ETI Program Overview

How we support the Department of Defense?

The Cyberspace Workforce Management mandate aims to unite the overall cyberspace workforce and set up definite workforce parts like cyberspace impacts, cybersecurity, and cyberspace data innovation-to adjust, oversee and normalize cyberspace work jobs, benchmark capabilities, and preparing prerequisites. The Department of Defense outlined the cybersecurity certification requirements for specific job categories. Most DoD-related organizations are required to comply. All said, we better prepare our students to support the cyber front line!

IAT Level I
IAT Level II
IAT Level III
A+
Network+
Security+

A+

Course Description

The course contains today’s core technologies from security to cloud to data management and more which are industry standard for launching IT careers into today’s digital world.

Sept. 12, 2020

Program Requirements

DeliveryOnline
Length2-4 weeks
VA ApprovedGI Bill & VET-TEC
CertificationA +

Objectives

  • Demonstrate baseline security skills for IT support professional.
  • Configure device operating systems, including Windows, Mac, Linux, Chrome OS, Android and iOS and administer client-based as well as cloud-based (SaaS) software ·
  • Troubleshoot and problem solve core service and support challenges while applying best practices for documentation, change management, and scripting.
  • Support basic IT infrastructure and networking · Configure and support PC, mobile and IoT device hardware ·
  • Implement basic data backup and recovery methods and apply data storage and management best practices

Prerequisite

No prerequisites are necessary, but basic knowledge of computer hardware and operating systems is recommended.

Course Content

Computer Fundamentals: Mobile Devices

  1. Laptop Hardware and Components
  2. Laptop Display Components
  3. Laptop Features
  4. Types of Other Mobile Devices
  5. Accessories and Ports
  6. Network Connectivity and Application Support
  7. Device Synchronization

Computer Fundamentals: Networking A. What Is Networking?

  1. What Is Networking?
  2. Networking Hardware, Services, and Configuration Concepts
  3. Wireless and Internet Connection Types and Their Features
  4. IoT Devices and the Smart Home
  5. Install and Configure a Basic Home and Small Business Network

Computer Fundamentals: Hardware

  1. PC Hardware and Use Cases
  2. Cables and Connectors
  3. Internal Hardware Components
  4. PC Storage
  5. Printer and Multi-function Devices

Computer Fundamentals: Virtualization and Cloud Computing

  1. Examining the Case for Virtualization and Cloud Computing
  2. Virtualization in the Real World
  3. Cloud Computing in the Real World

cbfb

xcf

Network+

Course Description

These courses will help you prepare for exam as they aim to provide a solid understanding of networking concepts, operations, and procedures.

Sept. 12, 2020

Program Requirements

DeliveryOnline
Length2-4 weeks
VA ApprovedGI Bill & VET-TEC
CertificationNetwork +

Objectives

  • Use the OSI model to determine the order protocols interact with each other
  • Examine network configuration on your workstation and clearly understand the different components
  • Identify the most important networking hardware and its purpose in the data network
  • Know the different types of 802.11 wireless networks and where they are used
  • Differentiate cabling types and how fiber optics are categorized for data network use
  • Use the secure mechanism engineers employ to access network hardware
  • Read network documentation
  • Utilize appropriate tools to monitor the state of network devices
  • Maintain a safe environment for networks
  • Troubleshoot and track down network problems

Prerequisite

No prior experience is required, but concepts discussed throughout A+ is an advantage.

Course Content

Networking Concepts and Protocols

  1. Introduction to Networking
  2. The OSI Model
  3. Protocols and Port Numbers
  4. TCP and UDP
  5. Introduction to Binary and Hexadecimal
  6. Introduction to IP Addressing
  7. Subnetting Networks
  8. Introduction to IPv6
  9. Ethernet and Switching
  10. Switching Features
  11. Network Services

Introduction to Enterprise Network Infrastructure

  1. Wireless Technologies
  2. Physical Layer Technologies
  3. WAN Technologies
  4. Network Devices and Appliances
  5. Introduction to Virtualized Hardware
  6. Cloud Services

Network Management and Operations

  1. Network Documentation
  2. Disaster Recover and Business Continuity
  3. Network Monitoring
  4. Remote Network Management
  5. Policies and Best Practices

Network Security Basics

  1. Physical Security Devices
  2. Authentication and Access Controls
  3. Wireless Network Security

Security+

Course Description

This course covers topics on threats, attacks, and vulnerabilities for Security+. It also includes the ins and outs of Malware, ransom-ware, viruses, Trojans, rootkits, social engineering attacks, application vulnerabilities, and DDoS attacks. In addition, students will learn the characteristics of the various types of threat actors, the skills they have and the tools they use to defend the cyberspace. Finally, they will acquire knowledge and skills about penetration testing and vulnerability scanning and how they are used to help tighten security and mitigate potential breaches. 

By the end of this ____ week-long course, students will have a solid understanding of the various threats and and likely the tools to be used to mitigate these threats.

Sept. 12, 2020

Program Requirements

DeliveryOnline
Length2-4 weeks
VA ApprovedGI Bill & VET-TEC
CertificationSecurity +

Objectives

  • Detect various types of compromise and have an understanding of penetration testing and vulnerability scanning concepts 
  • Install, configure, and deploy network components while assessing and troubleshooting issues to support organizational security 
  • Implement secure network architecture concepts and systems design 
  • Install and configure identity and access services, as well as management controls 
  • Implement and summarize risk management best practices and the business impact 
  • Install and configure wireless security settings and implement public key infrastructure

Prerequisite

Students must have obtained the Network+ credential and have at least two years of IT administration experience with a security focus. 

Course Content

Threats, Attacks, and Vulnerabilities

  1. Analyzing Indicators of Compromise & Determining Malware Types 
  2. Comparing & Contrasting Attacks Types 
  3. Exploring Threat Actor Types and Attributes 
  4. Defining the Penetration Testing Process 
  5. Defining the Vulnerability Scanning Process 
  6. Impacts Associated with Types of Vulnerabilities

Technologies and Tools

  1. Installing and Configuring Network Components 
  2. Assessing the Security Posture of an Organization 
  3. Troubleshooting Common Security Issues 
  4. Analyzing and Interpreting Output from Security Technologies 
  5. Deploying Mobile Devices Securely 
  6. Implementing Secure Protocols

Architecture and Design

  1. Frameworks, Best Practices, and Secure Configuration Guides 
  2. Implementing Secure Network Architecture 
  3. Implementing Secure Systems Design 
  4. Secure Staging Deployment 
  5. Security Implications of Embedded Systems 
  6. Secure Application Development and Deployment 
  7. Cloud and Virtualization 
  8. Reducing Risk with Resiliency and Automation Strategies 
  9. Physical Security Controls

Identity and Access Management

  1. Comparing and Contrasting Identity and Access Management Concepts 
  2. Installing and Configuring Identity and Access Services 
  3. Implementing Identity and Access Management Controls 
  4. Differentiating Common Account Management Practices

Risk Management

  1. Understanding Organizational Policies, Plans, and Procedures 
  2. Business Impact Analysis Concepts 
  3. Understanding Risk Management Processes and Concepts 
  4. Following Incident Response Procedures
  5. Reviewing the Fundamentals of Digital Forensics 
  6. Defining Disaster Recovery and Continuity of Operation 
  7. Comparing and Contrasting Various Types of Controls 
  8. Performing Data Security and Privacy Practices

Cryptography and PKI

  1. Comparing and Contrasting Basic Cryptography Concepts 
  2. Deciphering Cryptographic Algorithms 
  3. Installing and Configuring Wireless Security Settings 
  4. Implementing Public Key Infrastructure
CCNA Security
CySA+
GICSP
GSEC
Security+CE
SSCP
CND

CCNA Security

Course Description

CCNA Security equips students with the knowledge and skills needed to prepare for entry-level security specialist careers. This course is a hands-on, career-oriented e-learning solution that emphasizes practical experience.

Various types of hands-on labs provide practical experience, including procedural and troubleshooting labs, skills integration challenges, and model building.

Sept. 12, 2020

Program Requirements

DeliveryOnline
Length2-4 weeks
VA ApprovedGI Bill & VET-TEC
CertificationCCNA Security

Objectives

  • Describe the security threats facing modern network infrastructure · Secure network device access
  • Implement AAA on network devices
  • Mitigate threats to networks using ACLs
  • Implement secure network management and reporting
  • Mitigate common Layer 2 attacks
  • Implement the Cisco IOS firewall feature set
  • Implement an ASA
  • Implement the Cisco IOS IPS feature set
  • Implement site-to-site IPSec VPNs
  • Administer effective security policies

Prerequisite

Skills and knowledge equivalent to those learned in Interconnecting Cisco Networking Devices Part 1 (ICND1), working knowledge of the Windows operating system and working knowledge of Cisco IOS networking and concepts

Course Content

Introduction to Network Security Principles

1.    Network Security Fundamentals
2.    Attack Methodologies
3.    Operations Security
4.    Cisco Self-Defending Networks

Perimeter Security

1.   Administrative Access to Cisco Routers
2.   Cisco SDM
3.   AAA on a Cisco Router Using the Local Database and on Secure ACS
4.   Secure Management/Reporting
5.   Locking Down the Router

Computer Fundamentals: Hardware

  1. PC Hardware and Use Cases
  2. Cables and Connectors
  3. Internal Hardware Components
  4. PC Storage
  5. Printer and Multi-function Devices

Network Security Using Cisco IOS Firewalls

1.   Firewall Technologies
2.   Static Packet Filters Using ACLs3.   Cisco IOS Zone-Based Policy Firewall

Site-to-Site VPNs

1.   Cryptographic Services
2.   Symmetric Encryption
3.   Examining Cryptographic Hashes and Digital Signatures
4.   Asymmetric Encryption and PKI
5.   IPsec Fundamentals
6.   Site-to-Site IPsec VPN7.   IPsec on a Site-to-Site VPN Using Cisco SDM

Network Security Using Cisco IOS IPS

1.   IPS Technologies, Cisco IOS IPS Using Cisco SDM

Network Security Using Cisco IOS IPSLAN, SAN, Voice, and Endpoint Security Overview

1.   Endpoint Security
2.   SAN Security
3.   Voice Security4.   Layer 2 Attacks

cbfb

xcf

Cyber Security Analyst (CySA+)

Course Description

This certification covers the skills and knowledge that are associated with Firewall Technology, Critical examination of Cybersecurity based analytics (for example, reviewing log files from servers), the ability to conduct various kinds of data analysis to positively confirm any security weaknesses, threats, or vulnerabilities that are posed to a business or a corporation, the ability to configure and deploy various kinds of network-based, threat detection tools, and the know-how in securing software-based applications in the entity.

This course will help prepare students for the CySA+ Certification examination.

Sept. 12, 2020

Program Requirements

DeliveryOnline
Length2-4 weeks
VA ApprovedGI Bill & VET-TEC
CertificationCySA+

Objectives

  • Apply environmental reconnaissance techniques using appropriate tools and processes
  • Analyze the results of a network reconnaissance
  • Implement or recommend appropriate response and countermeasures
  • Explain the purpose of practices used to secure a corporate environment
  • Implement information security vulnerability management processes
  • Analyze the output resulting from a vulnerability scan
  • Compare and contrast common vulnerabilities found within an organization
  • Analyze threat data or behavior to determine the impact of an incident
  • Prepare a toolkit and use appropriate forensics tools during an investigation
  • Explain the importance of communication during the incident response process
  • Analyze common symptoms to select the best course of action to support incident response
  • Summarize the incident recovery and post-incident response processes
  • Explain the relationship between frameworks, common policies, controls, and procedures
  • Use data to recommend remediation of security issues related to identity and access management
  • Review security architecture and make recommendations to implement compensating controls
  • Use application security best practices while participating in the software development life cycle
  • Compare and contrast the general purpose and reasons for using various security tools and technologies

Prerequisite

It is recommended that CySA+ candidates must have a minimum of 3-4 years of hands-on information/cybersecurity or related experience.

Course Content

Enterprise Security: Policies, Practices, and Procedures

1. Security Data Analytics: What’s Going On?

2. Defense in Depth: This Is Where It Begins

3. Defense in Depth: What Tools Can You Use?

4. Defense in Depth: Drill, Test, Rinse, Repeat5. The Fundamentals of Frameworks, Policies, Controls, & Procedures

Computer Fundamentals: Networking A. What Is Networking?

  1. What Is Networking?
  2. Networking Hardware, Services, and Configuration Concepts
  3. Wireless and Internet Connection Types and Their Features
  4. IoT Devices and the Smart Home
  5. Install and Configure a Basic Home and Small Business Network

The Issues of Identity and Access Management (IAM)

1. It’s All About Control
2. Managing Your Secret Identity
3. Other Authentication Methods
4. Identity Repositories
5. Building the Lab
6. Looking at the Exploits

Secure Software Development

1. What’s the Software Development Life Cycle (SDLC)?
2. Software Development Phases
3. Software Development Models
4. Software Vulnerabilities
5. Coding Best Practices
6. Code Reviews
7. Security Testing in Action

Performing and Analyzing Network Reconnaissance

1. The Two Steps
2. Initially, What Do You Look For?
3. The More You Look, the More You Find
4. Other Reconnaissance Techniques
5. Reconnaissance via Google Hacking
6. Let’s Not Forget PowerShell
7. Overview of Scanning
8. Understanding the 3-way Handshake
9. Checking for ‘Live’ Systems and Their Open Ports
10.  Types of Scanning
11.  Banner Grabbing and OS Fingerprinting
12.  More Tools for the Utility-belt
13.  Threats from Wireless

Implementing and Performing Vulnerability Management

1. What Do You Need to Start?
2. Shaping and Implementing Your Vulnerability Scans
3. The Scanners
4. Analyzing Vulnerability Scans
5. Remediation and Change Control
6. Remediating Host Vulnerabilities
7. Remediating Network Vulnerabilities
8. Remediating Virtual Environments Vulnerabilities

cbfb

xcf

GICSP

Course Description

GICSP (Global Industrial Cyber Security Professional) is the newest certification in the GIAC family and focuses on the essential knowledge of securing critical infrastructure assets. GICSP is the only certification in the world that focuses on the cybersecurity aspects of Industrial Control Systems (ICS). GICSP is a certification for engineers, ICS security professionals, and ICS technology specialists.

The course provides the opportunity to learn and discuss the newest and most challenging cybersecurity risks to control systems and the most effective defenses. The training is designed in such a way that you will leave with newly gained knowledge, tools, and techniques you can put to work immediately in your daily practice.

Sept. 12, 2020

Program Requirements

DeliveryOnline
Length2-4 weeks
VA ApprovedGI Bill & VET-TEC
CertificationGICSP

Objectives

  • Acquire knowledge about standards and regulations for Industrial Control Systems (ICS)
  • Understand the threats to the security of process control systems
  • Understand the technologies used to carry out security audits
  • Understand the industrial control system components, purposes, deployments, significant drivers and constraints
  • Experience hands-on lab learning experiences to control system attack surfaces, methods, and tools
  • Demonstrate an understanding of control system approaches to system and network defense architectures and techniques
  • Gain knowledge of how to harden an Industrial Control System (ICS) using end-point protection, securing memorable data or updating systems
  • Develop incident-response skills in control system environments
  • Understand governance models and resources for Industrial Cyber Security Professionals.

Prerequisite

To be successful in completing this course, a good understanding of basic computer networking and security principles, networking protocols, and a CompTIA Network+ certification is recommended.

Course Content

ICS Overview

1.   Global Industrial Cybersecurity Professional (GICSP) Overview
2.   Overview of ICS
3.   Purdue Levels 0 and 1C
4.   Purdue Levels 2 and 35.   DCS and SCADA

IT & ICS Differences

1.   ICS Life Cycle Challenges
2.   Physical and Cyber Security
3.   Secure ICS Network Architectures

Field Devices and Controllers

1.   ICS Attack Surface
2.   Purdue Level 0 and 1
3.   Ethernet and TCP/IP

Supervisory Systems

1.   Enforcement Zone Devices
2.   Understanding Basic Cryptography
3.   Wireless Technologies
4.   Wireless Attacks and Defenses
5.   Purdue Level 2 and 3 Attacks

Workstations and Servers

1.   Patching ICS Systems
2.   Defending Unix and Linux
3.   Endpoint Security Software
4.   Event Logging and Analysis
5.   Remote Access Attacks

ICS Security Governance

1.   Defending Unix and Linux
2.   Endpoint Protection and SIEMS
3.   Building an ICS Cyber Security Program
4.   Creating ICS Cyber Security Policy
5.   Measuring Cyber Security Risk
6.   Incident Response

cbfb

xcf

GSEC

Course Description

This course is the most effective step to prevent attacks and detect adversaries with actionable techniques that can be used as soon as you get back to work. Students will learn tips and tricks designed to help them win the battle against the wide range of cyber adversaries.

GIAC Security Essentials (GSEC) is one of the top certifications on the market for professionals who want to prove their IT skills on security-related tasks.

Sept. 12, 2020

Program Requirements

DeliveryOnline
Length2-4 weeks
VA ApprovedGI Bill & VET-TEC
CertificationGSEC

Objectives

  • Develop effective security metrics that provide a focused playbook that the IT department can implement, auditors can validate, and executives can understand
  • Analyze the risk to your environment to drive the creation of a security roadmap that focuses on the right areas of security.
  • Understand practical tips and tricks that focus on addressing high-priority security problems within your organization and doing the right things that lead to security solutions that work.
  • Learn why some organizations win and why some lose when it comes to security and, most importantly, how to be on the winning side.
  • Understand the core areas of security and how to create a security program that is built on a foundation of Detection, Response, and Prevention

Prerequisite

GSE prerequisite baseline is GSEC, GCIH, GCIA with two Gold certifications. The GSEC prerequisite is unique because of dual Windows and Unix coverage.

Course Content

Network Security Essentials

1.   Introduction
2.   Defensible Network Architecture
3.   Protocols and Packet Analysis
4.   Network Device Security
5.   Virtualization and Cloud
6.   Securing Wireless Networks

Defense-in-Depth

1.    Defense-in-Depth Overview   
2.    Identity and Access Management
3.    Authentication and Password Security
4.    CIS Controls
5. Data Loss Prevention      
6.    Security Plans and Risk Management

Vulnerability Management and Response

1.     Vulnerability Assessment  
2.     Penetration Testing
3.     Attacks and Malicious Software
4.    Web Application Security
5.    Security Operations and Log Management
6.    Digital Forensics and Incident Response

Data Security Technologies

1.    Cryptography
2.    Cryptography Algorithms and Deployment
3.    Applying Cryptography
4.    Network Security Device
5.    Endpoint Security

Windows Security

1.    Windows Security Infrastructure
2.    Windows as a Service
3.    Windows Access Controls
4.    Enforcing Security Policy
5.    Network Services and Cloud Computing
6.    Automation, Auditing, and Forensics

Linux, Mac, and Smartphone Security

1.    Linux Fundamentals: Structure, Permissions, and Access Control
2.    Linux Security Enhancements and Infrastructure
3.    Containerized Security
4.    macOS Security
5.    Mobile Device Security

cbfb

xcf

Security+ CE

Course Description

This course covers Domain 1 of the Security+ certification exam. In this course, Threats, Attacks, and Vulnerabilities for Security+, you’ll learn about the various types of threats and attacks every company faces. First, the ins and outs of Malware, ransomware, viruses, Trojans, rootkits, social engineering attacks, application vulnerabilities, and DDoS attacks will be discussed.

Next is the characteristics of the various types of threat actors, the skills they have, and the tools they use. Finally, the penetration testing and vulnerability scanning and how they’re used to help tighten security and mitigate potential breaches will follow.

By the end of this course, you’ll have a solid understanding of the various threats you’re likely to face and what tools are available to mitigate these threats.

Sept. 12, 2020

Program Requirements

DeliveryOnline
Length2-4 weeks
VA ApprovedGI Bill & VET-TEC
CertificationSecurity+ CE

Objectives

  • Assess the current security landscape, including the nature of the threat, the general status of common vulnerabilities, and the likely consequences of security failures
  • Critique and assess the strengths and weaknesses of general cybersecurity models, including the CIA triad
  • Appraise the interrelationships among elements that comprise a modern security system, including hardware, software, policies, and people
  • Assess how all domains of security interact to achieve effective system-wide security at the enterprise level.
  • Compare the interrelationships among security roles and responsibilities in a modern information-driven enterprise—to include interrelationships across security domains (IT, physical, classification, personnel, and so on)
  • Assess the role of strategy and policy in determining the success of information security
  • Estimate the possible consequences of misaligning enterprise strategy, security policy, and security plans
  • Design a notional information security plan that incorporates relevant principles of the lifecycle management
  • Evaluate the principles of risk and conduct a notional risk management exercise
  • Assess the role of good metrics and key performance indicators (KPIs) in security assessment and governance
  • Create a good set of information security metrics
  • Critique the current legal and regulatory environment as it applies to cybersecurity
  • Identify and contrast the most common security standards and associated catalogs of security controls
  • Contrast the various approaches to security training and formulate a simple training agenda
  • Justify the need for business continuity planning and propose how to implement such a plan successfully within a modern enterprise
  • Compare and contrast logical and physical security
  • Appraise the current structure of cybersecurity roles across the DoD enterprise, including the roles and responsibilities of the relevant organizations
  • Assess the strengths and weaknesses of the certification and accreditation approach to cybersecurity
  • Evaluate the trends and patterns that will determine the future state of cybersecurity.

Prerequisite

This course is intended for DoD civilians and military personnel who perform security leadership and management duties. All students will be required to have achieved the Security Fundamentals Professional Certification (SFPC) under the DoD Security Professional Education Development Program (SPēD) or to have a comparable fundamental knowledge of DoD security programs.

Course Content

The Security Environment

1.    Threats, vulnerabilities, and consequences
2.    Advanced persistent threats
3.    The state of security today
4.    Why security matters to DoD

Principles of Cybersecurity

1.    The interrelated components of the computing environment
2.    Cybersecurity models (the CIA triad, the star model, the Parkerianhexad)
3.    Variations on a theme: computer security, information security, and information assurance

Cybersecurity Management Concepts

1.    Security governance
2.    Management models, roles, and functions

Enterprise Roles and Structures

1.    Information security roles and positions
2.    Alternative enterprise structures and interfaces

Strategy and Strategic Planning

1.    Strategy
2.    Strategic planning and security strategy
3.    The information security lifecycle
4.    Architecting the enterprise

Security Plans and Policies

1.    Levels of planning
2.    Planning misalignment
3.    The System Security Plan (SSP)
4.    Policy development and implementation

Laws and Regulatory Requirements

1.    Timeline of U.S. laws related to information security
2.    The Federal Information Security Management Act (FISMA)

Security Standards and Controls

1.    Security standards and controls
2.    Certification and accreditation (C&A)

Risk Management

1.    Principles of risk
2.    Types of risk
3.    Risk strategies
4.    The Risk Management Framework (RMF)

Security Metrics and Key Performance Indicators (KPIs)

1.    The challenge of security metrics
2.    What makes a good metric
3.    Approaches to security metrics
4.    Metrics and FISMA

Physical Security and Environmental Events

1.    Physical and environmental threats
2.    Physical and environmental controls

Contingency Planning

1.    Developing a contingency plan
2.    Understanding the different types of contingency plan
3.    Responding to events

Security Education, Training, and Awareness

1.    Human factors in security
2.    Developing and implementing a security training plan
3.    Cross-domain training (IT and other security domains)

Managing information security across the DoD enterprise (1)

1.    The purpose of certification and accreditation
2.    Trends in certification and accreditation

Managing information security across the DoD enterprise (2)

1.    The strategic direction of DoD IT and information security
2.    Responsibilities within the DoD enterprise

The future of cybersecurity

1.    Key future uncertainties
2.    Possible future scenarios
3.    How to apply what you’ve learned

cbfb

xcf

SSCP

Course Description

The Systems Security Certified Practitioner (SSCP) is the ideal certification for those with proven technical skills and practical, hands-on security knowledge in operational IT roles. It provides confirmation of a practitioner’s ability to implement, monitor, and administer IT infrastructure under information security policies and procedures that ensure data confidentiality, integrity, and availability.

The broad spectrum of topics included in the SSCP Common Body of Knowledge (CBK) ensures its relevance across all disciplines in the field of information security. Successful candidates are competent in the following 7 domains:

• Access Controls
• Security Operations and Administration
• Risk Identification, Monitoring, and Analysis
• Incident Response and Recovery
• Cryptography
• Network and Communications Security
• Systems and Application Security

Sept. 12, 2020

Program Requirements

DeliveryOnline
Length2-4 weeks
VA ApprovedGI Bill & VET-TEC
CertificationSSCP

Objectives

  • Implement and maintain authentication methods
  • Comply with (ISC)² Code of Ethics
  • Understand security concepts
  • Document, implement and maintain functional security controls
  • Implement security controls and assess compliance
  • Understand the risk management process
  • Perform security assessment activities
  • Operate and maintain monitoring systems
  • Understand and support forensic investigations
  • Learn the fundamental concepts of cryptography and requirements for cryptography
  • Understand and support secure protocols and Public Key Infrastructure (PKI) systems
  • Apply fundamental concepts of networking
  • Understand network attacks and countermeasures
  • Manage network access controls and network security
  • Operate and configure network-based security devices and wireless technologies
  • Identify and analyze malicious code and activity
  • Implement and operate endpoint device security
  • Operate and configure cloud security
  • Operate and secure virtual environments

Prerequisite

Candidates must have a minimum of 1-year cumulative work experience in 1 or more of the 7 domains of the SSCP CBK. A 1-year prerequisite pathway will be granted for candidates who received a degree (bachelors or masters) in a cybersecurity program.

A candidate that doesn’t have the required experience to become an SSCP may become an Associate of (ISC)² by successfully passing the SSCP examination. The Associate of (ISC)² will then have 2 years to earn the 1-year required experience.

Course Content

Domain 1: Access Controls

1.1 Implement and maintain authentication methods

1. Single/multifactor authentication
2. Single sign-on
3. Device authentication Federated access

1.2 Support internetwork trust architectures

  1. Trust relationships (e.g., 1-way, 2-way, transitive)
  2. Extranet
  3. Third-party connections

1.3 Participate in the identity management lifecycle

  1. Authorization
  2. Proofing
  3. Provisioning/de-provisioning
  4. Maintenance
  5. Entitlement
  6. Identity and Access Management (IAM) systems

1.4 Implement access controls

  1. Mandatory
  2. Non-discretionary
  3. Discretionary
  4. Role-based
  5. Attribute-based
  6. Subject-based
  7. Object-based

Domain 2: Security Operations and Administration

2.1 Comply with codes of ethics

  1. Code of Ethics
  2. Organizational code of ethics
  3. Understand security concepts

2.2 Understand security concepts

2.3 Document, implement and maintain functional security controls

  1. Deterrent controls
  2. Preventative controls
  3. Detective controls
  4. Corrective controls
  5. Compensating controls

2.4 Participate in asset management

  1. Lifecycle (hardware, software, and data)
  2. Hardware inventory
  3. Software inventory and licensing
  4. Data storage

2.5 Implement security controls and assess compliance

  1. Technical controls (e.g., session timeout, password aging)
  2. Physical controls (e.g., mantrap, cameras, locks)
  3. Administrative controls (e.g., security policies and standards, procedures, baselines)
  4. Periodic audit and review

2.6 Participate in change management

  1. Execute change management process
  2. Identify the security impact
  3. Testing /implementing patches, fixes, and updates (e.g., operating system, applications, SDLC)

2.7 Participate in security awareness and training

2.8 Participate in physical security operations (e.g., data center assessment, badging)

Domain 3: Risk Identification, monitoring, and analysis

3.1 Understand the risk management process

  1. Risk visibility and reporting (e.g., risk register, sharing threat intelligence, Common Vulnerability Scoring System (CVSS))
  2. Risk management concepts (e.g., impact assessments, threat modeling, Business Impact Analysis (BIA))
  3. Risk management frameworks (e.g., ISO, NIST)
  4. Risk treatment (e.g., accept, transfer, mitigate, avoid, recast)

3.2 Perform security assessment activities

  1. Participate in security testing
  2. Interpretation and reporting of scanning and testing results
  3. Remediation validation
  4. Audit finding remediation

3.3 Operate and maintain monitoring systems (e.g., continuous monitoring)

  1. Events of interest (e.g., anomalies, intrusions, unauthorized changes, compliance monitoring)
  2. Logging
  3. Source systems
  4. Legal and regulatory concerns (e.g., jurisdiction, limitations, privacy)

3.4 Analyze monitoring results

  1. Security baselines and anomalies
  2. Visualizations, metrics, and trends (e.g., dashboards, timelines)
  3. Event data analysis
  4. Document and communicate findings (e.g., escalation)

Domain 4: Incident Response and Recovery

4.1 Support incident lifecycle

  1. Preparation
  2. Detection, analysis, and escalation
  3. Containment
  4. Eradication
  5. Recovery
  6. Lessons learned/implementation of new countermeasure

4.2 Understand and support forensic investigations

  1. Legal and ethical principles
  2. Evidence handling (e.g., first responder, triage, chain of custody, preservation of scene)

4.3 Understand and support Business Continuity Plan (BCP) and Disaster Recovery Plan (DRP) activities

  1. Emergency response plans and procedures (e.g., information system contingency plan)
  2. Interim or alternate processing strategies
  3. Restoration planning
  4. Backup and redundancy implementation
  5. Testing and drills

Domain 5: Crytograhpy

5.1 Understand the fundamental concepts of cryptography

  1. Fundamental key management concepts (e.g., key rotation, key composition, key creation, exchange, revocation, escrow)
  2. Web of Trust (WOT) (e.g., PGP, GPG)
  3. Hashing
  4. Salting
  5. Symmetric/asymmetric encryption/Elliptic Curve Cryptography (ECC)
  6. Non-repudiation (e.g., digital signatures/certificates, HMAC, audit trail)
  7. Encryption algorithms (e.g., AES, RSA) » Key strength (e.g., 256, 512, 1024, 2048 bitkeys)
  8. Cryptographic attacks, cryptanalysis, and counter measures

5.2 Understand the reasons and requirements for cryptography

  1. Confidentiality
  2. Integrity and authenticity
  3. Data sensitivity (e.g., PII, intellectual property, PHI)
  4. Regulatory

5.3 Understand and support secure protocols

  1. Services and protocols (e.g., IPSec, TLS, S/MIME, DKIM)
  2. Common use cases
  3. Limitations and vulnerabilities

5.4 Understand Public Key Infrastructure (PKI) systems

  1. Fundamental key management concepts (e.g., key rotation, key composition, key creation, exchange, revocation, escrow)
  2. Web of Trust (WOT) (e.g., PGP, GPG)

Domain 6: Network and Communications Security

6.1 Understand and apply fundamental concepts of networking

  1. OSI and TCP/IP models
  2. Network topographies (e.g., ring, star, bus, mesh, tree)
  3. Network k relationships (e.g., peer to peer, client server)
  4. Transmission media types (e.g., fiber, wired, wireless)
  5. Commonly used ports and protocols

6.2 Understand network attacks and countermeasures (e.g., DDoS, man-in-the-middle, DNS poisoning)

6.3 Manage network access controls

  1. Network access control and monitoring (e.g., remediation, quarantine, admission)
  2. Network access control standards and protocols (e.g., IEEE 802.1X, Radius, TACACS)
  3. Remote access operation and configuration (e.g., thin client, SSL VPN, IPSec VPN, telework)

6.4 Manage network security

  1. Logical and physical placement of network devices (e.g., inline, passive)
  2. Segmentation (e.g., physical/logical, data/control plane, VLAN, ACLs)
  3. Secure device management

6.5 Operate and configure network-based security devices

  1. Firewalls and proxies (e.g., filtering methods)
  2. Network intrusion detection/prevention systems
  3. Routers and switches
  4. Traffic-shaping devices (e.g., WAN optimization, load balancing)

6.6 Operate and configure wireless technologies (e.g., Bluetooth, NFC, WiFi)

  1. Transmission security
  2. Wireless security devices (e.g. WIPS, WIDS)

Domain 7: System and Application Security

7.1 Identify and analyze malicious code and activity

  1. Malware (e.g., rootkits, spyware, scareware, ransomware, trojans, virus, worms, trapdoors, backdoors, and remote access trojans)
  2. Malicious code countermeasures (e.g., scanners, anti-malware, code signing, sandboxing)
  3. Malicious activity (e.g., insider threat, data theft, DDoS, botnet)
  4. Malicious activity countermeasures (e.g., user awareness, system hardening, patching, sandboxing, isolation)

7.2 Implement and operate endpoint device security

  1. HIDS
  2. Host-based firewalls
  3. Application whitelisting
  4. Endpoint encryption
  5. Trusted Platform Module (TPM)
  6. Mobile Device Management (MDM) (e.g., COPE, BYOD)
  7. Secure browsing (e.g., sandbox)

7.3 Operate and configure cloud security

  1. Deployment models (e.g., public, private, hybrid, community)
  2. Service models (e.g., IaaS, PaaS, and SaaS)
  3. Virtualization (e.g., hypervisor)
  4. Legal and regulatory concerns (e.g., privacy, surveillance, data ownership, jurisdiction, eDiscovery)
  5. Data storage and transmission (e.g., archiving, recovery, resilience)
  6. Third-party/outsourcing requirements (e.g., SLA, data portability, data destruction, auditing)
  7. Shared responsibility model

7.4 Operate and secure virtual environments

  1. Software-defined networking
  2. Hypervisor
  3. Virtual appliances
  4. Continuity and resilience
  5. Attacks and countermeasures
  6. Shared storage

cbfb

xcf

Certified Network Defender (CND)

Course Description

Certified Network Defender (CND) is a vendor-neutral, hands-on, instructor-led comprehensive network security certification training program. It is a skills-based, lab intensive program based on the security education framework and work role task analysis presented by the National Infocomm Competency Framework (NICF) as well as a job-task analysis and cybersecurity education framework by the National Initiative of Cybersecurity Education (NICE). The course has also been mapped to global job roles and to the Department of Defense (DoD) job roles for system/network administrators.

The program prepares network administrators on how to identify what parts of an organization need to be reviewed and tested for security vulnerabilities and how to reduce, prevent, and mitigate risks in the network. CND covers the protect, detect, respond, and predict an approach to network security.

More than 50% of the CND course contains hands-on labs dedicated to helping students learn practical skills in live ranges designed to cover domains such as Network Defense Management, Network Perimeter Protection, Endpoint Protection, Application, and Data Protection, Enterprise Virtual, Cloud, and Wireless Network Protection, Incident Detection and Response and Threat Prediction which will provide network administrators real-world expertise that can be applied to current network security technologies and operations.

Sept. 12, 2020

Program Requirements

DeliveryOnline
Length2-4 weeks
VA ApprovedGI Bill & VET-TEC
CertificationCND

Objectives

CND certification exams cover all critical aspects of the information and network security and help the participants gain an in-depth understanding of:

  • Core essentials of networking and modernistic defense techniques
  • Security threats and identifying vulnerabilities
  • Implementation of various network security protocols and controls
  • Defining and implementing security policies in a network infrastructure
  • Establishing physical security controls and deploying foolproof authentication techniques
  • Configuring the host security and process of encrypting the file systems
  • Implementation and management of the Firewall
  • Configuring and managing Intrusion Detection and Prevention Systems
  • VPN security management
  • Wireless networks security
  • Monitoring and analyzing the network traffic
  • Network security risks and vulnerability identification
  • Network Incident Response and Management

Prerequisite

Knowledge of Networking is needed to successfully complete this course.

Course Content

Computer Network and Defense Fundamentals

1.    OSI and TCP/IP network Models
2.    Types of networks
3.    Network topologies
4.    Network components
5.    Protocols in TCP/IP protocol stack
6.    IP addressing concept
7.    Computer Network Defense
8.    Fundamental CND attributes
9.    CND elements
10.  CND process and Approaches

Network Security Threats, Vulnerabilities, and Attacks

1.   Threat, attack, and vulnerability
2.   Network security concerns
3.   Effect of a network security breach on business continuity
4.   Types of network threats
5.   Types of network security vulnerabilities
6.   Types of network attacks

Network Security Controls, Protocols, and Devices

1.    Fundamental elements of network security
2.    Network access control mechanism
3.    Types of access controls
4.    Network Authentication, Authorization and Auditing (AAA) mechanism
5.    Network data encryption mechanism
6.    Public Key Infrastructure (PKI)
7.    Network security protocols8.    Network security devices

Network Security Policy Design and Implementation

1.    Security policy
2.    Hierarchy of security policy
3.    Characteristics of a good security policy
4.    Typical content of security policy
5.    Understanding the policy statement
6.    Steps for creating and implementing security policy
7.    Designing of security policy
8.    Implementation of security policy
9.    Types of security policy
10.  Various information security-related standards, laws, and acts

Physical Security

1.    Understanding physical security
2.    Importance of physical security
3.    Factors affecting physical security
4.    Various physical security controls
5.    Understanding the selection of Fire Fighting Systems
6.    Various access control authentication techniques
7.    Workplace security
8.    Personnel security
9.    Environmental Controls
10.  Importance of physical security awareness and training

Host Security

1.    Understanding host security
2.    Importance of securing individual hosts
3.    Threats specific to hosts
4.    Paths to host threats
5.    Purpose of the host before an assessment
6.    Host security baselining
7.    OS security baselining
8.    Security requirements for different types of servers
9.    Security requirements for hardening of routers
10.  Security requirements for hardening of switches
11.  Data security concerns when data is at rest, in use, and in motion
12.  Understanding virtualization security

Secure Firewall Configuration and Management

1.    Understanding firewalls
2.    Firewall security concerns
3.    Firewall technologies
4.    Firewall topologies
5.    Selection of firewall topologies
6.    Designing and configuring firewall ruleset
7.    Implementation of firewall policies
8.    Deployment and implementation of firewall
9.    Factors to considers before purchasing any firewall solution
10.  Configuring, testing, and deploying of firewalls
11.  Management, maintenance, and administration of firewall implementation
12.  Firewall logging
13.  Measures for avoiding firewall evasion14.  Firewall security best practices

Secure IDS Configuration and Management

1.    Different types of intrusions and their indications
2.    Understanding IDPS
3.    Role of IDPS in network defense
4.    Functions, components, and working of IDPS
5.    Types of IDS implementation
6.    Staged deployment of NIDS and HIDS
7.    Fine-tuning of IDS by minimizing false positive and false negative rate
8.    Characteristics of good IDS implementation
9.    Common IDS implementation mistakes and their remedies
10.  Types of IPS implementation
11.  Requirements for selecting appropriate IDSP product
12.  Technologies complementing IDS functionality

Secure VPN Configuration and Management

1.    Virtual Private Network (VPN) and it’s working
2.    Importance of establishing VPN
3.    VPN components
4.    Implementation of VPN concentrators and its functions
5.    Types of VPN technologies
6.    Components for selecting appropriate VPN technology
7.    Core functions of VPN
8.    Topologies for implementation of VPN
9.    VPN security concerns
10.  Security implications to ensure VPN security and performance

Wireless Network Defense

1.    Understanding wireless network
2.    Wireless standards and network topologies
3.    Use of wireless networks
4.    Wireless network components
5.    Wireless encryption (WEP, WPA,WPA2) technologies
6.    Authentication methods for wireless networks
7.    Types of threats on wireless networks
8.    Inventory for wireless network components
9.    Appropriate placement of Wireless Access Point (AP)
10.  Monitoring of wireless network traffic
11.  Detection and locating of rogue access points
12.  Prevention of wireless network from RF interference
13.  Security implications for wireless network

Network Traffic Monitoring and Analysis

1.    Understanding network traffic monitoring
2.    Importance of network traffic monitoring
3.    Techniques used for network monitoring and analysis
4.    Appropriate position for network monitoring
5.    Connection of network monitoring system with a managed switch
6.    Network traffic signatures
7.    Baselining for normal traffic
8.    Categories of suspicious traffic signatures
9.    Techniques for attack signature analysis
10.  Wireshark components, working, and features
11.  Use of various Wireshark filters
12.  Monitoring LAN traffic against policy violation
13.  Security monitoring of network traffic
14.  Detection of various attacks using Wireshark15.  Network bandwidth monitoring and performance improvement

Network Risk and Vulnerability Management

1.   Understanding risk and risk management
2.   Key roles and responsibilities in risk management
3.   Key Risk Indicators (KRI) in risk management
4.   Phase involves in risk management
5.   Enterprise network risk management
6.   Risk management frameworks
7.   Best practices for effective implementation of risk management
8.   Vulnerability management
9.   Phases involve in vulnerability management
10. Vulnerability assessment and its importance
11. Requirements for effective network vulnerability assessment
12. Internal and external vulnerability assessment
13. Steps for effective external vulnerability assessment
14. Phases involve in vulnerability assessment
15. Selection of appropriate vulnerability assessment tool
16. Best practices and precautions for deploying vulnerability assessment tool
17. Vulnerability reporting, mitigation, remediation, and verification

Data Backup and Recovery

1.    Understanding data backup
2.    Identification of data to backup
3.    Appropriate backup medium for data backup
4.    RAID backup technology and its advantages
5.    RAID architecture
6.    RAID levels and their use
7.    Selection of appropriate RAID level
8.    Storage Area Network (SAN) backup technology and its advantages
9.    Best practices of using SAN
10.  Network Attached Storage (NAS) backup technology and its advantages
11.  Types of NAS implementation
12 . Understanding Incident Handling and Response (IH&R)
13.   Roles and responsibilities of Incident Response Team (IRT)
14.   Role of the first responder
15.   First response activities for network administrators
16.   Incident Handling and Response (IH&R) process
17.   Understanding forensic investigation
18.   People involved in forensics investigation
19.   Forensics investigation methodology

cbfb

xcf

CASP+ CE
CCNP Security
CISA
CISSP
CGCED
GCIH

cbfb

xcf

Something awesome here.

Something awesome here.

Something awesome here.

Something awesome here.

Something awesome here.

Something awesome here.

A day in the life

Cybersecurity professionals are trained to detect and implement quick solutions to cyber threats against the data network of an organization. Their primary responsibility is to assure the security and integrity of the system at any given time. This is most crucial especially now that criminality in cyberspace has morphed into a more vicious and expanding enterprise.

The work of an online security expert is not easy for the hesitant but the rewards are magnificent for achievers who consider the cybersecurity profession as a terrific career path. 

As of 2019, a Cybersecurity Engineer’s annual income ranges from $120,000 to $200,000. An Application Security Engineer’s income is not far having an average between $120,000 to $180,000. Cybersecurity Analysts and Network Security Engineers also enjoy huge salaries at $90,000 to $160,000 and $125,000 to $185,000 respectively. At the top of the list is the Information Security Manager who earns an average of $125,000 to $215,000.