• Classroom
  • Online, Self-Paced
Course Description

Successful completion of this exam will demonstrate a candidate's ability to understand tactics, techniques and procedures (TTP) in the process of proactively and iteratively searching through networks, systems, and data (internal and external) to detect and isolate advanced threats that evade existing security solutions - specifically hacker/hacktivist and related group intentions and capabilities, and nation-state sponsored CNE (computer network exploitation) and CNA (computer network attack) targeting the critical systems, data, and infrastructure. The candidate will be able to develop, implement, configure, and enhance organizational wide and system-level security forensic sampling tools and advanced multimedia exploitation tools to help identify internal and external organizational Indicators Of Compromise (IOCs) The candidate will use threat information from multiple sources to conduct analysis of system / network anomalies. The candidate will be able detect, respond, recover, and report these findings in accordance with Government and organizations incident handling requirements.

Learning Objectives

Successful completion of this exam will demonstrate a candidate's ability to understand tactics, techniques and procedures (TTP) in the process of proactively and iteratively searching through networks, systems, and data (internal and external) to detect and isolate advanced threats that evade existing security solutions - specifically hacker/hacktivist and related group intentions and capabilities, and nation-state sponsored CNE (computer network exploitation) and CNA (computer network attack) targeting the critical systems, data, and infrastructure. The candidate will be able to develop, implement, configure, and enhance organizational wide and system-level security forensic sampling tools and advanced multimedia exploitation tools to help identify internal and external organizational Indicators Of Compromise (IOCs) The candidate will use threat information from multiple sources to conduct analysis of system / network anomalies. The candidate will be able detect, respond, recover, and report these findings in accordance with Government and organizations incident handling requirements.

Framework Connections

The materials within this course focus on the Knowledge Skills and Abilities (KSAs) identified within the Specialty Areas listed below. Click to view Specialty Area details within the interactive National Cybersecurity Workforce Framework.