ICS Cybersecurity Overview with Hands-on Lab
The ICS RSAC course has been designed by ICS security experts to orient students to industrial control systems and provide a foundation for applying cyber security controls, practices, and technology. The course is designed to introduce students to the unique requirements of real-time systems and provide a model for defending industrial control systems in a manner that keeps the operational environment safe, secure, and resilient against current and emerging cyber threats.
Section 1: ICS Overview, ICS Incident Handling
CPE/CMU Credits: 6
Section 2: ICS Attack Surfaces
CPE/CMU Credits: 6
The ICS RSAC course consists of instruction and hands-on sessions. The lab sessions are designed to allow students to utilize the knowledge gained throughout the course in an instructor-led environment. Students will have the opportunity to install, configure, and use the tools and techniques that they have learned.
- Laptop with available USB ports.
- Laptop with DVD Reader.
- Latest VMware Player, VMware Workstation, VWware Fusion installed. Other virtualization software such as Parallels or VirtualBox will probably work if the attendee is familiar with its functionality; however VMware Player should be prepared as a backup just in case.
- Ability to disable all security software on their laptop such as Antivirus and/or firewalls
- At least twenty (20) GB of hard drive space
At least four (4) GB of RAM
If you have additional questions about the laptop specifications, please contact firstname.lastname@example.org.
Who Should Attend
The course is designed for the range of individuals who work in, interact with, or can affect industrial control system environments, including asset owners, vendors, integrators, and other third parties. These personnel primarily come from two domains:
- IT (includes operational technology support)
- IT security (includes operational technology security)
- Course participants need to have a basic understanding of networking and system administration, TCP/IP, networking design/architecture, vulnerability assessment, and risk methodologies. ICS RSAC covers many of the core areas of security and assumes a basic understanding of technology, networks, and security. For those who are brand new to the field and have no background knowledge, SEC301: Intro to Information Security would be the recommended starting point. While SEC301 is not a prerequisite, it provides introductory knowledge that will help maximize a student's experience.
- Design and architect a secure industrial control system
- Reconnaissance tactics
- Authentication attacks
- Spoofing control signals
- Wireshark analysis
- Incident response