Group/Corporate

Bundled Courses (custom courses can be designed to suite corporate client’s needs) Boards, Management, Technical Teams, General employees

Course Name & Description Delivery Method DurationCPE
Fullstack Cyber Bootcamp

Students choose the program schedule that works
best for them and leave prepared to get a
cybersecurity job in just 8 (full-time) or 16 weeks
online or face-to-face (part-time on evenings and
weekends). The bootcamp combines technical skills
training, insight into current cyber trends, and
hands-on application in simulated cyber-attacks. As
students prepare for graduation, they work closely
with our career services team with resume help,
networking guidance, and an exclusive in-house job
fair for students.
Live on-line
On-Demand
In-Person
8 Weeks
(Fulltime)

16 Weeks
(part-time)
22

Course Name & Description Delivery Method DurationCPE
Introduction to Cyber Security

This comprehensive course covers everything from
core terminology to the how computers and
networks function.
This course is for those who have very little
knowledge of computers & technology with no prior
knowledge of cyber security. The hands-on, step-by step
teaching approach enables you to grasp all the
information presented, even if some of the topics
are new to you. You’ll learn real-world cyber security
fundamentals to serve as the foundation of your
career skills and knowledge for years to come

Syllabus:
o Security policies
o Risk management, a new way of looking at
passwords, cryptographic principles, network
attacks & malware, wireless security, firewalls
and many other security technologies, web &
browser security, backups, virtual machines &
cloud computing.
Live on-line
On-Demand
In-Person
8 Weeks22

Course Name & Description Delivery Method DurationCPE
Security Essentials Bootcamp Style

This course will show you the most effective steps to
prevent attacks and detect adversaries with
actionable techniques that can be used as soon as
you get back to work. You’ll learn tips and tricks
designed to help you win the battle against the wide
range of cyber adversaries that want to harm your
environment.
Live on-line
On-Demand
In-Person
8 Weeks
(Fulltime)
22

Course Name & Description Delivery Method DurationCPE
Cyber Detection Essentials

PREVENTION IS IDEAL BUT DETECTION IS A MUST
With the rise in advanced persistent threats, it is
almost inevitable that organizations will be targeted.
Whether the attacker is successful in penetrating an
organization’s network depends on the effectiveness
of the organization’s defense. Defending against
attacks is an ongoing challenge, with new threats
emerging all of the time, including the next
generation of threats. Organizations need to
understand what really works in cybersecurity. What
has worked, and will always work, is taking a risk based
approach to cyber defense. Before your
organization spends a dollar of its IT budget or
allocates any resources or time to anything in the
name of cybersecurity, three questions must be
answered:
1. What is the risk?
2. Is it the highest priority risk?
3. What is the most cost-effective way to
reduce the risk?

Syllabus
o Network Security Essentials
o Defense-in-Depth & Attacks
o Threat Management
o Cryptography, incident Response & Risk
Management
Live on-line
On-Demand
In-Person
8 weeks
(Fulltime)
22

Course Name & Description Delivery Method DurationCPE
Secrets to Successful Cybersecurity Presentation

While you may have decided to become a
cybersecurity pro in order to work cases and catch
bad guys, changes in technologies, user
requirements, and incidents mean you’ll also likely
be called upon to present to other technologists,
users, and leadership. In order to improve the
technical quality of your work and advance your
career, you’ll need effective presentation skills.

This course gives you the skills to put together an
effective security briefing, secure the interest and
engagement of your audience, and confidently
deliver presentations to a variety of groups. You’ll
learn effective techniques to secure management
approval for new security projects and tools, as well
as how to handle the toughest questions and adjust
on-the-fly. Designed exclusively for cybersecurity
professionals, this course covers

o Best practices for common security
presentations such as penetration testing
reports,
o Security assessment reports,
o Incident updates,
o After-action reports,
o Security awareness briefings,
o Gaining and Keeping the Audience’s Attention
o Packaging for Impact
o Using Stories and Models to Engage and Inspire
o Secrets to Successful Cybersecurity Presentations
Live on-line
On-Demand
In-Person
8 weeks
(Fulltime)
22

Course Name & Description Delivery Method DurationCPE
Critical Security Controls: Planning, Implementing,
and Auditing


This course helps you master specific, proven
techniques and tools needed to implement and audit
the Critical Security Controls as documented by the
Center for Internet Security (CIS). These Critical
Security Controls, listed below, are rapidly becoming
accepted as the highest priority list of what must be
done and proven before anything else at nearly all
serious and sensitive organizations. They defined
these controls as their consensus for the best way to
block the known attacks and the best way to help
find and mitigate damage from the attacks that get
through. For security professionals, the course
enables you to see how to put the controls in place
in your existing network though effective and
widespread use of cost-effective automation. For
auditors, CIOs, and risk officers, the course is the
best way to understand how you will measure
whether the controls are effectively implemented
Live on-line
On-Demand
In-Person
8 weeks
(Fulltime)
22

Course Name & Description Delivery Method DurationCPE
Blue Team Fundamentals: Security Operations and
Analysis


Is your organization looking for a quick and effective
way to onboard new Security Analysts, Engineers,
and Architects? Do your Security Operations Center
(SOC) managers need additional technical
perspective on how to improve analysis quality,
reduce turnover, and run an efficient SOC?

This is an accelerated on-ramp for new cyber
defense team members and SOC managers. This
course introduces students to the tools common to a
defender’s work environment, and packs in all the
essential explanations of tools, processes, and data
flow that every blue team member needs to know.

Students will learn the stages of security operations:
o how data is collected,
o where it is collected, and
o how threats are identified within that data?

The class dives deep into tactics for triage and
investigation of events that are identified as
malicious, as well as how to avoid common mistakes
and perform continual high-quality analysis.
Students will learn the inner workings of the most
popular protocols, and how to identify weaponized
files as well as attacks within the hosts and data on
their network.

The course employs practical, hands-on instruction
using a simulated SOC environment with a real, fully
integrated toolset that includes:

o Security Information and Event Management
(SIEM)
o An incident tracking and management system
o A threat intelligence platform
o Packet capture and analysis
o Automation tools
Live on-line
On-Demand
In-Person
8 weeks
(Fulltime)
22

Course Name & Description Delivery Method DurationCPE
SIEM Design & Implementation

Security Information and Event Management (SIEM)
can be an extraordinary benefit to an organization’s
security posture but understanding and maintaining
it can be difficult. Many solutions require complex
infrastructure and software that necessitate
professional services for installation. The use of
professional services can leave security teams
feeling as if they do not truly own or understand
how their SIEM operates. Combine this situation of
complicated solutions with a shortage of available
skills, a lack of simple documentation, and the high
costs of software and labor, and it is not surprising
that deployments often fail to meet expectations. A
SIEM can be the most powerful tool a cyber defense
team can wield, but only when it is used to its fullest
potential. This course is designed to address this
problem by demystifying SIEMs and simplifying the
process of implementing a solution that is usable,
scalable, and simple to maintain the goal of this
course is to teach students how to build a SIEM from
the ground up using the Elastic Stack. Throughout
the course, students will learn about the required
stages of log collection.

The course will cover:

o Endpoint agent selection,
o Logging formats,
o Parsing,
o Enrichment,
o Storage, and
o Alerting,

The course will combine these components to make
a flexible, high-performance SIEM solution. Using
this approach empowers SIEM engineers and
analysts to understand the complete system, make
the best use of technology purchases, and
supplement current underperforming deployments.
This process allows organizations to save money on
professional services, increase the efficiency of
internal labor, and develop a nimbler solution than
many existing deployments.

For example, many organizations pay thousands of
dollars in consulting fees when a unique log source
needs a custom parser. This course will train
students how to easily parse any log source without
requiring consulting services, saving their
organizations both time and money, and facilitating
faster collection and use of new log sources
Live on-line
On-Demand
In-Person
8 weeks
(Fulltime)
22

Course Name & Description Delivery Method DurationCPE
Enterprise Threat and Vulnerability Assessment

Computer exploitation is on the rise. As advanced
adversaries become more numerous, more capable,
and much more destructive, organizations must
become more effective at mitigating their
information security risks at the enterprise scale.
This course is the premier course focused on
building technical vulnerability assessment skills and
techniques, while highlighting time-tested practical
approaches to ensure true value across the
enterprise. The course covers threat management,
introduces the core components of comprehensive
vulnerability assessment, and provides the hands-on
instruction necessary to produce a vigorous
defensive strategy from day one. The course is
focused on equipping information security personnel
from mid-sized to large organizations charged with
effectively and efficiently securing 10,000 or more
systems.

The course begins with an introduction to

o Information security vulnerability assessment
fundamentals,
o In-depth coverage of the Vulnerability
Assessment Framework
o The structural components of a dynamic and
iterative information security program
o Through a detailed,
• Practical analysis of threat intelligence,
• Modeling, and automation,
• Students will learn the skills necessary to
not only use the tools of the trade,
• How to implement a transformational
security vulnerability assessment
program.
Live on-line
On-Demand
In-Person
8 weeks
(Fulltime)
22

Course Name & Description Delivery Method DurationCPE
Cloud Security Essentials

More businesses than ever are moving sensitive data
and shifting mission-critical workloads to the cloud.
And not just one cloud service provider (CSP) –
research shows that most enterprises have
strategically decided to deploy a multi-cloud
platform, including Amazon Web Services, Azure,
Google Cloud, and others.

New technologies introduce new risks. This course
will equip you to implement appropriate security
controls in the cloud, often using automation to
“inspect what you expect.” Mature Cloud Service
Providers (CSPs) have created a variety of security
services that can help customers use their products
in a more secure manner, but nothing is a magic
bullet. This course covers real-world lessons using
security services created by the CSPs and opensource
tools. Each course day features hands-on lab
exercises to help students hammer home the lessons
learned. We progressively layer multiple security controls
in order to end the week with a functional
security architecture implemented in the cloud.

The course will begin by showing how your day-today
operations will change due to the evolution of
Cloud. Expect changes from the different
responsibility models to the different CSP models of
Infrastructure-as-a-Service, Platform-as-a-Service,
and Software-as-a-Service. From there we’ll move on
to securing the cloud, managing risk, and addressing
the challenges you may experience as you look to
achieve a specific level of security assurance.

Cloud Security Essentials course will prepare you to
advise and speak about a wide range of topics and
help your organization successfully navigate both the
security challenges as well as the opportunities
presented by cloud services. Like foreign languages,
cloud environments have similarities and
differences.

Some of the topics covered:

o Welcome to the Cloud
o Securing the Cloud Environment and
Infrastructure Security
o Application Security and Securing Services
o Cloud OPs and Architecture
o Legal/Compliance, Penetration Testing &
Incident Response
Live on-line
On-Demand
In-Person
8 weeks
(Fulltime)
22

Course Name & Description Delivery Method DurationCPE
Digital Forensics Essentials

More than half of jobs in the modern world use a
computer. The vast majority of people aged 18-30
are ‘digitally fluent’; accustomed to using
smartphones, smart TVs, tablets and home
assistants, in addition to laptops and computers,
simply as part of everyday life.

o Yet, how many of these users actually
understand what’s going on under the hood?
o Do you know what your computer or
smartphone can tell someone about you?
o Do you know how easy it might be for someone
to access and exploit that data?
o Are you fed up with not understanding what
technical people are talking about when it comes
to computers and files, data and metadata?
o Do you know what actually happens when a file
is deleted?
o Do you want to know more about Digital

Forensics and Incident Response?
If you answered ‘yes’ to any of the above, this course
is for you. This is an introductory course aimed at
people from non-technical backgrounds, to give an
understanding, in layman’s terms, of how files are
stored on a computer or smartphone. It explains
what Digital Forensics and Incident Response are
and the art of the possible when professionals in
these fields are given possession of a device.

This course is intended to be a starting point to
provide a grounding in knowledge, from which
other, more in-depth, courses will expand.

IT’S NOT JUST ABOUT USING TOOLS AND PUSHING
BUTTONS


Digital Forensics Essentials Course will help you
understand:

• What digital forensics is
• What digital evidence is and where to find it
• How digital forensics can assist your
organization or investigation
• Digital forensics principles and processes
• Incident response processes and procedures
• How to build and maintain a digital forensics
capacity
• Some of the key challenges in digital
forensics and incident response
• Some of the core legal issues impacting on
digital evidence
Live on-line
On-Demand
In-Person
8 Weeks22

Course Name & Description Delivery Method DurationCPE
Battlefield Forensics & Data Acquisition Forensics

THE CLOCK IS TICKING. YOU NEED TO PRIORITIZE
THE MOST VALUABLE EVIDENCE FOR PROCESSING.
LET US SHOW YOU HOW


Battlefield Forensics & Acquisition Course will help
you to:

• Acquire data effectively from:
o PCs, Microsoft Surface, and Tablet PCs
o Apple Devices, and Mac, and Mac
Books
o RAM and Memory
o Smartphones and portable mobile
devices
o Cloud storage and services
o Network storage repositories
• Produce actionable intelligence in 90 minutes
or less

The first step in any investigation is the gathering of
evidence. Digital forensic investigations are no
different. The evidence used in this type of
investigation is data, and this data can live in many
varied formats and locations. You must be able to
first identify the data that you might need,
determine where that data resides, and, finally,
formulate a plan and procedures for collecting that
data.

With digital forensic acquisitions, you will typically
have only one chance to collect data properly. If you
manage the acquisition incorrectly, you run the risk
of not only damaging the investigation, but more
importantly, destroying the very data that could
have been used as evidence.

With the wide range of storage media in the
marketplace today, any kind of standardized
methodology for all media is simply untenable.
Many mistakes are being made in digital evidence
collection, and this can cause the guilty to go free
and, more importantly, the innocent to be
incarcerated. The disposition of millions and millions
of dollars can rest within the bits and bytes that you
are tasked with properly collecting and interpreting.

An examiner can no longer rely on “dead box”
imaging of a single hard drive. In today’s cyber
sphere, many people utilize a desktop, laptop,
tablet, and cellular phone within the course of a
normal day. Compounding this issue is the
expanding use of cloud storage and providers, and
the proper collection of data from all these domains
can become quite overwhelming.

This in-depth digital acquisition and data handling
course will provide first responders and investigators
alike with the advanced skills necessary to properly
respond to, identify, collect, and preserve data from
a wide range of storage devices and repositories,
ensuring that the integrity of the evidence is beyond
reproach. Constantly updated, FOR498 addresses
today’s need for widespread knowledge and
understanding of the challenges and techniques that
investigators require when addressing real-world
cases

Course Syllabus

o Evidence File Quick Wins and Dealing with
Smartphones
o Evidence Acquisition and Collection
o Quick Win Forensics
o Non-Traditional and Cloud Acquisition
o Apple Acquisition, Internet of Things, and Online
Attribution
o Beyond the Forensic Tools: The Deeper Dive
Live on-line
On-Demand
In-Person
8 Weeks22

Course Name & Description Delivery Method DurationCPE
Advanced Incident Response, Threat Hunting, and
Digital Forensics


ADVANCED THREATS ARE IN YOUR NETWORK – IT’S
TIME TO GO HUNTING!


Advanced Incident Response and Threat Hunting
Course will help you to:

• Detect how and when a breach occurred
• Identify compromised and affected systems
• Perform damage assessments and determine
what was stolen or changed
• Contain and remediate incidents
• Develop key sources of threat intelligence
• Hunt down additional breaches using
knowledge of the adversary

The key to threat hunting is to constantly look for
attacks that get past security systems, and to catch
intrusions in progress, rather than after attackers
have completed their objectives and done significant
damage to the organization. For the incident
responder, this process is known as “threat hunting”.

Threat hunting uses known adversary behaviors to
proactively examine the network and endpoints in
order to identify new data breaches.
Threat hunting and Incident response tactics and
procedures have evolved rapidly over the past
several years. Your team can no longer afford to use
antiquated incident response and threat hunting
techniques that fail to properly identify
compromised systems, provide ineffective
containment of the breach, and ultimately fail to
rapidly remediate the incident. Incident response
and threat hunting teams are the keys to identifying
and observing malware indicators and patterns of
activity in order to generate accurate threat
intelligence that can be used to detect current and
future intrusions

Course Syllabus:

o Advanced Incident Response & Threat Hunting
o Intrusion Analysis
o Memory Forensics in Incident Response & Threat
Hunting
o Timeline Analysis
o Incident Response & Hunting Across the
Enterprise | Advanced Adversary & Anti-
Forensics Detection
Live on-line
On-Demand
In-Person
8 Weeks22

Individual/Private

Individuals self-paced and on-demand courses are available

Course Name & Description Delivery Method DurationCPE
Fullstack Cyber Bootcamp

Students choose the program schedule that works
best for them and leave prepared to get a
cybersecurity job in just 8 (full-time) or 16 weeks
online or face-to-face (part-time on evenings and
weekends). The bootcamp combines technical skills
training, insight into current cyber trends, and
hands-on application in simulated cyber-attacks. As
students prepare for graduation, they work closely
with our career services team with resume help,
networking guidance, and an exclusive in-house job
fair for students.
Live on-line
On-Demand
In-Person
8 Weeks
(Fulltime)

16 Weeks
(part-time)
22

Course Name & Description Delivery Method DurationCPE
Introduction to Cyber Security

This comprehensive course covers everything from
core terminology to the how computers and
networks function.
This course is for those who have very little
knowledge of computers & technology with no prior
knowledge of cyber security. The hands-on, step-by step
teaching approach enables you to grasp all the
information presented, even if some of the topics
are new to you. You’ll learn real-world cyber security
fundamentals to serve as the foundation of your
career skills and knowledge for years to come

Syllabus:
o Security policies
o Risk management, a new way of looking at
passwords, cryptographic principles, network
attacks & malware, wireless security, firewalls
and many other security technologies, web &
browser security, backups, virtual machines &
cloud computing.
Live on-line
On-Demand
In-Person
8 Weeks22

Course Name & Description Delivery Method DurationCPE
Security Essentials Bootcamp Style

This course will show you the most effective steps to
prevent attacks and detect adversaries with
actionable techniques that can be used as soon as
you get back to work. You’ll learn tips and tricks
designed to help you win the battle against the wide
range of cyber adversaries that want to harm your
environment.
Live on-line
On-Demand
In-Person
8 Weeks
(Fulltime)
22

Course Name & Description Delivery Method DurationCPE
Cyber Detection Essentials

PREVENTION IS IDEAL BUT DETECTION IS A MUST
With the rise in advanced persistent threats, it is
almost inevitable that organizations will be targeted.
Whether the attacker is successful in penetrating an
organization’s network depends on the effectiveness
of the organization’s defense. Defending against
attacks is an ongoing challenge, with new threats
emerging all of the time, including the next
generation of threats. Organizations need to
understand what really works in cybersecurity. What
has worked, and will always work, is taking a risk based
approach to cyber defense. Before your
organization spends a dollar of its IT budget or
allocates any resources or time to anything in the
name of cybersecurity, three questions must be
answered:
1. What is the risk?
2. Is it the highest priority risk?
3. What is the most cost-effective way to
reduce the risk?

Syllabus
o Network Security Essentials
o Defense-in-Depth & Attacks
o Threat Management
o Cryptography, incident Response & Risk
Management
Live on-line
On-Demand
In-Person
8 weeks
(Fulltime)
22

Course Name & Description Delivery Method DurationCPE
Secrets to Successful Cybersecurity Presentation

While you may have decided to become a
cybersecurity pro in order to work cases and catch
bad guys, changes in technologies, user
requirements, and incidents mean you’ll also likely
be called upon to present to other technologists,
users, and leadership. In order to improve the
technical quality of your work and advance your
career, you’ll need effective presentation skills.

This course gives you the skills to put together an
effective security briefing, secure the interest and
engagement of your audience, and confidently
deliver presentations to a variety of groups. You’ll
learn effective techniques to secure management
approval for new security projects and tools, as well
as how to handle the toughest questions and adjust
on-the-fly. Designed exclusively for cybersecurity
professionals, this course covers

o Best practices for common security
presentations such as penetration testing
reports,
o Security assessment reports,
o Incident updates,
o After-action reports,
o Security awareness briefings,
o Gaining and Keeping the Audience’s Attention
o Packaging for Impact
o Using Stories and Models to Engage and Inspire
o Secrets to Successful Cybersecurity Presentations
Live on-line
On-Demand
In-Person
8 weeks
(Fulltime)
22

Course Name & Description Delivery Method DurationCPE
Critical Security Controls: Planning, Implementing,
and Auditing


This course helps you master specific, proven
techniques and tools needed to implement and audit
the Critical Security Controls as documented by the
Center for Internet Security (CIS). These Critical
Security Controls, listed below, are rapidly becoming
accepted as the highest priority list of what must be
done and proven before anything else at nearly all
serious and sensitive organizations. They defined
these controls as their consensus for the best way to
block the known attacks and the best way to help
find and mitigate damage from the attacks that get
through. For security professionals, the course
enables you to see how to put the controls in place
in your existing network though effective and
widespread use of cost-effective automation. For
auditors, CIOs, and risk officers, the course is the
best way to understand how you will measure
whether the controls are effectively implemented
Live on-line
On-Demand
In-Person
8 weeks
(Fulltime)
22

Course Name & Description Delivery Method DurationCPE
Blue Team Fundamentals: Security Operations and
Analysis


Is your organization looking for a quick and effective
way to onboard new Security Analysts, Engineers,
and Architects? Do your Security Operations Center
(SOC) managers need additional technical
perspective on how to improve analysis quality,
reduce turnover, and run an efficient SOC?

This is an accelerated on-ramp for new cyber
defense team members and SOC managers. This
course introduces students to the tools common to a
defender’s work environment, and packs in all the
essential explanations of tools, processes, and data
flow that every blue team member needs to know.

Students will learn the stages of security operations:
o how data is collected,
o where it is collected, and
o how threats are identified within that data?

The class dives deep into tactics for triage and
investigation of events that are identified as
malicious, as well as how to avoid common mistakes
and perform continual high-quality analysis.
Students will learn the inner workings of the most
popular protocols, and how to identify weaponized
files as well as attacks within the hosts and data on
their network.

The course employs practical, hands-on instruction
using a simulated SOC environment with a real, fully
integrated toolset that includes:

o Security Information and Event Management
(SIEM)
o An incident tracking and management system
o A threat intelligence platform
o Packet capture and analysis
o Automation tools
Live on-line
On-Demand
In-Person
8 weeks
(Fulltime)
22

Course Name & Description Delivery Method DurationCPE
SIEM Design & Implementation

Security Information and Event Management (SIEM)
can be an extraordinary benefit to an organization’s
security posture but understanding and maintaining
it can be difficult. Many solutions require complex
infrastructure and software that necessitate
professional services for installation. The use of
professional services can leave security teams
feeling as if they do not truly own or understand
how their SIEM operates. Combine this situation of
complicated solutions with a shortage of available
skills, a lack of simple documentation, and the high
costs of software and labor, and it is not surprising
that deployments often fail to meet expectations. A
SIEM can be the most powerful tool a cyber defense
team can wield, but only when it is used to its fullest
potential. This course is designed to address this
problem by demystifying SIEMs and simplifying the
process of implementing a solution that is usable,
scalable, and simple to maintain the goal of this
course is to teach students how to build a SIEM from
the ground up using the Elastic Stack. Throughout
the course, students will learn about the required
stages of log collection.

The course will cover:

o Endpoint agent selection,
o Logging formats,
o Parsing,
o Enrichment,
o Storage, and
o Alerting,

The course will combine these components to make
a flexible, high-performance SIEM solution. Using
this approach empowers SIEM engineers and
analysts to understand the complete system, make
the best use of technology purchases, and
supplement current underperforming deployments.
This process allows organizations to save money on
professional services, increase the efficiency of
internal labor, and develop a nimbler solution than
many existing deployments.

For example, many organizations pay thousands of
dollars in consulting fees when a unique log source
needs a custom parser. This course will train
students how to easily parse any log source without
requiring consulting services, saving their
organizations both time and money, and facilitating
faster collection and use of new log sources
Live on-line
On-Demand
In-Person
8 weeks
(Fulltime)
22

Course Name & Description Delivery Method DurationCPE
Enterprise Threat and Vulnerability Assessment

Computer exploitation is on the rise. As advanced
adversaries become more numerous, more capable,
and much more destructive, organizations must
become more effective at mitigating their
information security risks at the enterprise scale.
This course is the premier course focused on
building technical vulnerability assessment skills and
techniques, while highlighting time-tested practical
approaches to ensure true value across the
enterprise. The course covers threat management,
introduces the core components of comprehensive
vulnerability assessment, and provides the hands-on
instruction necessary to produce a vigorous
defensive strategy from day one. The course is
focused on equipping information security personnel
from mid-sized to large organizations charged with
effectively and efficiently securing 10,000 or more
systems.

The course begins with an introduction to

o Information security vulnerability assessment
fundamentals,
o In-depth coverage of the Vulnerability
Assessment Framework
o The structural components of a dynamic and
iterative information security program
o Through a detailed,
• Practical analysis of threat intelligence,
• Modeling, and automation,
• Students will learn the skills necessary to
not only use the tools of the trade,
• How to implement a transformational
security vulnerability assessment
program.
Live on-line
On-Demand
In-Person
8 weeks
(Fulltime)
22

Course Name & Description Delivery Method DurationCPE
Cloud Security Essentials

More businesses than ever are moving sensitive data
and shifting mission-critical workloads to the cloud.
And not just one cloud service provider (CSP) –
research shows that most enterprises have
strategically decided to deploy a multi-cloud
platform, including Amazon Web Services, Azure,
Google Cloud, and others.

New technologies introduce new risks. This course
will equip you to implement appropriate security
controls in the cloud, often using automation to
“inspect what you expect.” Mature Cloud Service
Providers (CSPs) have created a variety of security
services that can help customers use their products
in a more secure manner, but nothing is a magic
bullet. This course covers real-world lessons using
security services created by the CSPs and opensource
tools. Each course day features hands-on lab
exercises to help students hammer home the lessons
learned. We progressively layer multiple security controls
in order to end the week with a functional
security architecture implemented in the cloud.

The course will begin by showing how your day-today
operations will change due to the evolution of
Cloud. Expect changes from the different
responsibility models to the different CSP models of
Infrastructure-as-a-Service, Platform-as-a-Service,
and Software-as-a-Service. From there we’ll move on
to securing the cloud, managing risk, and addressing
the challenges you may experience as you look to
achieve a specific level of security assurance.

Cloud Security Essentials course will prepare you to
advise and speak about a wide range of topics and
help your organization successfully navigate both the
security challenges as well as the opportunities
presented by cloud services. Like foreign languages,
cloud environments have similarities and
differences.

Some of the topics covered:

o Welcome to the Cloud
o Securing the Cloud Environment and
Infrastructure Security
o Application Security and Securing Services
o Cloud OPs and Architecture
o Legal/Compliance, Penetration Testing &
Incident Response
Live on-line
On-Demand
In-Person
8 weeks
(Fulltime)
22

Course Name & Description Delivery Method DurationCPE
Digital Forensics Essentials

More than half of jobs in the modern world use a
computer. The vast majority of people aged 18-30
are ‘digitally fluent’; accustomed to using
smartphones, smart TVs, tablets and home
assistants, in addition to laptops and computers,
simply as part of everyday life.

o Yet, how many of these users actually
understand what’s going on under the hood?
o Do you know what your computer or
smartphone can tell someone about you?
o Do you know how easy it might be for someone
to access and exploit that data?
o Are you fed up with not understanding what
technical people are talking about when it comes
to computers and files, data and metadata?
o Do you know what actually happens when a file
is deleted?
o Do you want to know more about Digital

Forensics and Incident Response?
If you answered ‘yes’ to any of the above, this course
is for you. This is an introductory course aimed at
people from non-technical backgrounds, to give an
understanding, in layman’s terms, of how files are
stored on a computer or smartphone. It explains
what Digital Forensics and Incident Response are
and the art of the possible when professionals in
these fields are given possession of a device.

This course is intended to be a starting point to
provide a grounding in knowledge, from which
other, more in-depth, courses will expand.

IT’S NOT JUST ABOUT USING TOOLS AND PUSHING
BUTTONS


Digital Forensics Essentials Course will help you
understand:

• What digital forensics is
• What digital evidence is and where to find it
• How digital forensics can assist your
organization or investigation
• Digital forensics principles and processes
• Incident response processes and procedures
• How to build and maintain a digital forensics
capacity
• Some of the key challenges in digital
forensics and incident response
• Some of the core legal issues impacting on
digital evidence
Live on-line
On-Demand
In-Person
8 Weeks22

Course Name & Description Delivery Method DurationCPE
Battlefield Forensics & Data Acquisition Forensics

THE CLOCK IS TICKING. YOU NEED TO PRIORITIZE
THE MOST VALUABLE EVIDENCE FOR PROCESSING.
LET US SHOW YOU HOW


Battlefield Forensics & Acquisition Course will help
you to:

• Acquire data effectively from:
o PCs, Microsoft Surface, and Tablet PCs
o Apple Devices, and Mac, and Mac
Books
o RAM and Memory
o Smartphones and portable mobile
devices
o Cloud storage and services
o Network storage repositories
• Produce actionable intelligence in 90 minutes
or less

The first step in any investigation is the gathering of
evidence. Digital forensic investigations are no
different. The evidence used in this type of
investigation is data, and this data can live in many
varied formats and locations. You must be able to
first identify the data that you might need,
determine where that data resides, and, finally,
formulate a plan and procedures for collecting that
data.

With digital forensic acquisitions, you will typically
have only one chance to collect data properly. If you
manage the acquisition incorrectly, you run the risk
of not only damaging the investigation, but more
importantly, destroying the very data that could
have been used as evidence.

With the wide range of storage media in the
marketplace today, any kind of standardized
methodology for all media is simply untenable.
Many mistakes are being made in digital evidence
collection, and this can cause the guilty to go free
and, more importantly, the innocent to be
incarcerated. The disposition of millions and millions
of dollars can rest within the bits and bytes that you
are tasked with properly collecting and interpreting.

An examiner can no longer rely on “dead box”
imaging of a single hard drive. In today’s cyber
sphere, many people utilize a desktop, laptop,
tablet, and cellular phone within the course of a
normal day. Compounding this issue is the
expanding use of cloud storage and providers, and
the proper collection of data from all these domains
can become quite overwhelming.

This in-depth digital acquisition and data handling
course will provide first responders and investigators
alike with the advanced skills necessary to properly
respond to, identify, collect, and preserve data from
a wide range of storage devices and repositories,
ensuring that the integrity of the evidence is beyond
reproach. Constantly updated, FOR498 addresses
today’s need for widespread knowledge and
understanding of the challenges and techniques that
investigators require when addressing real-world
cases

Course Syllabus

o Evidence File Quick Wins and Dealing with
Smartphones
o Evidence Acquisition and Collection
o Quick Win Forensics
o Non-Traditional and Cloud Acquisition
o Apple Acquisition, Internet of Things, and Online
Attribution
o Beyond the Forensic Tools: The Deeper Dive
Live on-line
On-Demand
In-Person
8 Weeks22

Course Name & Description Delivery Method DurationCPE
Advanced Incident Response, Threat Hunting, and
Digital Forensics


ADVANCED THREATS ARE IN YOUR NETWORK – IT’S
TIME TO GO HUNTING!


Advanced Incident Response and Threat Hunting
Course will help you to:

• Detect how and when a breach occurred
• Identify compromised and affected systems
• Perform damage assessments and determine
what was stolen or changed
• Contain and remediate incidents
• Develop key sources of threat intelligence
• Hunt down additional breaches using
knowledge of the adversary

The key to threat hunting is to constantly look for
attacks that get past security systems, and to catch
intrusions in progress, rather than after attackers
have completed their objectives and done significant
damage to the organization. For the incident
responder, this process is known as “threat hunting”.

Threat hunting uses known adversary behaviors to
proactively examine the network and endpoints in
order to identify new data breaches.
Threat hunting and Incident response tactics and
procedures have evolved rapidly over the past
several years. Your team can no longer afford to use
antiquated incident response and threat hunting
techniques that fail to properly identify
compromised systems, provide ineffective
containment of the breach, and ultimately fail to
rapidly remediate the incident. Incident response
and threat hunting teams are the keys to identifying
and observing malware indicators and patterns of
activity in order to generate accurate threat
intelligence that can be used to detect current and
future intrusions

Course Syllabus:

o Advanced Incident Response & Threat Hunting
o Intrusion Analysis
o Memory Forensics in Incident Response & Threat
Hunting
o Timeline Analysis
o Incident Response & Hunting Across the
Enterprise | Advanced Adversary & Anti-
Forensics Detection
Live on-line
On-Demand
In-Person
8 Weeks22

Some of our Partners

Select your currency
USD United States (US) dollar