CDI: Comprehensive Cyberterrorism Defense (CCD)

DHS-Certified, Course Catalog #PER 256

The goal of CCD is to provide technical personnel with the hands-on expertise necessary to defend communication and data networks from cyberterrorism events. CCD is a four-and-a-half day course that will expose participants to potential attack methods from cyberterrorists. After an introduction to cyberterrorism, participants will learn how to protect network systems by survey of the following: planning and preparation of defenses; installation and administration of defenses; hardening network defenses; administration of defenses; monitoring defenses; and testing and modifying defenses—followed by a review of cyberterrorism defenses and emerging trends.

CCD classes stress a proactive approach to providing computer, network, and infrastructure security. Solutions and methods taught are non-vendor-specific, which does not require participants to have specialized software when trying to implement class lessons at their own agencies. CDI stresses proper network and data engineering techniques and methodology over simple software packages, keeping agency financial requirements to a minimum.

This course is offered free-of-charge to technical personnel from public safety, law enforcement, state and local government, public utilities, colleges and universities, and health care providers. Depending on classroom space, consideration will also be given to other individuals working within agencies and organizations considered as a part of our nation's critical infrastructures. The course utilizes a blended learning approach that balances classroom lecture, hands-on laboratory exercises, and supplemental material.

Upon completion of this course, participants will have an increased understanding of the historical perspectives, network design, and emerging methodologies in computer hacking. Within these three areas participants will develop skills enabling them to:

Summarize Historical Perspectives

  • Outline how the cyber threat landscape has evolved and is evolving as a result of hacker methodologies.

  • Classify intentions maturing from criminal pranks to attacks motivated by: profit, cyber espionage, corporate ambition, national intelligence gathering, and cyber warfare.

  • Recognize intent of threat, whether it be to disrupt critical infrastructures, weaken or destroy a nation's resolve to fight, or force-multiply (magnify) the affects of conventional attacks.

Implement Network Design

  • Prepare network defenses based on existing and emerging attack methods.

  • Recommend strategies for implementing Defenses-in-Depth to thwart attacks.

  • Improve modern technologies that are deficient in thwarting attacks.

Engage Emerging Methodologies

  • Analyze modern and emerging attack methodologies, such as Social Engineering, that leverage the weakest link in IT infrastructure—humans.

  • Utilize self-auditing methods and best practices for security defenses, including guidelines for offensively approaching one's own network without causing damage or unintended consequences.

  • Operate various software tools/services commonly used by attackers to surveil, interrogate, attack, enumerate, and embed into an organization's network.

  • Gain management support for a secure IT environment, including but not limited to developing necessary elements, such as design and development of policies; business continuity practices; disaster recovery plans; available frameworks and templates; and best practices.