowtoolssuchasSonatypeNexuscanbeusedtoevaluatethesoftwaresupplychaininordertoidentifyandremovecomponentswithknownCommonVulnerabilitiesandExposures(CVE)fromapplicationsinwhichthesourcecodeisavailable.




Engineering- SystemsDevelopment- SystemsRequirementsPlanning- SystemsSecurityArchitecture- TechnologyResearchand

Development- TestandEvaluation

WindowsOperatingSystemSecurity 16HoursThiscourseintroducesstudentstothesecurityaspectsofMicrosoftWindows.TheclassbeginswithanoverviewoftheMicrosoftWindowssecuritymodelandsomekeycomponentssuchasprocesses,drivers,theWindowsregistry,andWindowskernel.AnoverviewoftheusersandgrouppermissionstructureusedinWindowsispresentedalongwithasurveyoftheattackscommonlyseeninWindowsenvironments.Patching,networking,andthebuilt-insecurityfeaturesofWindowssuchasthefirewall,anti-malware,andBitLockerareallcoveredinlightdetail.



SpecialtyAreas:- SystemAdministration- SystemsSecurityAnalysis- VulnerabilityAssessmentand

Management

WirelessNetworkSecurity(WNS) 9HoursThepurposeoftheWi-FiCommunicationsandSecuritycourseistoteachthetechnologiesofthe802.11familyofwirelessnetworking,includingtheprinciplesofnetworkconnectivityandnetworksecurity.Thecourseisdesignedtoprovidearelevant,high-leveloverviewofmanyelementsthatarecriticalcomponentsinWi-Finetworkingandsecurity.

24




Support- NetworkServices- SystemAdministration

fedvte training catalog - boots to...

Documents