• Classroom
  • Online, Instructor-Led
Course Description

This course covers the duties of those who are responsible for monitoring and detecting security incidents in information systems and networks, and for executing a proper response to such incidents. Depending on the size of the organization, this individual may act alone or may be a member of a computer security incident response team (CSIRT). The course introduces strategies, frameworks, methodologies, and tools to manage cybersecurity risks, identify various types of common threats, design and operate secure computing and networking environments, assess and audit the organization's security, collect and analyze cybersecurity intelligence, and handle incidents as they occur. The course also covers closely related information assurance topics such as auditing and forensics to provide a sound basis for a comprehensive approach to security aimed toward those on the front lines of defense.

Learning Objectives

  • In this course, you will develop, operate, manage, and enforce security capabilities for systems and networks
  • Assess information security risk in computing and network environments
  • Create an information assurance lifecycle process
  • Analyze threats to computing and network environments
  • Design secure computing and network environments
  • Operate secure computing and network environments
  • Assess the security posture within a risk management framework
  • Collect cybersecurity intelligence information
  • Analyze collected intelligence to define actionable response
  • Respond to cybersecurity incidents
  • Investigate cybersecurity incidents
  • Audit secure computing and network environments

Framework Connections

The materials within this course focus on the Knowledge Skills and Abilities (KSAs) identified within the Specialty Areas listed below. Click to view Specialty Area details within the interactive National Cybersecurity Workforce Framework.