Cyber Guardian: Baseline Skills

Program Prerequisites

  • A minimum of 5 years of experience in information security
  • Outstanding performance reviews from commanders/managers
  • Recommendations from commanders/managers and peers
  • Certifications:
    • GIAC Security Essentials Certification (GSEC) exam with a score of 80 or above
    • A CISSP may be used to apply to the program, but all candidates must pass the GSEC before attempting the GSE
Core Courses & Certifications
Course Certification
SEC-503 :: Intrusion Detection In-Depth GIAC Certified Intrusion Analyst (GCIA)
FOR-508 :: Advanced Computer Forensic Analysis and Incident Response GIAC Certified Forensics Analyst (GCFA)
SEC-560 :: Network Penetration Testing and Ethical Hacking GIAC Certified Penetration Tester (GPEN)
SEC-504 :: Hacker Techniques, Exploits and Incident Handling GIAC Certified Incident Handler (GCIH)

What You Will Learn

Below are the baseline skills Cyber Guardians will learn in this program:

Establish a Defense
Plan and implement the core areas of a defense: assess, prevent, detect and analyze risk.
Manage the Perimeter
Understand, set-up, and manage the core components of an organization's perimeter.
Identify Threats
Identify attack vectors and how to defend against those threats.
Vulnerability Analysis
Identify common exposure points that are often overlooked and effective ways to address vulnerabilities.
Intrusion Analysis
Implement effective intrusion analysis detective measures through the deployment of IDS/IPS, signatures, anomaly detection, behavior and clipping levels.
Defense in Depth
Integrate detective measures to better support existing components throughout the enterprise
Incident Response
Plan and implement an effective incident response capability for the organization.
Malware Analysis
Identify methods to find malware and perform critical forensics analysis throughout the lifecycle of an organization.
Risk Mitigation
Understand that information security is about mitigating the risk to the organization by identifying the most critical assets and protecting them.
Mission Planning
Defining scope, rules of engagement and the primary goal.
Detailed Recon
Determining the characteristics of the target, the adversaries and the battlefield.
Exploiting Targets
Getting and wielding control over target systems using social engineering client-side and server-side exploits, local privilege escalation, and password attacks (guessing, cracking, sniffing, and pass-the-hash)
Post-exploitation Activities
Maintaining control of assets to achieve mission objectives.
Threat Analysis
Understanding the technical details of various attacks, including network, web application and wireless exploits.
Offensive Forensics
Utilizing forensic techniques to locate, process, and extract key data from the file system.
Offensive Data Exfiltration
Utilize techniques to package and exfiltrate data with minimal host/network footprint.
Counter Intelligence
Ensure operational capabilities do not leave obvious traces as to the purpose of the operation and who is behind it.
Reverse-Engineering
Ensure operational capabilities are extremely difficult to reverse. Test capabilities for any counter-intelligence footprint that the capability might leave.
Network/System Evasion
Understand how to maintain clandestine operations from network and system defenses. Know exactly how attackers are tracked on systems and on network resources from file system forensics, registry forensics, network forensics and artifact forensics.