CSFI: Defensive Cyber Operations Engineer (DCOE)

In this course from the Cyber Security Forum Initiative (CSFI), students will develop the skills for planning, executing, and integrating defensive cyberspace operations (DCO) into organizational missions in support of DCO requirements. This course builds upon the planning skills learned in the Introduction to Cyber Warfare and Operations Design (ICWOD) course. Adversarial tactics, techniques, and procedures (TTPs) and their use of associated tools are presented following the cyber kill chain for students to learn to defend friendly networks against current and emerging threats.

Using multiple labs, this course will provide students with hands-on exposure to deploy live attacks and analysis in a controlled environment to then learn how to prevent, detect, and counter such activities.

Note: This course requires students to bring their own laptop preloaded with VMware Workstation 9 or 10.

In order to attain the DCOE certification, students must pass the DCOE exam (open-book, included as part of the course).

    No classes are currenty scheduled for this course.

    Call (919) 283-1653 to get a class scheduled online or in your area!

  • Cyberspace Operations and Cyber Mission Force
    • Cyberspace as a Warfighting Domain
    • The Operating Environment
    • Cyberspace Militarization
    • DoD Cyber Strategy
    • Cyberspace Operations (NetOps, DODIN-OPS, DCO, DCO-IDM, DCO-RA, OCO)
    • CMF Construct – CPT, NMT, CMT
    • CPT Methodology (Survey, Secure, Protect)
  • Cyber Kill Chain
    • Steps of the Cyber Kill Chain
    • Stages of an Attack
    • Case Study: Data Breach and Lessons Learned
    • Threat Intelligence Sharing

  • Kali Linux
    • Cyber Tradecraft
    • Installation
    • Command Line Tasks
    • Navigating Kali

  • Reconnaissance (Passive and Active)
    • CIA’s MICE Motivational Framework
    • Open Source Intelligence (OSINT) – Common Tools
    • Information Sources
    • Case Study: Social Media Experiment
    • Reconnaissance with Kali Linux
    • Network Scanning
    • SQL Mapping

  • PBED Framework
    • Plan – ME3C-(PC)2 Model
    • Brief
    • Execute
    • Debrief
    • PBED Exercise

  • Attack Across Networks and Systems
    • Web Application Vulnerabilities
    • Cross-Site Scripting (XSS)
    • SQL Injection (SQLI)
    • Webshell
    • Wireless Threats
    • Network Exploitation
    • Conducting Attacks with Metasploit
    • Password Cracking
  • Persistent, Integrated Operation
    • Command and Control (C2): Maintaining Access
    • Rootkits
    • Tunneling
    • Remote Access
    • Elevated Privileges
    • Covert Channels
    • Covering Tracks: Hiding Evidence
    • Altering Logs and History Files
    • Hidden Files
    • Timestamps
  • Network Protection
    • Network Traffic Analysis
    • Vulnerability Scanning
    • Intrusion Detection System (IDS) and Intrusion Protection System (IPS)

*Please Note: Course Outline is subject to change without notice. Exact course outline will be provided at time of registration.
  • Elements of Cyberspace Operations and components of the Cyber Mission Force
  • Application and analysis of the Cyber Kill Chain
  • Methods and sources for threat intelligence and information sharing
  • Popular tools of the trade
  • Deception methods and reconnaissance
  • The importance of having a solid plan before execution and lessons learned
  • Defense of networks and systems through simulated attacks, including data exfiltration
  • Persistent, integrated operations
  • Network protection

 

  • Lab 01: Navigating Kali Linux
  • Lab 02: Network Mapping
  • Lab 03: Python Scripting: Scanning and Brute Force
  • Lab 04: PBED Exercise
  • Lab 05: Cracking Wireless
  • Lab 06: Metasploit 1
  • Lab 07: Metasploit 2
  • Lab 08: Metasploit 3
  • Lab 09: EternalBlue
  • Lab 10: SQL Injection
  • Lab 11: Password Cracking
  • Lab 12: Data Exfiltration
  • Lab 13: Kernel Rootkit
  • Lab 14: Packet Capture and Analysis
  • Lab 15: IDS Deployment, Alert Analysis, and Reporting
  • Bonus Lab: Vulnerability Scanning
  • Bonus Lab: OSINT and Malware Analysis: Syrian Electronic Army (SEA)
  • CAPSTONE: Capture-the-Flag (CTF)

Introduction to Cyber Warfare and Operations Design (ICWOD) recommended, but not required.

  • Information Operations Officers
  • Cyber Warfare Operations Officers
  • Cyber Operators
  • Information Security / Assurance Professionals
  • Cyber Security Consultants
  • Cyber Planners
  • Military Members
  • Security Analysts
  • Network Security Engineers
  • Penetration Testers
  • Auditors
  • Security Engineers
  • Threat Hunters

 

Ready to Jumpstart Your IT Career?

CONTACT US NOW!