• Online, Instructor-Led
Course Description

This 1-day Instructor-led security workshop provides insight into security practices to improve the security posture of an organization.

Learning Objectives

Describe the current cybersecurity landscape
Describe the assume compromise philosophy
Identify factors that contribute to the cost of a breach
Distinguish between responsibilities of red teams and blue teams
Identify typical objectives of cyber attackers
Describe a kill chain carried out by read teams
Describe the role, goals, and kill chain activities of the blue team in red team exercises
Describe the ways limiting how an attacker can compromise unprivileged accounts.
Describe the methods used to restrict lateral movement.
Describe how telemetry monitoring is used to detect attacks.
Explain the concept of Confidentiality, Integrity, and Availability (CIA) triad.
Describe the primary activities that should be included in organization preparations 
Identify the main principles of developing and maintaining policies.

Framework Connections

The materials within this course focus on the Knowledge Skills and Abilities (KSAs) identified within the Specialty Areas listed below. Click to view Specialty Area details within the interactive National Cybersecurity Workforce Framework.

Feedback

If you would like to provide feedback for this course, please e-mail the NICCS SO at NICCS@hq.dhs.gov.