Comprehensive Cybersecurity Defense (formerly: Comprehensive Cyberterrorism Defense) is a basic-level course designed for technical personnel who monitor and protect our nation’s critical cyber infrastructure. The course introduces students to cyber-defense tools that will assist them in monitoring their computer networks and implementing cybersecurity measures to prevent or greatly reduce the risk of a cyber-based attack. This course integrates hands-on computer lab applications to maximize the student’s learning experience.
This course addresses different forms of authentication, such as two-factor, multi-factor and other authentication products protections addressing identity compromise. Designed for public and private personnel at all levels of government, law enforcement, the private sector and other stakeholders, CIAA provides a broad-base of knowledge connecting the underlying concepts of digital identity to how people, devices and systems are authorized to access digital resources and services. This course also covers “best practices” for using identity management and access control techniques and mechanisms to develop authentication standards.
This course covers basic cyber awareness for Municipal, Police, Fire and EMS Information Technology personnel. Participants will have an increased knowledge of threats specific to their jurisdiction and an understanding of the processes and procedures needed to develop a cyber-awareness program. This course will focus on the steps involved in being aware of cyber threats and effectively communicating the processes and procedures to protect users against common cyber threats. The participants will apply this knowledge by developing processes and procedures to integrate cyber awareness into routine operations.
The purpose of analysis is to produce intelligence that decreases uncertainty in decision making and therefore reduces risk. This course introduces the information analysis process and how an organization can use it to identify, define and mitigate cybersecurity threats. The intent is to provide participants with a general understanding of the tools and processes needed for an analysis team to create cybersecurity information and intelligence within their organization.
This course introduces state, local, tribal and territorial first responders with limited or no prior knowledge of computer crime and cyber investigations to the importance of identifying evidence related to suspected criminal activity, and how to incorporate the evidence into an investigation. This is an awareness level course that will help first responders reduce cybersecurity risks and response impacts to critical infrastructure.
This is an intermediate-level course designed for technical personnel who are first responders to any type of cyber-based attack against our nation’s critical cyber infrastructure. Blended learning methods are utilized, to include a balance of classroom lecture, hands-on laboratory exercises, and the use of cyberterrorism response tools against real world simulated cyber-attacks. Students learn the proper steps of an incident response to include incident assessment, detection and analysis, and the containing, eradicating, and recovering process from a system or network-based attack.
This course is designed to address the gap in specific technical skills needed for an effective cyber response. It will also help improve the limited availability of targeted hands-on IT and security training focused on cyber-attacks. This training focuses on government and private sector technical personnel who have intermediate and advanced knowledge of network operations and/or the responsibility for network security.
Cybersecurity Proactive Defense (CPD) is an advanced-level course designed for technical personnel who monitor and protect our nation’s critical cyber infrastructure. This course prepares cyber defenders to recognize their own weaknesses by providing advanced attack vectors, sequential and escalating attack steps, and hands-on attack execution experience. CPD provides context behind a cyberterrorism attack by illustrating each attack step, the tools used to conduct the step, and the resulting impact on targeted systems.
This course explains investigative methods and standards for the acquisition, extraction, preservation, analysis, and deposition of digital evidence from storage devices. Using realistic forensics situations, learn how to find traces of illegal or illicit activities using computer forensics tools and manual techniques. Also, learn how to recover data intentionally hidden or encrypted by perpetrators.
This course will focus primarily on the end-user’s perspective. In particular, various security-related challenges faced by end-users and their impact on data privacy. The course will also include content concerning online content providers and local ISPs on access rights, unintentional data sharing, mobile apps and how to be compliant to a NIAP Protection Profile (PP), etc.
This course is the second training in a two-part course. It is intended to introduce the basics of the incident response process to the Information Technology personnel in Police, Fire or EMS departments. This web-based course focuses on the steps involved in being aware of common cyber incidents, as well as steps in developing an incident response plan.
The participants will apply this knowledge by developing a response plan specific to their jurisdiction. The content of the course includes: common cyber incidents occurring in Police, Fire and EMS IT departments, developing a response plan for common cyber incidents, distinguishing tasks for police, fire and EMS IT departments, and processes for future improvements to response plans.
This Information Risk Management course addresses topics related to information assets, identifying risks and management processes. Receive training on information risk-related tools and technologies for better understanding of potential threats and vulnerabilities in online business. Learn best practices and how to apply levels of security measures.
This Information Security Basics course provides entry and mid-level IT staff a technical overview of information security, focusing on the knowledge to identify and stop various cyber threats. In addition to providing an introduction to information assurance, general concepts and topics covered include TCP/IP protocol, introductory network security, introductory operating system security and basic cryptography.
Malware Prevention, Discovery, and Recovery (MPDR) is an intermediate-level course is designed for technical personnel who monitor and protect our nation’s critical cyber infrastructure. Students learn how to recognize, identify, and analyze malware; the remediation process to eliminate the malware; and proper procedures to recover from the attack and regain network connectivity in a timely manner. This course integrates hands-on computer lab applications to maximize the student’s learning experience.
This course is designed to assist individuals better understand security and privacy issues associated with mobile devices and infrastructure; including benefits and challenges of designing, implementing, and maintaining Bring Your Own Device (BYOD) Programs. Using scenarios, thought challenges and exercises as a framework, students will learn about:
The purpose of Enterprise Mobile Management platforms
Elements that make mobile networks and operating systems different
Mobile malware classifications and detection strategies
Mobile architecture data leakage detection and prevention strategies.
The Network Assurance course covers secure network practices to protect networked systems against attacks and exploits. Topics include authentication, authorization and accounting (AAA), as well as firewalls, intrusion detection/prevention, common cryptographic ciphers, server and client security, and secure policy generation. This course also includes information on securing cloud-based networks and applications.
This course will train students to conduct traffic analysis on their internal networks by doing a “deep-dive” into network traffic analysis using Wireshark and other tools to identify regular and anomalous network traffic. It will teach techniques necessary to identify network attacks by context and type.
You will be introduced to a wide variety of network traffic analysis information and methods. This course is delivered in a mobile training lab, using laptops that are preconfigured with hands-on exercises that immerse students in real-world examples.
This classroom-based activity will be designed to introduce students to identify and describe the components of an IoT system and associated security concerns. The course will cover the elements of an IoT system including programmable logic controllers, sensors and network interfaces. Topics will include PLC functions and programming, common IoT network protocols and security concerns related to IoT systems. Students will explore IoT vulnerabilities using common vulnerability assessment tools such as Kali Linux. Lecture and exercises will culminate in a laboratory experience where teams of students will build an IoT system and examine security considerations, vulnerabilities, and threats.
This course covers secure programming practices necessary to secure applications against attacks and exploits. Topics covered include fundamental concepts of secure software development, defensive programming techniques, secure design and testing, and secure development methodologies. Network security administration topics include firewalls, intrusion detection/prevention, common cryptographic ciphers, AAA (authentication, authorization and accounting), server and client security, and secure policy generation.
The intent of this course is to increase the learners’ understanding of Zero Trust methodology, principles, and implementation. The goal of this course is to prepare organizations to face existing threats and adapt to new threats in the future.
This course addresses concepts related to Zero Trust and Identity and Access Management. Some of the topics covered include:
This course will explore the ever-changing ChatGPT ecosystem, which is an interactive Artificial Intelligence (AI) Machine Learning (ML) system that generates human-readable text to interact with us. ChatGPT can be a valuable tool for organizations and individuals who want to find and fix security vulnerabilities. However, in the wrong hands, the service can become a dangerous tool for hackers.
The proliferation of cloud computing continues to grow as organizations look to reduce the cost of operating and maintaining traditional information technology (IT) data centers and associated IT resources. Cloud computing service providers, such as Amazon Web Services, Microsoft Azure and Google Cloud, focus on securing their underlying infrastructure, but it is the responsibility of each organization and user to provide security protections for the payloads they deploy.
Awareness level course designed to address the technical needs of future workforce and industry professionals in various sectors including electric vehicle charging stations (EVCS). General topics to be covered in the course are: understanding various cyberattacks and their negative impacts on OTs and charging systems, OT threat actors, OT security measures for both Industrial Control Systems (ICS) and Supervisory Control and Data Acquisition (SCADA), detecting cyberattacks on the OTs, exploring mitigation solutions for cyberattacks on OTs, OT and security best practices.
Designed to provide knowledge and skills to a targeted audience of information technology practitioners about the importance of IoT in society, the current components of typical IoT implementations and trends for the future. The course will cover IoT design considerations, constraints and interfacing between the physical world and a very large variety of devices that have not traditionally been considered as part of the IT Security problem. It will also cover key components of networking to ensure that students understand how IoT devices can be properly and securely connected to the Internet.
Cybersecurity preparedness and response in a resource-constrained enterprise, partnering Information Technology with Operational Technology security and operations professionals, and with a detailed focus on the business and regulatory environment that public and rural electricity providers experience.
Comprehensive Cybersecurity Defense (formerly: Comprehensive Cyberterrorism Defense) is a basic-level course designed for technical personnel who monitor and protect our nation’s critical cyber infrastructure. The course introduces students to cyber-defense tools that will assist them in monitoring their computer networks and implementing cybersecurity measures to prevent or greatly reduce the risk of a cyber-based attack. This course integrates hands-on computer lab applications to maximize the student’s learning experience. 
This course is designed to address the gap in specific technical skills needed for an effective cyber response. It will also help improve the limited availability of targeted hands-on IT and security training focused on cyber-attacks. This training focuses on government and private sector technical personnel who have intermediate and advanced knowledge of network operations and/or the responsibility for network security.