Vulnerability Assessment and Management 101

$3,699.00

Description

We deliver training live-on-line, on site, and on demand.

If your organization would like this course at a particular time or location, it is available for groups greater than 8 with a contract. 

Assesses the level of risk and develops and/or recommends appropriate mitigation countermeasures in operational and non-operational situations

This course is a practical way to assess  the level of risk and develop and/or recommend appropriate controls in operational and non-operational situations

Students will become cybersecurity professional community members.

Practice in this course will lead to excellence in cybersecurity.

Security / Technical

This course fulfills NICE/NICCS Categories and Roles:

  • Vulnerability Assessment Analyst PR-VAM-001

We expect every student to achieve the knowledge, skills, and abilities necessary to conducts threat and vulnerability assessments and determines deviations from acceptable configurations or policies.

  • Identify and use computer networking concepts, protocols, and network security methodologies.
  • Understand basic risk management processes.
  • Execute secure network administration principles.
  • Distinguish and differentiate cyber threats and vulnerabilities.
  • Configure and implement virtual machine and basic virtual network environments.
  • Configure and implement client server operating systems of both Linux and Microsoft.
  • Knowledge and skills necessary to troubleshoot, install, operate and configure basic network infrastructure.

Upon completion of the course the student should be able to understand common vulnerabilities and exploits; customize the CVE’s to a particular environment and build a measurement system capable of incorporating the following:

  • Common Configuration Enumeration
  • Common Weaknesses and Exposures
  • Security Content Automation Protocol
  • Authentication, authorization, and access control methods.
  • Applicable business processes and operations of customer organizations.
  • Application vulnerabilities.
  • Communication methods, principles, and concepts that support the network infrastructure.
  • Capabilities and applications of network equipment including routers, switches, bridges, servers, transmission media, and related hardware.
  • Cyber defense and vulnerability assessment tools and their capabilities.
  • Encryption algorithms
  • Cryptography and cryptographic key management concepts
  • Encryption algorithms
  • Data backup and recovery.
  • Database systems.
  • Business continuity and disaster recovery continuity of operations plans.
  • Organization’s enterprise information security architecture.
  • Organization’s evaluation and validation requirements.
  • Organization’s local and wide area network connections.
  • Security assessment and authorization process.
  • Cybersecurity and privacy principles used to manage risks related to the use, processing, storage, and transmission of information or data.
  • Vulnerability information dissemination sources.
  • Cybersecurity and privacy principles and organizational requirements.
  • Risk management framework requirements.
  • Information technology security principles and methods.
  • Current industry methods for evaluating, implementing, and disseminating information technology security assessment, monitoring, detection, and remediation tools and procedures utilizing standards-based concepts and capabilities.
  • Network access, identity, and access management.
  • New and emerging information technology and cybersecurity technologies.
  • System and application security threats and vulnerabilities.
  • Structured analysis principles and methods.
  • Systems diagnostic tools and fault identification techniques.
  • The cyber defense service provider reporting structure and processes within one’s own organization.
  • The enterprise information technology architecture.
  • The organization’s enterprise information technology goals and objectives.
  • Supply chain risk management practices
  • The organization’s core business/mission processes.
  • Applicable laws, statutes, presidential directives, executive branch guidelines, and/or administrative/criminal legal guidelines and procedures.
  • Information technology supply chain security and supply chain risk management policies, requirements, and procedures.
  • Critical infrastructure systems with information communication technology that were designed without system security considerations.
  • Network security architecture concepts including topology, protocols, components, and principles.
  • Security architecture concepts and enterprise architecture reference models.
  • Security models.
  • Personally identifiable information data security standards.
  • Payment card industry data security standards.
  • Personal health information data security standards.
  • Laws, policies, procedures, or governance relevant to cybersecurity for critical infrastructures.
  • An organization’s information classification program and procedures for information compromise.
  • Embedded systems.
  • Penetration testing principles, tools, and techniques.
  • Controls related to the use, processing, storage, and transmission of data.
  • Application security risks
  • Skill in conducting vulnerability scans and recognizing vulnerabilities in security systems.
  • Skill in applying confidentiality, integrity, and availability principles.
  • Skill in determining how a security system should work and how changes in conditions, operations, or the environment will affect these outcomes.
  • Skill in discerning the protection needs of information systems and networks.
  • Skill in identifying measures or indicators of system performance and the actions needed to improve or correct performance, relative to the goals of the system.
  • Skill in using virtual machines..
  • Skill in recognizing and categorizing types of vulnerabilities and associated attacks.
  • Skill in applying security controls.
  • Skill in utilizing or developing learning activities.
  • Skill in identifying test & evaluation infrastructure requirements.
  • Skill in interfacing with customers.
  • Skill in managing test assets, test resources, and test personnel to ensure effective completion of test events.
  • Skill in preparing test & evaluation reports.
  • Skill in reviewing logs to identify evidence of past intrusions.
  • Skill in troubleshooting and diagnosing cyber defense infrastructure anomalies and work through resolution.
  • Skill in using manpower and personnel it systems.
  • Skill in conducting reviews of systems.
  • Skill in secure test plan design.
  • Skill in network systems management principles, models, methods, and tools.
  • Skill in conducting application vulnerability assessments.
  • Skill in using public-key infrastructure encryption and digital signature capabilities into applications.
  • Skill in assessing security systems designs.
  • Skill in integrating and applying policies that meet system security objectives.
  • Skill in assessing security controls based on cybersecurity principles and tenets..
  • Skill in performing impact/risk assessments.
  • Skill in applying secure coding techniques.
  • Skill in using security event correlation tools.
  • Skill in using code analysis tools.
  • Skill in performing root cause analysis.
  • Skill in administrative planning activities, to include preparation of functional and specific support plans, preparing and managing correspondence, and staffing procedures.
  • Skill in analyzing a target’s communication networks.
  • Skill in analyzing traffic to identify network devices.
  • Skill in identifying intelligence gaps and limitations.
  • Skill in identifying language issues that may have an impact on organization objectives.
  • Skill in identifying leads for target development.
  • Skill in identifying non-target regional languages and dialects
  • Skill in identifying the devices that work at each level of protocol models.
  • Skill in identifying, locating, and tracking targets via geospatial analysis techniques
  • Skill in information prioritization as it relates to operations.
  • Skill in interpreting compiled and interpretive programming languages.
  • Skill in interpreting metadata and content as applied by collection systems.
  • Skill in interpreting traceroute results, as they apply to network analysis and reconstruction.
  • Skill in interpreting vulnerability scanner results to identify vulnerabilities.
  • Skill in knowledge management, including technical documentation techniques.
  • Skill in managing client relationships, including determining client needs/requirements, managing client expectations, and demonstrating commitment to delivering quality results.
  • Skill in performing target system analysis.
  • Skill in preparing and presenting briefings.
  • Skill in preparing plans and related correspondence.
  • Skill in prioritizing target language material.
  • Skill in processing collected data for follow-on analysis.
  • Skill in providing analysis to aid writing phased after action reports.
  • Skill in reviewing and editing assessment products.
  • Skill in reviewing and editing plans.
  • Skill in tailoring analysis to the necessary levels.
  • Skill in target development in direct support of collection operations.
  • Skill in target network anomaly identification.
  • Skill in technical writing.
  • Skill in utilizing feedback to improve processes, products, and services.
  • Access information on current assets available, usage.
  • Access the databases where plans/directives/guidance are maintained.
  • Analyze strategic guidance for issues requiring clarification and/or additional guidance.
  • Analyze target or threat sources of strength and morale.
  • Develop a collection plan that clearly shows the discipline that can be used to collect the information needed.
  • Evaluate requests for information to determine if response information exists.
  • Extract information from available tools and applications associated with collection requirements and collection operations management.
  • Apply cybersecurity and privacy principles to organizational requirements.
  • Use cyber defense service provider reporting structure and processes within one’s own organization.
  • Identify cybersecurity and privacy issues that stem from connections with internal and external customers and partner organizations.
  • Identify systemic security issues based on the analysis of vulnerability and configuration data.
  • Answer questions in a clear and concise manner.
  • Ask clarifying questions.
  • Communicate complex information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means.
  • Communicate effectively when writing.
  • Conduct vulnerability scans and recognize vulnerabilities in security systems.
  • Facilitate small group discussions.
  • Prepare and present briefings.
  • Produce technical documentation.
  • Design valid and reliable assessments.
  • Analyze test data.
  • Collect, verify, and validate test data.
  • Dissect a problem and examine the interrelationships between data that may appear unrelated.
  • Identify basic common coding flaws at a high level.
  • Translate data and test results into evaluative conclusions.
  • Ensure security practices are followed throughout the acquisition process.
  • Apply collaborative skills and strategies.
  • Apply critical reading/thinking skills.
  • Effectively collaborate via virtual teams.
  • Evaluate information for reliability, validity, and relevance.
  • Evaluate, analyze, and synthesize large quantities of data into high quality, fused targeting/intelligence products.
  • Exercise judgment when policies are not well-defined.
  • Expand network access by conducting target analysis and collection to identify targets of interest.
  • Focus research efforts to meet the customer’s decision-making needs.
  • Function effectively in a dynamic, fast-paced environment.
  • Function in a collaborative environment, seeking continuous consultation with other analysts and experts—both internal and external to the organization—to leverage analytical and technical expertise.
  • Identify external partners with common cyber operations interests.
  • Identify intelligence gaps.
  • Identify/describe target vulnerability.
  • Identify/describe techniques/methods for conducting technical exploitation of the target.
  • Interpret and apply laws, regulations, policies, and guidance relevant to organization cyber objectives.
  • Interpret and translate customer requirements into operational action.
  • Interpret and understand complex and rapidly evolving concepts.
  • Participate as a member of planning teams, coordination groups, and task forces as necessary.
  • Recognize and mitigate cognitive biases which may affect analysis.
  • Think critically.
  • Understand objectives and effects.
  • Utilize multiple intelligence sources across all intelligence disciplines.
  • Relate strategy, business, and technology in the context of organizational dynamics.
  • Understand technology, management, and leadership issues related to organization processes and problem solving.
  • Understand the basic concepts and issues related to cyber and its organizational impact.
  • Work across departments and business units to implement organization’s privacy principles and programs, and align privacy objectives with security objectives.
  • Monitor advancements in information privacy technologies to ensure organizational adaptation and compliance.
  • Develop or procure curriculum that speaks to the topic at the appropriate level for the target.
  • Work across departments and business units to implement organization’s privacy principles and programs, and align privacy objectives with security objectives.
  • Prioritize and allocate cybersecurity resources correctly and efficiently.
  • Understand the basic concepts and issues related to cyber and its organizational impact.
  • Apply cybersecurity and privacy principles to organizational requirements.
  • Identify critical infrastructure systems with information communication technology that were designed without system security considerations.
  • Manage and approve accreditation packages.
  • Plan and conduct security authorization reviews and assurance case development for initial installation of systems and networks.
  • Review authorization and assurance documents to confirm that the level of risk is within acceptable limits for each software application, system, and network.
  • Verify that application software/network/system security postures are implemented as stated, document deviations, and recommend required actions to correct those deviations.
  • Develop security compliance processes and/or audits for external services.
  • Establish acceptable limits for the software application, network, or system.
  • Manage accreditation packages.
  • Perform security reviews, identify gaps in security architecture, and develop a security risk management plan.
  • Perform security reviews and identify security gaps in security architecture resulting in recommendations for inclusion in the risk mitigation strategy.
  • Perform risk analysis whenever an application or system undergoes a major change.
  • Provide input to the risk management framework process activities and related documentation.
  • Verify and update security documentation reflecting the application/system security design features.
  • Participate in risk governance process to provide security risks, mitigations, and input on other technical risk.
  • Ensure that plans of actions and milestones or remediation plans are in place for vulnerabilities identified during risk assessments, audits, inspections, etc.
  • Assure successful implementation and functionality of security requirements and appropriate information technology policies and procedures that are consistent with the organization’s mission and goals.
  • Define and document how the implementation of a new system or new interfaces between systems impacts the security posture of the current environment.
  • Ensure that security design and cybersecurity development activities are properly documented and updated as necessary.
  • Support necessary compliance activities.
  • Ensure that all acquisitions, procurements, and outsourcing efforts address information security requirements consistent with organization goals.
  • Assess the effectiveness of security controls.
  • Assess all the configuration management processes.

All courses are available in live-on-line format.

There are 11 different methods of possible exercises used throughout the course in one-hour class meetings. As soon as students become accustomed to a particular flow, or they get comfortable, the instructor will switch methods. Some examples include: threats and controls, case studies, risk analysis practice, and reading review. Technical labs will require basic skills in operating systems and virtualization.

Before class students will complete mindmaps, assigned readings, take practice quizzes, submit case study information, and build flashcards. Each activity is graded as needed.

We use a customized text developed by our internal experts. This text covers the latest best practices, current state of security and technology. All students are required to have a working computer, microphone, and earbuds.

  • 1 hour per session
  • 5 sessions per week
  • 10 weeks with 2 break weeks (also called ‘dark weeks’)
  • Orientation is held for 90 minutes before first live class.
  • Class meeting times are listed on the public calendar.

Related products