Vulnerability Management for Managers (VULN-101-MAN)
Days: 21 meetings online
Type of Course: Security / Managerial
Prerequisites: Introduction to Cybersecurity (CYBR-INT-MAN) or 3 years Cybersecurity experience.
About this course: A vulnerability manager will assess the level of technical risk, develop and recommend appropriate mitigation countermeasures in operational and development situations. Practice in this course will lead to excellence in technical process as it relates to vulnerability management.
Goals: We expect every student to achieve the knowledge, skills, and abilities necessary to conducts threat and vulnerability assessments and determines deviations from acceptable configurations or policies. Upon completion of the course the student should be able to understand common vulnerabilities and exploits; customize the CVE’s to a particular environment and build a measurement system capable of incorporating the following into cyber program: Mitre ATT&CK, Common Configuration Enumeration, Common Weaknesses and Exposures, and Security Content Automation Protocol.
Conducting vulnerability scans.
Recognizing vulnerabilities in security systems.
Applying security principles.
Determining how a security system works.
Discerning protection needs of systems.
Categorizing vulnerabilities and attacks.
Applying security controls.
Identifying test & evaluation requirements.
Managing test assets, resources, and personnel
Preparing test & evaluation reports.
Reviewing logs to identify evidence.
Troubleshooting cyber anomalies
Conducting reviews of systems.
Secure test plan design.
Conducting application vulnerability assessments.
Assessing security systems designs.
Integrating policies that meet security objectives.
Performing impact/risk assessments.
Security event correlation tools.
Security Onion as dashboard.
Methods of instruction: There are 8 different possible exercises that can be used in a module. Some examples include: threats and controls, case studies, risk analysis practice, and reading review. Technical labs will require basic skills in operating systems and virtualization. As soon as students become too comfortable, the instructor will switch methods.
Students are expected to have basic experience in the areas of networking and DoD Cybersecurity as well as knowledge of related Cybersecurity policies and procedures. Course support DISA responsibilities in DoD Cybersecurity Discipline Implementation Plan, DoD I 8551.01, the STIG’s and NIST SP800-53. The course covers topics in NICCS / NICE and ARTEP.