Cyber Defense Analyst for Technologists (CDA-201)



Cyber Defense Analyst for Technologists (CDA-201)

This is a closed class. It requires a contract. On-site for 22 people.

Days: 5 Days Labs: Yes –Local Cyber Range

Type of Course: Advanced  Security / Technical

Prerequisites: CYBER-101 or equivalent 

About this course: Maps to NICE Protect and Defend specialty areas providing knowledge to collect data from a variety of cyber defense tools (e.g., IDS alerts, firewalls, network traffic logs) to analyze events that occur within their environments for the purposes of mitigating threats.

Goals: Understand and apply incident handling process, feed data to that process, gain insight into new attack vectors.

Topics: Cloud computing technology, mobile platforms, tablet computers, MITRE ATT&CK™ used as a knowledge base of adversary tactics, techniques to map attacker process to incident response.

Methods of instruction: There are 8 different possible exercises that can be used in a module. Some examples include: threats and controls, case studies, risk analysis practice, and reading review. Technical labs will require basic skills in operating systems and virtualization. As soon as students become too comfortable, the instructor will switch methods.

Students are expected to have basic experience in the areas of networking and DoD Cybersecurity as well as knowledge of related Cybersecurity policies and procedures.  Course support DISA responsibilities in DoD Cybersecurity Discipline Implementation Plan, DoD I 8551.01, the STIG’s and NIST SP800-53. The course covers topics in NICCS / NICE and ARTEP.