Live Panel Discussion - Leveraging Red Hat OpenShift for a Multi-Cloud Strategy

closeClose

CSFI: Defensive Cyber Operations Engineer (DCOE)

Course Details
Code: 9733
Tuition (USD): $2,595.00 • Classroom (3 days)
Course Details
GSA (USD): $2,222.41 • Classroom (3 days)

In this course, you will acquire the skills for the planning, executing, and integrating defensive cyberspace operations (DCO) into organizational missions and DCO requirements. The course builds on the planning skills learned in the Introduction to Cyber Warfare and Operations Design (ICWOD) course. Adversarial use of tools and their associated techniques are presented to assess network vulnerabilities and to defend friendly networks against adversary threats. 

The course covers the use of open source tools and websites for system configuration, penetration testing, and control testing. You will use Linux and Windows command lines and unleash an attack on target servers and analyze the results. Attacks and analysis of will expose you to live attacks in a controlled environment where students can see first-hand the adversary realm of possible actions, how to detect, mitigate, and counter such activities. 

Note: This course requires you to bring your own laptop preloaded with VMware Workstation 9 or 10. 

In order to attain the DCOE certification, you must have an ICWOD completion certificate as well as pass the DCOE exam.

Skills Gained

  • Assess adversary intent and how threat vectors can support malicious intent
  • How to counter known and emerging threat vectors
  • Allocation and guidance for resource usage to counter adversary threats
  • Integration of DCO into larger organizational constructs
  • Deception methods
  • Data exfiltration and defense against exfiltration methodologies

Who Can Benefit

  • Information operations officers
  • Information security / assurance professionals
  • Cybersecurity consultants
  • Cyber planners
  • Military members (J2, J3, J6)
  • Security analysts
  • Network security engineers
  • Penetration testers
  • Auditors
  • Security engineers

Prerequisites

In order to attain the DCOE certification, students must have an ICWOD completion certificate as well as pass the DCOE exam.

Course Details

1. Operational Environment

  • DCO Planning
  • Cloud Operations
  • Network Packet Capture and Data Exfiltration
  • Windows and Linux Operating System Differences and Configurations
  • Wireless Networks Operations and Access
  • Open Source Tool Usage
  • Network and Internet Reconnaissance

2. Defensive Methods

  • Adversary Perspective of Target Selection
  • Tool Capability and Countermeasure Planning
    • Maltego
    • Metasploit
    • Social Engineering Toolkit (SET) Usage
  • Defensive Tools for Network Threat Situational Awareness
    • DS/IPS - Snort
    • Honeypots
  • Detection Avoidance
  • Malware Analysis

3. Payload configuration and tool customization

  • Target Selection to Support Adversarial Intent
  • Tailoring Payloads to Adversary Intent
  • Payload Detection Avoidance
  • System Log Analysis
  • Sensor Adjustments
  • Payload Altering
  • Current Threat Detection
  • Emerging Threat detection

4. Web Application Defense

  • SQL Injection
  • Cross Site Scripting
  • Local File Inclusion
  • Remote File Inclusion
  • Web Shells