Description
We deliver training live-on-line, on site, and on demand.
If your organization would like this course at a particular time or location, it is available for groups greater than 8 with a contract.
This course is a practical way to demonstrate technical knowledge and skills required to conceptualize, design, and engineer secure solutions across complex enterprise environments. Students will become cybersecurity professional community members. Practice in this course will lead to excellence in cybersecurity. The actual certification exam will be easier than the course practice exams.
CASP
- CompTIA Advanced Security Practitioner is an independent information security certification.
- Governing Body:CompTIA
- https://certification.comptia.org/certifications/comptia-advanced-security-practitioner
- External exam costs: $439
- Price does not include exam
Security / Technical / Certification
This course fulfills NICE/NICCS Categories and Roles:
- Protect and Defend (PR) Cyber Defense Infrastructure Support Specialist PR-INF-001
- Operate and Maintain (OM) System Administrator OM-ADM-001
This is a DOD 8570 compliant course for the following roles:
- IAT III, IAM III,IASAE II
Since the computing environment specific to tools is critical to success in the field, we offer the tools and operating systems in our cyber range setup that match most students’ live environment.
DOD acronyms
- Information Assurance Technical (IAT)
- Information Assurance Management (IAM)
- Computer Network Defense Service Providers (CND-SPs)
- IA System Architects and Engineers (IASAEs)
- Cyber Security Service Providers (CCSP)
- Analyst – An
- Infrastructure support -In
- Incident responder – Ir
- Auditor – Au
- Manager – Ma
We expect every student to achieve the knowledge, skills, and abilities necessary to configure develop and support an enterprise security program. As a side benefit of the course, students will pass the exam and validate their skills as a cybersecurity professional via certification.
Corporate customers with more than 8 students may for a skills assessment pre-quiz to verify experience.
- Identify and use computer networking concepts, protocols, and network security methodologies.
- Understand basic risk management processes.
- Execute secure network administration principles.
- Distinguish and differentiate cyber threats and vulnerabilities.
- Replace suitable certification for security experience such as with CompTIA Security+.
- Configure and implement virtual machine and basic virtual network environments.
- Configure and implement client server operating systems of both Linux and Microsoft.
- Knowledge and skills necessary to troubleshoot, install, operate and configure basic network infrastructure.
- Replace suitable certification for technical experience such as with CompTIA Network+.
Upon completion of the course the student will have the knowledge required to: Test, implement, deploy, maintain, review, and administer the infrastructure hardware and software that are required to effectively manage the computer network defense service provider network and resources. Monitor network to actively remediate unauthorized activities. Manage accounts, firewalls, and patches.
- Underlying Technical Models
- General Server Security
- Selecting Information Technology Security Products
- Control Selection Process
- Symmetric and Asymmetric
- Message Integrity Controls
- Cryptology Digital signatures
- PKI and PGP
- Cryptology Business Basics and requirements
- Storage
- Benchmarks and Baselines
- Cloud
- Secure Deployment of IPv6
- OWASP top 10
- DNS
- DNS security
- Firewall and VPN
- SQL injection
- Credential Reliability and Revocation Model for Federated Identities
- Buffer Overflow
- Enterprise Telework and Remote Access Security
- Firewalls and Firewall Policy
- Industrial Control Systems Security
- Security-Focused Configuration Management
- Secure Web Services
- Access Control and Electronic Authentication
- Single Sign-On
- Risk Assessments
- Information Security Testing and Assessment
- Types Security Controls
- Common Vulnerability Scoring System
- Common Criteria
- Personally Identifiable Information (PII)
- Risk Management
- Frameworks
- Interconnecting Information Technology Systems
- Information Technology Security Services
- Information Security Continuous Monitoring
- Incident handling
- Integrating Forensic Techniques into Incident Response
- Requirements
- Standards Bodies
- Information Security and software development fundamentals
- Electronic Mail Security
- Managing Mobile Devices
- Voice Over IP Systems security
- Physical Facilities assessment process
- Security Requirements Traceability Matrix
- accurately define incidents, problems, and events in the trouble ticketing system.
- apply an organization’s goals and objectives to develop and maintain architecture.
- apply cybersecurity and privacy principles to organizational requirements.
- applying host/network access controls.
- bandwidth management.
- basic system, network, and OS hardening techniques.
- collaborate effectively with others.
- computer networking concepts and protocols, and network security methodologies.
- conducting system/server planning, management, and maintenance.
- configuring and optimizing software.
- configuring and utilizing software-based computer protection tools.
- correcting physical and technical problems that impact system/server performance.
- cyber defense and information security policies, procedures, and regulations.
- cyber threats and vulnerabilities.
- cybersecurity and privacy principles and organizational requirements.
- cybersecurity and privacy principles.
- data backup and recovery.
- develop, update, and/or maintain standard operating procedures.
- diagnosing connectivity problems.
- enterprise information technology architecture.
- establish and maintain automated security control assessments
- file system implementations.
- function effectively in a dynamic, fast-paced environment.
- host/network access control mechanisms.
- how traffic flows across the network.
- identifying and anticipating system/server performance, availability, capacity, or configuration problems.
- incident handling methodologies.
- incident response and handling methodologies.
- information technology security principles and methods.
- installing system and component upgrades.
- interfacing with customers.
- Intrusion Detection System/Intrusion Prevention System tools and applications.
- laws, regulations, policies, and ethics as they relate to cybersecurity and privacy.
- local and wide area networking principles
- maintaining directory services.
- measures or indicators of system performance and availability.
- monitor measures or indicators of system performance and availability.
- monitoring and optimizing system/server performance.
- network protocols.
- network security architecture concepts including topology, protocols, components, and principles.
- network traffic analysis methods.
- operate common network tools.
- operating system administration.
- operating system command-line tools.
- organizational information technology user security policies.
- packet-level analysis.
- Payment Card Industry data security standards.
- performance tuning tools and techniques.
- Personal Health Information data security standards.
- Personally Identifiable Information data security standards.
- principles and methods for integrating system components.
- protecting a network against malware.
- recovering failed systems/servers.
- risk management processes.
- securing network communications.
- server and client operating systems.
- specific operational impacts of cybersecurity lapses.
- system administration, network, and operating system hardening techniques.
- system, network, and OS hardening techniques.
- system/server diagnostic tools and fault identification techniques.
- systems administration concepts.
- systems engineering theories, concepts, and methods.
- test procedures, principles, and methodologies.
- troubleshooting and diagnosing cyber defense infrastructure anomalies
- troubleshooting failed system components
- tuning sensors.
- type and frequency of routine hardware maintenance.
- using virtual machines.
- Virtual Private Network devices and encryption.
- virtualization technologies and virtual machine development and maintenance.
- web filtering technologies.
All courses are available in live-on-line format.
There are 15 different methods of possible exercises used throughout the course in one-hour class meetings. As soon as students become accustomed to a particular flow, or they get comfortable, the instructor will switch methods. Some examples include: threats and controls, case studies, risk analysis practice, and reading review. Technical labs will require basic skills in operating systems and virtualization.
Before class students will complete mindmaps, assigned readings, take practice quizzes, submit case study information, and build flashcards. Each activity is graded as needed.
We use a customized text developed by our internal experts. This text covers the latest best practices, current state of security and technology. All students are required to have a working computer, microphone, and earbuds.
- 1 hour per session
- 3 sessions per week
- 10 weeks with 2 break weeks (also called ‘dark weeks’)
- Orientation is held for 90 minutes before first live class.
- Class meeting times are listed on the public calendar.