- Identify basic risk management processes
- Demonstrate the ability to recognize cyber threats and vulnerabilities
- Demonstrate the ability to apply incident response and handling methodologies
- Demonstrate an understanding of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy
- Understand Insider Threat investigations, reporting, investigative tools and laws/regulations
- Understand adversarial tactics, techniques, and procedures.
- Apply knowledge of current and emerging threats/threat vectors
- Understand risk/threat assessment.
- Understand cyber attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks).
- Understand intrusion detection and signature development
- Understand target or cyber threat actors and procedurest
- Perform packet-level analysis using appropriate tools
- Apply incident handling methodologies.
- Perform a log review in identifying evidence of past intrusions.
- Utilize security event correlation tools.
- Identify cyber threats which may jeopardize organization and/or partner interests
- Respond and take local actions in response to threat sharing alerts from service providers.
The materials within this course focus on the Knowledge Skills and Abilities (KSAs) identified within the Specialty Areas listed below. Click to view Specialty Area details within the interactive National Cybersecurity Workforce Framework.
If you would like to provide feedback for this course, please e-mail the NICCS SO at NICCS@hq.dhs.gov.