Course addresses internal and external intelligence sources, including intrusion detection, log analysis, data mining, M&A due diligence, HUMINT, and the role of an Information Security Operations Center (ISOC). From an external perspective, the course covers information gathering, intelligence feeds/sources, and fusion centers as well as the automation, filtering, validation, analysis, and dissemination of intelligence. The course also provides an understanding as to technical countermeasures (e.g., sandboxes, honeypots), and addresses the roles of DHS, FBI, NSA, and DOD.
The materials within this course focus on the Knowledge Skills and Abilities (KSAs) identified within the Specialty Areas listed below. Click to view Specialty Area details within the interactive National Cybersecurity Workforce Framework.