Home
About
Courses
Programs
- CYBER ACADEMY
  
  Learn offensive and defensive security skills in a progression of three courses over 34 weeks. Investigate suspicious behavior, analyze suspicious files, evade antivirus software, and more.
  
  CAREER PATHS
  
  Penetration Tester: Salary Range: $70k - $130k
  
  Incident & Intrusion Analyst: Salary Range: $60k - $120k
  
  Learn More
  
  APPLY NOW
  
  PROGRAM COURSES
  
  The Cyber Academy: Immediate Immersion
  
  Cyber Defense
  
  Cyber Attack
  
  CYBER DEFENDER
  
  Cyber Defender is a sequence of three courses developed to up-skill IT professionals for jobs in defensive cyber security.
  
  CAREER PATHS
  
  Ethical Hacker: Salary Range: $70k - $130k+
  
  Cybersecurity Manager: Salary Range: $90k - $150k
  
  Learn More
  
  APPLY NOW
  
  PROGRAM COURSES
  
  Cyber Defender: Immediate Immersion
  
  Cyber Defender 1
  
  Cyber Defender 2
  
  SOC ANALYST
  
  Security Operations Center Analyst is a sequence of two courses developed, first, to teach basic security operations center skills to new hires, then second, to increase the skills of experienced analysts.
  
  CAREER PATHS
  
  Advanced SOC Analyst: Salary Range: $80k-$150k
  
  Beginning SOC Analyst: Salary Range: $50k-$80k
  
  Learn More
  
  APPLY NOW
  
  PROGRAM COURSES
  
  SOC Analyst Tier 1
  
  SOC Analyst Tier 2
Financial Aid
Contact Us
Login
Apply

COURSE

Cyber Defense

This course is designed to impart a strong foundation of defensive information security skills in 13 weeks of study at 25 hours per week, preparing students for entry-level careers as security operations center analysts and digital forensics analysts.

Students work through 6 online real-life tasks (spending 1-2 weeks per task) in a private cloud environment with help, advice, and feedback from a knowledgeable mentor and extensive online learning resources. The tasks are embedded in the realistic, but fictional, context of work as an entry-level employee of a government cyber operations agency.

Cyber Defense

UPCOMING START DATES

No dates are scheduled at this time, please contact us to apply today!

34 Weeks at 25 Hours per Week
Application Deadline June 15

34 Weeks at 25 Hours per Week
Application Deadline June 15

34 Weeks at 25 Hours per Week
Application Deadline June 15

FIND THE RIGHT FIT

WHO SHOULD ENROLL

Students who have successfully completed The Cyber Academy: Immediate Immersion course and who aspire to professional careers in defensive cyber security.

SKILLS TO TAKE WITH YOU

LEARNING OUTCOMES

Students will learn to:

Analyze network traffic
Analyze network and system logs using a security information and event monitoring system
Cross-correlate log information and network packet traffic
Use online sandboxes for static and dynamic analysis of malicious executable files to identify indicators of compromise
Use threat intelligence
Identify malware
Perform memory forensics
Perform disk forensics
Compile a comprehensive timeline of a cyber attack
Report appropriately to technical and non-technical stakeholders

In addition to the task-based curriculum, an implicit curriculum runs throughout the course via which students will learn and practice the cognitive skills essential for success in all areas of information security. These include:

Understanding complex, novel problems
Effectively researching solutions
Designing and testing solutions
Self-directed learning

ADVOCATE YOUR CAREER

CAREER PATHS

LOREM IPSUM

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Ut elit tellus, luctus nec ullamcorper mattis, pulvinar dapibus leo.

LOREM IPSUM

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Ut elit tellus, luctus nec ullamcorper mattis, pulvinar dapibus leo.

LOREM IPSUM

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Ut elit tellus, luctus nec ullamcorper mattis, pulvinar dapibus leo.

LOREM IPSUM

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Ut elit tellus, luctus nec ullamcorper mattis, pulvinar dapibus leo.

IMMEDIATE IMMERSION

UPCOMING START DATES

START DATE	PACE	CAMPUS	STATUS
AUGUST 7, 2023	Full-time	Online	Few spots left!
AUGUST 7, 2023	Full-time	Online	Few spots left!
AUGUST 7, 2023	Full-time	Online	Few spots left!
AUGUST 7, 2023	Full-time	Online	Few spots left!

COMPARE AND CONTRAST

GO AT YOUR OWN PACE

FULL-Time

You’re ready to commit to a full-time course load. You’ll graduate in 15 weeks working 8 hours a day, Monday to Friday.

Paced to complete in 15 weeks
In person or online
Synchronous cohort learning
Group work with instructor
Paired with design sessions
Lab time with instructional staff

Part-Time

If you don’t have eight free hours to dedicate a day, then our part-time course offering is for you.

Paced to complete in 40 weeks
Online only
Asynchronous learning at your own pace
Recorded lessons
Live lectures and office hours
Slack with classmates and instructors

FINANCE OPTIONS

TUITION FUNDING

We have teamed up with Meritize to offer our students a unique financing option. Meritize works with students, educators, and employers to help people succeed in skills-based careers. Want to learn more? Check out their FAQ page here, or give them a call at 833-MERIT-4-U. Ready to see if you qualify? Check your options.

PROGRAM OVERVIEW

The Cyber Academy: Defense builds on the defensive skills and experience students gained in Cyber Attack and Defense: Immediate Immersion 2020. The course is designed to impart a strong foundation of defensive information security skills in 13 weeks of study at 25 hours per week, preparing students for entry-level careers as security operations center analysts and digital forensics analysts.

If you cannot commit to enrolling into a program in its entirety, all of the courses from our programs, including The Cyber Academy: Defense, are available for purchase individually.

Cyber Defense

CURRICULUM

1. Analyze a remote intrusion attempt

A security operations center analyst has seen evidence of a password cracking attempt within a key network. Students analyze a packet capture file (PCAP) and event logs within a security information and event management system (the Splunk SIEM) to determine if any passwords were compromised and if the network was breached as a result. The student must also identify which tools were used by the attacker and which steps should be taken to safeguard specific hosts in the network from similar cracking attempts in the future.

OBJECTIVE: Analyze suspicious network traffic in a PCAP using Wireshark.
OBJECTIVE: Analyze network and system logs using Splunk
OBJECTIVE: Cross-correlate events seen in a PCAP with events seen in logs
OBJECTIVE: Recognize a Hydra brute-forcing attack
OBJECTIVE: Determine if a brute-forcing attack has been successful

Tasks 2 through 6 are set in the context of a single complex cyber attack.

2. Investigate an incident using a SIEM

Students analyze a possible “watering hole” attack in which clicking on a malicious link embedded in an otherwise legitimate website launches an exploit kit that infects a user’s machine with a “banking trojan.” To accomplish this, they must analyze multiple logs within the Splunk SIEM.

OBECTIVE: Analyze network and system logs using Splunk
OBJECTIVE: Pivot among multiple logs using Splunk’s search facilities
OBJECTIVE: Identify possible indicators of compromise
OBJECTIVE: Determine if devices are likely to have been infected using indicators of compromise
OBJECTIVE: Tentatively identify the malware used and the intent of the attack

3. Begin to understand malware

Students use a “hash” of a possible malware-containing file to conduct research using VirusTotal, online sandboxes, and open source intelligence sources to determine specific indicators of compromise to guide forensic analysis of memory and file system images of infected devices.

OBJECTIVE: Use VirusTotal to identify a malware sample
OBJECTIVE: Use advanced features of VirusTotal to learn detailed information about a malware sample
OBJECTIVE: Use the HybridAnalysis sandbox to perform static and dynamic analysis of a malware sample
OBJECTIVE: Use open source threat intelligence to learn more about specific malware

4. Examine a compromised host’s memory

Students perform a forensic examination of a memory image taken from a computer to identify sophisticated malware that infected the system.

OBJECTIVE: Acquire a working knowledge of process structures in memory using Volatility
OBJECTIVE: “Know normal to find evil”
OBJECTIVE: Formulate plan for a memory forensics investigation
OBJECTIVE: Recognize malware “footprints” in a forensic memory image
OBJECTIVE: Locate a malicious binary in a forensic memory image
OBJECTIVE: Corroborate findings with other sources such as [Splunk] SIEM logs
OBJECTIVE: Identify malware actions such as privilege escalation and browser hooking

5. Conduct a forensic disk examination

Students perform disk forensics on an infected system. By analyzing an image of the computer’s file system, the students are able to identify malware infections and to create a timeline for the attack.

OBJECTIVE: Analyze a forensic disk image and identify indicators of compromise using Autopsy.
OBJECTIVE: Generate a timeline of suspicious events in a forensic disk image.
OBJECTIVE: Determine how a device was infected and what malware variant was used
OBJECTIVE: Use VirusTotal to identify a malware sample
OBJECTIVE: Use advanced features of VirusTotal to learn detailed information about a malware sample
OBJECTIVE: Use the HybridAnalysis sandbox to perform static and dynamic analysis of a malware sample
OBJECTIVE: Use open source threat intelligence to learn more about specific malware

6. Close your investigation

Students are asked to conclude their investigation by compiling a timeline for the attack and writing a comprehensive report for technical and non-technical stakeholders.

OBJECTIVE: Cross-correlate information from a range of sources
OBJECTIVE: Combine information from a range of sources into a comprehensive report
OBJECTIVE: Communicate a complex story effectively to technical and non-technical audiences.

Additional Information

Prerequisites

Successful completion of The Cyber Academy: Immediate Immersion. Only basic computer skills are required, but basic knowledge of computer networks and protocols and the fundamentals of operating systems is strongly recommended.

WHAT OUR STUDENTS ARE SAYING

TESTIMONIALS

“[this program is] a big puzzle to solve and you’re getting these tiny pieces of this puzzle and eventually you get the aha moment”

“This program has changed my life completely. I didn’t think that I would have the opportunities that I have today, and I wouldn’t have those opportunities had I not taken that step.”

“[If you] get a really good grasp on something small and build off of that, eventually you’ve got this story in front of you that you can piece together.”

“With the program, there are numerous ways to come to the same conclusion.”

“There’s so many different avenues that you can take, it’s almost limitless.”

“mentoring is like a student led meeting.”

“You will come across lots of obstacles, but that’s how you learn.”

“Having these obstacles and having to overcome these challenges, it makes you remember. You learn things kind of the hard way, but eventually you’ll have a good grasp on that concept.”

CYBER ACADEMY

CAREER PATHS

PROGRAM COURSES

CYBER DEFENDER

CAREER PATHS

PROGRAM COURSES

SOC ANALYST

CAREER PATHS

PROGRAM COURSES

COURSE

Cyber Defense

SKILL LEVEL

DURATION

CERTIFICATE OF COMPLETION

PREREQUISITES

Cyber Defense

UPCOMING START DATES

THE CYBER ACADEMY

THE CYBER ACADEMY

THE CYBER ACADEMY

FIND THE RIGHT FIT

WHO SHOULD ENROLL

SKILLS TO TAKE WITH YOU

LEARNING OUTCOMES

ADVOCATE YOUR CAREER

CAREER PATHS

IMMEDIATE IMMERSION

UPCOMING START DATES

COMPARE AND CONTRAST

GO AT YOUR OWN PACE

FULL-Time

Part-Time

FINANCE OPTIONS

TUITION FUNDING

PROGRAM OVERVIEW

Cyber Defense

CURRICULUM

Additional Information

Prerequisites

WHAT OUR STUDENTS ARE SAYING

TESTIMONIALS