CDA Course Catalog
Risk Assessment
Quick Look Risk Assessment
Red Teaming
Information Security Systems Testing
Security Policy Engineering
CDA Course Catalog
Cyber Defense Agency (CDA) proudly offers the following courses to transfer our deep and extensive experience in information assurance and cyber defense to our clients and colleagues. Please contact Darcy Livingston at 877-ASK4-CDA if you would like to arrange a course at your facility.
- Strategic Cyber Defense
- Fundamentals of Multilevel Security
- Role-Based Access control
- Information Systems Security Engineering (ISSE) for DoD Applications
- Intrusion Detection Systems
- Information Security Risk Assessment
- Introduction to Public-Key Infrastructure (PKI)
- Cyber Adversaries and Attack Strategies
- Fundamentals of Red Teaming for Information Assurance
- Principles of Red Teaming for System Owners
Strategic Cyber Defense
Length: 1 day
Course Objectives:
Introduce the fundamentals of cyber defense strategy, including defense in depth, value-based defense, and the application of concepts from other fields such as dependability, game theory, and control theory. Arm leaders and practitioners with a broad, yet rich, background with which to understand this complex and evolving field.
Student Results:
Students will grasp the full breadth of cyber defense concepts needed to guide their future learning and thinking. Specifically, they will be able to relate to cyber defense via familiar work from other fields and organize their knowledge and understanding in a framework that will serve them well throughout their careers.
Who Should Take This Course:
This course serves veteran security experts and novices alike by using plain English to describe very powerful concepts. Specialist security experts will broaden their horizons and understand other parts of the field, helping them put their existing knowledge in a richer context. Managers who need to be familiar with cyber defense concepts will find the course both accessible and enabling. Newcomers to the field will gain a framework for guiding their future educational efforts from instructors who have practiced in the field from its earliest beginnings.
Course Topics:
- Security Concept Framework
- History of Field
- Security Policy
- Guiding Analogies for Warfare, Games, and Evolution
- Maneuvering in Cyberspace
- Modeling Cyberspace for Understanding and Awareness
- Design Methodology
- Control in Cyberspace
- The Observe-Orient-Decide-Act (OODA) Loop
- Adaptive Security Architectures
- Applying the Scientific Method to Cyberspace
- Results for Experimentation in Cyberspace
- Where Analogies Fall Short
- Where Research Is Headed
Cost: $1,000 per student, minimum 10 students
Venue: Client facility
Fundamentals of Multilevel Security
Length: 3 days
Course Objectives:
Introduce the problem of handling multiple data classification levels in computer systems along with the range and limitations of solutions available today. Provide examples and methods that help students determine when and how to apply solutions that meet government requirements related to such systems.
Student Results:
Students will be able to describe how the requirement of handling multiple data classification levels impacts system and network design, development, and deployment. Students will learn the options, decisions, and actions for designers, developers, and system owners to successfully meet these requirements under a variety of typical scenarios.
Who Should Take This Course:
Architects, designers, managers, and owners of systems or networks that store or process data at multiple classification levels. Researchers interested in an introduction to this problem area.
Course Topics:
- Sensitivity Levels
- Sensitivity Labels
- Security Policy
- Bell LaPadula Model
- Covert Channels
- Noninterference
- History Lesson (from the Orange Book to Common Criteria)
- MLS vs. MILS
- Trust and MLS Architectures
- MLS Operating Systems
- MLS Databases
- MLS and Networking
- Typical MLS Applications
- Successful Operating System, Application, and Network Architectures
- Assurance and Certification Requirements
- Case Studies
- Open Problems
Cost: $1,800 per student, minimum 10 students
Venue: Client facility
Role-Based Access control
Length: 1 day
Course Objectives:
Learn how to reflect the separation of duties as required in good management practice into a computer security policy. Reduce the risk from insider attack. Learn how to simplify security policy management by using role-based access control (RBAC), which abstracts common access patterns into the roles that form a security policy's building blocks. Transform conventional wisdom about security enforcement into something that treats it more like a design problem than an ad hoc policy specification.
Student Results:
Students will know and understand the NIST RBAC model and how to apply it to their enterprise. Students will be able to implement their own policies, reflecting a separation of duties.
Who Should Take This Course:
IT personnel who need to simplify the specification and maintenance of their security enforcement policies.
Course Topics:
- NIST Standard RBAC Model
- Variants of the NIST Model
- RBAC Role Engineering
- How to Apply RBAC Policies to Enforcement Mechanisms that Don't Support RBAC
- Separation of Duties (Static and Dynamic)
- Combining Roles from Different Applications to Create an Enterprise-Spanning Security Policy
- Case Studies in Separation of Duty
Cost: $1,000 per student, minimum 10 students
Venue: Client facility
Information Systems Security Engineering (ISSE) for DoD Applications
Length: 4 days
Course Objectives:
Describe and illustrate the use of a systematic process for integrating cyber security elements into a typical DoD computer system development. Case studies and the class project can be tailored to the needs of an individual class.
Student Results:
Students will learn where to start to "build security in," in the context of new computer system development, or when analyzing the risk to an existing or proposed system. Students will identify inappropriate designs for a given threat environment and propose better options using state-of-the-art countermeasures and secure design principles. Students will be able to plan ISSE processes at the most effective points in a typical DoD development process.
Who Should Take This Course:
Architects, designers, managers, and owners of DoD systems or networks with complex, nonstandard, or controversial security requirements.
Course Topics:
- ISSE Process Overview
- Leveraging Existing Development Processes
- System Description
- Threat and Attack Analysis
- Security Requirements Definition and Refinement
- Countermeasures vs. Threats
- Firewalls, Guards
- Access Control
- Multilevel Secure Operating Systems and Databases
- Encryption
- Audit and Security Monitoring
- Intrusion Detection
- Forensics and Incident Handling
- Secure Architecture and Design Principles
- Trust Analysis
- Design Analysis: Countermeasure Effectiveness, Cost, Ease of Use, Performance
- Security Tests and Other Verification Methods
- Residual Risk
- Quantitative Risk Assessment and Design Analysis Using MIRROR*
- Case Studies
- Class Project
* CDA's Information Security Risk Assessment course offers a detailed demonstration of MIRROR. A full course on the MIRROR process is also available upon request.
Cost: $2,400 per student, minimum 10 students
Venue: Client facility
Intrusion Detection Systems
Length: 4 days
Course Objectives:
Dissect, analyze, and understand the mechanics of intrusion detection systems and their performance boundaries, strengths, and weaknesses. Make transparent the mechanics of today's typical black-box intrusion detection system.
Student Results:
Students will acquire substantial knowledge about the algorithms contained in intrusion detection mechanisms and become familiar with the anatomy of the automated intrusion detection process itself. Students will gain a better understanding of the issues and factors that govern the selection of an appropriate intrusion detection system for the needs of their enterprise.
Who Should Take This Course:
Managers, network engineers, and system, network, and security administrators.
Course Topics:
Day 1: "An Introduction to Intrusion Detection"
- Host-Based Systems
- Network-Based Systems
- Signature-Based Mechanisms
- Statistical-Based Mechanisms
- Core Components and Supporting Processes
- Issues of Deployment and Data Monitoring
Day 2: "The Mechanics of Signature-Based Systems"
- Principles of Design
- Deployment
- Evaluation
- Performance
- Survey of Current Systems
Day 3: "The Mechanics of Anomaly-Based Systems"
- Principles of Design
- Deployment
- Evaluation
- Performance
- Survey of Current Systems
Day 4: "Variations and Future Trends"
- Hybrid Systems
- Self-Protecting Systems
- Intrusion Prevention
- Counter-Response
- Keystroke Logging
Cost: $2,400 per student, minimum 10 students
Venue: Client facility
Information Security Risk Assessment
Length: 3 days
Course Objectives:
Provide students with a working knowledge of risk assessment techniques for information security. Demonstrate the MIRROR risk assessment process, derived from the DoD's MORDA process.
Student Results:
Students will identify, quantify, and prioritize the security risks to their information system and become familiar with the various risk assessment techniques used by government agencies and industries for certification and accreditation. Students will learn how to apply risk analysis to the information systems engineering process to derive security solutions that specifically address the highest priority risks while minimizing costs to users.
Who Should Take This Course:
Information system architects, designers, evaluators, managers, and owners of systems or networks that store or process sensitive or critical information. Researchers interested in security metrics and risk assessment.
Course Topics:
- Introduction to Risk Assessment Methodologies
- Developing the User Model
- Developing the Adversary Model
- Analyzing the Information System
- Developing the Attack List
- Assessing the Risks to Information Systems
- Uses of Risk Assessments
- Class Project
Cost: $1,800 per student, minimum 10 students
Venue: Client facility
Introduction to Public-Key Infrastructure (PKI)
Length: 3 days
Course Objectives:
Provide students with a working knowledge of PKI and its uses for enterprise information security.
Student Results:
Students will learn how to procure, configure, and operate a PKI for enterprise-wide information system security and become familiar with the various concepts and components of PKI as well as with government and industry standards, policies, and current PKI products. Students will learn how to implement and operate a PKI and gain hands-on practice using PKI technology.
Who Should Take This Course:
Information system architects, designers, managers, and administrators of systems or networks that store or process sensitive or critical information.
Course Topics:
- Introduction to the Foundations of Public-Key Cryptography
- Identification and Authentication Using PKI Credentials
- Privilege and Role Management Using PKI Credentials
- Key Management Essentials
- Government and Industry Standards
- Applications of PKI
- Establishing Policies and Configuring PKI Components
- Class Project
Cost: $1,800 per student, minimum 10 students
Venue: Client facility
Cyber Adversaries and Attack Strategies
Length: 3 days
Course Objectives:
Provide students with deep understanding of critical missions, how their information systems support critical missions, and the cyber adversarial threats to such missions.
Student Results:
Students will be able to analyze their cyber adversaries and corresponding cyber attack strategies against critical missions.
Who Should Take This Course:
Information system architects, designers, and managers of information systems or networks that store or process sensitive or critical information.
Course Topics:
- Mapping Business/Mission Critical Functions
- Identifying and Characterizing Cyber Threats and Adversaries
- Developing Cyber Attack Playbooks
- Developing Cyber Attack Budgets
- Developing Attack Strategies
- Applying Attack Strategies
Cost: $1,800 per student, minimum 10 students
Venue: Client facility
Fundamentals of Red Teaming for Information Assurance
Length: 3 days
Course Objectives:
Provide an overview of information systems red teaming to improve a system's overall security.
Student Results:
Students will learn the information necessary to lead and effectively contribute to successful red team engagements.
Who Should Take This Course:
Anyone interested in leading or performing on an information systems red team.
Course Topics:
- What Is a Red Team?
- Building the Team and Establishing Roles
- System Definition
- Rules of Engagement
- Adversary Modeling
- Attack Development
- Whiteboarding
- Attack Trees
- Attack Graphs
- Flag Selection
- Attack Selection
- Execution
- Data Collection
- Metrics
- Recommendations
- Delivering Results
Cost: $1,800 per student, minimum 10 students
Venue: Client facility
Principles of Red Teaming for System Owners
Length: 1 day
Course Objectives:
Provides an overview of the techniques used by government red teams to evaluate security goals.
Student Results:
Students will gain the knowledge necessary to apply techniques used by government red teams to assess the security of their own systems.
Who Should Take This Course:
CSOs, system administrators, security administrators, security engineers, developers, and anyone responsible for the security of information systems.
Course Topics:
- Establishing Goals
- System Definition
- Adversary Modeling
- Attack Development
- Attack Trees
- Attack Graphs
- Attack Selection
- Attack Execution
- Metrics
Cost: $600 per student, minimum 10 students
Venue: Client facility