CURIOUS ABOUT DEFENSIVE CYBER SECURITY?
WHO SHOULD ENROLL
Students who have successfully completed The Cyber Academy: Immediate Immersion course and who aspire to professional careers in defensive cyber security.
Cyber Defender 1 builds on the basic defensive skills and experience students gained in Immediate Immersion. This 10-week course, requiring 15 hours of work per week, is designed to impart a strong foundation of network traffic analysis, log analysis, and malware analysis skills – the fundamental skills required of a security operations center analyst.
Students will further master the basic skills of analyzing network traffic at the packet level, as well as analyzing system and network logs for indicators of malicious activity. They will then learn more complex techniques of log analysis and extraction, and static and dynamic analysis of potentially malicious files.
Beginner
10 Weeks at 15 Hours per Week
Included with Course Purchase
A Pre-Assessment is Required
No dates are scheduled at this time, please contact us to apply today!
Students who have successfully completed The Cyber Academy: Immediate Immersion course and who aspire to professional careers in defensive cyber security.
Key Skills:
Network traffic analysis
Log analysis
Triage of malicious activity
START DATE |
PACE |
CAMPUS |
STATUS |
AUGUST 7, 2023 |
Full-time |
Online |
Few spots left! |
AUGUST 7, 2023 |
Full-time |
Online |
Few spots left! |
AUGUST 7, 2023 |
Full-time |
Online |
Few spots left! |
AUGUST 7, 2023 |
Full-time |
Online |
Few spots left! |
You’re ready to commit to a full-time course load. You’ll graduate in 15 weeks working 8 hours a day, Monday to Friday.
If you don’t have eight free hours to dedicate a day, then our part-time course offering is for you.
We have teamed up with Meritize to offer our students a unique financing option. Meritize works with students, educators, and employers to help people succeed in skills-based careers. Want to learn more? Check out their FAQ page here, or give them a call at 833-MERIT-4-U. Ready to see if you qualify? Check your options.
Cyber Defender 1 builds on the basic defensive skills and experience students gained in Immediate Immersion. The course is designed to impart a strong foundation of network traffic analysis, log analysis, and malware analysis skills – the fundamental skills required of a security operations center analyst.
Students will further master the basic skills of analyzing network traffic at the packet level, as well as analyzing system and network logs for indicators of malicious activity. They will then learn more complex techniques of log analysis and extraction, and static and dynamic analysis of potentially malicious files.
If you cannot commit to enrolling into a program in its entirety, all of the courses from our programs, including Cyber Defender 1, are available for purchase individually.
A security operations center analyst has seen evidence of a password cracking attempt within a key network. Students analyze a PCAP and event logs within a security information and event management system (the Splunk SIEM) to determine whether or not any passwords were compromised, and if the network was breached as a result. The student must also identify which tools were used by the attacker, and which steps should be taken to safeguard specific hosts in the network from similar cracking attempts in the future.
OBJECTIVE: Analyze suspicious network traffic in a PCAP using Wireshark.
OBJECTIVE: Analyze network and system logs using Splunk
OBJECTIVE: Cross-correlate events seen in a PCAP with events seen in logs
OBJECTIVE: Recognize a Hydra brute-forcing attack
OBJECTIVE: Determine if a brute-forcing attack has been successful
Students analyze a possible “watering hole” attack in which clicking on a malicious link embedded in an otherwise legitimate website launches an exploit kit that infects a user’s machine with a “banking trojan.” To accomplish this, they must analyze multiple logs within the Splunk SIEM.
OBECTIVE: Analyze network and system logs using Splunk
OBJECTIVE: Pivot among multiple logs using Splunk’s search facilities
OBJECTIVE: Identify possible indicators of compromise
OBJECTIVE: Determine if devices are likely to have been infected using indicators of compromise
OBJECTIVE: Tentatively identify the malware used and the intent of the attack
Students use a “hash” of a possible malware-containing file to conduct research using VirusTotal, online sandboxes, and open source intelligence sources to determine specific indicators of compromise to guide forensic analysis of memory and file system images of infected devices.
OBJECTIVE: Use VirusTotal to identify a malware sample
OBJECTIVE: Use advanced features of VirusTotal to learn detailed information about a malware sample
OBJECTIVE: Use the HybridAnalysis sandbox to perform static and dynamic analysis of a malware sample
OBJECTIVE: Use open source threat intelligence to learn more about specific malware
Students use a “hash” of the possible malware-containing file to conduct research using VirusTotal, online sandboxes, and open source intelligence sources to determine specific indicators of compromise to guide forensic analysis of memory and file system images of infected devices.
OBJECTIVE: Use VirusTotal to identify a malware sample
OBJECTIVE: Use advanced features of VirusTotal to learn detailed information about a malware sample
OBJECTIVE: Use the HybridAnalysis sandbox to perform static and dynamic analysis of a malware sample
OBJECTIVE: Use open source threat intelligence to learn more about specific malware