DCOE Certification

In this course, students will acquire the skills for the planning, executing, and integrating defensive cyberspace operations (DCO) into organizational missions and DCO requirements. The course builds on the planning skills learned in the Introduction to Cyber Warfare and Operations Design (ICWOD) course. Adversarial use of tools and their associated techniques are presented to assess network vulnerabilities and to defend friendly networks against adversary threats.

The course covers the use of open source tools and websites for system configuration, penetration testing, and control testing. You will use Linux and Windows command lines and unleash an attack on target servers and analyze the results. Attacks and analysis of will expose you to live attacks in a controlled environment where students can see first-hand the adversary realm of possible actions, how to detect, mitigate, and counter such activities.

Note: This course requires you to bring your own laptop preloaded with VMware Workstation 9 or 10.

Prerequisites: CSFI-ICWOD

Time Frame: 3 Days

Certification: CSFI-DCOE

Note: In order to attain the DCOE certification, you must have an ICWOD completion certificate as well as pass the DCOE exam

Course Outline

• Cyber Operating Environment
  
  • How We Got Here
  • Managing Networks and Security
  • Traditional Nation State Espionage
  • The Militarization of Cyberspace
  • Cyberspace as War Fighting Domain
  • Traditional Warfare Concepts and Cyber
  • DoD Cyber Strategy
  • Cyberspace Operations (DCO, OCO, DODIN OPS, DCO-RA, DCO-IDM, CMTs)
  • Section Review
• The Cyber Kill Chain
  
  • Traditional Kill Chain
  • Cyber Kill Chain
  • Case Studey: Target Data Breach
  • Section Review
• Kali Linux
  
  • Overview of Kali Linux
  • Installation
  • Post Installation Tasks
  • Navigating Kali
  • Introduction to Shell Scripting
  • Section Review
• OSINT and Passive Reconnaissance
  
  • Reconnaissance Introduction
  • Information Sources
  • Social Media (Robin Sage)
  • Kali Linux Reconniassance Tools (whois, theHarvester, recon-ng)
  • Google Hacking
  • Popular Sites and Tools (Shodan, Maltego)
  • Adversary Tradecraft
  • Section Review
• Active Reconnaissance and Network Scanning
  
  • Active Reconnaissance
  • nmap and ncat
  • Port Scanning
  • Adversary Tradecraft
  • Analyze Network Traffic with Wireshark
  • SQL Mapping
  • Vulnerability Scanning
  • Section Review
• Web Application Vulnerability
  
  • Web Application Vulnerabilities
  • Cross-Site Scripting (XSS)
  • SQL Injection Attacks (SQLi)
  • Adversary Tradecraft
  • Apache
  • PHP
  • MySQL
  • Section Review
• Wireless Networking
  
  • Wireless Networking
  • WEP and WPA
  • Adversary Tradecraft
  • Analyzing Wireless Network Traffic with Wireshark
  • Attacking WEP
  • Attacking WPA
  • Section Review
• Network Attacks and Metasploit
  
  • Network Attacks
  • Introduction to Metasploit
  • Conducting Attacks with Metasploit
  • Adversary Tradecraft
  • Section Review
• Maintaining Access and Covering Tracks
  
  • HTTP Tunneling
  • PowerSploit
  • dns2tcp
  • Altering Log and History Files
  • Hidden Files
  • Timestamps
  • Covert Channels
  • Adversary Tradecraft
  • Section Review
• Intrusion Detection System
  
  • IDS and IPS
  • Types of IDS
  • IDS Alerts and Tuning
  • Section Review
• DCOE Labs
  
  • Installing and Navigating Kali
  • Shell Scripting
  • Passive Reconnaissance
  • Network Scanning
  • Apache Web Server
  • MySQL Database
  • PHP Page Form Processing
  • Cracking WEP
  • Cracking WPA
  • Shell on Remote Target with Metasploit
  • IDS

DCOE Videos

Roger Kuhn on DCOE (Defensive Cyberspace Operations Engineer) Certification