Course Overview
TOPAn expert instructor will use tested security techniques and real-world case studies to teach students how to expose, pursue, and prosecute the perpetrators of advanced persistent threats (APTs).
Scheduled Classes
TOPWhat You'll Learn
TOPUpon completion of this course students will know how to assess a network’s vulnerabilities, zero in on targets, and effectively block intruders. Students will discover how to set up digital traps, misdirect and divert attackers, configure honeypots, mitigate encrypted crimeware, and identify malicious software groups. The course also provides full coverage of legal and ethical issues, operational vetting, and security team management.
Outline
TOPState of the Advanced Cyber Threat
- What Makes a Threat Advanced and Persistent?
- Advanced and Persistent Threat Examples
What is Deception?
- How Does Deception Fit in Countering Cyber Threats?
- 6 Principles of Deception
- Traditional Deception
- Why Use Deception?
- Deception Maxims
- Understanding the Information Picture
Cyber Counterintelligence
- Fundamental Competencies
- Applying Counterintelligence to the Cyber Realm
- Sizing Up Advanced and Persistent Threats
- Cyber Counterintelligence - Lab
Profiling Fundamentals
- Cyber Profiling
- Objectives of Profiling
- Nature of Profiling
- Basic Types of Profiling
- Inductive and Deductive Profiling
- Information Vectors for Profiling
- Profiling - Lab
Actionable Legal Knowledge for the Security Professional
- How to Work with a Lawyer
- What You Should Know About Legal Research
- Communicating with Lawyers
- Cyberspace Ethics
Threats
- Categories of Threat
- Eveolution of Vectors
- Tools and Techniques of Attackers
- Threats - Lab
Operational Deception
- Insider Threat
- Social Engineering
- Operational Deception - Lab
Tools and Tactics
- Detection Technologies
- Host-Based Tools
- Network-Based Tools
- Methodologies of Cyber Crime
- Risk Assessment - Check Yourself Before You're Wrecked
- Analysis Detection Systems
Attack Characterization
- Post-Incident Characterization
- Real-World Tactics
Attack Attribution
- Profiling Vectors
- Strategic Application of Profiling Techniques
- Micro and Macro Level Analysis
The Value of APTs
- Espionage
- Costs of Cyber Espionage
- Value Network Analysis
When and When Not to Act
- Determining Threat Severity
- Incident Reporting
- Cyber Threat Acquisition
Implementation and Validation
Prerequisites
TOPBefore attending this course, students should have prior experience:
- Responding to security intrusions and other incidents from an APT
Who Should Attend
TOPThis course is intended for:
- Incident response team members
- Digital forensic analysts
- Information security professionals
- Law enforcement officers and federal agents
- Government and military workers who need to meet IA training requirements