This 1-day Instructor-led security workshop provides insight into security practices to improve the security posture of an organization.
Describe the current cybersecurity landscape
Describe the assume compromise philosophy
Identify factors that contribute to the cost of a breach
Distinguish between responsibilities of red teams and blue teams
Identify typical objectives of cyber attackers
Describe a kill chain carried out by read teams
Describe the role, goals, and kill chain activities of the blue team in red team exercises
Describe the ways limiting how an attacker can compromise unprivileged accounts.
Describe the methods used to restrict lateral movement.
Describe how telemetry monitoring is used to detect attacks.
Explain the concept of Confidentiality, Integrity, and Availability (CIA) triad.
Describe the primary activities that should be included in organization preparations
Identify the main principles of developing and maintaining policies.
If you would like to provide feedback for this course, please e-mail the NICCS SO at NICCS@hq.dhs.gov.