web viewthe certified information systems risk manager training will enable professionals ... and...

Cyber Workforce Development ProgramProfessional Education Program Catalog

Note: (*) Programs are Veterans Administration Approved through CWI Partnership

CybersecurityMILE2

The Mile2 training listed below is priced at for an instructor led/ virtual course offering. We have additional self-study training packages for $950.00 for any of the certifications listed at cybermarket.armstrong.edu.

Certified Vulnerability Assessor :

The CVA is a fundamental cyber security certification course that focuses on vulnerability assessments. The CVA course focuses on foundational information such as the importance of a Vulnerability Assessment and how it can help an engineer prevent serious break-ins to your organization. In the CVA course, the student will be versed with basic malware and viruses and how they can infiltrate an organizations network. The student will also learn how to assess a company’s security posture and perform a basic vulnerability test to help secure the organization’s networking infrastructure.

Instructor led/virtual course | (meets 3X) | $2500

Certified Professional Ethical Hacker:

The Certified Professional Ethical Hacker vendor neutral certification course is the foundational training to Mile2’s line of penetration testing courses. The CPEH course provides in-depth labs that focus on both open source and commercial based tools with industry best practices. These hands-on labs emulate real world hacking scenarios and equip the candidate to assess your company’s security posture, help implement controls to better secure your company’s network infrastructure and how to combat against hackers and/or viruses, etc.


Certified Information Systems Security Officer: .

The CISSO addresses the broad range of industry best practices, knowledge and skills expected of a security manager/officer. The candidate will learn in-depth theory pertaining to the practical implementation of core security concepts, practices, monitoring and compliance in the full panorama of IS management. Through the use of a risk-based approach, the CISSO is able to implement and maintain cost-effective security controls that are closely aligned with both business and industry standards. Whether you’re responsible for the management of a Cyber Security team, a Security Officer, an IT auditor or a Business Analyst, the CISSO certification course is an ideal way to increase your knowledge, expertise and skill.


Certified Healthcare Information Systems Security Practitioner:

The vendor neutral Certified Healthcare Information Systems Security Practitioner certification course covers the skills and knowledge to implement the best IT Healthcare Practices, as well as, regulatory compliance and standards in the healthcare industry. Because of growing industry regulations and privacy requirements in the healthcare industry, the Certified Healthcare Information Systems Security Practitioner was developed by Mile2. The CHISSPs have become vital in managing and protecting healthcare data and are tasked to protect patient information by implementing, managing, and assessing proper IT controls for patient health information integrity.


Certified Penetration Testing Engineer:

The vendor neutral Certified Penetration Testing Engineer certification course is built firmly upon proven, hands-on, Penetration Testing methodologies utilized by our international group of vulnerability consultants. The C)PTE presents information based on the 5 Key Elements of Pen Testing; Information Gathering, Scanning, Enumeration, Exploitation and Reporting. The latest vulnerabilities will be discovered using these tried and true techniques. The U.S. Air Force commissioned this certification.


Certified Penetration Testing Consultant:

The vendor neutral Certified Penetration Testing Consultant course is designed for IT Security Professionals and IT Network Administrators who are interested in conducting Penetration tests against large network infrastructures similar to large corporate networks, Services Providers and Telecommunication Companies. Instead of focusing on operating system level penetration testing, this course covers techniques on how to attack and prevent underlying network infrastructure and protocols. The training starts from basic packet capturing and analyzing by using both commercial and open source tools. From there, the student continues with Layer2 attack vectors, Layer3 based attacks; including both IPv4 and IPv6 stacks, routing protocol attacks (OSPF, BGP, etc) and then hops over to service provider level attacks related with very common used MPLS, how to use relays and pivots, VPN attacks including IPSEC protocol suite, and SSL attacks. Finally, the class will cover NIDS/NIPS evasion and implementation techniques.


CPTE/CPTC Boot Camp:

The "Ultimate" Penetration Testing & Ethical Hacking 7 Day Boot-Camp provides the latest and greatest penetration testing tools right in Mile2's customary Cyber Range. The first half of the camp focuses on Windows 7, Server 2003/2008 while the second half focuses on layer 2/3/4 boxes, which includes VPN’s, SSL, IDS, Firewalls and more!


Certified Digital Forensics Examiner:

Certified Digital Forensics Examiner training teaches the methodology for conducting a computer forensic examination. Students will learn to use forensically sound investigative techniques in order to evaluate the scene, collect and document all relevant information, interview appropriate personnel, maintain chain-of-custody, and write a findings report.


Certified Network Forensics Examiner:

The Certified Network Forensics Examiner vendor neutral certification was developed for a U.S. classified government agency. The CNFE takes a digital and network forensic skill set to the next level by navigating through over twenty modules of network forensic topics. The CNFE provides practical experience through our lab exercises that simulate real-world scenarios that cover investigation and recovery of data in network, Physical Interception, Traffic Acquisition, Analysis, Wireless Attacks and SNORT. The course focuses on the centralizing and investigating of logging systems as well as network devices.


Certified Disaster Recovery Engineer:

The C)DRE is a four day course that will cover disaster recovery and business continuity planning. It is comprised of 11 Modules. During the course students will perform different DR/BC exercises including spending all of the fourth day writing their own disaster recovery/business continuity plan. The instructor will be spend time advising each student as they work their individual DR/BC plans. Before leaving, the instructor will also advise students on what information they need from their businesses to finish their plans.


Certified Incident Handling Engineer :

The Certified Incident Handling Engineer vendor neutral certification is designed to help Incident Handlers, System Administrators, and any General Security Engineers understand how to plan, create and utilize their systems in order to prevent, detect and respond to attacks. In this in-depth training, students will learn step-by-step approaches used by hackers globally, the latest attack vectors and how to safeguard against them, Incident Handling procedures (including developing the process from start to finish and establishing your Incident Handling team), strategies for each type of attack, recovering from attacks and much more.


Certified Secure Web Applications Engineer:

The vendor neutral Certified Secure Web Application Engineer certification provides the developer with a thorough and broad understanding of secure application concepts, principles and standards. The student will be able to design, develop and test web applications that will provide reliable web services that meet functional business requirements and satisfy compliance and assurance needs.


Certified Wireless Security Engineer:

The C)WSE course will give students real-world experience with solving security vulnerabilities in wireless networks. This is accomplished by students completing hands-on lab exercises with the tools and methodologies that actual malicious hackers use to compromise wireless networks. Wireless networks offer many conveniences that are not available in wired networks, but there is security risk associated with those conveniences that businesses need to understand. The Certified Wireless Security Engineer is prepared to identify those risks that wireless networks present for a business and to create and implement a plan to mitigate those risks.


Certified Virtual Machine Engineer :

The Certified Virtual Machine Engineer course is designed for those who need to understand virtualization and the impacts it can have on an organization. This high impact course provides not only the foundational level of knowledge needed for an efficient datacenter. It also provides the most recent in virtualization and cloud technologies which gives the Certified Virtual Machine Engineer the knowledge and skills necessary to design and manage the datacenter effectively. When virtualization is properly utilized in an organization, it allows the organization to focus on their core business instead of being stopped by IT obstacles. This course covers design, installation, configuration, best practices, performance monitoring, and just about everything else in between for VMware vSphere 6.0.


Certified Security Leadership Officer:

A C)SLO candidate can be seen as the bridge between the cyber security team and operations as well as business management. Essential topics covered in this management track are extremely detailed and include the following: Network Fundamentals and Applications, Hardware Architecture, Information Assurance Foundations, Computer Security Policies, Contingency and Continuity Planning, Business Impact Analysis, Incident Handling, Architect Approaches to Defense in Depth, Cyber Attacks, Vulnerability Assessment and Management, Security Policies, Web Security, Offensive and Defensive Information Warfare.


Certified Information Systems Security Manager :

The Certified Information Systems Security Manager certification course is designed to teach towards and certify a information systems professional’s high standard of excellence in following areas:

Information Security GovernanceInformation Risk Management and ComplianceInformation Security Program Development and ManagementInformation Security Incident Management

While we provide thorough training in these 4 critical areas of information systems security management, most who take the C)ISSM have professional experience in all four of these areas. A gap of experience in some of these fields can be bridged by achieving our C)ISSO: Certified Information Systems Security Officer Certification.


Certified Information Systems Security Auditor :

Many organizations require an Information System Auditor’s expert knowledge when it comes to identifying critical issues and providing effective auditing solutions. The knowledge and course content provided in the vendor neutral Certified Information Systems Security Auditor - C)ISSA will not only cover ISACA®’s exam but will provide a measurable certification that demonstrates proficiency in the IS Auditing Field.


Certified Information Systems Risk Manager:

The Certified Information Systems Risk Manager training will enable professionals to elevate their understanding in identifying and evaluating entity-specific risk but also aid them in assessing risks associated to enterprise business objectives by equipping the practitioner to design, implement, monitor and maintain risk-based, efficient and effective IS controls. The Certified Information Systems Risk Manager covers 5 critical subjects; Risk Identification Assessment and Evaluation, Risk Response, Risk Monitoring, IS Control Design and Implementation and IS Control Monitoring & Maintenance.


Certified Information Security Management Systems Lead Auditor:

The Certified Information Security Management Systems—Lead Auditor certification course prepares students to competently lead audits of information security management systems (“ISMS”) to ensure that they meet ISO/IEC 27001 standards in any organization. Mile2’s ISMS ISO/IEC 27001 Audit Methodology:

PlanningControl EvaluationSubstantive TestingCompletion

The C)ISMS-LA is perfect for those looking to perform an internal or external ISMS ISO/IEC 27001 audit or to certify their ISO/IEC 27001 expertise.Upon Completion students will:

Have learned the ISMS audit principles, procedures and techniques.Acquire the necessary knowledge to manage an ISMS auditBe ready to perform an ISO/IEC 27001 audit.Be ready to sit for the C)ISMS-LA exam.Resident or Live-Remote Instructor Led Course Registration: $2,500Registration includes: Access to the on line 3 day/instructor led course, hard copy course materials, e-book, course completion certificate, 24 CPE credits, on line certification exam w/1 free retake.


Certified Information Security Management Systems Lead Implementer:

The Certified Information Security Management Systems—Lead Implementer certification course prepares students to help any organization through the process of implementing an information security management systems (“ISMS”) that is compliant with ISO/IEC 27001:2013 standard. ISO/IEC 27001 was developed to set a higher standard for information security as a result of increased cyber security risk. Students will not only implement the ISO/IEC 27001 standard but also help organizations set up controls, processes, and procedures for using a ISMS that will facilitate enhanced information security.

The C)ISMS-LI is perfect for anyone looking to implement the ISO/IEC 27001 standard or to certify their ISO/IEC 27001 implementation expertise.Upon Completion Students will:

Acquire the necessary knowledge to manage an ISMS implementationBe ready to perform an ISO/IEC 27001 ISMS implementationBe ready to sit for the C)ISMS-LI exam.


Information Systems Certification and Accreditation Professional :

This vendor neutral Information Systems Certification and Accreditation Professional certification training quantifies the process of certifying, reviewing and accrediting an information system by IT professionals. This certification is designed to provide, through its content and referenced resources, a complete guide to establishing a certified and accredited information system in any organization.


IS20 Controls :

This vendor neutral IS20 Controls certification course covers proven general controls and methodologies that are used to execute and analyze the Top Twenty Most Critical Security Controls. This course allows the security professional to see how to implement controls in their existing network(s) through highly effective and economical automation. For management, this training is the best way to distinguish how you’ll assess whether these security controls are effectively being administered or if they are falling.


ISC2*RMF – Risk Management Framework (40 Hours lecture)

The RMF credential is an objective measure of the knowledge, skills and abilities required for personnel involved in the process of authorizing and maintaining information systems. Specifically, this credential applies to those responsible for formalizing processes used to assess risk and establish security requirements and documentation. Their decisions will ensure that information systems possess security commensurate with the level of exposure to potential risk, as well as damage to assets or individuals. In this

course, you will gain an understanding of the new authorization process and prepare for the CAP certification exam, based on the new SP 800-37 process and the new (ISC)²® Common Body of Knowledge (CBK).

Instructor Lead (meets 5X) | $3495

*CCSP - Certified Cloud Security Professional (40 hours lecture)

As powerful as cloud computing is for the organization, understanding its information security risks and mitigation strategies is critical. Legacy approaches are inadequate, and organizations need competent, experienced professionals equipped with the right cloud security knowledge and skills to be successful. They need CCSPs. Backed by the two leading non-profits focused on cloud and information security, the Cloud Security Alliance (CSA) and (ISC)², the CCSP credential denotes professionals with deep-seated knowledge and competency derived from hands-on experience with information security and cloud computing. CCSPs professionals have achieved the highest standard for cloud security expertise and enable any organization to benefit from the power of cloud computing while keeping sensitive data secure.

Instructor Lead | (meets 5-8X) | $3495

*CISSP® - Certified Information Systems Security Professional (40 hours lecture)

A CISSP is an information assurance professional who defines the architecture, design, management and/or controls that assure the security of business environments. The vast breadth of knowledge and the experience it takes to pass the exam is what sets the CISSP apart. The credential demonstrates a globally recognized standard of competence provided by the (ISC)²® CBK which covers critical topics in security today, including cloud computing, mobile security, application development security, risk management and more. The CISSP was the first credential in the field of information security to meet the stringent requirements of ISO/IEC Standard 17024. CISSP certification is not only an objective measure of excellence, but is also a globally recognized standard of achievement.


*CSSLP - Certified Secure Software Lifecycle Professional (40 hours lecture)

The CSSLP Education Program is the exclusive way to learn security best practices and industry standards for the software lifecycle - critical information to a CSSLP. With our CSSLP training, you will learn tools and processes on how security should be built into each phase of the software lifecycle. The CSSLP CBK contains the largest, most comprehensive, collection of best practices, policies, and procedures, to ensure a security initiative across all phases of application development, regardless of methodology.

Instructor Lead | (meets 5X) | $3495

*HCISPP - HealthCare Information Security and Privacy Practitioner (40 hours lecture)

As the rapidly evolving healthcare industry faces increasing challenges to keeping personal health information protected – including growing volumes of electronic health records, new government regulations, and a more complex IT security landscape – there is a growing need to ensure knowledgeable and credentialed security and privacy practitioners are in place to protect this sensitive information. This forty-hour course prepares the successful graduate to function as the frontline defense in protecting health information. Backed by (ISC)², a global not-for-profit organization that delivers the gold standard for information security certifications, the HCISPP credential confirms a practitioner’s core knowledge and experience in security and privacy controls for personal health information. The HCISPP exam will test the candidate's knowledge in the six domains of the (ISC)² HCISPP CBK®, which cover:

• Healthcare Industry• Regulatory Environment• Privacy and Security in Healthcare• Information Governance and Risk Management• Information Risk Assessment• Third Party Risk Management

HCISPP candidates must have a minimum of two years of cumulative paid full-time work experience in one domain of the credential with the exception that one year of the cumulative experience must be in any combination of the first three domains in Healthcare (Healthcare Industry, Regulatory Environment in Healthcare, and Privacy & Security in Healthcare). The remaining one year of experience can be optionally in any of the remaining three HCISPP domains (Information Governance and Risk Management, Information Risk Assessment, and Third Party Risk Management), and does not have to be related to the Healthcare Industry.


EC-Council*CEH - Certified Ethical Hacker (30 hours lecture; 10 hours lab)

The Certified Ethical Hacker (CEH) Certification Course certifies individuals in the specific network security discipline of Ethical Hacking from a vendor-neutral perspective. CEH certification will fortify the application knowledge of security officers, auditors, security professionals, site administrators, and anyone who is concerned about the integrity of the network infrastructure. A CEH is a skilled professional who understands and knows how to look for the weaknesses and vulnerabilities in target systems and uses the same knowledge and tools as a malicious hacker.


*CCFP - Certified Cyber Forensics Professional (30 hours lecture; 10 hours lab)

The CCFP course is a five-day, high-intensity training using the latest tools and techniques in a live, hands-on laboratory environment that allows students to conduct a simulated cyber investigation. Leading the course are authorized instructors who specialize in cyber forensics in law enforcement, academia, government service and the private sector. The training addresses each element of the CCFP CBK. Completion of this course prepares the graduate to take the (ISC)2 CCFP certification exam.


*CHFI - Computer Hacking Forensic Investigator (30 hours lecture; 10 hours lab)

During our 5-day EC-Council CHFI Certification Training Camp, students will live, learn, and take the exams at one of our state-of-the- art education centers. This blended-learning course employs outcome-based delivery that focuses on preparing you with the real- world skills required to pass the certification exam.


C-CISO - Certified Information Security Officer

EC-Council’s C|CISO Program has certified leading information security professionals around the world. A core group of high-level information security executives, the C|CISO Advisory Board, contributed by forming the foundation of the program and outlining the content that would be covered by the exam, body of knowledge, and training. Some members of the Board contributed as authors, others as exam writers, others as quality assurance checks, and still others as trainers. Each segment of the program was developed with the aspiring CISO in mind and looks to transfer the knowledge of seasoned professionals to the next generation in the areas that are most critical in the development and maintenance of a successful information security program. The C|CISO program is the first of its kind training and certification program aimed at producing top-level information security executives. The C|CISO does not focus solely on technical knowledge but on the application of information security management principles from an executive management point of view. The program was developed by sitting CISOs for current and aspiring CISOs.


*ECIH - EC-Council Certified Incident Handler (30 hours lecture; 10 hours lab)

ECIH is designed to provide the fundamental skills to handle and respond to the computer security incidents in an information system. The course addresses various underlying principles and techniques for detecting and responding to current and emerging computer security threats. Students will learn how to handle various types of incidents, risk assessment methodologies, and various laws and policy related to incident handling. After attending the course, they will be able to create incident handling and response policies and deal with various types of computer security incidents. The IT incident management training program will make students proficient in handling and responding to various security incidents such as network security incidents, malicious code incidents, and insider attack threats. In addition, the students will learn about computer forensics and its role in handling and responding to incidents. The course also covers incident response teams, it incident management training methods, and incident recovery techniques in detail. The ECIH certification will provide professionals greater industry acceptance as the seasoned incident handler


*ECSA: EC-Council Security Analyst (40 hours-all lecture)

EC-Council Certified Security Analyst (ECSA) is an advanced ethical hacking certification that complements the Certified Ethical Hacker (CEH) certification by validating the analytical phase of ethical hacking. An ECSA is a step ahead of a CEH by being able to analyze the outcome of hacking tools and technologies. Through groundbreaking network penetration testing methods and techniques, an ECSA can perform intensive assessments required to effectively identify and mitigate risks to the information security of the infrastructure.


*LPT - Licensed Penetration Tester (30 hours lecture; 10 hours lab)

The Licensed Penetration Tester exam is the capstone that encapsulates the entire information security track of EC-Council, While the Certified Ethical Hacker course teaches an individual what are the threat agents that can compromise the security posture of an organization and the EC-Council Security Analyst program provides a repeatable and documentable methodology that can be used by a security auditor while analyzing the security status of the organization, the Licensed Penetration Tester exam covers a completely different skill-set that is needed by every penetration tester – Report Writing. Report Writing has been described by many as one of least preferred, yet arguably one of the most critical part of any penetration testing engagement.


ISACA*CISA - Certified Information Systems Auditor (30 hours lecture; 10 hours lab)

This 5 day ISACA Certified Information Systems Auditor (CISA) Boot Camp equips information professionals with the knowledge and technical skills required for proficiency in IS audit, control, monitoring, and assessing. The CISA designation is a globally recognized certification for IS audit control, assurance and security professionals. CISA-certified individuals demonstrate that they have audit experience, skills and knowledge. They are also capable of managing vulnerabilities, ensuring compliance and instituting controls within the enterprise. The DoD's IA professionals are classified into two categories: Information Assurance Technical (IAT), and Information Assurance Managerial (IAM). Each category is divided into three levels. CISA is included as a baseline certification for professionals in IAT Level III.


*CISM - Certified Information Security Manager (24 hours lecture)

This 3 day ISACA Certified Information Security Manager (CISM) training course equips information security professionals with the knowledge and technical skills required for proficiency in building and managing enterprise information security. This exam benchmarks the understanding of essential concepts in many Information Security job practice areas. With the help of prominent industry leaders, subject matter experts and industry practitioners, ISACA has put together this exam to define what security managers do and what they need to know. The DoD's IA professionals are classified into two categories-information assurance technical (IAT) and information assurance managerial (IAM)-that are each divided into three levels. CISM is an approved certification for professionals in IAM Levels II and III.


CISA - Certified Information Systems Auditor (30 hours lecture; 10 hours lab)

This 5 day ISACA Certified in Risk and Information Systems Control Boot Camp equips information professionals with the knowledge and technical skills required for proficiency in the most current and rigorous assessment available to evaluate the risk management proficiency of IT professionals and other employees within an enterprise or financial institution. IS audit, control, monitoring, and assessing. CRISC-certified professionals manage risk, design and oversee response measures, monitor systems for risk, and ensure the organization's risk management strategies are met. Organizations look for employees with the CRISC credential for jobs such as IT security analyst, security engineer or architect, information assurance program manager and senior IT auditor. The CRISC exam covers four domains that are periodically updated to reflect the changing needs of the profession:

• Domain 1: Risk Identification• Domain 2: Risk Assessment• Domain 3: Risk Response and Mitigation• Domain 4: Risk and Control Monitoring and Reporting


CGEIT - Certified Governance of Enterprise IT (40 hours lecture)

This 5 day ISACA Certified Information Systems Auditor (CISA) Boot Camp equips information professionals with the knowledge and technical skills required for proficiency in enterprise governance of IT systems. The Certified in the Governance of Enterprise IT (CGEIT) credential is geared toward professionals who play a significant role in managing, advising and/or assuring IT governance. Typical job roles include senior security analyst and chief information security officer—the upper echelon of the organization chart. ISACA's CGEIT exam covers five domains that address various aspects of governance and risk management:

• Domain 1: Framework for the Governance of Enterprise IT• Domain 2: Strategic Management• Domain 3: Benefits Realization• Domain 4: Risk Optimization• Domain 5: Resource Optimization


Cybersecurity Nexus ProgramThe impact and sophistication of cybersecurity challenges and attacks have created a global demand for talent that is outpacing the supply. To help fill the growing cybersecurity skills gap, the Cybersecurity Nexus (CSX) program is the first of its kind to employ lecture-lead skills development training with a by a performance-based capstone certification to ensure technical cybersecurity professions have the requisite skill to perform their functional role tasks. The program provides a training and certification pathway to develop knowledge, skills, and abilities at all stages of an individual’s career. This unique program establishes a new bar in cybersecurity workforce development by offering entry-level, journeyman, and master level training to identify, protect, detect, respond, and recover from threats in cyberspace. The CSX career pathway begins a practitioner, then advances to a specialist, and finally reaches the expert level.

CSX Practitioner SeriesThe CSX Practitioner Series (entry level) offers three unique, week-long courses or a in a condensed week-long boot camp environment conducted in an adaptive, performance-based cyber laboratory environment. Students will have hands-on instruction and practice in applying basic concepts and industry-leading methods and in utilizing a large array of open source tools within real-world scenarios. Each course utilizes PerformanScore®, a learning and development tool that measures a professional’s ability to perform specific cyber security job tasks and enables the instructor to provide the student with immediate feedback. Providing students with an environment to discuss and practice methods implemented by cyber security professionals in the Identify, Protect, Detect, Respond, and Recover domains. The courses help students build skills necessary to be successful in a variety of cyber security-related positions, and to earn the related CSX Practitioner certification. Which validates technical cybersecurity skills and ability to serve as a cybersecurity first responder. The performance-based CSX Practitioner Certification affirms your abilities to perform in this globally in-demand role from day one as a cyber professional that is enterprise workforce ready. SC Magazine selected CSXP as the 2015 “Best Professional Certification Program” in the world.

Practitioner I: Identification and Protection

In this first course in the CSX Practitioner series, you will focus on gaining key Cybersecurity skills and receive foundational real-world instruction on the Identify and Protect domains. Students learn about topics ranging from preliminary network scanning to security control implementation. Completing multiple lab-reinforced modules, you will learn how to apply industry-developed, experience-based methods to identifying key networks, and students will learn to develop appropriate protection mechanisms. In the Identify domain, students will learn to recognize, assess, and remediate specific internal and external network threats. The Protect domain offers instruction in the basic concepts, methods, and tools associated with implementing Cybersecurity controls to protect a system from the identified threats.


Practitioner II: Detection

In this second course in the CSX Practitioner series, students will go deeper into skills focused in the Detect domain. Students will learn the basic concepts, methods, and tools used to leverage Cybersecurity controls in order to identify system events and non-event level incidents. Completing multiple lab-reinforced modules, students will gain the skills necessary to detect potential network events and incidents. Students will learn about topics ranging from incident packet analysis to drafting and generating incident response reports.


Practitioner III: Respond and Recover

In this final course in the CSX Practitioner series, students will gain hands-on instruction in the Respond and Recover domains. With course lecture backed up by lab sequences, students will learn how to apply professional methodology to

respond to and recover from network incidents or disasters. Students will discover how to contain an event and protect assets and infrastructure, and students will learn the components and procedures required for a comprehensive incident response plan. In the Respond domain, students will learn the basic concepts, methods, and tools required to draft and execute comprehensive incident response plans, provide proper isolation response documentation, and document and maintain information related to incident response. In the Recover domain, students will master the basic concepts, methods, and tools required to recuperate a system or network, and students will learn how to implement continuity and contingency plans.


CSX Practitioner Boot Camp

CSX Practitioner Boot Camp is a 5-day, immersive cyber security training course designed to help you build your technical skillset through true hands-on learning. The Boot Camp is conducted in a live, lab-based network environment – not a simulated environment like other courses. Students go through complex cyber security scenarios based on recent, real-world scenarios and be given live incidents to detect and mitigate. Each day in this immersive training covers complex technical skills and concepts in one of five areas aligned to existing global cyber security frameworks:

• Identify: Identification, assessment and evaluation of assets, threats and vulnerabilities in both internal and external networks

• Protect: Implementation of cyber security controls to protect a system from identified threats• Detect: Detection of network and system incidents, events and compromise indicators, along with assessment

of potential damage• Respond: Execution of comprehensive incident response plans and mitigation of cyber incidents• Recover: Recovery from incidents and disasters, including post incident-response documentation and

implementation of continuity plans


Cyber World Institute (CWI) Partner Specialty TrainingCWI Python for Network Security Administrators (25hours lecture; 15 hours Lab)

Python for Network Security Administrators is a fast-paced boot camp-style introductory course for Python security and networking topics. The course will expose students to common Python types, data manipulation, networking, command-line scripting, and parallel processing. Additionally, this course covers information related to common exploits involved in Windows server systems and common virus exploits. Students will learn how to recognize exploit traffic, and the difference between attacks and poor network configuration. Specific learning objectives include:

• Command-Line Python • Screen Output • Main Functions in Python • String I/O and manipulation • Converting Strings and Numbers • Python Lists, Dictionaries • Loops • Writing Functions, Packing Objects• Unit testing• File I/O, Error Handling• SQLite• Pickling & Un-pickling• ICMP Scanner• TCP Port Scanner• Chat Client and Server• Dictionary-Based Password Cracking• Parallel Processing ICMP Scanner• Parallel Processing TCP Scanner• Parallel Processing Password Cracker• Clear Windows Event Log Using C-Types and the Windows AP• Packet Crafting Using Scapy• Network-Based File Transfer


CWI TCP/IP Fundamentals (25 hours lecture; 15 hours Lab)

TCP/IP Fundamentals studies traffic analysis and concepts of creating defensive measures based on analyst findings. This course covers collection of network traffic, analysis of individual packets, and setup and configuration of open-source intrusion detection systems (IDS). Additionally covered are the procedures required for network exploitation analysts to implement traffic statistics methodology, intrusion sensors deployment and report generation utilized by management and administrators. Provide an understanding of TCP/IP fundamentals including where/how to capture and analyze network traffic for summary reporting based on findings and observations. Specific learning objectives include:

• Linux Fundamentals• Working with Files and Directories• Working with Network Interface• Installing Software• Access Control• Network Fundamentals & Design• Port Mirroring• IDS/IPS Architecture• Snort and SnorbyNetwork devices, packet capturing in a switched environment• Packet Deconstruction• Wireshark• Tcpdump• Application Layer Protocols Staff• Scans (SYN, SYN/ACK, FIN, Frag, Idle)• Well-Known Application Ports• ICMP Time-to Live (TTL)• OSINT• Google Operators• Introduction to Attacks• Kali and Metasploit Framework• Defense• Monitoring Networks• Windows Event Logs• Linux Syslog Logs• DHCP Logs• DNS Logs and Capture Filters• Analyze network traffic as it is being transmitted live “across the wire”• Determine the extent and severity of attacks underway• Analyze attacks and identify potential mitigations


CWI Fundamentals of Network Forensics (25 hours lecture; 15 hours Lab)

Fundamentals of Network Forensics expands on acquired networking knowledge and extends in to the computer forensic mindset. Students will learn about common devices used in computer networks and where useful data may reside. Students will also learn how to collect that data for analysis using hacker methodology. Additionally, the course covers information related to common exploits involved in Windows server systems and common virus exploits. Specific learning objectives include:

• How to recognize exploit traffic• The difference between attacks and poor network configuration• Hacker techniques and mindset and steps of an attack• Tools used for exploitation• Packet capturing and analysis• Tools used for network analysis• Filtering traffic and protocol analysis• Comparing file hashes to identify malicious files• Parsing network traffic to identify malicious files and attacker activity• Network devices, packet capturing in a switched environment• Configuring Ethernet ports on an IDS• Advantages of internal and external IDS placement• Running Snort• Analyzing Windows incident response data• Analyzing Linux incident response data• Using visualization tools to recognize anomalous communications• Correlating data from established connections processes and traffic

• Using Sawmill to analyze Snort logs• Recognizing internal and external threats


CWI Mobile Device Forensics (25 hours lecture; 15 hours Lab)

Mobile Device Forensics provides an introduction to mobile devices and the value that they offer in forensic investigations. The class addresses the methods used to store data, as well as the areas of the mobile device where data is stored and how to access it. The class will also discuss mobile device removable media and the role it plays with the mobile device. Students will cover network technology as well as three tools specifically designed for mobile device acquisition. Upon completion of an extensive hands-on experience, the student will draft a comprehensive forensic report, ensuring all actions were documented and conducted in a forensically sound manner.

• Using faraday• Preparing target media using dc3dd• Acquiring a SIM card and saving to target media• Creating a forensic image of removable media using dc3dd• Exifdata analysis• Viewing data in hex editor• Conducting forensic analysis on previously imaged media• Device acquisitions following forensically sound methodologies • Drafting of forensic report


CWI Pen Testing & Network Exploitation (25hours lecture; 15 hours Lab)Pen Testing & Network Exploitation exposes students to all manner of reconnaissance, scanning, enumeration, exploitation and pillaging for 802.3 networks. Topics expose students to a variety of recon, discovery, scanning, enumeration, exploitation, post-exploitation, pillaging, covering one’s tracks and persistence. Provides in-depth exposure and hands-on practice with all facets of 802.3 hacking, vulnerability research, pivoting, exploitation, password/hash cracking, post-exploitation pillaging and methods of setting up persistence on a victim’s network. Specific learning objectives include:

• Windows & Linux Command Line Review• PowerShell Introduction• Scanning LAN Hosts• Scanning & Enumeration of Windows & Linux Hosts• Exploits Searching Based on Scanning & Enumeration• SQL Injection• Cross Site Scripting• Routed Scanning & Discovery• Understanding Firewalls & NAT Devices• Forwarding and Brute-Forcing SSH• Adding Routes• Privilege Escalation Discovery• Post-Exploitation Pillaging• Breaking Web Apps• Using PowerShell Over Pivoted SSH Tunnels• Creating Backdoors


CWI Fundamentals of Malware Analysis (25 hours lecture; 15 hours Lab)

This course uses a unique method of capability analysis, via pattern recognition, to teach students how to rapidly determine if malware is a threat to operations. This method helps to provide valuable analysis at a quick rate. After determining the threat level, students will learn the how to fix the vulnerabilities and the correct recommendations to make to upper management, while on the job. Specific learning objectives include:

• Overview• Malware Reverse Engineering Methodology• Basics of Assembly• Assembly Instructions

• Malware Fundamentals & Tool Familiarization• Rapid Malware Identification via reverse engineering• Identifying Malware Capabilities• Malware Defensive Techniques• Web Based Malware• Malware Incident Prevention• Prevention• Eradication


CWI Wireless Security & Testing (25 hours lecture; 15 hours Lab)

Wireless Pen Testing and Network Exploitation introduces students to all manner of reconnaissance, scanning, enumeration, exploitation and reporting for 802.11 networks. The lab topics expose students to a variety of survey, database creation, scripting, and attack methods that can be used to gain a foothold in to a client’s network during a penetration test. This course provides in-depth exposure to all facets of 802.11 penetration testing, encryption cracking, post-exploitation pillaging and report writing. Specific learning objectives include:

• Scoping and Planning WiFi Penetration Tests• 802.11 Protocols and Standards• Authentication vs Association• WiFi Security Solutions & Hacking Hardware• Connectors and Drivers• Recon and Custom Password• Generation with Cupp and CeWL• Conducting Surveys Using Airodump-ng and Kismet• Creating SQL Databases of Survey Data• Specialized SQL and AWK Commands to Manipulate Data for Reporting• Cracking WEP• Setting Up MAC Filters• Bypassing MAC Filters• GISKimset to Database Survey Information• Creating Custom SQL Queries• AWK Tool to Format Output from SQL Queries for Reporting• GISKismet to Create .kml Files• Stream and Block Ciphers, Block Cipher Modes• WPA2 AES-CCMP Security Process• Cowpatty to Recover WPA2 Passphrase• Pyrit to Survey and Attack Encryption• Data basing and Recovering WPA2 Passphrases• Man-in-the-Middle Attack Theory• Attacking Preferred Network Lists via Rogue AP• Easy-Creds to set up Fake AP• SSLStrip to Conduct Attack Against SSL Traffic• URLSnarf to Capture Victim HTTP Traffic• Ettercap to Poison ARP Cache on WiFi Network and Conduct Various Attacks Against Clients• Custom Ettercap Filters• Rusty Cobra Tool to Automate WiFi Survey• Visualization, Database Management and Report File Creation


CWI Incident Response (25 hours lecture; 15 hours Lab)

Incident Response equips students with the needed tools to implement robust defense-in-depth practices within the workplace. IR provides detailed training on proper documentation and planning for computer network defense. The course exposes students to a variety of real-world scenarios and provides hands-on experience in event detection and recovery in an enterprise environment. Specific learning objectives include:

• IR today • Network mapping and awareness • Standard documentation requirements and options • System and network baselining practices • Wisdom of security auditing

• Proactive vs. reactive action • Risk management and defense • Incident detection approaches• Baselining saves the day• Practices for analyzing an incident• Approaches for confirming an incident• Using all logs for impact analysis• Techniques for analyzing files• Incident Recovery Plans• Testing recovery options before/after rollout• Standard Operating Procedures and Recovery Plans• Approaches for confirming an incident• Using all logs for impact analysis• Techniques for analyzing files• Reporting to management


CWI Reverse Engineering Malware (25 hours lecture; 15 hours Lab)

Reverse Engineering Malware is an intermediate course that exposes students to the theoretical knowledge and hands-on techniques to analyze malware of greater complexity. Students will learn to analyze malicious Windows programs, debug user-mode and kernel-mode malware with WinDbg, and identify common malware functionality, in addition to reversing covert and encoded malware. Specific learning objectives include:

• Windows API• Handles & file system functions• Common registry functions & autoruns• Networking APIs• Processes, threads & mutexes• COM objects• Kernel vs. User-mode debugging• Software & hardware breakpoints• Modifying program execution & patching• OllyDbg overview• Memory maps• Executing code, breakpoints & tracing• OllyDbg plugins• Kernel debugging with WinDbg• Configuring kernel debugging environment• Analyzing functions, structures and driver objects• Rootkit analysis• Downloaders, launchers & backdoors• Analyzing various persistence mechanisms & usermode rootkits• Covert malware• Abusing resource section of PE file• Process injection & process replacement• Windows hooks & detours• APC injection from kernel space• Analyzing encoding algorithms• XOR, BASE64 & custom encoding• Common crypto algorithms• KANAL• Custom decoding scripts in Python• Instrumentation for generic decryption


CWI Advanced Malware Analysis (25 hours lecture; 15 hours Lab)

Advanced Malware Analysis is an advanced course that exposes students to the theoretical knowledge and hands-on techniques to reverse engineer malware designed to thwart common reverse engineering techniques. Students will learn how to identify and analyze the presence of advanced packers, polymorphic malware, encrypted malware, and malicious code that has been armored

with cryptors, anti-debugging and anti-reverse engineering. Provide an in-depth understanding of identifying & analyzing the presence of advanced packers, polymorphic malware, encrypted malware & malicious code. Specific learning objectives include:

• Indications of malware activity• Network countermeasures• Snort & complex signatures• Hiding in the noise by mimicking existing protocols• Client initiated beacons• Networking code & encoding data• Networking from an attacker’s perspective • Defeating disassembly algorithms• Same target jumps & constant condition jumps• Rogue opcodes• Multi-level inward jumping sequences• Patching binaries to defeat return pointer abuse• SEH abuse• Reversing armored code designed to thwart stack frame analysis• Using Windows API functions to detect debuggers• PEB checks, ProcessHeap flag & NTGlobal flag• TLS Callbacks• Exceptions and Interrupts• PE Header vulnerabilities• OutputDebugString vulnerability• Anti-VM techniques & memory artifacts• Red pill & no pill techniques• Unpacking stub, tail jump, OEP & import resolution• Manual IAT rebuilds• Tips & tricks for dealing with several common packers• Shellcode analysis, position independent-code & call/pop• Shellcode use of LoadLibraryA & GetProcAddress for dynamic function location• C++ Analysis• Overloading functions, mangling and vtables• Challenges of identifying inheritance between classes• 64-bit malware, general-purpose & special-purpose registers• X64 calling convention & exception handling


Coding Camp

*Coding Camp (320 hours)

This coding camp is designed with every skill level in mind. That means that the learning steps have to be broad and activities have to relate to things we do outside of programming. The first few weeks will be groundbreaking and tough, but you will be very surprised at how big a geek you really are! While no programming skill is required, you do have to have a passion for technology and a basic understanding of how computers work. Also, the prerequisites that we give you will come with a quiz at the end, so you'd better be a quick study if you don't know anything about programming when you apply.


Web Design (25 hours lecture; 15 lab)

This course prepares students to take the role of a developer by expanding their knowledge of programming and Web page design and applying it to the creation of Web pages, programs, and documentation for users and equipment. Students learn to create user-friendly manuals, Web sites, and program interfaces.


Programming in JavaScript (25 hours lecture; 15 lab)

JavaScript introduces students to the basics of JavaScript, one of today's leading web development languages. The course requires knowledge of HTML and CSS and is an ideal transition from HTML into more advanced web technologies and Web 2.0 tools. As

students explore the fundamentals of JavaScript, they gain an understanding of how to implement interactivity, special effects, and enhanced functionality in web development. The course features current web-standards compliance techniques for the web and covers the most up-to-date practices in JavaScript. For students new to programming, the course is even more enriching as it covers basic computer programming concepts and introduces the concepts of variables, operators, arrays, conditional statements, loops and functions--all an indispensable part of higher level languages like C, C++, and Java. Students do not need to purchase any software in order to successfully complete this class.


Introduction to HTML5 and CSS3 (25 hours lecture; 15 lab)

In this course, you will gain an understanding of the latest approaches to web site design and consistency. Through hands-on labs, you will build a small business web site of your own. You will work with images and learn to add formatting and style with CSS to encourage consistency and easy editing in web site design.


Designing Programs in C++ (25 hours lecture; 15 lab)

This course is intended for software engineers, programmers, and analysts who will use C++ to design and create programs. As C++ language becomes the foundational language for procedural and object-oriented programming, this course provides the skills required to read and understand C++ programs for maintenance and update purposes


XML Developer (25 hours lecture; 15 lab)

This course concentrates on the eXtensible Markup Language (XML) and building XML applications. In this 5-day course, you'll learn by doing, focusing on the XML components of an application and how to best use these components. Investigate database integration as well as manipulation with both the Document Object Model (DOM) and the eXtensible Stylesheet Language (XSL). In addition, you will complete an extensive, real-world case study for immediate feedback and assistance.


Programming in C# (25 hours lecture; 15 lab)

Learn about the C# program structure, language syntax, and implementation details with .NET Framework 4.0 in this five-day course. You will discover the new enhancements in the C# 4.0 language by using Visual Studio 2010. After an introduction to C# and the .Net framework, you'll learn how to use C# programming constructs, how to read and write files, how to encapsulate data, and how to use LINQ to query data. Labs help you put theory into practice and better prepare you for when you return to your job.


AJAX Fundamentals (25 hours lecture; 15 lab)

This course provides indoctrination in the practical use of the umbrella of technologies that support Ajax as well as some of the tools, toolkits, and frameworks that can be used in conjunction with Ajax development and deployment. You will begin with an initial look at Ajax and how it is used within the context of web applications. You will walk through the different technologies that are the foundation for Ajax. Once the foundations of Ajax have been established, you will look at the fundamental aspects of Ajax in terms of web applications, security, tools, and frameworks. The transport and processing of data is a significant part of the Ajax picture. The course presents the various options for data interchange and processing.


Android App Development (AndroidDev) (25 hours lecture; 15 lab)

With Android phones being produced by all of the major phone manufacturers and with the addition of new tablet devices, it's no surprise that the Android platform is the fastest growing mobile development platform in the world. In this course, you will learn to develop Android applications using Java and the Eclipse development environment. You will learn basic application development including using the Android mobile camera, working with geolocation tools, and playing audio and video files.


Information Technology

*Computer Support Specialist- Windows (360 hours)

The program includes the CompTIA A+ and Network+ material covered in the Computer Repair Technician Program plus new material to prepare the student to function in a PC/Network support capacity. The emphasis is not only on the material but is presented in a manner that anticipates the person will be providing phone or e-mail support to end users. Material covered includes safety techniques, identification of computer hardware, assemble and disassemble PC’s, configure and optimize the DOS and Windows environments, configure computer equipment, diagnose and troubleshoot problems with peripherals, install and optimize Windows, overview of LAN’s, and implement a preventive maintenance program. Also, includes an introduction to Mac hardware and operating systems. Students will learn A+ Essentials knowledge to perform more advanced tasks in installing, configuring, upgrading, and maintaining personal computers in a business environment. Also, includes complex techniques to troubleshoot personal computer (PC), operation system (OS), and network connectivity issues and security implementation. The Network + phase of the program includes an introduction to networking practices such as: Common network topologies, implementing a network, network media, maintenance, support and troubleshooting techniques. Students will learn how to configure the PC with TCP/IP and understand TCP/IP terms, including what they are and why they are necessary. Students will learn about connectivity devices and how to configure and connect to the network. This includes installing and testing a network adapter card, configuring drivers, and loading software. Unfortunately, it seems we hear of another major cybersecurity breach. Whether from foreign governments, thieves seeking to plunder or just mischief makers, the problem of network security grows daily. A recent study predicts we will need an additional 1.5 million cybersecurity trained people by 2020. The Security+ class is the first step along the path to understand and managing computer network security. In this course, students will build on the knowledge and professional experience with computer hardware, operating systems, and networks as they acquire the specific skills required to implement basic security services on any type of computer network. Students will implement and monitor security on networks and computer systems, and respond to security breaches. The Windows, Enterprise Desktop Support course provides students with the knowledge and skills needed to isolate, document and resolve problems on a Windows desktop or laptop computer. It will also help test takers prepare for the Microsoft Enterprise Desktop Support Technician Windows Exam.


CompTIA*A+ Certification Bootcamp (40 hours)

Learn the information to help you pass the A+ Certification required for individuals interested in hardware configuration. There are two tests required to become A+ Certified. This course is for the experienced IT professional.


*Career A+ Certification (60 hours)

Learn the information to help you pass the A+ Certification required for individuals interested in hardware configuration. There are two tests required to become A+ Certified. Included is time for study groups and pre-tests to prepare for the certified exams. This class is perfect for person with some computer repair experience.


*Career A+ Certification with Refurbishing (120 hours - 65 hours lecture; 55 hours lab)

In this A+ class students learn the hardware and software elements of the personal computer. Their studies are intended to give them a good knowledge about the PC and the skills to work as a repair technician. Additionally, they will perform hands-on work in the TLC Microsoft Refurbishment Center reconditioning and configuring PCs. This class is for the person new to PC technology with no knowledge of the industry. Its slow in-depth pace brings the student from zero knowledge and skills to the ability to perform as a PC technician. This course is designed for the beginner/novice and prepares the student for the CompTIA A+ certification exams.


*Career Network + (40 hours)

Introduction to networking practices such as: Common network topologies, implementing a network, network media, maintenance, support, and troubleshooting techniques. Students will learn how to configure the PC with TCP/IP and understand TCP/IP terms, including what they are and why they are necessary. Students will learn about connectivity devices and how to configure and

connect to the network. This includes installing and testing a network adapter card, configuring drivers, and loading software. This class is for the experienced IT professional needing to update their network knowledge.


*Career Network + Novice (80 hours - 50 hours lecture; 30 hours lab)

Earning CompTIA's Network+ certification increases your value in the marketplace, providing proof of your knowledge, skills, and ability to manage, maintain, troubleshoot, install, operate, and configure basic network infrastructure. Our Network+ Novice course points you in the right direction, allowing you to demonstrate the concepts covered on the Network+ exam in a real-world, hands-on environment. You will work through several practice exams to reinforce your knowledge. You will gain essential networking skills in labs that feature networking equipment from Cisco, Linksys, Netgear, ZyXel, and others. As an added bonus you may access the practice exam on your own computer. Students must have completed, within the past 12 months, a CompTIA A+ course or have recent relevant pc repair experience. This course is designed for the beginner/novice and prepares the student for the CompTIA Network+ certification exam.

Instructor Lead| (meets 16X) | $2700

*Career Security + Certification (40 hours)

In this course, students will build on the knowledge and professional experience with computer hardware, operating systems, and networks as they acquire the specific skills required to implement basic security services on any type of computer network. Students will implement and monitor security on networks and computer systems, and respond to security breaches. Students must have A+ and Network + Certifications or equivalent.


*Career Security + Novice (80 hours - 50 hours lecture; 30 hours lab)

In this course, students will learn to proactively implement sound security protocols to mitigate security risks, quickly respond to security issues, retroactively identify where security breaches may have occurred, how to mitigate network threats and how to design a network, on-site or in the cloud, with security in mind. Students must have completed, within the past 12 months, a Network+ course or have recent relevant networking and/or network security experience. This course is designed for the beginner/novice and prepares the student for the CompTIA Security+ certification exam.


*CompTIA Advanced Security Practitioner (CASP) Certification (40 hours)

This course will prepare the successful candidate with the technical knowledge and skills required to conceptualize, design, and engineer secure solutions across complex enterprise environments. The candidate will apply critical thinking and judgment across a broad spectrum of security disciplines to propose and implement solutions that map to enterprise drivers.


*Cybersecurity Analyst (CSA+) Certification (40 hours)

The Cybersecurity Analyst (CSA+) certification is a vendor-neutral IT professional certification that validates knowledge and skills required to configure and use threat detection tools, perform data analysis, interpreting the results to identify vulnerabilities, threats and risk to an organization with the end goal of securing and protecting applications and systems within an organization. The CSA+ certification applies behavioral analytics to the IT security market to improve the overall state of IT security. Analytics have been successfully integrated in the business intelligence, retail and financial services industries for decades. Analytics are now applied to IT security. Cybersecurity analytics greatly improves threat visibility across a broad attack surface by focusing on network behavior, including an organization’s interior network. Threats are better detected using analytics. CSA+ is a vendor-neutral IT professional certification and the recommended first professional-level certification for IT security-analyst professionals. The performance-based CSA+ exam will include hands-on simulations. These simulations require test-takers to perform security analyst job tasks during the exam. To prepare for these performance-based assessments, trainers, educators and publishers should emphasize open-source analytics tools and teamwork. Use net wars or cyberwarfare scenarios with red teams as pen testers, white teams as security analysts, and blue teams as incident responders.


CiscoCCNA: Cisco Certified Network Associate

*CCNA Routing and Switching

ICND1: Interconnecting Cisco Network Devices Part 1 (40 hours)

This 40 hour course focuses on providing the skills and knowledge necessary to install, operate, and troubleshoot a small branch office Enterprise network, including configuring a switch, a router, and connecting to a WAN and implementing network security. A Student should be able to complete configuration and implementation of a small branch office network under supervision.


ICND2: Interconnecting Cisco Network Devices Part 2 (40 hours)

This 40 hour course focuses on providing the skills and knowledge necessary to install, operate, and troubleshoot a small to medium-size branch office Enterprise network, including configuring several switches and routers, connecting to a WAN and implementing network security. ICND 1 is a prerequisite.


*CCNA Data Center (40 hours)

For data center network administrators who want to save time and money on data center design, equipment installation, and maintenance, the Cisco Certified Network Associate Data Center (CCNA Data Center) certification is a job-role-focused training and certification program that allows you to maximize your investment in your education and increase the value of your data center network. Because of Cisco’s leadership in providing data center solutions, this course provides comprehensive training and addresses the key areas of data center network design, implementation, and maintenance.


*CCNA Cyber Ops (40 hours)

Today's organizations are challenged with rapidly detecting cybersecurity breaches and effectively responding to security incidents. Teams of people in Security Operations Centers (SOC’s) keep a vigilant eye on security systems, protecting their organizations by detecting and responding to cybersecurity threats. The CCNA Cyber Ops certification prepares candidates to begin a career working with associate-level cybersecurity analysts within security operations centers.


*CCNA Collaboration (40 hours)

For network video engineers, collaboration engineers, IP telephony and IP network engineers who want to develop and advance their collaboration and video skills in line with the convergence of voice, video, data and mobile applications, the Cisco CCNA Collaboration certification is a job-role focused training and certification program. It will allow you to maximize your investment in your education, and increase your professional value by giving you the skills to help your IT organization meet increased business demands resulting from these technology transitions.


*CCNA: Security

IINS: Implementing Cisco IOS Network Security (40 hours)

This 40 hour course focuses on the necessity of a comprehensive security policy and how it affects the posture of the network. Learners will be able to perform basic tasks to secure a small branch type office network using Cisco IOS security features available through web-based GUIs (Cisco Router and Security Device Manager [SDM]) and the command-line interface (CLI) on the Cisco routers and switches. Students are encouraged to take the Cisco certification exam IINS Exam.


CCNP: Cisco Certified Network Professional

*CCNP Routing and Switching

SWITCH - Implementing Cisco IP Switched Networks v1.0 (40 hours)

In this course, the student will learn to plan, configure, and verify the implementation of complex enterprise switching solutions, using Cisco Enterprise Campus Architecture. SWITCH v1.0 also covers secure integration of VLANs, WLANs, voice, and video into campus networks.


ROUTE - Implementing Cisco IP Routing v1.0 (40 hours)

This course teaches the student to plan, configure, and verify the implementation of complex enterprise LAN and WAN routing solutions, using a range of routing protocols. ROUTE v1.0 also covers configuration of secure routing solutions to support branch offices and mobile workers.


TSHOOT - Troubleshooting and Maintaining Cisco IP Networks v1.0 (40 hours)

This course prepares the student to (1) plan and perform regular maintenance on complex enterprise routed and switched networks, and (2) use technology-based practices and a systematic ITIL-compliant approach to perform network troubleshooting. Labs provide hands-on learning and reinforce troubleshooting skills.


MicrosoftMCSA Microsoft Certified Solutions Associate

*MCSA Windows

*Windows Enterprise Desktop Install, Configure and Support (55 hours lecture; 25 hours lab)

This instructor-led course is for individuals who are relatively new to IT and interested in expanding their knowledge base and technical skills about Windows Client. Students must have completed, within the past 12 months, a Network+ course or have recent relevant networking experience. In this course, students learn how to install, upgrade, and migrate to Windows client. Students then configure Windows client for network connectivity, security, maintenance, and mobile computing. The goal of this training is to enable these individuals to support the Windows operating system and solve technical troubleshooting problems in a Windows and Windows Server networking environment. By the course’s end, students will have been exposed to the process of establishing and using a troubleshooting methodology, and the EDST job role and responsibilities. Additionally, students will be exposed to various troubleshooting tools and techniques that enable them to address a variety of Windows issues in an enterprise network.. This course helps students prepare for the Microsoft certification exam


*MCSA Windows Server Administrator 2012

20410 Installing and Configuring Windows Server 2012 (30 hours lecture, 10 hours lab)

This 5 day instructor course is part one of a series of three courses. Through this series you will gain the skills and knowledge needed to implement a core Windows Server 2012 infrastructure in an existing enterprise environment. This course incorporates material from the Official Microsoft Learning Product 20410 and will help you prepare for Exam 70-410: Installing and Configuring Windows Server 2012. Exam 70-410 is one of three exams needed for the MCSA: Windows Server 2012 certification


20411 Administering Windows Server 2012 (30 hours lecture, 10 hours lab)

The course is part two of a series of three courses, which provide the skills and knowledge necessary to implement a core Windows Server 2012 infrastructure in an existing enterprise environment. The three courses in total will collectively cover implementing, managing, maintaining and provisioning services and infrastructure in a Windows Server 2012 environment. While there is some cross-over in skillset and tasks across the courses, this course will primarily cover the administration tasks necessary to maintain a Windows Server 2012

infrastructure, such as user and group management, network access and data security. This course helps people prepare for exam 70-411.


20412 Configuring Advanced Windows Server 2012 Services (40 hours lecture)

This course is part three of a series of three courses. Through this series you will gain the skills and knowledge necessary to implement a core Windows Server 2012 Infrastructure in an existing enterprise environment. Students will learn the advanced configuration and services tasks needed to deploy, manage, and maintain a Windows Server 2012 infrastructure. Lessons will cover identity management and federation, network load balancing, business continuity and disaster recovery, fault tolerance, and rights management. This course helps people prepare for Exam 70-412.


20417 Upgrading Your Skills to MCSA Windows Server 2012 (40 hours lecture)

In this course, you will cover new features and functionality in Windows Server 2012, including management, networking infrastructure, storage, access control, Hyper-V, high availability, and identity federation. You will also cover Dynamic Access Control (DAC), failover clustering, Microsoft Online Backup and changes with Active Directory, Powershell 3.0, Hyper-V 3, and Active Directory Federation Services (AD FS). This course is also preparation material, and maps directly to, the Exam 70-417: Upgrading Your Skills to MCSA Windows Server 2012.


*MCSA: Windows Server Administrator 2012 Bootcamp (40 hours lecture)

This instructor-led 5 day course is intended for seasoned individuals in Server Administration. Students will learn how to plan, design, configure and install Sever 2012 platforms. Topics covered are Server 2012 active directory domain services, network administration, troubleshooting identity and access solutions. This fast paced program requires the student to have a minimum of one year of experience with Microsoft Server products.


*MCSA: SQL Server 2012

20461 Querying Microsoft SQL Server (40 hours lecture)

This 5-day instructor led course provides students with the technical skills required to write basic Transact-SQL queries for Microsoft SQL Server 2012. This course is the foundation for all SQL Server-related disciplines; namely, Database Administration, Database Development and Business Intelligence. This course helps people prepare for exam 70-461.


20462 Administering Microsoft SQL Server Databases (40 hours lecture)

This five-day instructor-led course provides students with the knowledge and skills to maintain a Microsoft SQL Server 2012 database. The course focuses on teaching individuals how to use SQL Server 2012 product features and tools related to maintaining a database. Note: This course is designed for customers who are interested in learning SQL Server 2012 or SQL Server 2014. It covers the new features in SQL Server 2014, but also the important capabilities across the SQL Server data platform.


20463 Implementing a Data Warehouse with Microsoft SQL Server (40 hours lecture)

This 5-day instructor-led course describes how to implement a BI platform to support information worker analytics. Students will learn Designing Business Intelligence Solutions with Microsoft SQL Server 2012how to create a data warehouse with SQL Server 2012, implement ETL with SQL Server Integration Services, and validate and cleanse data with SQL Server Data Quality Services and SQL Server Master Data Services. This course helps people prepare for the exam 70-463.


*MCSA: SQL Server 2012 Bootcamp (40 hours lecture)

This instructor-led 5 day course is intended for seasoned individuals in SQL Server. Students learn product features and tools related to maintaining a database. Students will learn Designing Business Intelligence Solutions with Microsoft SQL Server 2012, how to create a data warehouse with SQL Server 2012, implement

ETL with SQL Server Integration Services and validate and cleanse data with SQL Server Data Quality Services and SQL Server Master Data Services.

This fast paced program requires the student to have a minimum of one year of experience with Microsoft Server products.


20487 Developing Windows Azure and Web Services (25 hours lecture; 15 hours lab)

In this course, students will learn how to design and develop services that access local and remote data from various data sources. Students will also learn how to develop and deploy services to hybrid environments, including on-premises servers and Windows Azure. This course helps people prepare for exam 70-487.


Microsoft SharePoint*SharePoint End User (24 hours-lecture)

This 3-day Instructor Led course explores all the basic end user features of SharePoint 2010 including all basic lists and sites. This course is intended for business users and anyone that works with SharePoint sites on a regular basis. Students will understand and work with SharePoint Lists, List Management tasks, Permissions and basic SharePoint Foundation sites. MS Course no.50468


*SharePoint Power User (16 hours-lecture)

This 2-day Instructor led course explores several advanced topics of working with SharePoint 2010 sites. Topics include SharePoint Server site definitions (Business Intelligence, Search Center, etc.), in-depth coverage of Workflows, My Sites and Social Computing, Site Administration, Site Customization and Site Collection Administration. MS Course no. 50469


*SharePoint Administrator (40 hours-lecture)

This five-day instructor-led course is designed for the site owner/”power user” of a SharePoint site who needs to know how to create sites and lists, manage user access and customize lists and pages. This class uses the SharePoint Server current version of SharePoint. While it is of equal value for users of SharePoint Foundation, it does include a few features not found in Foundation.


UNIX/Linux*UNIX/Linux Fundamentals (40 hour lecture)

This course provides training on standard UNIX/ Linux commands and utilities used for day to day tasks including file manipulation, program execution and control, and effective use of the shell and desktop environments. The course presents the concepts necessary to understand the way UNIX works as well as the system's most commonly used commands. Data manipulation utilities and shell syntax for synthesizing command pipelines are emphasized. Shell programming is introduced so students will be able to read and modify existing shell scripts as well as create their own. Desktop environments are also introduced from a user's perspective, including common window managers, Open Office utilities and an introduction to configuration tools.


Leadership, Management & Quality

*PMP® - Project Management Professional (40 hours lecture)

In this program, you’ll master the skills you need to get started in project management or take your career to the next level. You’ll also complete the 40 hours of formal project management education meeting prerequisite for taking the Certified Associate in Project Management (CAPM) or Project Management Professional (PMP) certification exam. This state-of-the-art program is fully compliant with the current edition of the Guide to Project Management Body of Knowledge (PMBOK).


*ITIL® Foundations Certification: (24 hours lecture)

The Foundation course is the entry level certification course for IT Service Management Best Practices training in ITIL. This course covers the latest version of core ITIL best practices presented from a lifecycle perspective. The course introduces the principles and core elements of IT service management (ITSM) based on ITIL. ITIL is comprised of five core publications: Service Strategy, Service Design, Service Transition, Service Operations and Continual Service Improvement, promoting alignment with the business as well as improving operational efficiency. This course is delivered using an exciting case study designed to further enhance and cement the candidates understanding of ITIL. Students who have attended this course are suitably prepared to successfully take the associated ITIL Foundation certification test which is a requirement for attending any of the further learning courses (ITIL intermediate level training).

Instructor Lead (meets 3-6X) | $2395

*ITIL® Practitioner Certification: (24 hours lecture)

The ITIL Practitioner course focuses on the implementation and management of the processes and functions involved in providing cost justifiable IT services that are aligned with the Customer’s needs. This course particularly focuses on Service Level Management and Financial Management. It is aimed at optimizing the quality of services provided by IT organizations by responding to customer requirements in a cost justifiable manner. Course work is completed in one five-day session during which participants will learn how to effectively implement, manage and optimize the Agree and Define processes in an organization through interactive classroom training. Participants will be prepared to sit the associated EXIN certification examination. Objectives include:

• Understand the ITIL model sufficiently to be able to develop, implement and manage an Integrated Service Level Agreement and Financial Management process.

• Understand the practical aspects of creating a Service Catalogue, create and manage Service Level Agreements, Operational Level Agreements and Underpinning Contracts in order to meet customer expectations. At the same time Financial Management tracks budgets and service costs and if necessary charges to enable cots justifiable business decisions relating to the business requirements.

• Take and pass the exam for the Practitioner's Certificate in Agree and Define.

Prerequisite: ITIL Foundations Certification


*ITIL® Expert Certification: (80 hours lecture)

ITIL® Exerts course focus on best practices guidance that has become a worldwide-adopted framework for IT Service Management by many Public & Private Organizations. Focusing on Functions and Processes under versions 1 and 2 to focusing on the Full Service Lifecycle Management under current version. In addition to the existing benefits of aligning IT goals and objectives with the business, improving quality and reducing cost of operation; ITSM and ITIL® now emphasizes the following areas:

• Assist in transforming IT Service Management onto a strategic business asset• Assist in defining and managing the complete lifecycle of IT Service Management Process• Provide guidance on the development of Services Strategy, the development of Service Design, the Transition

of Services from current to desired state, the Implementation and the Continuous improvement of those Services

This course provides guidance towards the implementation of ITSM in an organization, and the establishment of the different service lifecycle phases, processes, processes, relationships, roles and responsibilities, CSFs, KPI and tools. The purpose of this training and the associated exams is, respectively, to impart, test, and validate the knowledge on industry practices in Service Management as documented in the ITIL® publication. Participants will be prepared to successfully achieve The ITIL® Expert designation through

the completion of the required 20 credits (additional to Foundation). This is accomplished by completing a series of Lifecycle modules, plus Managing Across the Lifecycle program in an intense and accelerated fashion.

Prerequisite: ITIL Foundations Certification


*ITIL® Master Certification: (80 hours lecture)

The ITIL® Master Qualification Certificate is the top level certification of the ITIL scheme. This certification will validate a professional’s capability to apply ITIL’s principles, methods and techniques in the real business world. The ITIL Master builds upon the knowledge gained through the core qualification scheme and validates practical application of the ITIL framework in the work place. Candidates must explain how and why they have chosen to adopt, adapt and implement core ITIL concepts within the workplace across the entire service lifecycle.

Prerequisite: ITIL Expert Certification


Lean Six Sigma Green Belt (36 hours lecture)

In this 4.5 day program you'll master the skills necessary to get certified as a Lean Six Sigma Green Belt and advance your career to the next level. This course places strong emphasis on mastering Lean process improvement methods that are highly desired by today's employers. You will be an expert at reducing costs related to poor quality, while making work processes faster and safer. Following a project-based curriculum you will learn core problem solving, process improvement and team facilitation methods using a "learn by doing" educational philosophy. The hands on approach will increase your ability to use the proven Lean methods in your current career and boost your confidence to pass a Lean Six Sigma Green Belt certification exam.


Lean Six Sigma Black Belt (36 hours lecture)

In this 4.5 day program you'll learn and practice key organizational methods to include Total Quality Management, Theory of Constraints, Statistical Process Control, Benchmarking, Hoshin Kanri, Enterprise Value Stream Mapping and more. Using a project based curriculum that leverages the use of simulations, case studies and student interactions you will enjoy a challenging and effective learning experience. To best prepare you for career advancement students are required to complete homework assignments, give presentations and lead discussions. You will finish this course with confidence to pass a Lean Six Sigma Black Belt certification exam. Prerequisite: Lean Six Sigma Green Belt


Cybersecurity Risk for Executives Boot Camp (24 hours lecture)

Organizations, leaders, managers and information security personnel across every business sector are increasingly concerned about cybersecurity and the business risk associated with a cybersecurity breach. Everyday organizations face an onslaught of attack on their information systems targeting critical information and data. New government laws and regulations place a premium on cybersecurity controls. Customers, shareholders, and investors are demanding effective controls to ensure protection of sensitive information, especially personal and financial data. Organizations struggle to balance effective information protection without breaking the bank. This 3-day course examines cybersecurity as a business imperative through the eyes of the executive leaders and senior managers not the technologist. Simply, cybersecurity is an organizational risk management function. The primary objective of the course is to teach students how to establish a planning process and examine key policy practices that will enable the integration of cybersecurity as a primary component of an organizations’ risk management strategy.


Senior Information Security Officer Professional Development Program (152 hours)

Today, organizations of every kind are faced with a shortage cybersecurity skills personnel to ensure resiliency in the face of a dangerous and agile adversary. As a result, organizations in every sector are desperately seeking qualified workers who have the skills to perform their functional roles. Those enterprises, however, are impeded by education, training, and certifications programs that are knowledge-based only and lack the skills development and measurement required to produce an effective cybersecurity professional. This paradigm has resulted in a global skills deficit across the entire cybersecurity workforce. A methodology change must occur and focus must shift to developing cybersecurity professionals with the skills necessary to perform their jobs. This can only be accomplished by creating programs that focus on the three major elements of job performance—knowledge, skills, and abilities. Successful workforce development efforts start at the top of the organization, ISSOs must have the requisite knowledge, skills and abilities to perform their roles. The Cyber World Institute has created a phased program that occurs over 6 to 12month period to develop the requisite National Initiative for Cybersecurity Education Workforce Framework knowledge, skills, and abilities required ISSOs to perform their functional roles. Additionally, this prepares them to progress in their careers, by certifying them as a Chief Information Security Officer.

Phase One: 5 days

Course Length: 5 days

*Certified Information Security Manager (CISM)

CISM a common body of knowledge for information security management. The CISM focuses on information risk management as the basis of information security. It also includes material on broader issues such as how to govern information security as well as on practical issues such as developing and managing an information security program and managing incidents. The point of view in the certification is that of widely accepted cross-industry best practices, where information security gets its justification from business needs. The implementation includes information security as an autonomous function inside wider corporate governance.

Phase Two: 3 days


Cybersecurity Risk Management Framework for NIST/ISO27001/CoBIT

The course objectives are to create the knowledge, skills, and abilities required for personnel involved in the process of authorizing and maintaining information systems. Specifically, students should be those responsible for formalizing processes used to assess risk and establish security requirements and documentation. Their decisions will ensure that information systems possess security commensurate with the level of exposure to potential risk and damage to assets or individuals. Job functions such as authorization officials, system owners, information owners, certifiers, and senior system managers. Leads to a CoBIT certification.

Phase Three: 3 days


Cybersecurity for Executives: A Practical Guide

Organizations, leaders, managers and information security personnel across every business sector are increasingly concerned about cybersecurity and the business risk associated with a cybersecurity breach. Everyday organizations face an onslaught of attack on their information systems targeting critical information and data. New government laws and regulations place a premium on cybersecurity controls. Customers, shareholders, and investors are demanding effective controls to ensure protection of sensitive information, especially personal and financial data. Organizations struggle to

balance effective information protection without breaking the bank. This course examines cybersecurity as a business imperative through the eyes of the manager/leader not the technologist. Simply, cybersecurity is an organizational risk management function. The primary objective of the course is to teach students how to establish a planning process and examine key policy practices that will enable the integration of cybersecurity as a primary component of an organizations’ risk management strategy.

Phase Four: 5 days


Certified Chief Information Security Officer (C-CISO)

C-CISO Program has certified leading information security professionals around the world. A core group of high-level information security executives, the C-CISO Advisory Board, contributed by forming the foundation of the program and outlining the content that would be covered by the exam, body of knowledge, and training. Some members of the Board contributed as authors, others as exam writers, others as quality assurance checks, and still others as trainers. Each

segment of the program was developed with the aspiring CISO in mind and looks to transfer the knowledge of seasoned professionals to the next generation in the areas that are most critical in the development and maintenance of a successful information security program. This training also includes the EC-Council Information Security Management Certification (EISM), if student experience dictates.

Phase Five (special addition if desired: 3 days


Merit’s ISSO Cyber Risk Management Exercise/Scenario

ISSOs will leverage the materials learned in throughout the program to create an incident response plan (Days 1 & 2) that includes:

1. Tests Cybersecurity Policy Adherence2. Establishes Working Relationships3. Elevates Awareness4. Improves C-Suite Understanding of the Cyber Threat5. Gains Greater Organizational, Stakeholder, & Customer Credibility

During the exercise portion (Day 3), students will we placed in a threat realistic scenario where they will execute their incident response plan against a simulated cyber breach/attack on their organization.

Instructor Lead | (meets 3X) |$12995 (without scenario) $14595 (with scenario)

Advanced Manufacturing

*Advanced Manufacturing Production Specialist: Level 1 (240 hours)

Nearly everything we touch, see, or taste has had a machinist’s hand in bringing products to the market. In this 10 week course, students will become familiar with the manufacturing processes, procedures and equipment used by manufacturers in today’s high tech world. A strong emphasis is placed on Computer Numeric Control (CNC). Participants will learn about safety, maintenance, all manufacturing processes including production, quality and measurement. They will also be introduced to neutral CNC programming language, structure and use of programming terminology, calculating technical data (feeds and speeds), and the organization and flow of simple NC programs.

What to Expect:

• 150 hours of online, instructor led training• 90 hours of self-paced coursework, exercises, and practice tests• 24/7 access to Virtual Private Networking licensing and software for online exercises

Successful class completion prepares you to take MSSC, CPT, and IHK certification exams. During the program, participants will learn:

• Manufacturing Safety• General Maintenance and Procedures• Manufacturing Essentials• CNC Programming, Milling, and Turning• CAD/CAM — CAMWorks and SolidWorks• Blueprint Reading• Best Practices for Inspection, including GD&T


web viewthe certified information systems risk manager training will enable professionals ... and...

Documents