• Classroom
Course Description

The Cyber Operations Analyst course is designed to provide the knowledge and practical skills necessary for Cybersecurity personnel to defend, respond, report, mitigate, and restore enterprise systems before, during and after exploitation has occurred. In support of this objective, the course will contain theory, operation, defensive techniques, and corrective action instruction for the enterprise architecture. 5 days, Instructor-led, On-Site or Off-Site. Training takes place within Metova's Cyberoperations Enhanced Network and Training Simulators (CENTS) realistic, immersive training emulator.

Learning Objectives

1. Review current information available in publicly-available sources, from other more sensitive sources, and from US and International regulation, and identify how attacks are occurring and how to classify an attack. 2. Identify the National Cyber Chain of Command, the missions of the Cyber Mission Forces (CMFs). 3. Describe the fundamental principles of Cybersecurity and the risks to the Enterprise from vulnerabilities, threats, and adversarial actors.Prevent cybersecurity incidents from occurring within the group of employees you are responsible for. 4. Describe the architecture, components, management, administration, operation, and maintenance of the Enterprise Network IAW with best practices and higher authority's direction. 5. Describe how data bits are assembled into programming languages which form applications that ride on the operating system. 6. Explain and install group policies and other access controls IAW the security baseline using systems provided. 7. Describe how a network communicates, the principles behind network engineering, and security features of devices on the network using tools and devices found in the network environment IAW best practices. 8. Identify, analyze, and report on application risks and vulnerabilities using tools provided within the network environment. 9. Use network security tools and techniques to mitigate risk and eliminate threats. 10. Use Incident Response procedures IAW the Incident Response Plan.

Framework Connections

Feedback

If you would like to provide feedback for this course, please e-mail the NICCS SO at NICCS@hq.dhs.gov.