• Classroom
  • Online, Self-Paced
Course Description

Successful completion of this exam will demonstrate a candidate's ability to understand tactics, techniques and procedures (TTP) in the process of proactively and iteratively searching through networks, systems, and data (internal and external) to detect and isolate advanced threats that evade existing security solutions. The candidate will be able to develop, implement, configure, and enhance organizational wide and system-level security hunt tools in the use threat information from multiple sources to conduct analysis of system / network anomalies. The candidate will be able detect, respond, recover, and report these findings in accordance with Government and organizations incident handling requirements.

Learning Objectives

Successful completion of this exam will demonstrate a candidate's ability to understand tactics, techniques and procedures (TTP) in the process of proactively and iteratively searching through networks, systems, and data (internal and external) to detect and isolate advanced threats that evade existing security solutions. The candidate will be able to develop, implement, configure, and enhance organizational wide and system-level security hunt tools in the use threat information from multiple sources to conduct analysis of system / network anomalies. The candidate will be able detect, respond, recover, and report these findings in accordance with Government and organizations incident handling requirements.

Framework Connections

The materials within this course focus on the Knowledge Skills and Abilities (KSAs) identified within the Specialty Areas listed below. Click to view Specialty Area details within the interactive National Cybersecurity Workforce Framework.