{"title":"Cyber Offense \u0026 Defense","description":null,"products":[{"product_id":"comptia-security-®-training","title":"CompTIA Security+® Training","description":"\u003cdiv\u003e\n\u003cp\u003eLooking to advance your career in information security? Look no further than \u003cstrong\u003eCompTIA Security+\u003c\/strong\u003e Training. This comprehensive course covers everything you need to know to pass the CompTIA Security+ SY0-701 certification exam and become an information system security best practices expert.\u003c\/p\u003e\r\n\u003cp\u003eGain a deep understanding of systems and network security, network infrastructure, access control, assessments and audits, cryptography, and organizational security. You'll also receive a CompTIA Security+ exam voucher and 500 practice questions to help you prepare.\u003c\/p\u003e\r\n\u003cp\u003eWith on-demand, online, and in-person training options, you can choose the delivery method that works best for you. And if you're looking for even more in-depth training, the Premium Blended Training and On-Demand Training Bundles offer annual access to a wealth of additional content and resources. So don't wait any longer to take your career to the next level - enroll in CompTIA Security+ Training today.\u003c\/p\u003e\r\n\u003cp\u003eU.S. DoDM 8140.03\u003cbr\u003eAPPROVED BY DEPARTMENT OF DEFENSE\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch3\u003eCompTIA Security+® Training Benefits\u003c\/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eIn this Security+ course, you will learn how to:\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eConfidently explain and define general security concepts.\u003c\/li\u003e\n\u003cli\u003eNavigate the complexities of secure systems and network design.\u003c\/li\u003e\n\u003cli\u003eExplore threats, vulnerabilities, and mitigation tactics\u003c\/li\u003e\n\u003cli\u003eDocument  security operations and architectures\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity+ Training Prerequisites\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003eBefore taking this course, you should have networking experience or practical networking knowledge. A background in information assurance is recommended.\u003c\/p\u003e\n\u003c\/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity+ Certification Information\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003eU.S. DoDM 8140.03\u003cbr\u003eAPPROVED BY DEPARTMENT OF DEFENSE\u003c\/p\u003e\n\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\u003ch3\u003eCompTIA Security+ Instructor-Led Training Outline\u003c\/h3\u003e\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 1: Introduction to the CompTIA Security+ Exam\u003c\/h4\u003e\n\u003cp\u003eIn this module, you will learn about:\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe five domains of knowledge\u003c\/li\u003e\n\u003cli\u003eExpected level of expertise\u003c\/li\u003e\n\u003cli\u003eAssessing initial readiness\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 2: General Security Concepts\u003c\/h4\u003e\n\u003cp\u003eIn this module, you will learn how to:\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eAchieve the security triad with a variety of enforcement methods\u003c\/li\u003e\n\u003cli\u003eImplement a variety of security controls to reduce risk\u003c\/li\u003e\n\u003cli\u003eMaximize results through the change management process\u003c\/li\u003e\n\u003cli\u003eUse appropriate cryptographic and PKI solutions\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 3: Security Program Management and Oversight\u003c\/h4\u003e\n\u003cp\u003eIn this module, you will learn how to:\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eExplain the importance of policies, plans, and procedures\u003c\/li\u003e\n\u003cli\u003eSummarize regulations, standards, and frameworks to enhance security\u003c\/li\u003e\n\u003cli\u003eExplore risk management for a more robust security posture\u003c\/li\u003e\n\u003cli\u003eCarry out best practices for effective security governance\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 4: Threats, Vulnerabilities, and Mitigations\u003c\/h4\u003e\n\u003cp\u003eIn this module, you will:\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eCompare and contrast types of attacks\u003c\/li\u003e\n\u003cli\u003eExplore threat actor types and vectors\u003c\/li\u003e\n\u003cli\u003eExplain penetration testing and vulnerability scanning concepts\u003c\/li\u003e\n\u003cli\u003eIdentify key attack indicators\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003e\u003c\/b\u003e\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 5: Security Architecture \u003c\/h4\u003e\n\u003cp\u003eIn this module, you will learn how to:\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eDeploy secure application models across an enterprise\u003c\/li\u003e\n\u003cli\u003eDevelop and deploy secure applications with trusted frameworks\u003c\/li\u003e\n\u003cli\u003eDefend embedded systems, cloud assets, and virtualized servers\u003c\/li\u003e\n\u003cli\u003eImplement resilience and recovery in a security architecture\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 6: Security Operations\u003c\/h4\u003e\n\u003cp\u003eIn this module, you will learn how to:\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eInstall and configure network protocols\u003c\/li\u003e\n\u003cli\u003eIdentify effective host and application security solutions\u003c\/li\u003e\n\u003cli\u003eapply common security techniques to computing resources\u003c\/li\u003e\n\u003cli\u003eSecure wireless and mobile communications against breaches\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 7: Preparing for the Examination\u003c\/h4\u003e\n\u003cp\u003eIn this module, you will learn how to:\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003ePrepare for the exam\u003c\/li\u003e\n\u003cli\u003eManage exam time properly\u003c\/li\u003e\n\u003cli\u003eHandle difficult questions\u003c\/li\u003e\n\u003cli\u003eDeal with questions that may have two correct answers\u003c\/li\u003e\n\u003cli\u003eMake use of the exam prep questions\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e","brand":"Learning Tree","offers":[{"title":"266B27US \/ 2026-06-08T09:00:00 \/ Online","offer_id":47534195278043,"sku":"US-446-IL","price":1400.0,"currency_code":"USD","in_stock":true},{"title":"266B29US \/ 2026-06-22T09:00:00 \/ Online","offer_id":47534195376347,"sku":"US-446-IL","price":1400.0,"currency_code":"USD","in_stock":true},{"title":"267A25CN \/ 2026-07-13T09:00:00 \/ Online","offer_id":47534195507419,"sku":"US-446-IL","price":1400.0,"currency_code":"USD","in_stock":true},{"title":"267A26CN \/ 2026-07-20T09:00:00 \/ Toronto","offer_id":47534195540187,"sku":"US-446-IL","price":1400.0,"currency_code":"USD","in_stock":true},{"title":"267B72US \/ 2026-07-06T09:00:00 \/ Austin","offer_id":47534195572955,"sku":"US-446-IL","price":1400.0,"currency_code":"USD","in_stock":true},{"title":"267B73US \/ 2026-07-27T09:00:00 \/ Herndon, VA","offer_id":47534195638491,"sku":"US-446-IL","price":1400.0,"currency_code":"USD","in_stock":true},{"title":"268A28CN \/ 2026-08-24T09:00:00 \/ Ottawa","offer_id":47534195671259,"sku":"US-446-IL","price":1400.0,"currency_code":"USD","in_stock":true},{"title":"268B39US \/ 2026-08-10T09:00:00 \/ New York","offer_id":47534195704027,"sku":"US-446-IL","price":1400.0,"currency_code":"USD","in_stock":true},{"title":"268B40US \/ 2026-08-17T09:00:00 \/ Washington, DC","offer_id":47534195736795,"sku":"US-446-IL","price":1400.0,"currency_code":"USD","in_stock":true},{"title":"268B41US \/ 2026-08-31T09:00:00 \/ Austin","offer_id":47534195802331,"sku":"US-446-IL","price":1400.0,"currency_code":"USD","in_stock":true},{"title":"269A27CN \/ 2026-09-14T09:00:00 \/ Toronto","offer_id":47591597867227,"sku":"US-446-IL","price":1400.0,"currency_code":"USD","in_stock":true},{"title":"269B11US \/ 2026-09-21T09:00:00 \/ Herndon, VA","offer_id":47618951938267,"sku":"US-446-IL","price":1400.0,"currency_code":"USD","in_stock":true},{"title":"26AA23CN \/ 2026-10-19T09:00:00 \/ Ottawa","offer_id":48216550998235,"sku":"US-446-IL","price":1400.0,"currency_code":"USD","in_stock":true},{"title":"26AC05US \/ 2026-10-05T09:00:00 \/ Washington, DC","offer_id":48216551031003,"sku":"US-446-IL","price":1400.0,"currency_code":"USD","in_stock":true},{"title":"26AC06US \/ 2026-10-26T09:00:00 \/ Austin","offer_id":48216551063771,"sku":"US-446-IL","price":1400.0,"currency_code":"USD","in_stock":true},{"title":"26AC07US \/ 2026-10-26T09:00:00 \/ Aurora, CO","offer_id":48216551096539,"sku":"US-446-IL","price":1400.0,"currency_code":"USD","in_stock":true},{"title":"26BA43CN \/ 2026-11-02T09:00:00 \/ Toronto","offer_id":48216551162075,"sku":"US-446-IL","price":1400.0,"currency_code":"USD","in_stock":true},{"title":"26BC64US \/ 2026-11-16T09:00:00 \/ Herndon, VA","offer_id":48216551194843,"sku":"US-446-IL","price":1400.0,"currency_code":"USD","in_stock":true},{"title":"26BC65US \/ 2026-11-30T09:00:00 \/ San Francisco","offer_id":48216551227611,"sku":"US-446-IL","price":1400.0,"currency_code":"USD","in_stock":true},{"title":"26CB73US \/ 2026-12-07T09:00:00 \/ New York","offer_id":48216551522523,"sku":"US-446-IL","price":1400.0,"currency_code":"USD","in_stock":true},{"title":"271A45CN \/ 2027-01-25T09:00:00 \/ Ottawa","offer_id":48216551555291,"sku":"US-446-IL","price":1400.0,"currency_code":"USD","in_stock":true},{"title":"271C52US \/ 2027-01-04T09:00:00 \/ Washington, DC","offer_id":48216551588059,"sku":"US-446-IL","price":1400.0,"currency_code":"USD","in_stock":true},{"title":"271C53US \/ 2027-01-11T09:00:00 \/ Austin","offer_id":48216551620827,"sku":"US-446-IL","price":1400.0,"currency_code":"USD","in_stock":true},{"title":"272A28CN \/ 2027-02-01T09:00:00 \/ Toronto","offer_id":48216551653595,"sku":"US-446-IL","price":1400.0,"currency_code":"USD","in_stock":true},{"title":"272B74US \/ 2027-02-08T09:00:00 \/ Herndon, VA","offer_id":48230038765787,"sku":"US-446-IL","price":1400.0,"currency_code":"USD","in_stock":true},{"title":"273B94US \/ 2027-03-01T09:00:00 \/ New York","offer_id":48309394178267,"sku":"US-446-IL","price":1400.0,"currency_code":"USD","in_stock":true},{"title":"273B95US \/ 2027-03-15T09:00:00 \/ Washington, DC","offer_id":48363059413211,"sku":"US-446-IL","price":1400.0,"currency_code":"USD","in_stock":true},{"title":"274A35CN \/ 2027-04-05T09:00:00 \/ Ottawa","offer_id":48556119654619,"sku":"US-446-IL","price":1400.0,"currency_code":"USD","in_stock":true},{"title":"274C03US \/ 2027-04-12T09:00:00 \/ Austin","offer_id":48586419142875,"sku":"US-446-IL","price":1400.0,"currency_code":"USD","in_stock":true},{"title":"274C04US \/ 2027-04-26T09:00:00 \/ Aurora, CO","offer_id":48669325951195,"sku":"US-446-IL","price":1400.0,"currency_code":"USD","in_stock":true},{"title":"275A35CN \/ 2027-05-03T09:00:00 \/ Toronto","offer_id":48736204521691,"sku":"US-446-IL","price":1400.0,"currency_code":"USD","in_stock":true},{"title":"275C45US \/ 2027-05-10T09:00:00 \/ Herndon, VA","offer_id":48758116679899,"sku":"US-446-IL","price":1400.0,"currency_code":"USD","in_stock":true},{"title":"275C46US \/ 2027-05-17T09:00:00 \/ New York","offer_id":48778587963611,"sku":"US-446-IL","price":1400.0,"currency_code":"USD","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0691\/4143\/0491\/files\/Security.png?v=1709762040"},{"product_id":"cissp®-training-and-certification-prep-course-1","title":"CISSP® Training and Certification Prep Course","description":"\u003cdiv\u003e\n\u003cp\u003e\u003cspan\u003eThe \u003cstrong\u003eCISSP Training and Certification\u003c\/strong\u003e Prep Course is a comprehensive training course aimed at preparing individuals for the CISSP Certified Information Systems Security Professional exam. The course covers various aspects of information security, including security measures, data security, and system security. The curriculum also includes a focus on security architecture, application security, and cryptographic keys. Participants will learn about the ISC2 code of ethics and the CIA triad, as well as the trusted platform module (TPM) 2.0.\u003cbr\u003e\u003c\/span\u003e\u003c\/p\u003e\r\n\u003cp\u003e\u003cspan\u003eIndividuals who complete the course will gain a solid understanding of the skills and knowledge required to pass the CISSP exam, which is administered by Pearson VUE. To become CISSP certified, candidates must have a minimum of five years of work experience in the field of information security.\u003cbr\u003e\u003c\/span\u003e\u003c\/p\u003e\r\n\u003cp\u003e\u003cspan\u003eThe course also covers the latest developments in information security, including the requirements for operating systems and the impact of data breaches on sensitive information. Participants will learn about social engineering and the importance of a comprehensive information security program.\u003cbr\u003e\u003c\/span\u003e\u003c\/p\u003e\r\n\u003cp\u003e\u003cspan\u003eThe CISSP Training and Certification Prep Course provides the essential knowledge and skills required to become a CISSP-certified professional, with a focus on protecting the confidentiality, integrity, and availability of information.\u003cbr\u003e\u003c\/span\u003e\u003c\/p\u003e\r\n\u003cp\u003eU.S. DoDM 8140.03 APPROVED BY DEPARTMENT OF DEFENSE\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch3\u003eCISSP® Training and Certification Prep Course Benefits\u003c\/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eIn this CISSP Certification prep course, you will:\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eManage security and risk.\u003c\/li\u003e\n\u003cli\u003ePractice securing assets.\u003c\/li\u003e\n\u003cli\u003eDesign security framework.\u003c\/li\u003e\n\u003cli\u003eSecure communication and networks.\u003c\/li\u003e\n\u003cli\u003eSecurely develop software.\u003c\/li\u003e\n\u003cli\u003eLearn from official ISC2 real-world instructors using ISC2 course materials with a preferred official partner.\u003c\/li\u003e\n\u003cli\u003eGet practical insights into the 8 domains of the CISSP CBK (Common Body of Knowledge).\u003c\/li\u003e\n\u003cli\u003eCreate a test study strategy by assessing strengths and weaknesses.\u003c\/li\u003e\n\u003cli\u003eAccess to ISC2 Official flashcards for use in exam prep.\u003c\/li\u003e\n\u003cli\u003eReceive a voucher for the CISSP certification exam included with the course tuition.\u003c\/li\u003e\n\u003cli\u003eContinue learning and face new challenges with after-course one-on-one instructor coaching.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eCISSP Certification Prep Training Prerequisites\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003eTo succeed in this course and pass the exam, you should meet the \u003ca href=\"https:\/\/www.isc2.org\/cissp\/default.aspx\" title=\"CISSP Exam Requirements | ISC2 Home\" rel=\"nofollow noopener\" target=\"_blank\"\u003especific requirements established by ISC2\u003c\/a\u003e.\u003c\/p\u003e\n\u003cp\u003eIf you do not have the required experience, you should consider taking the \u003ca href=\"https:\/\/www.isc2.org\/how-to-become-an-associate.aspx\" title=\"Associate of ISC2 | ISC2 Home\" rel=\"nofollow noopener\" target=\"_blank\"\u003eAssociate of ISC2 exam\u003c\/a\u003e first.\u003c\/p\u003e\n\u003c\/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eCISSP Certification Exam Information\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003eIn addition to the domain weighting changes, the time limit for the computerized adaptive testing (CAT) exam will be a maximum of three hours beginning April 15, 2024. Candidates taking the CAT version of the exam (currently only available in English) will see a minimum of 100 and a maximum of 150 items. \u003c\/p\u003e\n\u003cp\u003eAttendees can self-submit our courses for the following \u003ca href=\"https:\/\/www.isc2.org\/CPE-Portal-Questions\" title=\"CPE Portal Questions | (ISC)² Home\" rel=\"nofollow noopener\" target=\"_blank\"\u003eCPE credit\u003c\/a\u003e:\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eGroup A credits for attending any of our cybersecurity courses, and\u003c\/li\u003e\n\u003cli\u003eGroup B General Education credits for attending any other Learning Tree course they attend.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\u003ch3\u003eCISSP Training Outline\u003c\/h3\u003e\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 1: Security and Risk Management\u003c\/h4\u003e\n\u003cp\u003eIn this module, you will learn how to:\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eUnderstand, adhere to, and promote professional ethics\u003c\/li\u003e\n\u003cli\u003eUnderstand and apply security concepts\u003c\/li\u003e\n\u003cli\u003eEvaluate and apply security governance principles\u003c\/li\u003e\n\u003cli\u003eDetermine compliance and other requirements\u003c\/li\u003e\n\u003cli\u003eUnderstand legal and regulatory issues that pertain to information security in a holistic context\u003c\/li\u003e\n\u003cli\u003eUnderstand requirements for investigation types (i.e., administrative, criminal, civil, regulatory, industry standards)\u003c\/li\u003e\n\u003cli\u003eDevelop, document, and implement security policy, standards, procedures, and guidelines\u003c\/li\u003e\n\u003cli\u003eIdentify, analyze, and prioritize Business Continuity (\u003cabbr title=\"Business Continuity\"\u003eBC\u003c\/abbr\u003e) requirements\u003c\/li\u003e\n\u003cli\u003eContribute to and enforce personnel security policies and procedures\u003c\/li\u003e\n\u003cli\u003eUnderstand and apply risk management concepts\u003c\/li\u003e\n\u003cli\u003eUnderstand and apply threat modeling concepts and methodologies\u003c\/li\u003e\n\u003cli\u003eApply Supply Chain Risk Management (\u003cabbr title=\"Supply Chain Risk Management\"\u003eSCRM\u003c\/abbr\u003e) concepts\u003c\/li\u003e\n\u003cli\u003eEstablish and maintain a security awareness, education, and training program\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 2: Asset Security\u003c\/h4\u003e\n\u003cp\u003eIn this module, you will learn how to:\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eIdentify and classify information and assets\u003c\/li\u003e\n\u003cli\u003eEstablish information and asset handling requirements\u003c\/li\u003e\n\u003cli\u003eProvision resources securely\u003c\/li\u003e\n\u003cli\u003eManage data lifecycle\u003c\/li\u003e\n\u003cli\u003eEnsure appropriate asset retention (e.g., End-of-Life (\u003cabbr title=\"End-of-Life\"\u003eEOL\u003c\/abbr\u003e), End-of-Support (\u003cabbr title=\"End-of-Support\"\u003eEOS\u003c\/abbr\u003e))\u003c\/li\u003e\n\u003cli\u003eDetermine data security controls and compliance requirements\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 3: Security Architecture and Engineering\u003c\/h4\u003e\n\u003cp\u003eIn this module, you will learn how to:\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eResearch, implement and manage engineering processes using secure design principles\u003c\/li\u003e\n\u003cli\u003eUnderstand the fundamental concepts of security models (e.g., Biba, Star Model, Bell-LaPadula)\u003c\/li\u003e\n\u003cli\u003eSelect controls based upon systems security requirements\u003c\/li\u003e\n\u003cli\u003eUnderstand security capabilities of Information Systems (\u003cabbr title=\"Information Systems\"\u003eIS\u003c\/abbr\u003e) (e.g., memory protection, Trusted Platform Module (\u003cabbr title=\"Trusted Platform Module\"\u003eTPM\u003c\/abbr\u003e), encryption\/decryption)\u003c\/li\u003e\n\u003cli\u003eAssess and mitigate the vulnerabilities of security architectures, designs, and solution elements\u003c\/li\u003e\n\u003cli\u003eSelect and determine cryptographic solutions\u003c\/li\u003e\n\u003cli\u003eUnderstand methods of cryptanalytic attacks\u003c\/li\u003e\n\u003cli\u003eApply security principles to site and facility design\u003c\/li\u003e\n\u003cli\u003eDesign site and facility security controls\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 4: Communication and Network Security\u003c\/h4\u003e\n\u003cp\u003eIn this module, you will learn how to:\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eAssess and implement secure design principles in network architectures\u003c\/li\u003e\n\u003cli\u003eSecure network components\u003c\/li\u003e\n\u003cli\u003eImplement secure communication channels according to design\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 5: Identity and Access Management (IAM)\u003c\/h4\u003e\n\u003cp\u003eIn this module, you will learn how to:\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eControl physical and logical access to assets\u003c\/li\u003e\n\u003cli\u003eManage identification and authentication of people, devices, and services\u003c\/li\u003e\n\u003cli\u003eFederated identity with a third-party service\u003c\/li\u003e\n\u003cli\u003eImplement and manage authorization mechanisms\u003c\/li\u003e\n\u003cli\u003eManage the identity and access provisioning lifecycle\u003c\/li\u003e\n\u003cli\u003eImplement authentication systems\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 6: Security Assessment and Testing\u003c\/h4\u003e\n\u003cp\u003eIn this module, you will learn how to:\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eDesign and validate assessment, test, and audit strategies\u003c\/li\u003e\n\u003cli\u003eConduct security control testing\u003c\/li\u003e\n\u003cli\u003eCollect security process data (e.g., technical and administrative)\u003c\/li\u003e\n\u003cli\u003eAnalyze test output and generate a report\u003c\/li\u003e\n\u003cli\u003eConduct or facilitate security audits\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 7: Security Operations\u003c\/h4\u003e\n\u003cp\u003eIn this module, you will learn how to:\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eUnderstand and comply with investigations\u003c\/li\u003e\n\u003cli\u003eConduct logging and monitoring activities\u003c\/li\u003e\n\u003cli\u003ePerform Configuration Management (\u003cabbr title=\"Configuration Managemen\"\u003eCM\u003c\/abbr\u003e) (e.g., provisioning, baselining, automation)\u003c\/li\u003e\n\u003cli\u003eApply foundational security operations concepts\u003c\/li\u003e\n\u003cli\u003eApply resource protection\u003c\/li\u003e\n\u003cli\u003eConduct incident management\u003c\/li\u003e\n\u003cli\u003eOperate and maintain detective and preventative measures\u003c\/li\u003e\n\u003cli\u003eImplement and support patch and vulnerability management\u003c\/li\u003e\n\u003cli\u003eUnderstand and participate in change management processes\u003c\/li\u003e\n\u003cli\u003eImplement recovery strategies\u003c\/li\u003e\n\u003cli\u003eImplement Disaster Recovery (\u003cabbr title=\"Disaster Recovery\"\u003eDR\u003c\/abbr\u003e) processes\u003c\/li\u003e\n\u003cli\u003eTest Disaster Recovery Plans (\u003cabbr title=\"Disaster Recovery Plans\"\u003eDRP\u003c\/abbr\u003e)\u003c\/li\u003e\n\u003cli\u003eParticipate in Business Continuity (BC) planning and exercises\u003c\/li\u003e\n\u003cli\u003eImplement and manage physical security\u003c\/li\u003e\n\u003cli\u003eAddress personnel safety and security concerns\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 8: Software Development Security\u003c\/h4\u003e\n\u003cp\u003eIn this module, you will learn how to:\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eUnderstand and integrate security in the Software Development Life Cycle (\u003cabbr title=\"Software Development Life Cycle\"\u003eSDLC\u003c\/abbr\u003e)\u003c\/li\u003e\n\u003cli\u003eIdentify and apply security controls in software development ecosystems\u003c\/li\u003e\n\u003cli\u003eAssess the effectiveness of software security\u003c\/li\u003e\n\u003cli\u003eAssess security impact of acquired software\u003c\/li\u003e\n\u003cli\u003eDefine and apply secure code\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e","brand":"Learning Tree","offers":[{"title":"266A15CN \/ 2026-06-22T09:00:00 \/ Online","offer_id":47534193639643,"sku":"US-2058-IL","price":2986.0,"currency_code":"USD","in_stock":true},{"title":"266B06US \/ 2026-06-08T09:00:00 \/ Online","offer_id":47534193803483,"sku":"US-2058-IL","price":2986.0,"currency_code":"USD","in_stock":true},{"title":"267B29US \/ 2026-07-06T09:00:00 \/ Online","offer_id":47534193869019,"sku":"US-2058-IL","price":2986.0,"currency_code":"USD","in_stock":true},{"title":"267B30US \/ 2026-07-13T09:00:00 \/ Herndon, VA","offer_id":47534193901787,"sku":"US-2058-IL","price":2986.0,"currency_code":"USD","in_stock":true},{"title":"267B31US \/ 2026-07-20T09:00:00 \/ Online","offer_id":47534193967323,"sku":"US-2058-IL","price":2986.0,"currency_code":"USD","in_stock":true},{"title":"268A22CN \/ 2026-08-17T09:00:00 \/ Ottawa","offer_id":47534194000091,"sku":"US-2058-IL","price":2986.0,"currency_code":"USD","in_stock":true},{"title":"268A23CN \/ 2026-08-31T09:00:00 \/ Toronto","offer_id":47534194098395,"sku":"US-2058-IL","price":2986.0,"currency_code":"USD","in_stock":true},{"title":"268A95US \/ 2026-08-10T09:00:00 \/ New York","offer_id":47534194131163,"sku":"US-2058-IL","price":2986.0,"currency_code":"USD","in_stock":true},{"title":"268A96US \/ 2026-08-24T09:00:00 \/ Washington, DC","offer_id":47534194163931,"sku":"US-2058-IL","price":2986.0,"currency_code":"USD","in_stock":true},{"title":"268A97US \/ 2026-08-31T09:00:00 \/ Herndon, VA","offer_id":47534194196699,"sku":"US-2058-IL","price":2986.0,"currency_code":"USD","in_stock":true},{"title":"269A89US \/ 2026-09-14T09:00:00 \/ Austin","offer_id":47591597834459,"sku":"US-2058-IL","price":2986.0,"currency_code":"USD","in_stock":true},{"title":"269A90US \/ 2026-09-21T09:00:00 \/ New York","offer_id":47618951872731,"sku":"US-2058-IL","price":2986.0,"currency_code":"USD","in_stock":true},{"title":"26AA19CN \/ 2026-10-05T09:00:00 \/ Ottawa","offer_id":48216550047963,"sku":"US-2058-IL","price":2986.0,"currency_code":"USD","in_stock":true},{"title":"26AB95US \/ 2026-10-19T09:00:00 \/ Herndon, VA","offer_id":48216550080731,"sku":"US-2058-IL","price":2986.0,"currency_code":"USD","in_stock":true},{"title":"26AB96US \/ 2026-10-26T09:00:00 \/ Washington, DC","offer_id":48216550113499,"sku":"US-2058-IL","price":2986.0,"currency_code":"USD","in_stock":true},{"title":"26BA37CN \/ 2026-11-02T09:00:00 \/ Toronto","offer_id":48216550146267,"sku":"US-2058-IL","price":2986.0,"currency_code":"USD","in_stock":true},{"title":"26BC58US \/ 2026-11-16T09:00:00 \/ Austin","offer_id":48216550179035,"sku":"US-2058-IL","price":2986.0,"currency_code":"USD","in_stock":true},{"title":"26BC59US \/ 2026-11-30T09:00:00 \/ New York","offer_id":48216550211803,"sku":"US-2058-IL","price":2986.0,"currency_code":"USD","in_stock":true},{"title":"26BC60US \/ 2026-11-30T09:00:00 \/ Bellevue, WA","offer_id":48216550244571,"sku":"US-2058-IL","price":2986.0,"currency_code":"USD","in_stock":true},{"title":"26CA28CN \/ 2026-12-07T09:00:00 \/ Ottawa","offer_id":48216550277339,"sku":"US-2058-IL","price":2986.0,"currency_code":"USD","in_stock":true},{"title":"26CB70US \/ 2026-12-14T09:00:00 \/ Aurora, CO","offer_id":48216550310107,"sku":"US-2058-IL","price":2986.0,"currency_code":"USD","in_stock":true},{"title":"271A36CN \/ 2027-01-25T09:00:00 \/ Toronto","offer_id":48216550342875,"sku":"US-2058-IL","price":2986.0,"currency_code":"USD","in_stock":true},{"title":"271C38US \/ 2027-01-04T09:00:00 \/ Herndon, VA","offer_id":48216550375643,"sku":"US-2058-IL","price":2986.0,"currency_code":"USD","in_stock":true},{"title":"271C39US \/ 2027-01-11T09:00:00 \/ Washington, DC","offer_id":48216550408411,"sku":"US-2058-IL","price":2986.0,"currency_code":"USD","in_stock":true},{"title":"272B70US \/ 2027-02-08T09:00:00 \/ Austin","offer_id":48230038667483,"sku":"US-2058-IL","price":2986.0,"currency_code":"USD","in_stock":true},{"title":"273B90US \/ 2027-03-01T09:00:00 \/ New York","offer_id":48309394112731,"sku":"US-2058-IL","price":2986.0,"currency_code":"USD","in_stock":true},{"title":"273A32CN \/ 2027-03-15T09:00:00 \/ Ottawa","offer_id":48363059380443,"sku":"US-2058-IL","price":2986.0,"currency_code":"USD","in_stock":true},{"title":"274B89US \/ 2027-04-05T09:00:00 \/ Herndon, VA","offer_id":48556119851227,"sku":"US-2058-IL","price":2986.0,"currency_code":"USD","in_stock":true},{"title":"274B90US \/ 2027-04-12T09:00:00 \/ Washington, DC","offer_id":48586414915803,"sku":"US-2058-IL","price":2986.0,"currency_code":"USD","in_stock":true},{"title":"274A31CN \/ 2027-04-19T09:00:00 \/ Toronto","offer_id":48612307009755,"sku":"US-2058-IL","price":2986.0,"currency_code":"USD","in_stock":true},{"title":"275C38US \/ 2027-05-03T09:00:00 \/ Austin","offer_id":48736203833563,"sku":"US-2058-IL","price":2986.0,"currency_code":"USD","in_stock":true},{"title":"275C39US \/ 2027-05-10T09:00:00 \/ New York","offer_id":48758109667547,"sku":"US-2058-IL","price":2986.0,"currency_code":"USD","in_stock":true},{"title":"275C40US \/ 2027-05-17T09:00:00 \/ San Francisco","offer_id":48778587635931,"sku":"US-2058-IL","price":2986.0,"currency_code":"USD","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0691\/4143\/0491\/files\/CISSP.jpg?v=1709761998"},{"product_id":"ec-council-certified-incident-handler-ecih-training-ecih-v2","title":"EC-Council Certified Incident Handler (ECIH) Training ECIH v3","description":"\u003cdiv\u003e\n\u003cp\u003eThe EC-Council Certified Incident Handler (ECIH) program is designed to provide the fundamental skills to handle and respond to computer security incidents in an information system while preparing you to pass the ECIH exam.\u003c\/p\u003e\r\n\u003cp\u003eThe course provides incident response training by addressing various underlying principles and techniques for detecting and responding to current and emerging computer security threats.\u003c\/p\u003e\r\n\u003cp\u003eAfter attending the course, you will be able to create incident handling and response policies and deal with various types of computer security incidents.\u003c\/p\u003e\r\n\u003cul\u003e\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch3\u003eEC-Council Certified Incident Handler (ECIH) Training ECIH v3 Benefits\u003c\/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eIn this course, you will:\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003ePrepare for the EC-Council Certified Incident Handler (ECIH) exam\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003ePrerequisites\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003e1 year of information security experience\u003c\/li\u003e\n\u003cli\u003eAttendees must be at least 18 years of age\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eCertification Information\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eYou can request your exam voucher from Learning Tree at any time after you complete the course.\u003c\/li\u003e\n\u003cli\u003eThis is an EC-Council certification prep course. \u003cspan rel=\"follow noopener\" target=\"_blank\" title=\"EC-Council Certification Training Courses | Learning Tree\"\u003eClick here to view more EC-Council certification prep training.\u003c\/span\u003e\n\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\u003ch3\u003eECIH v3 Certification Course Outline\u003c\/h3\u003e\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 1: Introduction to Incident Handling and Response\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003eUnderstand Information Security Threats and Attack Vectors\u003c\/li\u003e\n\u003cli\u003eExplain Various Attack and Defense Frameworks\u003c\/li\u003e\n\u003cli\u003eUnderstand Information Security Concepts\u003c\/li\u003e\n\u003cli\u003eUnderstand Information Security Incidents\u003c\/li\u003e\n\u003cli\u003eUnderstand the Incident Management Process\u003c\/li\u003e\n\u003cli\u003eUnderstand Incident Response Automation and Orchestration\u003c\/li\u003e\n\u003cli\u003eDescribe Various Incident Handling and Response Best Practices\u003c\/li\u003e\n\u003cli\u003eExplain Various Standards Related to Incident Handling and Response\u003c\/li\u003e\n\u003cli\u003eExplain Various Cybersecurity Frameworks\u003c\/li\u003e\n\u003cli\u003eUnderstand Incident Handling Laws and Legal Compliance\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 2: Incident Handling and Response Process\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003eUnderstand Incident Handling and Response (IH\u0026amp;R) Process\u003c\/li\u003e\n\u003cli\u003eInformation Sharing Activities\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 3: First Response\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003eExplain the Concept of First Response\u003c\/li\u003e\n\u003cli\u003eUnderstand the Process of Securing and Documenting the Crime Scene\u003c\/li\u003e\n\u003cli\u003eUnderstand the Process of Collecting Evidence at the Crime Scene\u003c\/li\u003e\n\u003cli\u003eExplain the Process for Preserving, Packaging, and Transporting Evidence\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 4: Handling and Responding to Malware Incidents\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003eUnderstand the Handling of Malware Incidents\u003c\/li\u003e\n\u003cli\u003eExplain Preparation for Handling Malware Incidents\u003c\/li\u003e\n\u003cli\u003eUnderstand Detection of Malware Incidents\u003c\/li\u003e\n\u003cli\u003eExplain Containment of Malware Incidents\u003c\/li\u003e\n\u003cli\u003eDescribe How to Perform Malware Analysis\u003c\/li\u003e\n\u003cli\u003eUnderstand Eradication of Malware Incidents\u003c\/li\u003e\n\u003cli\u003eExplain Recovery after Malware Incidents\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 5: Handling and Responding to Email Security Incidents\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003eUnderstand Email Security Incidents\u003c\/li\u003e\n\u003cli\u003eExplain Preparation Steps for Handling Email Security Incidents\u003c\/li\u003e\n\u003cli\u003eUnderstand Detection and Containment of Email Security Incidents\u003c\/li\u003e\n\u003cli\u003eUnderstand Analysis of Email Security Incidents\u003c\/li\u003e\n\u003cli\u003eExplain Eradication of Email Security Incidents\u003c\/li\u003e\n\u003cli\u003eUnderstand the Process of Recovery after Email Security Incidents\u003c\/li\u003e\n\u003cli\u003eUnderstand the Handling of Email Security Incidents - Case Study\u003c\/li\u003e\n\u003cli\u003eExplain Best Practices against Email Security Incidents\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 6: Handling and Responding to Network Security Incidents\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003eUnderstand the Handling of Network Security Incidents\u003c\/li\u003e\n\u003cli\u003ePrepare to Handle Network Security Incidents\u003c\/li\u003e\n\u003cli\u003eUnderstand Detection and Validation of Network Security Incidents\u003c\/li\u003e\n\u003cli\u003eUnderstand the Handling of Unauthorized Access Incidents\u003c\/li\u003e\n\u003cli\u003eUnderstand the Handling of Inappropriate Usage Incidents\u003c\/li\u003e\n\u003cli\u003eUnderstand the Handling of Denial-of-Service Incidents\u003c\/li\u003e\n\u003cli\u003eUnderstand the Handling of Wireless Network Security Incidents\u003c\/li\u003e\n\u003cli\u003eUnderstand the Handling of Network Security Incidents - Case Study\u003c\/li\u003e\n\u003cli\u003eDescribe Best Practices against Network Security Incidents\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 7: Handling and Responding to Web Application Security Incidents\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003eUnderstand the Handling of Web Application Incidents\u003c\/li\u003e\n\u003cli\u003eExplain Preparation for Handling Web Application Security Incidents\u003c\/li\u003e\n\u003cli\u003eUnderstand Detection and Containment of Web Application Security Incidents\u003c\/li\u003e\n\u003cli\u003eExplain Analysis of Web Application Security Incidents\u003c\/li\u003e\n\u003cli\u003eUnderstand Eradication of Web Application Security Incidents\u003c\/li\u003e\n\u003cli\u003eExplain Recovery after Web Application Security Incidents\u003c\/li\u003e\n\u003cli\u003eUnderstand the Handling of Web Application Security Incidents - Case Study\u003c\/li\u003e\n\u003cli\u003eDescribe Best Practices for Securing Web Applications\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 8: Handling and Responding to Cloud Security Incidents\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003eUnderstand the Handling of Cloud Security Incidents\u003c\/li\u003e\n\u003cli\u003eExplain Various Steps Involved in Handling Cloud Security Incidents\u003c\/li\u003e\n\u003cli\u003eUnderstand How to Handle Azure Security Incidents\u003c\/li\u003e\n\u003cli\u003eUnderstand How to Handle AWS Security Incidents\u003c\/li\u003e\n\u003cli\u003eUnderstand How to Handle Google Cloud Security Incidents\u003c\/li\u003e\n\u003cli\u003eUnderstand the Handling of Cloud Security Incidents - Case Study\u003c\/li\u003e\n\u003cli\u003eExplain Best Practices against Cloud Security Incidents\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 9: Handling and Responding to Insider Threats\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003eUnderstand the Handling of Insider Threats\u003c\/li\u003e\n\u003cli\u003eExplain Preparation Steps for Handling Insider Threats\u003c\/li\u003e\n\u003cli\u003eUnderstand Detection and Containment of Insider Threats\u003c\/li\u003e\n\u003cli\u003eExplain Analysis of Insider Threats\u003c\/li\u003e\n\u003cli\u003eUnderstand Eradication of Insider Threats\u003c\/li\u003e\n\u003cli\u003eUnderstand the Process of Recovery after Insider Attacks\u003c\/li\u003e\n\u003cli\u003eUnderstand the Handling of Insider Threats - Case Study\u003c\/li\u003e\n\u003cli\u003eDescribe Best Practices against Insider Threats\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 10: Handling and Responding to Endpoint Security Incidents\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003eUnderstand the Handling of Endpoint Security Incidents\u003c\/li\u003e\n\u003cli\u003eExplain the Handling of Mobile-based Security Incidents\u003c\/li\u003e\n\u003cli\u003eExplain the Handling of IoT-based Security Incidents\u003c\/li\u003e\n\u003cli\u003eExplain the Handling of OT-based Security Incidents\u003c\/li\u003e\n\u003cli\u003eUnderstand the Handling of Endpoint Security Incidents - Case Study\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e","brand":"Learning Tree","offers":[{"title":"268A64US \/ 2026-08-26T09:00:00 \/ Herndon, VA","offer_id":47534180991195,"sku":"US-2025-IL","price":2305.0,"currency_code":"USD","in_stock":true},{"title":"269A71CN \/ 2026-09-23T09:00:00 \/ Ottawa","offer_id":48216568758491,"sku":"US-2025-IL","price":2305.0,"currency_code":"USD","in_stock":true},{"title":"26BB77US \/ 2026-11-23T09:00:00 \/ Herndon, VA","offer_id":48216568791259,"sku":"US-2025-IL","price":2305.0,"currency_code":"USD","in_stock":true},{"title":"26CA07CN \/ 2026-12-16T09:00:00 \/ Ottawa","offer_id":48216568824027,"sku":"US-2025-IL","price":2305.0,"currency_code":"USD","in_stock":true},{"title":"272B13US \/ 2027-02-24T09:00:00 \/ Herndon, VA","offer_id":48294634782939,"sku":"US-2025-IL","price":2305.0,"currency_code":"USD","in_stock":true},{"title":"273A06CN \/ 2027-03-23T09:00:00 \/ Ottawa","offer_id":48500533493979,"sku":"US-2025-IL","price":2305.0,"currency_code":"USD","in_stock":true},{"title":"275B61US \/ 2027-05-26T09:00:00 \/ Herndon, VA","offer_id":48805407326427,"sku":"US-2025-IL","price":2305.0,"currency_code":"USD","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0691\/4143\/0491\/files\/ECIH.png?v=1709762188"},{"product_id":"comptia-casp-®-training","title":"CompTIA SecurityX® Training","description":"\u003cdiv\u003e\n\u003cp\u003eThis \u003cb\u003eSecurityX\u003c\/b\u003e\u003cb\u003e®\u003c\/b\u003e\u003cb\u003e \u003c\/b\u003e\u003cstrong\u003eTraining\u003c\/strong\u003e course prepares you for the CompTIA \u003cb\u003eSecurityX\u003c\/b\u003e\u003cb\u003e®\u003c\/b\u003e\u003cb\u003e \u003c\/b\u003ecertification exam (CVO-005) and demonstrates your knowledge and skills in enterprise security, risk management, research and analysis, and the integration of computing, communications, and business disciplines. You will learn through a CompTIA-approved \u003cb\u003eSecurityX\u003c\/b\u003e\u003cb\u003e®\u003c\/b\u003e training program and receive after-course instructor coaching and an exam voucher. \u003c\/p\u003e\r\n\u003cp\u003eThe course is available in-person or online, with virtual instructor-led training and virtual classroom options, providing a flexible and convenient learning experience.\u003c\/p\u003e\r\n\u003cp\u003eU.S. DoDM 8140.03 APPROVED BY DEPARTMENT OF DEFENSE\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch3\u003eCompTIA SecurityX® Training Benefits\u003c\/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eIn this course, you will learn how to:\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eArchitect, engineer, integrate, and implement secure solutions across complex environments to support a resilient enterprise.\u003c\/li\u003e\n\u003cli\u003eUse automation, monitoring, detection, and incident response to proactively support ongoing security operations in an enterprise environment.\u003c\/li\u003e\n\u003cli\u003eApply security practices to cloud, on-premises, and hybrid environments.\u003c\/li\u003e\n\u003cli\u003eConsider cryptographic technologies and techniques, as well as the impact of emerging trends (e.g., artificial intelligence) on information security.\u003c\/li\u003e\n\u003cli\u003eUse the appropriate governance, compliance, risk management, and threat-modeling strategies throughout the enterprise.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cul type=\"disc\"\u003e\u003c\/ul\u003e\n\u003c\/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eTraining Prerequisites\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eLearning Tree course 446, CompTIA Security+® Training, or equivalent experience\u003c\/li\u003e\n\u003cli\u003eTen years of IT (Information Technology) administration experience, including at least five years of hands-on technical security experience\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eCertification Information\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eYou must pass the CompTIA SecurityX (formerly Advanced Security Practitioner, CASP+) certification exam to earn this certification. \u003c\/li\u003e\n\u003cli\u003eAn exam voucher is available upon request and included in the tuition fee.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eSecurityX \u003c\/b\u003e\u003cb\u003eExam Overview\u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cstrong\u003eNumber of questions\u003c\/strong\u003e: Maximum of 90\u003c\/li\u003e\n\u003cli\u003e\n\u003cstrong\u003eTypes of questions\u003c\/strong\u003e: Multiple-choice, performance-based\u003c\/li\u003e\n\u003cli\u003e\n\u003cstrong\u003eLength of test\u003c\/strong\u003e: 165 minutes Passing Score Pass\/fail only\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\u003ch3\u003eSecurityX Training Outline\u003c\/h3\u003e\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eLearning Objectives\u003c\/h4\u003e\n\u003cp\u003e\u003cb\u003eModule 1.0 Governance, Risk, and Compliance\u003c\/b\u003e\u003c\/p\u003e\n\u003cp\u003e1.1 Given a set of organizational security requirements, implement the appropriate governance components.           \u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity program documentation\u003c\/li\u003e\n\u003cli\u003eSecurity program management\u003c\/li\u003e\n\u003cli\u003eGovernance frameworks\u003c\/li\u003e\n\u003cli\u003eChange\/configuration management\u003c\/li\u003e\n\u003cli\u003eGovernance risk and compliance (GRC) tools\u003c\/li\u003e\n\u003cli\u003eData governance in staging environments\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e1.2 Given a set of organizational security requirements, perform risk management activities.\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eImpact analysis\u003c\/li\u003e\n\u003cli\u003eThird-party risk management\u003c\/li\u003e\n\u003cli\u003eAvailability risk considerations\u003c\/li\u003e\n\u003cli\u003eConfidentiality risk considerations\u003c\/li\u003e\n\u003cli\u003eIntegrity risk considerations\u003c\/li\u003e\n\u003cli\u003ePrivacy risk considerations\u003c\/li\u003e\n\u003cli\u003eCrisis management\u003c\/li\u003e\n\u003cli\u003eBreach response\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e1.3 Explain how compliance affects information security strategies.\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eAwareness of industry-specific compliance\u003c\/li\u003e\n\u003cli\u003eIndustry standards\u003c\/li\u003e\n\u003cli\u003eSecurity and reporting frameworks\u003c\/li\u003e\n\u003cli\u003eAudits vs. assessments vs. certifications\u003c\/li\u003e\n\u003cli\u003ePrivacy regulations\u003c\/li\u003e\n\u003cli\u003eAwareness of cross-jurisdictional compliance requirements\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e1.4 Given a scenario, perform threat-modeling activities.\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eActor characteristics\u003c\/li\u003e\n\u003cli\u003eAttack patterns\u003c\/li\u003e\n\u003cli\u003eFrameworks\u003c\/li\u003e\n\u003cli\u003eAttack surface determination\u003c\/li\u003e\n\u003cli\u003eModeling applicability of threats to the organization\/environment\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e1.5 Summarize the information security challenges associated with artificial intelligence (AI) adoption.\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eLegal and privacy implications\u003c\/li\u003e\n\u003cli\u003eThreats to the model\u003c\/li\u003e\n\u003cli\u003eAI-enabled attacks\u003c\/li\u003e\n\u003cli\u003eRisks of AI usage\u003c\/li\u003e\n\u003cli\u003eAI-enabled assistants\/digital workers\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003e\u003c\/b\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cb\u003eModule 2.0 Security Architecture\u003c\/b\u003e\u003c\/p\u003e\n\u003cp\u003e2.1 Given a scenario, analyze requirements to design resilient systems.\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eComponent placement and configuration\u003c\/li\u003e\n\u003cli\u003eAvailability and integrity design considerations\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e2.2 Given a scenario, implement security in the early stages of the systems life cycle and throughout subsequent stages.\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity requirements definition\u003c\/li\u003e\n\u003cli\u003eSoftware assurance\u003c\/li\u003e\n\u003cli\u003eContinuous integration\/continuous deployment (CI\/CD)\u003c\/li\u003e\n\u003cli\u003eSupply chain risk management\u003c\/li\u003e\n\u003cli\u003eHardware assurance\u003c\/li\u003e\n\u003cli\u003eEnd-of-life (EOL) considerations\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e2.3 Given a scenario, integrate appropriate controls in the design of a secure architecture.\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eAttack surface management and reduction\u003c\/li\u003e\n\u003cli\u003eDetection and threat-hunting enablers\u003c\/li\u003e\n\u003cli\u003eInformation and data security design\u003c\/li\u003e\n\u003cli\u003eHybrid infrastructures\u003c\/li\u003e\n\u003cli\u003eThird-party integrations\u003c\/li\u003e\n\u003cli\u003eControl effectiveness\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e2.4 Given a scenario, apply security concepts to the design of access, authentication, and authorization systems.\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eProvisioning\/deprovisioning\u003c\/li\u003e\n\u003cli\u003eFederation\u003c\/li\u003e\n\u003cli\u003eSingle sign-on (SSO)\u003c\/li\u003e\n\u003cli\u003eConditional access\u003c\/li\u003e\n\u003cli\u003eIdentity provider\u003c\/li\u003e\n\u003cli\u003eService provider\u003c\/li\u003e\n\u003cli\u003eAttestations\u003c\/li\u003e\n\u003cli\u003ePolicy decision and enforcement points\u003c\/li\u003e\n\u003cli\u003eAccess control models\u003c\/li\u003e\n\u003cli\u003eLogging and auditing\u003c\/li\u003e\n\u003cli\u003ePublic key infrastructure (PKI) architecture\u003c\/li\u003e\n\u003cli\u003eAccess control systems\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e2.5 Given a scenario, securely implement cloud capabilities in an enterprise environment.\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eCloud access security broker (CASB)\u003c\/li\u003e\n\u003cli\u003eShadow IT detection\u003c\/li\u003e\n\u003cli\u003eShared responsibility model\u003c\/li\u003e\n\u003cli\u003eCI\/CD pipeline\u003c\/li\u003e\n\u003cli\u003eTerraform\u003c\/li\u003e\n\u003cli\u003eAnsible\u003c\/li\u003e\n\u003cli\u003ePackage monitoring\u003c\/li\u003e\n\u003cli\u003eContainer security\u003c\/li\u003e\n\u003cli\u003eContainer orchestration\u003c\/li\u003e\n\u003cli\u003eServerless\u003c\/li\u003e\n\u003cli\u003eAPI security\u003c\/li\u003e\n\u003cli\u003eCloud vs. customer-managed\u003c\/li\u003e\n\u003cli\u003eCloud data security considerations\u003c\/li\u003e\n\u003cli\u003eCustomer-to-cloud connectivity\u003c\/li\u003e\n\u003cli\u003eCloud service integration\u003c\/li\u003e\n\u003cli\u003eCloud service adoption\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e2.6 Given a scenario, integrate Zero Trust concepts into system architecture design.\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eContinuous authorization\u003c\/li\u003e\n\u003cli\u003eContext-based reauthentication\u003c\/li\u003e\n\u003cli\u003eNetwork architecture\u003c\/li\u003e\n\u003cli\u003eAPI integration and validation\u003c\/li\u003e\n\u003cli\u003eAsset identification, management, and attestation\u003c\/li\u003e\n\u003cli\u003eSecurity boundaries\u003c\/li\u003e\n\u003cli\u003eDeperimeterization\u003c\/li\u003e\n\u003cli\u003eDefining subject-object relationships\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e \u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eModule 3.0 Security Engineering\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e3.1 Given a scenario, troubleshoot common issues with identity and access management (IAM) components in an enterprise environment.\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eSubject access control\u003c\/li\u003e\n\u003cli\u003eBiometrics\u003c\/li\u003e\n\u003cli\u003eSecrets management\u003c\/li\u003e\n\u003cli\u003eAttestation\u003c\/li\u003e\n\u003cli\u003eCloud IAM access and trust policies\u003c\/li\u003e\n\u003cli\u003eLogging and monitoring\u003c\/li\u003e\n\u003cli\u003ePrivilege identity management\u003c\/li\u003e\n\u003cli\u003eAuthentication and authorization - Security Assertions Markup Lang\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e3.2 Given a scenario, analyze requirements to enhance the security of endpoints and servers.\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eApplication control\u003c\/li\u003e\n\u003cli\u003eEndpoint detection response (EDR)\u003c\/li\u003e\n\u003cli\u003eEvent logging and monitoring\u003c\/li\u003e\n\u003cli\u003eEndpoint privilege management\u003c\/li\u003e\n\u003cli\u003eAttack surface monitoring and reduction\u003c\/li\u003e\n\u003cli\u003eHost-based intrusion protection system\/ host-based detection system (HIPS\/ HIDS)\u003c\/li\u003e\n\u003cli\u003eAnti-malware\u003c\/li\u003e\n\u003cli\u003eSELinux\u003c\/li\u003e\n\u003cli\u003eHost-based firewall\u003c\/li\u003e\n\u003cli\u003eBrowser isolation\u003c\/li\u003e\n\u003cli\u003eConfiguration management\u003c\/li\u003e\n\u003cli\u003eMobile device management (MDM) technologies\u003c\/li\u003e\n\u003cli\u003eThreat-actor tactics, techniques, and procedures (TTPs)\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e3.3 Given a scenario, troubleshoot complex network infrastructure security issues.\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eNetwork misconfigurations\u003c\/li\u003e\n\u003cli\u003eIPS\/IDS issues\u003c\/li\u003e\n\u003cli\u003eObservability\u003c\/li\u003e\n\u003cli\u003eDomain Name System (DNS) security\u003c\/li\u003e\n\u003cli\u003eTransport Layer Security (TLS) errors\u003c\/li\u003e\n\u003cli\u003eCipher mismatch • PKI issues\u003c\/li\u003e\n\u003cli\u003eIssues with cryptographic implementations\u003c\/li\u003e\n\u003cli\u003eDoS\/distributed denial of service (DDoS)\u003c\/li\u003e\n\u003cli\u003eResource exhaustion\u003c\/li\u003e\n\u003cli\u003eNetwork access control list (ACL) issues\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e3.4 Given a scenario, implement hardware security technologies and techniques.\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eRoots of trust\u003c\/li\u003e\n\u003cli\u003eVirtual hardware\u003c\/li\u003e\n\u003cli\u003eHost-based encryption\u003c\/li\u003e\n\u003cli\u003eSelf-encrypting drive (SED)\u003c\/li\u003e\n\u003cli\u003eSecure Boot\u003c\/li\u003e\n\u003cli\u003eMeasured boot\u003c\/li\u003e\n\u003cli\u003eSelf-healing hardware\u003c\/li\u003e\n\u003cli\u003eTamper detection and countermeasures\u003c\/li\u003e\n\u003cli\u003eThreat-actor TTPs\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e3.5 Given a set of requirements, secure specialized and legacy systems against threats.\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eOperational technology (OT)\u003c\/li\u003e\n\u003cli\u003eInternet of Things (IoT)\u003c\/li\u003e\n\u003cli\u003eSystem-on-chip (SoC)\u003c\/li\u003e\n\u003cli\u003eEmbedded systems\u003c\/li\u003e\n\u003cli\u003eWireless technologies\/radio frequency (RF)\u003c\/li\u003e\n\u003cli\u003eSecurity and privacy considerations\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e3.6 Given a scenario, use automation to secure the enterprise.\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eScripting\u003c\/li\u003e\n\u003cli\u003eCron\/scheduled tasks\u003c\/li\u003e\n\u003cli\u003eEvent-based triggers\u003c\/li\u003e\n\u003cli\u003eInfrastructure as code (IaC)\u003c\/li\u003e\n\u003cli\u003eConfiguration files\u003c\/li\u003e\n\u003cli\u003eCloud APIs\/software development kits (SDKs)\u003c\/li\u003e\n\u003cli\u003eGenerative AI\u003c\/li\u003e\n\u003cli\u003eContainerization\u003c\/li\u003e\n\u003cli\u003eAutomated patching\u003c\/li\u003e\n\u003cli\u003eAuto-containment\u003c\/li\u003e\n\u003cli\u003eSecurity orchestration, automation, and response (SOAR)\u003c\/li\u003e\n\u003cli\u003eVulnerability scanning and reporting\u003c\/li\u003e\n\u003cli\u003eSecurity Content Automation Protocol (SCAP)\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e3.7 Explain the importance of advanced cryptographic concepts.\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003ePost-quantum cryptography (PQC)\u003c\/li\u003e\n\u003cli\u003eKey stretching and splitting\u003c\/li\u003e\n\u003cli\u003eHomomorphic encryption\u003c\/li\u003e\n\u003cli\u003eForward secrecy\u003c\/li\u003e\n\u003cli\u003eHardware acceleration\u003c\/li\u003e\n\u003cli\u003eEnvelope encryption\u003c\/li\u003e\n\u003cli\u003ePerformance vs. security\u003c\/li\u003e\n\u003cli\u003eSecure multiparty computation\u003c\/li\u003e\n\u003cli\u003eAuthenticated encryption with associated data (AEAD)\u003c\/li\u003e\n\u003cli\u003eMutual authentication\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e3.8 Given a scenario, apply the appropriate cryptographic use case and\/or technique.\u003c\/p\u003e\n\u003cp\u003e\u003cb\u003e\u003c\/b\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cb\u003eModule 4.0 Security Operations\u003c\/b\u003e\u003c\/p\u003e\n\u003cp\u003e4.1 Given a scenario, analyze data to enable monitoring and response activities.\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity information event management (SIEM)\u003c\/li\u003e\n\u003cli\u003eAggregate data analysis\u003c\/li\u003e\n\u003cli\u003eBehavior baselines and analytics\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e4.2 Given a scenario, analyze vulnerabilities and attacks, and recommend solutions to reduce the attack surface.\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eVulnerabilities and attacks\u003c\/li\u003e\n\u003cli\u003eMitigations\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e4.3 Given a scenario, apply threat-hunting and threat intelligence concepts.\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eInternal intelligence sources\u003c\/li\u003e\n\u003cli\u003eExternal intelligence sources\u003c\/li\u003e\n\u003cli\u003eCounterintelligence and operational security\u003c\/li\u003e\n\u003cli\u003eThreat intelligence platforms (TIPs)\u003c\/li\u003e\n\u003cli\u003eIndicator of compromise (IoC) sharing\u003c\/li\u003e\n\u003cli\u003eRule-based languages\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e4.4 Given a scenario, analyze data and artifacts in support of incident response activities.\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eMalware analysis\u003c\/li\u003e\n\u003cli\u003eReverse engineering\u003c\/li\u003e\n\u003cli\u003eVolatile\/non-volatile storage analysis\u003c\/li\u003e\n\u003cli\u003eNetwork analysis\u003c\/li\u003e\n\u003cli\u003eHost analysis\u003c\/li\u003e\n\u003cli\u003eMetadata analysis\u003c\/li\u003e\n\u003cli\u003eData recovery and extraction\u003c\/li\u003e\n\u003cli\u003eThreat response\u003c\/li\u003e\n\u003cli\u003ePreparedness exercises\u003c\/li\u003e\n\u003cli\u003eTimeline reconstruction\u003c\/li\u003e\n\u003cli\u003eRoot cause analysis\u003c\/li\u003e\n\u003cli\u003eCloud workload protection platform (CWPP)\u003c\/li\u003e\n\u003cli\u003eInsider threat\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e \u003c\/p\u003e\n\u003c\/div\u003e","brand":"Learning Tree","offers":[{"title":"267B24US \/ 2026-07-13T09:00:00 \/ New York","offer_id":47534166933723,"sku":"US-2046-IL","price":1990.0,"currency_code":"USD","in_stock":true},{"title":"268A21CN \/ 2026-08-24T09:00:00 \/ Ottawa","offer_id":47534166966491,"sku":"US-2046-IL","price":1990.0,"currency_code":"USD","in_stock":true},{"title":"268A91US \/ 2026-08-10T09:00:00 \/ Bellevue, WA","offer_id":47534166999259,"sku":"US-2046-IL","price":1990.0,"currency_code":"USD","in_stock":true},{"title":"26AB70US \/ 2026-10-05T09:00:00 \/ Austin","offer_id":48216533926107,"sku":"US-2046-IL","price":1990.0,"currency_code":"USD","in_stock":true},{"title":"26AB71US \/ 2026-10-19T09:00:00 \/ Aurora, CO","offer_id":48216533958875,"sku":"US-2046-IL","price":1990.0,"currency_code":"USD","in_stock":true},{"title":"26AB72US \/ 2026-10-26T09:00:00 \/ Herndon, VA","offer_id":48216533991643,"sku":"US-2046-IL","price":1990.0,"currency_code":"USD","in_stock":true},{"title":"26BA35CN \/ 2026-11-16T09:00:00 \/ Toronto","offer_id":48216534024411,"sku":"US-2046-IL","price":1990.0,"currency_code":"USD","in_stock":true},{"title":"26CB54US \/ 2026-12-07T09:00:00 \/ New York","offer_id":48216534057179,"sku":"US-2046-IL","price":1990.0,"currency_code":"USD","in_stock":true},{"title":"271A33CN \/ 2027-01-04T09:00:00 \/ Ottawa","offer_id":48216534089947,"sku":"US-2046-IL","price":1990.0,"currency_code":"USD","in_stock":true},{"title":"272B48US \/ 2027-02-08T09:00:00 \/ San Francisco","offer_id":48230038438107,"sku":"US-2046-IL","price":1990.0,"currency_code":"USD","in_stock":true},{"title":"273B70US \/ 2027-03-01T09:00:00 \/ Austin","offer_id":48309394276571,"sku":"US-2046-IL","price":1990.0,"currency_code":"USD","in_stock":true},{"title":"274B67US \/ 2027-04-05T09:00:00 \/ Herndon, VA","offer_id":48556119818459,"sku":"US-2046-IL","price":1990.0,"currency_code":"USD","in_stock":true},{"title":"274A29CN \/ 2027-04-19T09:00:00 \/ Toronto","offer_id":48612310384859,"sku":"US-2046-IL","price":1990.0,"currency_code":"USD","in_stock":true},{"title":"274B68US \/ 2027-04-26T09:00:00 \/ Aurora, CO","offer_id":48669323231451,"sku":"US-2046-IL","price":1990.0,"currency_code":"USD","in_stock":true},{"title":"275C10US \/ 2027-05-10T09:00:00 \/ New York","offer_id":48758115696859,"sku":"US-2046-IL","price":1990.0,"currency_code":"USD","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0691\/4143\/0491\/files\/CASP.jpg?v=1709762012"},{"product_id":"certified-ethical-hacker-ceh-training","title":"Certified Ethical Hacker (CEH) Training","description":"\u003cdiv\u003e\n\u003cp\u003eIn CEH v13, you'll understand and practice cybersecurity testing and acquire hands-on system hacking skills. This thorough training provides advanced hacking techniques, improving your ability to perform information assurance tasks effectively to build and verify a strong security posture.\u003c\/p\u003e\r\n\u003cp\u003eU.S. DoDM 8140.03 APPROVED BY DEPARTMENT OF DEFENSE\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch3\u003eCertified Ethical Hacker (CEH) Training Benefits\u003c\/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eIn this CEH Certification course, you will:\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eSuccessfully prepare for the Certified Ethical Hacker (CEH v13) Certification Exam.\u003c\/li\u003e\n\u003cli\u003eMaster ethical hacking fundamentals, including its five phases and goals.\u003c\/li\u003e\n\u003cli\u003ePerform reconnaissance by gathering publicly available data on target organizations.\u003c\/li\u003e\n\u003cli\u003eApply network scanning and enumeration to identify targets and vulnerabilities.\u003c\/li\u003e\n\u003cli\u003eDeploy system hacking techniques, like privilege escalation and password cracking.\u003c\/li\u003e\n\u003cli\u003eInvestigate malware threats, analyzing their types and devising pen test payloads.\u003c\/li\u003e\n\u003cli\u003eExecute packet sniffing, session hijacking, and DoS\/DDoS attacks.\u003c\/li\u003e\n\u003cli\u003eExploit web server and application vulnerabilities, including SQL injection.\u003c\/li\u003e\n\u003cli\u003eHack wireless networks and secure mobile platforms like Android and iOS.\u003c\/li\u003e\n\u003cli\u003eNavigate cloud and container technologies, addressing threats and countermeasures.\u003c\/li\u003e\n\u003cli\u003eUnscramble encryption and hashing with cryptographic attacks and analytical tools.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003ePrerequisites\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003eTwo years of security-related experience and a strong practical working knowledge of TCP\/IP is recommended.\u003c\/p\u003e\n\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\u003ch3\u003eCEH Training Outline\u003c\/h3\u003e\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eLearning Objectives\u003c\/h4\u003e\n\u003cp\u003e\u003cb\u003eModule 01 Introduction to Ethical Hacking \u003c\/b\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eLearn the fundamentals and key issues in information security, including the basics of ethical hacking, information security controls, relevant laws, and standard procedures.\u003c\/li\u003e\n\u003cli\u003eUse AI to automate tasks and assist in performing reliable probing and analysis.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eModule 02 Footprinting and Reconnaissance \u003c\/b\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eGain knowledge of how to use effective techniques and tools like WHOIS and Maltego for footprinting and reconnaissance, a critical pre-attack phase of ethical hacking.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eModule 03 Scanning Networks \u003c\/b\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eEnumerate a variety of network scanning techniques and countermeasures using tools like Nmap and Hping3.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eModule 04 Enumeration \u003c\/b\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eEmploy various enumeration techniques, using SMB analysis SNMP and LDAP scraping to identify the necessary countermeasures.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eModule 05 Vulnerability Analysis \u003c\/b\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eLearn how to identify security exposures in a target organization’s network, communication infrastructure, and end systems using CVE, CWE and CCVSS scoring.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eModule 06 System Hacking \u003c\/b\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eDiscover how to deploy various system hacking tactics to discover system and network flaws, password cracking, steganography, and how threat actors cover their tracks.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eModule 07 Malware Threats \u003c\/b\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eIdentify diverse types of malware (Trojan, viruses, worms, etc.), APT and fileless malware and gain knowledge about malware analysis procedures, and effective malware countermeasures.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eModule 08 Sniffing \u003c\/b\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eMaster packet sniffing techniques and their uses in discovering network vulnerabilities, plus employ countermeasures to defend against sniffing attacks.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eModule 09 Social Engineering \u003c\/b\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eLearn social engineering concepts and techniques, including how to identify theft attempts, audit human-level vulnerabilities, and identify social engineering countermeasures.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eModule 10 Denial-of-Service \u003c\/b\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eDiscover a variety of Denial of Service (DoS) and Distributed DoS (DDoS) attack techniques, and the tools used, plus examine proper DoS\/DDoS audit techniques to verify countermeasures.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eModule 11 Session Hijacking \u003c\/b\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eInvestigate the various session-hijacking techniques used to discover session-related authentication, authorization, and cryptographic weaknesses.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eModule 12 Evading IDS, Firewalls, and Honeypots \u003c\/b\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eExamine firewalls, intrusion detection systems (IDS), and honeypot evasion techniques, the tools used, as well as other perimeter weaknesses and their countermeasures.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eModule 13 Hacking Web Servers \u003c\/b\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eInvestigate web server attacks, including a comprehensive attack methodology with tools like Nikto to audit vulnerabilities in web server infrastructures and countermeasures.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eModule 14 Hacking Web Applications \u003c\/b\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eExplore web application attacks, including the OWASP Top 10 for auditing vulnerabilities in web applications and countermeasures.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eModule 15 SQL Injection \u003c\/b\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eGain key knowledge about SQL injection attack techniques, evasion techniques, and SQL injection countermeasures to defend your data.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eModule 16 Hacking Wireless Networks \u003c\/b\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eLearn about several types of encryption, threats, hacking methodologies, hacking tools, security tools, and countermeasures for wireless networks.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eModule 17 Hacking Mobile Platforms \u003c\/b\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eDiscover mobile platform attack vectors, Android and iOS hacking, mobile device management, mobile security guidelines, and security tools.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eModule 18 IoT Hacking \u003c\/b\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eIdentify distinct types of threats to Internet of Things (IoT) and operational technology (OT), including hacking methodologies, tools, and appropriate countermeasures.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eModule 19 Cloud Computing \u003c\/b\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eUnderstand key cloud computing concepts including container technologies and serverless computing, various cloud computing threats, attacks, hacking methodologies, and cloud security techniques and tools.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eModule 20 Cryptography \u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eMaster your knowledge of encryption algorithms, cryptographic tools, Public Key Infrastructure (PKI), email encryption, disk encryption, cryptography attacks, and analytical tools.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e","brand":"Learning Tree","offers":[{"title":"266A13CN \/ 2026-06-22T09:00:00 \/ Online","offer_id":47534197440731,"sku":"US-2031-IL","price":2045.0,"currency_code":"USD","in_stock":true},{"title":"267B07US \/ 2026-07-20T09:00:00 \/ Herndon, VA","offer_id":47534197506267,"sku":"US-2031-IL","price":2045.0,"currency_code":"USD","in_stock":true},{"title":"268A76US \/ 2026-08-17T09:00:00 \/ Austin","offer_id":47534197539035,"sku":"US-2031-IL","price":2045.0,"currency_code":"USD","in_stock":true},{"title":"268A77US \/ 2026-08-31T09:00:00 \/ New York","offer_id":47534197604571,"sku":"US-2031-IL","price":2045.0,"currency_code":"USD","in_stock":true},{"title":"267D39US \/ 2026-07-06T09:00:00 \/ San Francisco","offer_id":48216568955099,"sku":"US-2031-IL","price":2045.0,"currency_code":"USD","in_stock":true},{"title":"26AA05CN \/ 2026-10-05T09:00:00 \/ Toronto","offer_id":48216568987867,"sku":"US-2031-IL","price":2045.0,"currency_code":"USD","in_stock":true},{"title":"26BA11CN \/ 2026-11-16T09:00:00 \/ Ottawa","offer_id":48216569020635,"sku":"US-2031-IL","price":2045.0,"currency_code":"USD","in_stock":true},{"title":"26BC02US \/ 2026-11-30T09:00:00 \/ Aurora, CO","offer_id":48216569053403,"sku":"US-2031-IL","price":2045.0,"currency_code":"USD","in_stock":true},{"title":"26CB37US \/ 2026-12-14T09:00:00 \/ Herndon, VA","offer_id":48216569086171,"sku":"US-2031-IL","price":2045.0,"currency_code":"USD","in_stock":true},{"title":"271B96US \/ 2027-01-04T09:00:00 \/ Bellevue, WA","offer_id":48216569118939,"sku":"US-2031-IL","price":2045.0,"currency_code":"USD","in_stock":true},{"title":"271B97US \/ 2027-01-11T09:00:00 \/ Austin","offer_id":48216569151707,"sku":"US-2031-IL","price":2045.0,"currency_code":"USD","in_stock":true},{"title":"271B98US \/ 2027-01-25T09:00:00 \/ New York","offer_id":48216569184475,"sku":"US-2031-IL","price":2045.0,"currency_code":"USD","in_stock":true},{"title":"273A07CN \/ 2027-03-08T09:00:00 \/ Toronto","offer_id":48329825845467,"sku":"US-2031-IL","price":2045.0,"currency_code":"USD","in_stock":true},{"title":"274A07CN \/ 2027-04-19T09:00:00 \/ Ottawa","offer_id":48612309860571,"sku":"US-2031-IL","price":2045.0,"currency_code":"USD","in_stock":true},{"title":"275B80US \/ 2027-05-10T09:00:00 \/ Aurora, CO","offer_id":48758113337563,"sku":"US-2031-IL","price":2045.0,"currency_code":"USD","in_stock":true},{"title":"275B81US \/ 2027-05-17T09:00:00 \/ Herndon, VA","offer_id":48778587406555,"sku":"US-2031-IL","price":2045.0,"currency_code":"USD","in_stock":true},{"title":"269D50US \/ 2026-09-21T09:00:00 \/ Online","offer_id":48837147230427,"sku":"US-2031-IL","price":2045.0,"currency_code":"USD","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0691\/4143\/0491\/files\/cih_logo_46f6d055-8d97-4fab-80d3-e44907778987.jpg?v=1709761918"},{"product_id":"chfi-certification-computer-hacking-forensic-investigator-training-chfi-v10","title":"CHFI Certification - Computer Hacking Forensic Investigator Training CHFI v11","description":"\u003cdiv\u003e\n\u003cp\u003eThis EC-Council Computer Hacking Forensic Investigator (CHFI) certification course will prepare you to achieve this in-demand certification. Learn a detailed, methodological approach to computer forensics and evidence analysis, including Windows, Dark Web Forensics, Mobile Device and IoT Forensics. This CHFI certification course provides the necessary skills to perform effective digital forensic investigations and covers the primary tools and theories used by cyber forensic experts today.\u003c\/p\u003e\r\n\u003cp\u003eU.S. DoDM 8140.03\u003cbr\u003eAPPROVED BY DEPARTMENT OF DEFENSE\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch3\u003eCHFI Certification - Computer Hacking Forensic Investigator Training CHFI v11 Benefits\u003c\/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eIn this CHFI training course, you will:\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003ePrepare for the CHFI  v11 Exam\u003c\/li\u003e\n\u003cli\u003eUnderstand Cybercrimes and their Investigation Procedures\u003c\/li\u003e\n\u003cli\u003eUnderstand the Role of Various Processes and Technologies in Computer Forensics\u003c\/li\u003e\n\u003cli\u003eIdentify the Roles and Responsibilities of a Forensic Investigator\u003c\/li\u003e\n\u003cli\u003eUnderstand Anti-forensics Techniques\u003c\/li\u003e\n\u003cli\u003eUnderstand Network Forensics\u003c\/li\u003e\n\u003cli\u003eDetect and Investigating Wireless Network Attacks\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003ePrerequisites\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003ePrior completion of the Learning Tree course 2031, Certified Ethical Hacker (CEH) Training, would be an advantage.\u003c\/p\u003e\n\u003c\/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eCertification Information\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003eYou can request your voucher from Learning Tree at any time after you complete the course.\u003c\/p\u003e\n\u003cp\u003eThis is an EC-Council certification prep course. \u003cspan title=\"EC-Council Certification Training Courses | Learning Tree\" rel=\"follow\"\u003e\u003cstrong\u003eClick here to view more EC-Council certification prep training ›\u003c\/strong\u003e\u003c\/span\u003e\u003c\/p\u003e\n\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\u003ch3\u003eComputer Hacking Forensic Investigator (CHFI) Course Outline\u003c\/h3\u003e\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eLearning Objectives\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003eModule 01: Computer Forensics in Today’s World Understand the Fundamentals of Computer Forensics\u003c\/li\u003e\n\u003cli\u003eModule 02: Computer Forensics Investigation Process\u003c\/li\u003e\n\u003cli\u003eModule 03: Understanding Hard Disks and File Systems\u003c\/li\u003e\n\u003cli\u003eModule 04: Data Acquisition and Duplication\u003c\/li\u003e\n\u003cli\u003eModule 05: Defeating Anti-forensics Techniques\u003c\/li\u003e\n\u003cli\u003eModule 06: Windows Forensics\u003c\/li\u003e\n\u003cli\u003eModule 07: Linux and Mac Forensics\u003c\/li\u003e\n\u003cli\u003eModule 08: Network Forensic\u003c\/li\u003e\n\u003cli\u003eModule 09: Malware Forensics\u003c\/li\u003e\n\u003cli\u003eModule 10: Investigating Web Attacks\u003c\/li\u003e\n\u003cli\u003eModule 11: Dark Web Forensics\u003c\/li\u003e\n\u003cli\u003eModule 12: Cloud Forensics\u003c\/li\u003e\n\u003cli\u003eModule 13: Email and Social Media Forensics\u003c\/li\u003e\n\u003cli\u003eModule 14: Mobile Forensics\u003c\/li\u003e\n\u003cli\u003eModule 15: IoT Forensics\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e","brand":"Learning Tree","offers":[{"title":"267A86US \/ 2026-07-27T09:00:00 \/ Online","offer_id":47534180860123,"sku":"US-2023-IL","price":2972.0,"currency_code":"USD","in_stock":true},{"title":"26AB41US \/ 2026-10-26T09:00:00 \/ Herndon, VA","offer_id":48216568365275,"sku":"US-2023-IL","price":2972.0,"currency_code":"USD","in_stock":true},{"title":"26CA06CN \/ 2026-12-07T09:00:00 \/ Ottawa","offer_id":48216568398043,"sku":"US-2023-IL","price":2972.0,"currency_code":"USD","in_stock":true},{"title":"271B59US \/ 2027-01-25T09:00:00 \/ Herndon, VA","offer_id":48216568430811,"sku":"US-2023-IL","price":2972.0,"currency_code":"USD","in_stock":true},{"title":"273A05CN \/ 2027-03-08T09:00:00 \/ Ottawa","offer_id":48329825779931,"sku":"US-2023-IL","price":2972.0,"currency_code":"USD","in_stock":true},{"title":"274B27US \/ 2027-04-26T09:00:00 \/ Herndon, VA","offer_id":48669321461979,"sku":"US-2023-IL","price":2972.0,"currency_code":"USD","in_stock":true},{"title":"269D04US \/ 2026-09-14T09:00:00 \/ Austin","offer_id":48837149130971,"sku":"US-2023-IL","price":2972.0,"currency_code":"USD","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0691\/4143\/0491\/files\/CHFI.jpg?v=1709761965"},{"product_id":"comptia-pentest-®-training","title":"CompTIA PenTest+® Training","description":"\u003cdiv\u003e\n\u003cp\u003eThe \u003cb\u003eCompTIA PenTest+ (PTO-003)\u003c\/b\u003e course is designed for cybersecurity professionals who want to develop and validate their penetration testing and vulnerability assessment skills. It provides a hands-on, performance-based approach to ethical hacking, focusing on real-world attack techniques, tools, and strategies used by security professionals to identify, exploit, and mitigate vulnerabilities in IT systems. This course bridges the gap between security analysts and penetration testers by covering both offensive and defensive cybersecurity tactics.\u003c\/p\u003e\r\n\u003cp\u003eU.S. DoDM 8140.03 APPROVED BY DEPARTMENT OF DEFENSE\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch3\u003eCompTIA PenTest+® Training Benefits\u003c\/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eIn this course, you will learn the following:\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003ePlan, scope, and perform information gathering as part of a penetration test.\u003c\/li\u003e\n\u003cli\u003ePerform attacks that are aligned to and fulfill legal and compliance requirements.\u003c\/li\u003e\n\u003cli\u003ePerform each phase of a penetration test using and modifying appropriate tools and use the appropriate tactics, techniques, and procedures.\u003c\/li\u003e\n\u003cli\u003eAnalyze the results of each phase of a penetration test to develop a written report, effectively communicate findings to stakeholders and provide practical recommendations.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eTraining Prerequisites\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003eWhile prior experience is not mandatory, having a background in cybersecurity and hands-on practice with penetration testing tools will significantly improve comprehension and performance in the course and certification exam.\u003c\/p\u003e\n\u003c\/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eCertification Information\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003eYou must take and pass the CompTIA PenTest+ (PTO-003) certification exam to earn this certification. Exam vouchers are available upon request and included in the tuition fee.\u003c\/p\u003e\n\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\u003ch3\u003eCompTIA PenTest+ Training Outline\u003c\/h3\u003e\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eLearning Objectives\u003c\/h4\u003e\n\u003cp\u003e\u003cb\u003e1.0 Engagement Management \u003c\/b\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cb\u003e1.1 Summarize pre-engagement activities. \u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eScope definition\u003c\/li\u003e\n\u003cli\u003eShared responsibility model\u003c\/li\u003e\n\u003cli\u003eLegal and ethical considerations\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003e1.2 Explain collaboration and communication activities. \u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003ePeer review and  Stakeholder alignment\u003c\/li\u003e\n\u003cli\u003eRoot cause analysis\u003c\/li\u003e\n\u003cli\u003eEscalation path and Secure distribution\u003c\/li\u003e\n\u003cli\u003eArticulation of risk, severity, and impact\u003c\/li\u003e\n\u003cli\u003eGoal reprioritization and  Business impact analysis\u003c\/li\u003e\n\u003cli\u003eClient acceptance\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003e1.3 Compare and contrast testing frameworks and methodologies. \u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eOpen Source Security Testing Methodology Manual (OSSTMM)\u003c\/li\u003e\n\u003cli\u003eCouncil of Registered Ethical Security Testers (CREST)\u003c\/li\u003e\n\u003cli\u003ePenetration Testing Execution Standard (PTES)\u003c\/li\u003e\n\u003cli\u003eMITRE ATT\u0026amp;CK\u003c\/li\u003e\n\u003cli\u003eOpen Worldwide Application Security Project (OWASP) Top 10\u003c\/li\u003e\n\u003cli\u003eOWASP Mobile Application Security Verification Standard (MASVS)\u003c\/li\u003e\n\u003cli\u003ePurdue model\u003c\/li\u003e\n\u003cli\u003eThreat modeling frameworks\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003e1.4 Explain the components of a penetration test report. \u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eFormat alignment\u003c\/li\u003e\n\u003cli\u003eDocumentation specifications\u003c\/li\u003e\n\u003cli\u003eRisk scoring\u003c\/li\u003e\n\u003cli\u003eDefinitions and Report components\u003c\/li\u003e\n\u003cli\u003eTest limitations and assumptions\u003c\/li\u003e\n\u003cli\u003eReporting considerations\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003e1.5 Given a scenario, analyze the findings and recommend the appropriate remediation within a report. \u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eTechnical, Administrative, Operational and Physical controls\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003e2.0  Reconnaissance and Enumeration\u003c\/b\u003e\u003c\/p\u003e\n\u003cp\u003e \u003cb\u003e2.1  Given a scenario, apply information gathering techniques. \u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eActive and passive reconnaissance\u003c\/li\u003e\n\u003cli\u003eOpen-source intelligence (OSINT)\u003c\/li\u003e\n\u003cli\u003eNetwork reconnaissance\u003c\/li\u003e\n\u003cli\u003eProtocol scanning\u003c\/li\u003e\n\u003cli\u003eCertificate transparency logs\u003c\/li\u003e\n\u003cli\u003eInformation disclosure\u003c\/li\u003e\n\u003cli\u003eSearch engine analysis\/ enumeration\u003c\/li\u003e\n\u003cli\u003eNetwork sniffing and Banner grabbing\u003c\/li\u003e\n\u003cli\u003eHypertext Markup Language (HTML) scraping\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003e2.2 Given a scenario, apply enumeration techniques. \u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eOperating system (OS) fingerprinting\u003c\/li\u003e\n\u003cli\u003eService discovery\u003c\/li\u003e\n\u003cli\u003eProtocol enumeration\u003c\/li\u003e\n\u003cli\u003eDNS and Directory enumeration\u003c\/li\u003e\n\u003cli\u003eHost discovery and  Share enumeration\u003c\/li\u003e\n\u003cli\u003eLocal user and Email account enumeration\u003c\/li\u003e\n\u003cli\u003eWireless, Permission and Secrets enumeration\u003c\/li\u003e\n\u003cli\u003eAttack path mapping\u003c\/li\u003e\n\u003cli\u003eWeb application firewall (WAF) enumeration\u003c\/li\u003e\n\u003cli\u003eWeb crawling\u003c\/li\u003e\n\u003cli\u003eManual enumeration\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003e2.3 Given a scenario, modify scripts for reconnaissance and enumeration. \u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eInformation gathering\u003c\/li\u003e\n\u003cli\u003eData manipulation\u003c\/li\u003e\n\u003cli\u003eScripting languages\u003c\/li\u003e\n\u003cli\u003eLogic constructs\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003e2.4 Given a scenario, use the appropriate tools for reconnaissance and enumeration. \u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eWayback Machine\u003c\/li\u003e\n\u003cli\u003eMaltego\u003c\/li\u003e\n\u003cli\u003eRecon-ng\u003c\/li\u003e\n\u003cli\u003eShodan\u003c\/li\u003e\n\u003cli\u003eSpiderFoot\u003c\/li\u003e\n\u003cli\u003eWHOIS\u003c\/li\u003e\n\u003cli\u003enslookup\/dig\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003e3.1 Given a scenario, conduct vulnerability discovery using various techniques. \u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eTypes of scans\u003c\/li\u003e\n\u003cli\u003eIndustrial control systems (ICS) vulnerability assessment\u003c\/li\u003e\n\u003cli\u003eTools\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003e3.2 Given a scenario, analyze output from reconnaissance, scanning, and enumeration phases. \u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eValidate scan, reconnaissance, and enumeration results\u003c\/li\u003e\n\u003cli\u003ePublic exploit selection\u003c\/li\u003e\n\u003cli\u003eUse scripting to validate results\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003e3.3 Explain physical security concepts. \u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eTailgating\u003c\/li\u003e\n\u003cli\u003eSite surveys\u003c\/li\u003e\n\u003cli\u003eUniversal Serial Bus (USB) drops\u003c\/li\u003e\n\u003cli\u003eBadge cloning\u003c\/li\u003e\n\u003cli\u003eLock picking\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003e4.0 Attacks and Exploits \u003c\/b\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cb\u003e4.1 Given a scenario, analyze output to prioritize and prepare attacks. \u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eTarget prioritization\u003c\/li\u003e\n\u003cli\u003eCapability selection\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003e4.2 Given a scenario, perform network attacks using the appropriate tools. \u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eAttack types and Tools\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003e4.3 Given a scenario, perform authentication attacks using the appropriate tools. \u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eAttack types and  Tools\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003e4.4 Given a scenario, perform host-based attacks using the appropriate tools. \u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eAttack types and Tools\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003e4.5 Given a scenario, perform web application attacks using the appropriate tools. \u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eAttack types and Tools\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003e4.6 Given a scenario, perform cloud-based attacks using the appropriate tools. \u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eAttack types and Tools\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003e4.7 Given a scenario, perform wireless attacks using the appropriate tools. \u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eAttack types and Tools\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003e4.8 Given a scenario, perform social engineering attacks using the appropriate tools. \u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eAttack types and Tools\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003e4.9 Explain common attacks against specialized systems. \u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eAttack types and Tools\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003e4.10 Given a scenario, use scripting to automate attacks. \u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eAttack types and Tools\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003e5.0 Post-exploitation and Lateral Movement \u003c\/b\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cb\u003e5.1 Given a scenario, perform tasks to establish and maintain persistence. \u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eScheduled tasks\/cron jobs\u003c\/li\u003e\n\u003cli\u003eService creation\u003c\/li\u003e\n\u003cli\u003eReverse and Bind Shell\u003c\/li\u003e\n\u003cli\u003eAdd new accounts and Obtain valid account credentials\u003c\/li\u003e\n\u003cli\u003eRegistry keys\u003c\/li\u003e\n\u003cli\u003eCommand and control (C2) frameworks\u003c\/li\u003e\n\u003cli\u003eBackdoor and Rootkit\u003c\/li\u003e\n\u003cli\u003eBrowser extensions\u003c\/li\u003e\n\u003cli\u003eTampering security controls\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003e5.2 Given a scenario, perform tasks to move laterally throughout the environment. \u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003ePivoting\u003c\/li\u003e\n\u003cli\u003eRelay creation\u003c\/li\u003e\n\u003cli\u003eEnumeration\u003c\/li\u003e\n\u003cli\u003eService discovery\u003c\/li\u003e\n\u003cli\u003eWindow Management Instrumentation (WMI)\u003c\/li\u003e\n\u003cli\u003eWindow Remote Management (WinRM)\u003c\/li\u003e\n\u003cli\u003eTools\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003e5.3 Summarize concepts related to staging and exfiltration. \u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eFile encryption and compression\u003c\/li\u003e\n\u003cli\u003eCovert channel\u003c\/li\u003e\n\u003cli\u003eEmail\u003c\/li\u003e\n\u003cli\u003eCross-account resources\u003c\/li\u003e\n\u003cli\u003eCloud storage\u003c\/li\u003e\n\u003cli\u003eAlternate data streams\u003c\/li\u003e\n\u003cli\u003eText storage sites\u003c\/li\u003e\n\u003cli\u003eVirtual drive mounting\u003c\/li\u003e\n\u003cli\u003eRemove persistence mechanisms\u003c\/li\u003e\n\u003cli\u003eRevert configuration changes\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003e5.4 Explain cleanup and restoration activities. \u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eRemove tester-created credentials\u003c\/li\u003e\n\u003cli\u003eRemove tools\u003c\/li\u003e\n\u003cli\u003eSpin down infrastructure\u003c\/li\u003e\n\u003cli\u003ePreserve artifacts\u003c\/li\u003e\n\u003cli\u003eSecure data destruction\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e","brand":"Learning Tree","offers":[{"title":"267B27US \/ 2026-07-27T09:00:00 \/ Herndon, VA","offer_id":47534192361691,"sku":"US-2049-IL","price":2085.0,"currency_code":"USD","in_stock":true},{"title":"268A92US \/ 2026-08-24T09:00:00 \/ Austin","offer_id":47534192394459,"sku":"US-2049-IL","price":2085.0,"currency_code":"USD","in_stock":true},{"title":"267D49US \/ 2026-07-13T09:00:00 \/ New York","offer_id":48216572526811,"sku":"US-2049-IL","price":2085.0,"currency_code":"USD","in_stock":true},{"title":"269A83CN \/ 2026-09-14T09:00:00 \/ Ottawa","offer_id":48216572559579,"sku":"US-2049-IL","price":2085.0,"currency_code":"USD","in_stock":true},{"title":"26BC54US \/ 2026-11-30T09:00:00 \/ New York","offer_id":48216572592347,"sku":"US-2049-IL","price":2085.0,"currency_code":"USD","in_stock":true},{"title":"271A35CN \/ 2027-01-25T09:00:00 \/ Ottawa","offer_id":48216572625115,"sku":"US-2049-IL","price":2085.0,"currency_code":"USD","in_stock":true},{"title":"272B69US \/ 2027-02-08T09:00:00 \/ Herndon, VA","offer_id":48230040568027,"sku":"US-2049-IL","price":2085.0,"currency_code":"USD","in_stock":true},{"title":"273B87US \/ 2027-03-15T09:00:00 \/ Austin","offer_id":48363059708123,"sku":"US-2049-IL","price":2085.0,"currency_code":"USD","in_stock":true},{"title":"274B88US \/ 2027-04-26T09:00:00 \/ New York","offer_id":48669323264219,"sku":"US-2049-IL","price":2085.0,"currency_code":"USD","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0691\/4143\/0491\/files\/comptia_pentest.png?v=1709762025"},{"product_id":"identity-and-access-management-training","title":"Building an SSO Federated IAM System","description":"\u003cdiv\u003e\u003cp\u003eThis course will immerse you in a modern Identity and Access Management (IAM) practical Hands-On experience, so you will strengthen your organization’s access to critical resources.  You will implement trust by building a Public Key Infrastructure (PKI) hierarchy and an on-premises Federated Single Sign On (SSO) system with Microsoft Identity Provider (IdP). You will learn the impact of Artificial Intelligence (AI) on IAM systems and on Zero Trust context. You will select appropriate authenticating environments, such as Workload and Workforce identities and Open Authorization (OAuth) to secure API access. You will also build an identity attribute mapping and synchronization system, with a central Share Point management solution. You will discover how Kubernetes implements IAM and federates to external APIs.\u003c\/p\u003e\u003c\/div\u003e\u003cdiv\u003e\n\u003ch3\u003eBuilding an SSO Federated IAM System Benefits\u003c\/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eIn this course, you will:\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eImplement modern Identity and Access Management (IAM) solutions to secure access to data\u003c\/li\u003e\n\u003cli\u003eBuild a robust Public Key Infrastructure (PKI) to manage enterprise trust\u003c\/li\u003e\n\u003cli\u003eSeamlessly implement Federation Identity Management (FIM) with ADFS\u003c\/li\u003e\n\u003cli\u003eExtend Single Sign-On (SSO) with Zero Trust Architecture (ZTA)\u003c\/li\u003e\n\u003cli\u003eEnhance Agentic AI and non-human actor authentication with certificates\u003c\/li\u003e\n\u003cli\u003eMap the entity divide of Workload Identity vs Workforce Identity\u003c\/li\u003e\n\u003cli\u003eManage identities among multiple account stores with MIM 2016\u003c\/li\u003e\n\u003cli\u003eApply a managed identity to Bring Your Own Device (BYOD)\u003c\/li\u003e\n\u003cli\u003eFormulate an IAM policy\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003ePrerequisites\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eFamiliarity with security issues at the level of Course 468, Introduction to Cybersecurity\u003c\/li\u003e\n\u003cli\u003eExperience with Windows operating system\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\u003ch3\u003eIdentity and Access Management Course Outline\u003c\/h3\u003e\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eFundamentals of Identity and Access Management \u003c\/h4\u003e\n\u003cp\u003e\u003cstrong\u003eIdentity and its theft\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eProtecting Access to Data with Quad of IAM\u003c\/li\u003e\n\u003cli\u003eMulti Factor Authentication (MFA) attacks\u003c\/li\u003e\n\u003cli\u003eSecure alternatives to “Death of the Password”\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eSecure Identity Lifecycle Management\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eMigrating to Trusted Platform Module (TPM) hardware\u003c\/li\u003e\n\u003cli\u003e\"Joiner-Mover-Leaver\"(JML) process\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImplementing Single Sign-On (SSO)\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eApplying Kerberos identities in a domain\u003c\/li\u003e\n\u003cli\u003eInteroperating via OIDC and SAML\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eSelecting Identity Trust Models\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eCentralized vs Federated\u003c\/li\u003e\n\u003cli\u003eZero Trust Architecture (ZTA)\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eSurveying the impact of Agentic AI on IAM\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eAI agent as a first-class identity and ephemeral credentials\u003c\/li\u003e\n\u003cli\u003eToken Exchange delegation chain\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eMapping and Synchronizing Identities\u003c\/h4\u003e\n\u003cp\u003e\u003cstrong\u003eDiscovering identity stores\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eExploring identities in Kerberos tickets and AD attributes\u003c\/li\u003e\n\u003cli\u003eIdentifying identities in SQL databases\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDemystifying MIM 2016\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eImporting identities from Connected Data Source CDS into Connector Space CS\u003c\/li\u003e\n\u003cli\u003eSynchronizing identities into Metaverse MV\u003c\/li\u003e\n\u003cli\u003eManaging identities and rules with the SharePoint MIM Portal\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eImplementing Identities in an Enterprise PKI\u003c\/h4\u003e\n\u003cp\u003e\u003cstrong\u003eInside PKI X.509 v3 certificates\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eExpiring identities with certificate lifetimes\u003c\/li\u003e\n\u003cli\u003eVerifying identities with Subject Alternative Name\u003c\/li\u003e\n\u003cli\u003eBinding identities to certificates\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eEstablishing trust via certificates\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eValidating trust with digital signatures\u003c\/li\u003e\n\u003cli\u003eCreating entity trust by importing a root CA\u003c\/li\u003e\n\u003cli\u003eFlowing trust with domain Group Policy Object GPO\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eBuilding an enterprise Subordinate CA\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003ePublishing Certificate Revocation Lists (CRLs)\u003c\/li\u003e\n\u003cli\u003eAccessing directories with LDAP\u003c\/li\u003e\n\u003cli\u003eConfiguring Online Certificate Status Protocol OCSP\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eExpanding Trust with Federated Identity Management\u003c\/h4\u003e\n\u003cp\u003e\u003cstrong\u003eFederating with Microsoft Active Directory Federation Services ADFS\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eAuthenticating with a trusted Identity Provider IdP\u003c\/li\u003e\n\u003cli\u003eControlling access with claims\u003c\/li\u003e\n\u003cli\u003eVerifying SAML tokens with Relaying Party RP\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eCreating claims-aware applications\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eBuilding claims-aware applications with Windows Identity Foundation WIF\u003c\/li\u003e\n\u003cli\u003eAbstracting SAML, WS-Trust and WS-Federation protocols\u003c\/li\u003e\n\u003cli\u003eMigrating to Open ID Connect OIDC and Java Web Tokens JWT\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eTrusting external Identity Providers\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eExtending ADFS externally with Web Application Proxy WAP\u003c\/li\u003e\n\u003cli\u003eMapping external ADFS namespaces with split DNS\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModern Identity Architectures\u003c\/h4\u003e\n\u003cp\u003e\u003cstrong\u003eEvolving Application Authentication\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eCustomer Identity and Access Management (CIAM)\u003c\/li\u003e\n\u003cli\u003eDecentralized authentication with Self-Sovereign Identity (SSI)\u003c\/li\u003e\n\u003cli\u003eZero Trust with Google Cloud Identity Aware Proxy IAP \u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eWorkforce Identity vs Workload Identity\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eExternal long-term keyed authentication vs short-lived OAuthToken\u003c\/li\u003e\n\u003cli\u003eCloud workforce federation with Bring Your Own Identity BYOID\u003c\/li\u003e\n\u003cli\u003eKubernetes IAM mapping tokens with Workload Identity\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eMobile Identity Management with BYOD\u003c\/h4\u003e\n\u003cp\u003e\u003cstrong\u003eEnrolling mobile devices\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eJoining devices with Workplace Join\u003c\/li\u003e\n\u003cli\u003eEnacting Device Registration Services DRS\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003ePlanning a Federated Identity Roadmap\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eAchieving the FICAM IdM vision\u003c\/li\u003e\n\u003cli\u003eCreating organizational identity management policy\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e","brand":"Learning Tree","offers":[{"title":"267B28US \/ 2026-07-07T09:00:00 \/ Herndon, VA","offer_id":47534210154715,"sku":"US-2056-IL","price":1030.0,"currency_code":"USD","in_stock":true},{"title":"269C66US \/ 2026-09-01T09:00:00 \/ Herndon, VA","offer_id":48216585273563,"sku":"US-2056-IL","price":1030.0,"currency_code":"USD","in_stock":true},{"title":"26BC56US \/ 2026-11-03T09:00:00 \/ Herndon, VA","offer_id":48216585306331,"sku":"US-2056-IL","price":1030.0,"currency_code":"USD","in_stock":true},{"title":"271C37US \/ 2027-01-05T09:00:00 \/ Herndon, VA","offer_id":48216585339099,"sku":"US-2056-IL","price":1030.0,"currency_code":"USD","in_stock":true},{"title":"273B89US \/ 2027-03-02T09:00:00 \/ Herndon, VA","offer_id":48310906847451,"sku":"US-2056-IL","price":1030.0,"currency_code":"USD","in_stock":true},{"title":"275C37US \/ 2027-05-04T09:00:00 \/ Herndon, VA","offer_id":48738859581659,"sku":"US-2056-IL","price":1030.0,"currency_code":"USD","in_stock":true}]},{"product_id":"cybersec-first-responder-certification-training","title":"CyberSec First Responder Certification Training","description":"\u003cdiv\u003e\n\u003cp\u003eThis CyberSec First Responder Certification course from CertNexus takes a holistic approach to prepare IT Professionals to analyze threats, secure networks, and utilize critical problem-solving skillsets to protect an organization from threats. Focusing on the key areas of \u003cem\u003edetect, analyze,\u003c\/em\u003e and \u003cem\u003erespond\u003c\/em\u003e, attendees will gain the knowledge and practical skills needed to recover from attacks and thwart potential future threats.\u003c\/p\u003e\r\n\u003cp\u003eU.S. DoDM 8140.03 APPROVED BY DEPARTMENT OF DEFENSE\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch3\u003eCyberSec First Responder Certification Training Benefits\u003c\/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eCyberSec First Responder Certification Training Benefits\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eEffectively identify malicious activities involving computing systems.\u003c\/li\u003e\n\u003cli\u003eAssess information security risks in network environments.\u003c\/li\u003e\n\u003cli\u003eCollect cybersecurity intelligence to prepare for assessments.\u003c\/li\u003e\n\u003cli\u003eDevelop the skills needed to cut the lag time between when a breach occurs and when it is detected.\u003c\/li\u003e\n\u003cli\u003eAssess the risks and vulnerabilities to analyze and determine the scope in an immersive, hands-on environment.\u003c\/li\u003e\n\u003cli\u003eEffectively protect critical information systems before, during, and after an attack.\u003c\/li\u003e\n\u003cli\u003eAnalyze post-attack techniques and apply skills to respond proactively.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eCyberSec First Responder Certification Prerequisites\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e3-5 years of experience working in an IT environment and familiarity with networks, systems, administration, etc.\u003c\/p\u003e\n\u003cp\u003e\u003c\/p\u003e\n\u003c\/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eCyberSec First Responder Certification Exam Information\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003eThis CyberSec First Responder Certification course prepares you for the new CFR-410 exam and is accredited by ANSI, a requirement for DoD 8570.\u003c\/p\u003e\n\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\u003ch3\u003eCyberSec First Responder Training Outline\u003c\/h3\u003e\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eLesson 1: Assessing Information Security Risk\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003eTopic A: Identify the Importance of Risk Management\u003c\/li\u003e\n\u003cli\u003eTopic B: Assess Risk\u003c\/li\u003e\n\u003cli\u003eTopic C: Mitigate Risk\u003c\/li\u003e\n\u003cli\u003eTopic D: Integrate Documentation into Risk Management\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eLesson 2: Analyzing the Threat Landscape\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003eTopic A: Classify Threats and Threat Profiles\u003c\/li\u003e\n\u003cli\u003eTopic B: Perform Ongoing Threat Research\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eLesson 3: Analyzing Reconnaissance Threats to Computing and Network Environments\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003eTopic A: Implement Threat Modeling\u003c\/li\u003e\n\u003cli\u003eTopic B: Assess the Impact of Reconnaissance\u003c\/li\u003e\n\u003cli\u003eTopic C: Assess the Impact of Social Engineering\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eLesson 4: Analyzing Attacks on Computing and Network Environments\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003eTopic A: Assess the Impact of System Hacking Attacks\u003c\/li\u003e\n\u003cli\u003eTopic B: Assess the Impact of Web-Based Attacks\u003c\/li\u003e\n\u003cli\u003eTopic C: Assess the Impact of Malware\u003c\/li\u003e\n\u003cli\u003eTopic D: Assess the Impact of Hijacking and Impersonation Attacks\u003c\/li\u003e\n\u003cli\u003eTopic E: Assess the Impact of DoS Incidents\u003c\/li\u003e\n\u003cli\u003eTopic F: Assess the Impact of Threats to Mobile Security\u003c\/li\u003e\n\u003cli\u003eTopic G: Assess the Impact of Threats to Cloud Security\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eLesson 5: Analyzing Post-Attack Techniques\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003eTopic A: Assess Command and Control Techniques\u003c\/li\u003e\n\u003cli\u003eTopic B: Assess Persistence Techniques\u003c\/li\u003e\n\u003cli\u003eTopic C: Assess Lateral Movement and Pivoting Techniques\u003c\/li\u003e\n\u003cli\u003eTopic D: Assess Data Exfiltration Techniques\u003c\/li\u003e\n\u003cli\u003eTopic E: Assess Anti-Forensics Techniques\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eLesson 6: Managing Vulnerabilities in the Organization\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003eTopic A: Implement a Vulnerability Management Plan\u003c\/li\u003e\n\u003cli\u003eTopic B: Assess Common Vulnerabilities\u003c\/li\u003e\n\u003cli\u003eTopic C: Conduct Vulnerability Scans\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eLesson 7: Implementing Penetration Testing to Evaluate Security\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003eTopic A: Conduct Penetration Tests on Network Assets\u003c\/li\u003e\n\u003cli\u003eTopic B: Follow Up on Penetration Testing\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eLesson 8: Collecting Cybersecurity Intelligence\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003eTopic A: Deploy a Security Intelligence Collection and Analysis Platform\u003c\/li\u003e\n\u003cli\u003eTopic B: Collect Data from Network-Based Intelligence Sources\u003c\/li\u003e\n\u003cli\u003eTopic C: Collect Data from Host-Based Intelligence Sources\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eLesson 9: Analyzing Log Data\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003eTopic A: Use Common Tools to Analyze Logs\u003c\/li\u003e\n\u003cli\u003eTopic B: Use SIEM Tools for Analysis\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eLesson 10: Performing Active Asset and Network Analysis\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003eTopic A: Analyze Incidents with Windows-Based Tools\u003c\/li\u003e\n\u003cli\u003eTopic B: Analyze Incidents with Linux-Based Tools\u003c\/li\u003e\n\u003cli\u003eTopic C: Analyze Malware\u003c\/li\u003e\n\u003cli\u003eTopic D: Analyze Indicators of Compromise\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eLesson 11: Responding to Cybersecurity Incidents\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003eTopic A: Deploy an Incident Handling and Response Architecture\u003c\/li\u003e\n\u003cli\u003eTopic B: Contain and Mitigate Incidents\u003c\/li\u003e\n\u003cli\u003eTopic C: Prepare for Forensic Investigation as a CSIRT\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eLesson 12: Investigating Cybersecurity Incidents\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003eTopic A: Apply a Forensic Investigation Plan\u003c\/li\u003e\n\u003cli\u003eTopic B: Securely Collect and Analyze Electronic Evidence\u003c\/li\u003e\n\u003cli\u003eTopic C: Follow Up on the Results of an Investigation\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003eAppendix A: Mapping Course Content to CyberSec First Responder™ (Exam CFR-410)\u003c\/p\u003e\n\u003cp\u003eAppendix B: Regular Expressions\u003c\/p\u003e\n\u003cp\u003eAppendix C: Security Resources\u003c\/p\u003e\n\u003cp\u003eAppendix D: U.S. Department of Defense Operational Security Practices\u003c\/p\u003e\n\u003c\/div\u003e","brand":"Logical Operations","offers":[{"title":"267B53US \/ 2026-07-20T09:00:00 \/ Herndon, VA","offer_id":47534211596507,"sku":"US-2070-IL","price":1957.0,"currency_code":"USD","in_stock":true},{"title":"268A85CN \/ 2026-08-31T09:00:00 \/ Ottawa","offer_id":48216585830619,"sku":"US-2070-IL","price":1957.0,"currency_code":"USD","in_stock":true},{"title":"26AC15US \/ 2026-10-19T09:00:00 \/ Herndon, VA","offer_id":48216585863387,"sku":"US-2070-IL","price":1957.0,"currency_code":"USD","in_stock":true},{"title":"26BA40CN \/ 2026-11-30T09:00:00 \/ Ottawa","offer_id":48216585896155,"sku":"US-2070-IL","price":1957.0,"currency_code":"USD","in_stock":true},{"title":"271C62US \/ 2027-01-11T09:00:00 \/ Herndon, VA","offer_id":48216585928923,"sku":"US-2070-IL","price":1957.0,"currency_code":"USD","in_stock":true},{"title":"273A33CN \/ 2027-03-01T09:00:00 \/ Ottawa","offer_id":48309394342107,"sku":"US-2070-IL","price":1957.0,"currency_code":"USD","in_stock":true},{"title":"274C13US \/ 2027-04-19T09:00:00 \/ Herndon, VA","offer_id":48612310810843,"sku":"US-2070-IL","price":1957.0,"currency_code":"USD","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0691\/4143\/0491\/files\/cfr_logo.png?v=1709762156"},{"product_id":"ec-council-certified-threat-intelligence-analyst-c-tia-v2","title":"EC-Council Certified Threat Intelligence Analyst (C|TIA) v2","description":"\u003cdiv\u003e\n\u003cp\u003eEC-Council's Certified Threat Intelligence Analyst \u003cabbr title=\"Certified Threat Intelligence Analyst\"\u003e(CTIA) v2\u003c\/abbr\u003e  training course is designed to provide cybersecurity professionals with the knowledge and skills to collect, analyze, and interpret threat intelligence to help organizations make informed, strategic decisions and proactively defend against cyber threats. The course offers a deep dive into the world of cyber threat intelligence, combining theoretical concepts with practical application through hands-on labs and exercises.\u003c\/p\u003e\r\n\u003cp\u003eThe CTIA course is ideal for security analysts, threat intelligence specialists, incident responders, and other cybersecurity professionals looking to enhance their ability to understand and act upon threat intelligence. Upon completion of the course, participants are eligible to sit for the Certified Threat Intelligence Analyst (CTIA) exam, a globally recognized credential that validates their expertise in cyber threat intelligence and analysis.\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch3\u003eEC-Council Certified Threat Intelligence Analyst (C|TIA) v2 Benefits\u003c\/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eIn this course, you will:\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eGain an introduction to Threat Intelligence.\u003c\/li\u003e\n\u003cli\u003eUnderstand how to gather data from various sources, both internal and external.\u003c\/li\u003e\n\u003cli\u003eProcess raw data and apply advanced analytical techniques to extract actionable intelligence.\u003c\/li\u003e\n\u003cli\u003eIdentify and profile threat actors based on their motives, tactics, techniques, and procedures.\u003c\/li\u003e\n\u003cli\u003eLearn how to use threat intelligence to improve an organization's security posture.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003ePrerequisites\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003e3-5 years of experience as a cybersecurity professional\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\u003ch3\u003eCTIA v2 Training Instructor-Led Course\u003c\/h3\u003e\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eLearning Objectives\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003eModule 01: Introduction to Threat Intelligence\u003c\/li\u003e\n\u003cli\u003eModule 02: Cyber Threats and Attack Frameworks\u003c\/li\u003e\n\u003cli\u003eModule 03: Requirements, Planning, Direction, and Review\u003c\/li\u003e\n\u003cli\u003eModule 04: Data Collection and Processing\u003c\/li\u003e\n\u003cli\u003eModule 05: Data Analysis\u003c\/li\u003e\n\u003cli\u003eModule 06: Intelligence Reporting and Dissemination\u003c\/li\u003e\n\u003cli\u003eModule 07: Threat Hunting and Detection\u003c\/li\u003e\n\u003cli\u003eModule 08: Threat Intelligence in SOC Operations, Incident Response, and Risk Management\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e","brand":"Learning Tree","offers":[{"title":"268A75US \/ 2026-08-12T09:00:00 \/ Herndon, VA","offer_id":47534218117339,"sku":"US-2029-IL","price":2516.0,"currency_code":"USD","in_stock":true},{"title":"26BC01US \/ 2026-11-18T09:00:00 \/ Herndon, VA","offer_id":48216589074651,"sku":"US-2029-IL","price":2516.0,"currency_code":"USD","in_stock":true},{"title":"276B68US \/ 2027-06-02T09:00:00 \/ Herndon, VA","offer_id":48825906659547,"sku":"US-2029-IL","price":2516.0,"currency_code":"USD","in_stock":true}]},{"product_id":"comptia-cysa-®-certification-training","title":"CompTIA CySA+® Certification Training","description":"\u003cdiv\u003e\n\u003cp\u003eJoin our \u003cstrong\u003eCompTIA CySA+ Certification Training\u003c\/strong\u003e and gain the knowledge and skills to prepare for and pass the Cybersecurity Analyst (CySA+) exam. In this course, you'll learn how to manage threats and vulnerabilities effectively, implement software and systems security solutions, monitor security operations, perform incident response procedures, and execute compliance and assessment measures. \u003c\/p\u003e\r\n\u003cp\u003eWith a focus on hands-on experience, this training requires IT security professionals with at least 3-4 years of experience at the level of \u003cspan title=\"CompTIA Network+ Training | Learning Tree\" rel=\"follow\"\u003eCompTIA Network+\u003c\/span\u003e or \u003cspan title=\"CompTIA Security+ Training | Learning Tree\" rel=\"follow\"\u003eCompTIA Security+\u003c\/span\u003e. Plus, your course tuition includes a voucher to take the CS0-003 exam at any Pearson VUE Test Center location. Don't miss this opportunity to enhance your expertise and advance your career in IT security.\u003cbr\u003e \u003cbr\u003eU.S. DoDM 8140.03 APPROVED BY DEPARTMENT OF DEFENSE\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch3\u003eCompTIA CySA+® Certification Training Benefits\u003c\/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eIn this course, you will learn how to:\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003ePrepare for and pass the Cybersecurity Analyst (CySA+) exam.\u003c\/li\u003e\n\u003cli\u003eManage Threats and Vulnerabilities \u003c\/li\u003e\n\u003cli\u003eSecure and Monitor Software and Systems \u003c\/li\u003e\n\u003cli\u003ePerform an Incident Response.\u003c\/li\u003e\n\u003cli\u003eExecute Compliance and Assessment.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eTraining Prerequisites\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003eIT (Information Technology) Security Professionals must have 3-4 years of hands-on information security or related experience at the level of Network+ or Security+.\u003c\/p\u003e\n\u003c\/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eCertification Information\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003eIncluded in your course tuition is a voucher that enables you to take the CS0-003 exam at any Pearson VUE Test Center location.\u003c\/p\u003e\n\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\u003ch3\u003eCompTIA CySA+ Certification Training Outline\u003c\/h3\u003e\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 1: Threat and Vulnerability Management\u003c\/h4\u003e\n\u003cp\u003e\u003cstrong\u003e1.1 Explain the importance of threat data and intelligence.\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eIntelligence sources\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eOpen-source intelligence\u003c\/li\u003e\n\u003cli\u003eProprietary\/closed-source intelligence\u003c\/li\u003e\n\u003cli\u003eTimeliness\u003c\/li\u003e\n\u003cli\u003eRelevancy\u003c\/li\u003e\n\u003cli\u003eAccuracy\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eIndicator management\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eStructured Threat Information eXpression (STIX)\u003c\/li\u003e\n\u003cli\u003eTrusted Automated eXchange of Indicator Information (TAXII)\u003c\/li\u003e\n\u003cli\u003eOpenIoC\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eThreat classification\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eKnown threat vs. unknown threat\u003c\/li\u003e\n\u003cli\u003eZero-day\u003c\/li\u003e\n\u003cli\u003eAdvanced persistent threat\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eThreat actors\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eNation-state\u003c\/li\u003e\n\u003cli\u003eHacktivist\u003c\/li\u003e\n\u003cli\u003eOrganized crime\u003c\/li\u003e\n\u003cli\u003eInsider threat\u003c\/li\u003e\n\u003cli\u003eIntentional\u003c\/li\u003e\n\u003cli\u003eUnintentional\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eIntelligence cycle\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eRequirements\u003c\/li\u003e\n\u003cli\u003eCollection\u003c\/li\u003e\n\u003cli\u003eAnalysis\u003c\/li\u003e\n\u003cli\u003eDissemination\u003c\/li\u003e\n\u003cli\u003eFeedback\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eCommodity malware\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eInformation sharing and analysis communities \u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eHealthcare\u003c\/li\u003e\n\u003cli\u003eFinancial\u003c\/li\u003e\n\u003cli\u003eAviation\u003c\/li\u003e\n\u003cli\u003eGovernment\u003c\/li\u003e\n\u003cli\u003eCritical infrastructure\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003e1.2 Given a scenario, utilize threat intelligence to support organizational security.\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eAttack frameworks\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eMITRE ATT\u0026amp;CK\u003c\/li\u003e\n\u003cli\u003eThe Diamond Model of Intrusion Analysis\u003c\/li\u003e\n\u003cli\u003eKill chain\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eThreat research\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eReputational\u003c\/li\u003e\n\u003cli\u003eBehavioral\u003c\/li\u003e\n\u003cli\u003eIndicator of compromise (IoC)\u003c\/li\u003e\n\u003cli\u003eStandard vulnerability scoring system (CVSS)\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eThreat modeling methodologies\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdversary capability\u003c\/li\u003e\n\u003cli\u003eTotal attack surface\u003c\/li\u003e\n\u003cli\u003eAttack vector\u003c\/li\u003e\n\u003cli\u003eImpact\u003c\/li\u003e\n\u003cli\u003eLikelihood\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eThreat intelligence sharing with supported functions \u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eIncident response\u003c\/li\u003e\n\u003cli\u003eVulnerability management\u003c\/li\u003e\n\u003cli\u003eRisk management\u003c\/li\u003e\n\u003cli\u003eSecurity engineering\u003c\/li\u003e\n\u003cli\u003eDetection and monitoring\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003e1.3 Given a scenario, perform vulnerability management activities.\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eVulnerability identification\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eAsset criticality\u003c\/li\u003e\n\u003cli\u003eActive vs. passive scanning\u003c\/li\u003e\n\u003cli\u003eMapping\/enumeration\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eValidation\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eTrue positive\u003c\/li\u003e\n\u003cli\u003eFalse positive - True negative\u003c\/li\u003e\n\u003cli\u003eFalse-negative\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eRemediation\/mitigation\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eConfiguration baseline\u003c\/li\u003e\n\u003cli\u003ePatching\u003c\/li\u003e\n\u003cli\u003eHardening\u003c\/li\u003e\n\u003cli\u003eCompensating controls\u003c\/li\u003e\n\u003cli\u003eRisk acceptance\u003c\/li\u003e\n\u003cli\u003eVerification of mitigation\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eScanning parameters and criteria\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eRisks associated with scanning activities\u003c\/li\u003e\n\u003cli\u003eVulnerability feed\u003c\/li\u003e\n\u003cli\u003eScope\u003c\/li\u003e\n\u003cli\u003eCredentialed vs. non-credentialed\u003c\/li\u003e\n\u003cli\u003eServer-based vs. agent-based\u003c\/li\u003e\n\u003cli\u003eInternal vs. external\u003c\/li\u003e\n\u003cli\u003eSpecial considerations\u003c\/li\u003e\n\u003cli\u003eTypes of data\u003c\/li\u003e\n\u003cli\u003eTechnical constraints\u003c\/li\u003e\n\u003cli\u003eWorkflow\u003c\/li\u003e\n\u003cli\u003eSensitivity levels\u003c\/li\u003e\n\u003cli\u003eRegulatory requirements\u003c\/li\u003e\n\u003cli\u003eSegmentation\u003c\/li\u003e\n\u003cli\u003eIntrusion prevention system (IPS), intrusion detection system (IDS), and firewall settings\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eInhibitors to remediation\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eMemorandum of understanding (MOU)\u003c\/li\u003e\n\u003cli\u003eService-level agreement (SLA)\u003c\/li\u003e\n\u003cli\u003eOrganizational governance\u003c\/li\u003e\n\u003cli\u003eBusiness process interruption\u003c\/li\u003e\n\u003cli\u003eDegrading functionality\u003c\/li\u003e\n\u003cli\u003eLegacy systems\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003e1.4 Given a scenario, analyze the output from standard vulnerability assessment tools.\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eWeb application scanner\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eOWASP Zed Attack Proxy (ZAP)\u003c\/li\u003e\n\u003cli\u003eBurp suite\u003c\/li\u003e\n\u003cli\u003eNikto\u003c\/li\u003e\n\u003cli\u003eArachni\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eInfrastructure vulnerability scanner\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eNessus\u003c\/li\u003e\n\u003cli\u003eOpenVAS\u003c\/li\u003e\n\u003cli\u003eQualys\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eSoftware assessment tools and techniques\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eStatic analysis\u003c\/li\u003e\n\u003cli\u003eDynamic analysis\u003c\/li\u003e\n\u003cli\u003eReverse engineering\u003c\/li\u003e\n\u003cli\u003eFuzzing\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eEnumeration\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eNmap\u003c\/li\u003e\n\u003cli\u003ehoping\u003c\/li\u003e\n\u003cli\u003eActive vs. passive\u003c\/li\u003e\n\u003cli\u003eResponder\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eWireless assessment tools\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eAircrack-ng\u003c\/li\u003e\n\u003cli\u003eReaver\u003c\/li\u003e\n\u003cli\u003eoclHashcat\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eCloud Infrastructure assessment tools\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eScoutSuite\u003c\/li\u003e\n\u003cli\u003eProwler\u003c\/li\u003e\n\u003cli\u003ePacu\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003e1.5 Explain the threats and vulnerabilities associated with specialized technology.\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eMobile\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eInternet of Things (IoT)\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eEmbedded\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eReal-time operating system (RTOS)\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eSystem-on-Chip (SoC)\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eField programmable gate array (FPGA)\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003ePhysical access control\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eBuilding automation systems\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eVehicles and drones\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eCAN bus\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eWorkflow and process automation systems\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eIndustrial control system\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eSupervisory control and data acquisition (SCADA)\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eModbus\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003e1.6 Explain the threats and vulnerabilities associated with operating in the cloud.\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eCloud service models\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eSoftware as a Service (SaaS)\u003c\/li\u003e\n\u003cli\u003ePlatform as a Service (PaaS)\u003c\/li\u003e\n\u003cli\u003eInfrastructure as a Service (IaaS)\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eCloud deployment models\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003ePublic\u003c\/li\u003e\n\u003cli\u003ePrivate\u003c\/li\u003e\n\u003cli\u003eCommunity\u003c\/li\u003e\n\u003cli\u003eHybrid\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFunction as a Service (FaaS)\/ serverless architecture\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eInfrastructure as code (IaC)\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eInsecure application programming interface (API)\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eImproper key management\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eUnprotected storage\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eLogging and monitoring\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eInsufficient logging and monitoring\u003c\/li\u003e\n\u003cli\u003eInability to access\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003e1.7 Given a scenario, implement controls to mitigate attacks and software vulnerabilities.\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eAttack types\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eExtensible markup language (XML) attack\u003c\/li\u003e\n\u003cli\u003eStructured query language (SQL) injection\u003c\/li\u003e\n\u003cli\u003eOverflow attack\n\u003cul\u003e\n\u003cli\u003eBuffer\u003c\/li\u003e\n\u003cli\u003eInteger\u003c\/li\u003e\n\u003cli\u003eHeap\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\n\u003cli\u003eRemote code execution\u003c\/li\u003e\n\u003cli\u003eDirectory traversal\u003c\/li\u003e\n\u003cli\u003ePrivilege escalation\u003c\/li\u003e\n\u003cli\u003ePassword spraying\u003c\/li\u003e\n\u003cli\u003eCredential stuffing\u003c\/li\u003e\n\u003cli\u003eImpersonation\u003c\/li\u003e\n\u003cli\u003eMan-in-the-middle attack\u003c\/li\u003e\n\u003cli\u003eSession hijacking\u003c\/li\u003e\n\u003cli\u003eRootkit\u003c\/li\u003e\n\u003cli\u003eCross-site scripting\n\u003cul\u003e\n\u003cli\u003eReflected\u003c\/li\u003e\n\u003cli\u003ePersistent\u003c\/li\u003e\n\u003cli\u003eDocument object model (DOM)\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eVulnerabilities\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eImproper error handling\u003c\/li\u003e\n\u003cli\u003eDereferencing\u003c\/li\u003e\n\u003cli\u003eInsecure object reference\u003c\/li\u003e\n\u003cli\u003eRace condition\u003c\/li\u003e\n\u003cli\u003eBroken authentication\u003c\/li\u003e\n\u003cli\u003eSensitive data exposure\u003c\/li\u003e\n\u003cli\u003eInsecure components - Insufficient logging and monitoring - Weak or default configurations - Use of insecure functions - strcpy\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003e2.0 Software and Systems Security\u003c\/h4\u003e\n\u003cp\u003e\u003cstrong\u003e2.1 Given a scenario, apply security solutions for infrastructure management.\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eCloud vs. on-premises\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eAsset management\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eAsset tagging\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eSegmentation\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003ePhysical\u003c\/li\u003e\n\u003cli\u003eVirtual\u003c\/li\u003e\n\u003cli\u003eJumpbox\u003c\/li\u003e\n\u003cli\u003eSystem isolation\u003c\/li\u003e\n\u003cli\u003eAir gap\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eNetwork architecture\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003ePhysical\u003c\/li\u003e\n\u003cli\u003eSoftware-define\u003c\/li\u003e\n\u003cli\u003eVirtual private cloud (VPC)\u003c\/li\u003e\n\u003cli\u003eVirtual private network (VPN)\u003c\/li\u003e\n\u003cli\u003eServerless\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eChange management\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eVirtualization\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eVirtual desktop infrastructure (VDI)\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eContainerization\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eIdentity and access management\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003ePrivilege management\u003c\/li\u003e\n\u003cli\u003eMultifactor authentication (MFA)\u003c\/li\u003e\n\u003cli\u003eSingle sign-on (SSO)\u003c\/li\u003e\n\u003cli\u003eFederation\u003c\/li\u003e\n\u003cli\u003eRole-based\u003c\/li\u003e\n\u003cli\u003eAttribute-based\u003c\/li\u003e\n\u003cli\u003eMandatory\u003c\/li\u003e\n\u003cli\u003eManual review\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eCloud access security broker (CASB)\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eHoneypot\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eMonitoring and logging\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eEncryption\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eCertificate management\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eActive defense\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003e2.2 Explain software assurance best practices.\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003ePlatforms\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eMobile\u003c\/li\u003e\n\u003cli\u003eWeb application\u003c\/li\u003e\n\u003cli\u003eClient\/server\u003c\/li\u003e\n\u003cli\u003eEmbedded\u003c\/li\u003e\n\u003cli\u003eSystem-on-chip (SoC)\u003c\/li\u003e\n\u003cli\u003eFirmware\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eSoftware development life cycle (SDLC) integration\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eDevSecOps\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eSoftware assessment methods\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eUser acceptance testing\u003c\/li\u003e\n\u003cli\u003eStress test application\u003c\/li\u003e\n\u003cli\u003eSecurity regression testing\u003c\/li\u003e\n\u003cli\u003eCode review\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eSecure coding best practices\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eInput validation\u003c\/li\u003e\n\u003cli\u003eOutput encoding\u003c\/li\u003e\n\u003cli\u003eSession management\u003c\/li\u003e\n\u003cli\u003eAuthentication\u003c\/li\u003e\n\u003cli\u003eData protection\u003c\/li\u003e\n\u003cli\u003eParameterized queries\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eStatic analysis tools\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eDynamic analysis tools\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eFormal methods for verification of critical software\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eService-oriented architecture\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity Assertions Markup Language (SAML)\u003c\/li\u003e\n\u003cli\u003eSimple Object Access Protocol (SOAP)\u003c\/li\u003e\n\u003cli\u003eRepresentational State Transfer (REST)\u003c\/li\u003e\n\u003cli\u003eMicroservices\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003e2.3 Explain hardware assurance best practices.\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eHardware root of trust\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eTrusted platform module (TPM)\u003c\/li\u003e\n\u003cli\u003eHardware security module (HSM)\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eeFuse\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eUnified Extensible Firmware Interface (UEFI)\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eTrusted foundry\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eSecure processing\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eTrusted execution\u003c\/li\u003e\n\u003cli\u003eSecure enclave\u003c\/li\u003e\n\u003cli\u003eProcessor security extensions\u003c\/li\u003e\n\u003cli\u003eAtomic execution\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eAnti-tamper\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eSelf-encrypting drive\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eTrusted firmware updates\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eMeasured boot and attestation\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eBus encryption\u003c\/strong\u003e\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003e3.0 Security Operations and Monitoring\u003c\/h4\u003e\n\u003cp\u003e\u003cstrong\u003e3.1 Given a scenario, analyze data as part of security monitoring activities.\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eHeuristics\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eTrend analysis\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eEndpoint\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eMalware\u003c\/li\u003e\n\u003cli\u003eReverse engineering\u003c\/li\u003e\n\u003cli\u003eMemory\u003c\/li\u003e\n\u003cli\u003eSystem and application behavior\u003c\/li\u003e\n\u003cli\u003eKnown-good behavior\u003c\/li\u003e\n\u003cli\u003eAnomalous behavior\u003c\/li\u003e\n\u003cli\u003eExploit techniques\u003c\/li\u003e\n\u003cli\u003eFile system\u003c\/li\u003e\n\u003cli\u003eUser and entity behavior analytics (UEBA)\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eNetwork\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eUniform Resource Locator (URL) and domain name system (DNS) analysis\u003c\/li\u003e\n\u003cli\u003eDomain generation algorithm\u003c\/li\u003e\n\u003cli\u003eFlow analysis\u003c\/li\u003e\n\u003cli\u003ePacket and protocol analysis\u003c\/li\u003e\n\u003cli\u003eMalware\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eLog review\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eEvent logs\u003c\/li\u003e\n\u003cli\u003eSyslog\u003c\/li\u003e\n\u003cli\u003eFirewall logs\u003c\/li\u003e\n\u003cli\u003eWeb application firewall (WAF)\u003c\/li\u003e\n\u003cli\u003eProxy\u003c\/li\u003e\n\u003cli\u003eIntrusion detection system (IDS)\/ Intrusion prevention system (IPS)\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImpact analysis\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eOrganizational impact vs. localized impact\u003c\/li\u003e\n\u003cli\u003eImmediate vs. total\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity information and event management (SIEM) review\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eRule writing\u003c\/li\u003e\n\u003cli\u003eKnown-bad Internet protocol (IP)\u003c\/li\u003e\n\u003cli\u003eDashboard\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eQuery writing\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eString search\u003c\/li\u003e\n\u003cli\u003eScript\u003c\/li\u003e\n\u003cli\u003ePiping\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eE-mail analysis\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eMalicious payload\u003c\/li\u003e\n\u003cli\u003eDomain Keys Identified Mail (DKIM)\u003c\/li\u003e\n\u003cli\u003eDomain-based Message Authentication, Reporting, and Conformance (DMARC)\u003c\/li\u003e\n\u003cli\u003eSender Policy Framework (SPF)\u003c\/li\u003e\n\u003cli\u003ePhishing\u003c\/li\u003e\n\u003cli\u003eForwarding\u003c\/li\u003e\n\u003cli\u003eDigital signature\u003c\/li\u003e\n\u003cli\u003eE-mail signature block\u003c\/li\u003e\n\u003cli\u003eEmbedded links\u003c\/li\u003e\n\u003cli\u003eImpersonation\u003c\/li\u003e\n\u003cli\u003eHeader\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003e3.2 Given a scenario, implement configuration changes to existing controls to improve security.\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003ePermissions\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eSafelisting\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eDenylisting\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eFirewall\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eIntrusion prevention system (IPS) rules\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eData loss prevention (DLP)\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eEndpoint detection and response (EDR)\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eNetwork access control (NAC)\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eSinkholing\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eMalware signatures\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eDevelopment\/rule writing\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eSandboxing\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003ePort security\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003e3.3 Explain the importance of proactive threat hunting\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eEstablishing a hypothesis\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eProfiling threat actors and activities\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eThreat hunting tactics\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eExecutable process analysis\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eReducing the attack surface area\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eBundling critical assets\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eAttack vectors\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eIntegrated intelligence\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eImproving detection capabilities\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003e3.4 Compare and contrast automation concepts and technologies.\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eWorkflow orchestration\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity Orchestration, Automation, and Response (SOAR)\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eScripting\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eApplication programming interface (API) integration\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eAutomated malware signature creation\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eData Enrichment\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eThreat feed combination\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eMachine learning\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eUse of automation protocols and standards\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity Content Automation Protocol (SCAP)\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eContinuous integration\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eContinuous deployment\/delivery\u003c\/strong\u003e\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003e4.0 Incident Response\u003c\/h4\u003e\n\u003cp\u003e\u003cstrong\u003e4.1 Explain the importance of the incident response process.\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eCommunication plan\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eLimiting communication to trusted parties\u003c\/li\u003e\n\u003cli\u003eDisclosing based on regulatory\/ legislative requirements\u003c\/li\u003e\n\u003cli\u003ePreventing inadvertent release of information\u003c\/li\u003e\n\u003cli\u003eUsing a secure method of communication\u003c\/li\u003e\n\u003cli\u003eReporting requirements\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eResponse coordination with relevant entities\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eLegal Human resources\u003c\/li\u003e\n\u003cli\u003ePublic relations\u003c\/li\u003e\n\u003cli\u003eInternal and external\u003c\/li\u003e\n\u003cli\u003eLaw enforcement\u003c\/li\u003e\n\u003cli\u003eSenior leadership\u003c\/li\u003e\n\u003cli\u003eRegulatory bodies\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFactors contributing to data criticality\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003ePersonally identifiable information (PII)\u003c\/li\u003e\n\u003cli\u003ePersonal health information (PHI)\u003c\/li\u003e\n\u003cli\u003eSensitive personal information (SPI)\u003c\/li\u003e\n\u003cli\u003eHigh-value asset\u003c\/li\u003e\n\u003cli\u003eFinancial information\u003c\/li\u003e\n\u003cli\u003eIntellectual property\u003c\/li\u003e\n\u003cli\u003eCorporate information\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003e4.2 Given a scenario, apply the appropriate incident response procedure.\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003ePreparation\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eTraining\u003c\/li\u003e\n\u003cli\u003eTesting\u003c\/li\u003e\n\u003cli\u003eDocumentation of procedures\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDetection and analysis\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eCharacteristics contributing to severity level classification\u003c\/li\u003e\n\u003cli\u003eDowntime\u003c\/li\u003e\n\u003cli\u003eRecovery time\u003c\/li\u003e\n\u003cli\u003eData integrity\u003c\/li\u003e\n\u003cli\u003eEconomic\u003c\/li\u003e\n\u003cli\u003eSystem process criticality\u003c\/li\u003e\n\u003cli\u003eReverse engineering\u003c\/li\u003e\n\u003cli\u003eData correlation\u003c\/li\u003e\n\u003cli\u003e\n\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eContainment\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eSegmentation\u003c\/li\u003e\n\u003cli\u003eIsolation\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eEradication and Recovery\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eVulnerability mitigation\u003c\/li\u003e\n\u003cli\u003eSanitization\u003c\/li\u003e\n\u003cli\u003eReconstruction\/reimaging\u003c\/li\u003e\n\u003cli\u003eSecure disposal\u003c\/li\u003e\n\u003cli\u003ePatching\u003c\/li\u003e\n\u003cli\u003eRestoration of permissions\u003c\/li\u003e\n\u003cli\u003eReconstitution of resources\u003c\/li\u003e\n\u003cli\u003eRestoration of capabilities and services\u003c\/li\u003e\n\u003cli\u003eVerification of logging\/ communication to security monitoring\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003ePost-incident activities\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eEvidence retention\u003c\/li\u003e\n\u003cli\u003eLessons learned report\u003c\/li\u003e\n\u003cli\u003eChange control process\u003c\/li\u003e\n\u003cli\u003eIncident response plan update\u003c\/li\u003e\n\u003cli\u003eIncident summary report\u003c\/li\u003e\n\u003cli\u003eIoC generation\u003c\/li\u003e\n\u003cli\u003eMonitoring\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003e4.3 Given an incident, analyze potential indicators of compromise.\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eNetwork-related\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eBandwidth consumption\u003c\/li\u003e\n\u003cli\u003eBeaconing\u003c\/li\u003e\n\u003cli\u003eIrregular peer-to-peer communication\u003c\/li\u003e\n\u003cli\u003eThe rogue device on the network\u003c\/li\u003e\n\u003cli\u003eScan\/sweep\u003c\/li\u003e\n\u003cli\u003eUnusual traffic spike\u003c\/li\u003e\n\u003cli\u003eCommon protocol over a non-standard port\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eHost-related\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eProcessor consumption\u003c\/li\u003e\n\u003cli\u003eMemory consumption\u003c\/li\u003e\n\u003cli\u003eDrive capacity consumption\u003c\/li\u003e\n\u003cli\u003eUnauthorized software\u003c\/li\u003e\n\u003cli\u003eMalicious process\u003c\/li\u003e\n\u003cli\u003eUnauthorized change\u003c\/li\u003e\n\u003cli\u003eUnauthorized privilege\u003c\/li\u003e\n\u003cli\u003eData exfiltration\u003c\/li\u003e\n\u003cli\u003eAbnormal OS process behavior\u003c\/li\u003e\n\u003cli\u003eFile system change or anomaly\u003c\/li\u003e\n\u003cli\u003eRegistry change or anomaly\u003c\/li\u003e\n\u003cli\u003eUnauthorized scheduled task\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eApplication-related\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eAnomalous activity\u003c\/li\u003e\n\u003cli\u003eIntroduction of new accounts\u003c\/li\u003e\n\u003cli\u003eUnexpected output\u003c\/li\u003e\n\u003cli\u003eUnexpected outbound communication\u003c\/li\u003e\n\u003cli\u003eService interruption\u003c\/li\u003e\n\u003cli\u003eApplication log\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003e4.4 Given a scenario, utilize basic digital forensics techniques.\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eNetwork\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eWireshark\u003c\/li\u003e\n\u003cli\u003etcpdump\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eEndpoint\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eDisk\u003c\/li\u003e\n\u003cli\u003eMemory\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eMobile\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eCloud\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eVirtualization\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eLegal hold\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eProcedures\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eHashing\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eChanges to binaries\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eCarving\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eData acquisition\u003c\/strong\u003e\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003e5.0 Compliance and Assessment\u003c\/h4\u003e\n\u003cp\u003e\u003cstrong\u003e5.1 Understand the importance of data privacy and protection.\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003ePrivacy vs. security\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eNon-technical controls\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eClassification\u003c\/li\u003e\n\u003cli\u003eOwnership\u003c\/li\u003e\n\u003cli\u003eRetention\u003c\/li\u003e\n\u003cli\u003eData types\u003c\/li\u003e\n\u003cli\u003eRetention standards\u003c\/li\u003e\n\u003cli\u003eConfidentiality\u003c\/li\u003e\n\u003cli\u003eLegal Requirements\u003c\/li\u003e\n\u003cli\u003eData sovereignty\u003c\/li\u003e\n\u003cli\u003eData minimization\u003c\/li\u003e\n\u003cli\u003ePurpose limitation\u003c\/li\u003e\n\u003cli\u003eA non-disclosure agreement (NDA)\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eTechnical controls\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eEncryption\u003c\/li\u003e\n\u003cli\u003eData loss prevention (DLP)\u003c\/li\u003e\n\u003cli\u003eData masking\u003c\/li\u003e\n\u003cli\u003eDeidentification\u003c\/li\u003e\n\u003cli\u003eTokenization\u003c\/li\u003e\n\u003cli\u003eDigital rights management (DRM)?\u003c\/li\u003e\n\u003cli\u003eWatermarking\u003c\/li\u003e\n\u003cli\u003eGeographic access requirements\u003c\/li\u003e\n\u003cli\u003eAccess controls\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.2 Given a scenario, apply security concepts to support organizational risk mitigation.\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eBusiness impact analysis\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eRisk identification process\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eRisk calculation\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eProbability\u003c\/li\u003e\n\u003cli\u003eMagnitude\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eCommunication of risk factors\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eRisk prioritization\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity controls -\u003c\/li\u003e\n\u003cli\u003eEngineering tradeoffs\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eSystems assessment\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eDocumented compensating controls\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eTraining and exercises\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eRed team\u003c\/li\u003e\n\u003cli\u003eBlue team\u003c\/li\u003e\n\u003cli\u003eWhite team\u003c\/li\u003e\n\u003cli\u003eTabletop exercise\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eSupply chain assessment\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eVendor due diligence\u003c\/li\u003e\n\u003cli\u003eHardware source authenticity\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003e5.3 Explain the importance of frameworks, policies, procedures, and controls.\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eFrameworks\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eRisk-based\u003c\/li\u003e\n\u003cli\u003ePrescriptive\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003ePolicies and procedures\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eCode of conduct\/ethics\u003c\/li\u003e\n\u003cli\u003eAcceptable use policy (AUP)\u003c\/li\u003e\n\u003cli\u003ePassword policy\u003c\/li\u003e\n\u003cli\u003eData Ownership\u003c\/li\u003e\n\u003cli\u003eData retention\u003c\/li\u003e\n\u003cli\u003eAccount management\u003c\/li\u003e\n\u003cli\u003eContinuous monitoring\u003c\/li\u003e\n\u003cli\u003eWork product retention\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eCategory\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eManagerial\u003c\/li\u003e\n\u003cli\u003eOperational\u003c\/li\u003e\n\u003cli\u003eTechnical\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eControl type\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003ePreventative\u003c\/li\u003e\n\u003cli\u003eDetective\u003c\/li\u003e\n\u003cli\u003eCorrective\u003c\/li\u003e\n\u003cli\u003eDeterrent\u003c\/li\u003e\n\u003cli\u003eCompensating\u003c\/li\u003e\n\u003cli\u003ePhysical\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eAudits and assessments\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eRegulatory\u003c\/li\u003e\n\u003cli\u003eCompliance\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e","brand":"Learning Tree","offers":[{"title":"266A14CN \/ 2026-06-22T09:00:00 \/ Online","offer_id":47534191935707,"sku":"US-2047-IL","price":2764.0,"currency_code":"USD","in_stock":true},{"title":"267B25US \/ 2026-07-13T09:00:00 \/ Aurora, CO","offer_id":47534192001243,"sku":"US-2047-IL","price":2764.0,"currency_code":"USD","in_stock":true},{"title":"267B26US \/ 2026-07-27T09:00:00 \/ Herndon, VA","offer_id":47534192099547,"sku":"US-2047-IL","price":2764.0,"currency_code":"USD","in_stock":true},{"title":"269A87US \/ 2026-09-14T09:00:00 \/ Bellevue, WA","offer_id":47591599407323,"sku":"US-2047-IL","price":2764.0,"currency_code":"USD","in_stock":true},{"title":"268A84CN \/ 2026-08-31T09:00:00 \/ Toronto","offer_id":48216558403803,"sku":"US-2047-IL","price":2764.0,"currency_code":"USD","in_stock":true},{"title":"268C95US \/ 2026-08-17T09:00:00 \/ New York","offer_id":48216558436571,"sku":"US-2047-IL","price":2764.0,"currency_code":"USD","in_stock":true},{"title":"26AB73US \/ 2026-10-26T09:00:00 \/ Austin","offer_id":48216558469339,"sku":"US-2047-IL","price":2764.0,"currency_code":"USD","in_stock":true},{"title":"26BA36CN \/ 2026-11-16T09:00:00 \/ Ottawa","offer_id":48216558502107,"sku":"US-2047-IL","price":2764.0,"currency_code":"USD","in_stock":true},{"title":"26CB55US \/ 2026-12-14T09:00:00 \/ Aurora, CO","offer_id":48216558534875,"sku":"US-2047-IL","price":2764.0,"currency_code":"USD","in_stock":true},{"title":"271A34CN \/ 2027-01-25T09:00:00 \/ Toronto","offer_id":48216558567643,"sku":"US-2047-IL","price":2764.0,"currency_code":"USD","in_stock":true},{"title":"271C18US \/ 2027-01-11T09:00:00 \/ New York","offer_id":48216558600411,"sku":"US-2047-IL","price":2764.0,"currency_code":"USD","in_stock":true},{"title":"273B83US \/ 2027-03-01T09:00:00 \/ Herndon, VA","offer_id":48309393227995,"sku":"US-2047-IL","price":2764.0,"currency_code":"USD","in_stock":true},{"title":"273B84US \/ 2027-03-08T09:00:00 \/ San Francisco","offer_id":48329825616091,"sku":"US-2047-IL","price":2764.0,"currency_code":"USD","in_stock":true},{"title":"273B85US \/ 2027-03-15T09:00:00 \/ Austin","offer_id":48363059216603,"sku":"US-2047-IL","price":2764.0,"currency_code":"USD","in_stock":true},{"title":"274A30CN \/ 2027-04-19T09:00:00 \/ Ottawa","offer_id":48612319068379,"sku":"US-2047-IL","price":2764.0,"currency_code":"USD","in_stock":true},{"title":"275C35US \/ 2027-05-17T09:00:00 \/ Aurora, CO","offer_id":48778587504859,"sku":"US-2047-IL","price":2764.0,"currency_code":"USD","in_stock":true},{"title":"269D59US \/ 2026-09-21T09:00:00 \/ Online","offer_id":48837147263195,"sku":"US-2047-IL","price":2764.0,"currency_code":"USD","in_stock":true}]},{"product_id":"certified-professional-cmmc-training-ccp","title":"Certified Professional CMMC Training (CCP)","description":"\u003cdiv\u003e\u003cp\u003e\u003cimg alt=\"ATP Designation\" width=\"150px\" style=\"float: left;\" src=\"https:\/\/cdn.buttercms.com\/jEuu6pDQS8au7MkZsvab\"\u003eThe CMMC Certified Professional™ (CCP™) is the foundational certification for anyone seeking to work within the implementation and assessment ecosystem of the US Department of War’s (DoW) Cybersecurity Maturity Model Certification (CMMC) program. It validates that you are ready to help organizations achieve assessment-ready cybersecurity programs or participate in a CMMC Assessment Team during official CMMC assessments. Plus, CCP is the required first step toward becoming a CCA, providing a clear advancement pathway into assessment and higher-level consulting roles.\u003c\/p\u003e\u003c\/div\u003e\u003cdiv\u003e\n\u003ch3\u003eCertified Professional CMMC Training (CCP) Benefits\u003c\/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp style=\"margin-right: 0in; margin-left: 0in; font-size: 12pt; font-family: 'Times New Roman', serif;\"\u003e\u003cstrong\u003e\u003cspan style=\"font-family: Calibri, sans-serif;\"\u003eImportant Information\u003c\/span\u003e\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eEach student will be responsible for purchasing the CCP Exam through ISACA. Using the following link, you will click “Register” to purchase your respective exam.\n\u003cul\u003e\n\u003cli\u003eCCP: \u003ca href=\"https:\/\/www.isaca.org\/credentialing\/ccp\"\u003ehttps:\/\/www.isaca.org\/credentialing\/ccp\u003c\/a\u003e\n\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\n\u003cli\u003eLearners must confirm they have completed the mandatory training prior to registering for the exam. ISACA validates this confirmation against the training data submitted by your training provider, to ensure a valid application.\u003c\/li\u003e\n\u003cli\u003e\u003ca href=\"https:\/\/www.isaca.org\/-\/media\/files\/isacadp\/project\/isaca\/certification\/exam-candidate-guides\/cca-ccp_exam_candidates_guide.pdf\"\u003ehttps:\/\/www.isaca.org\/-\/media\/files\/isacadp\/project\/isaca\/certification\/exam-candidate-guides\/cca-ccp_exam_candidates_guide.pdf\u003c\/a\u003e\u003c\/li\u003e\n\u003cli\u003eAfter passing the exam you will submit your application with ISACA for the certification and will pay the required $200 fee at that time.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eIn this CMMC Certification Training Course, you will learn how to:\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eIdentify the threats to the defense supply chain and the established regulations and standards for managing the risk.\u003c\/li\u003e\n\u003cli\u003eIdentify the sensitive information that needs to be protected within the defense supply chain and how to manage it.\u003c\/li\u003e\n\u003cli\u003eDescribe how the CMMC Model ensures compliance with federal acquisition regulations.\u003c\/li\u003e\n\u003cli\u003eIdentify the responsibilities of the CMMC Certified  Professional, including appropriate ethical behavior.\u003c\/li\u003e\n\u003cli\u003eEstablish the Certification and Assessment scope boundaries for evaluating the systems that protect regulated information.\u003c\/li\u003e\n\u003cli\u003ePrepare the OSC (Organizations Seeking Certification) for an Assessment by evaluating readiness.\u003c\/li\u003e\n\u003cli\u003eUse the CMMC Assessment Guides to determine and assess the Evidence for practices.\u003c\/li\u003e\n\u003cli\u003eImplement and evaluate practices required to meet CMMC Level 1.\u003c\/li\u003e\n\u003cli\u003eIdentify the practices required to meet CMMC Level 2.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eWho Should Attend:\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eDoW Suppliers Preparing For CMMC Compliance\u003c\/li\u003e\n\u003cli\u003eIt\/Security Managers at DIB Companies\u003c\/li\u003e\n\u003cli\u003eGrc\/Compliance Leads Driving Cmmc Programs\u003c\/li\u003e\n\u003cli\u003eAspiring CMMC Assessors\u003c\/li\u003e\n\u003cli\u003eEarly-Career Professionals Entering DIB Cyber Compliance\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cb\u003eCMMC Certification Training Prerequisites\u003c\/b\u003e\u003c\/p\u003e\n\u003cp\u003eTo ensure success on this course, you should have some foundational education or experience in cybersecurity. Therefore, ISACA and Cyber AB have established prerequisites for those who wish to apply for CCP certification, such as: \u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eFavorable background checks. Additional citizenship and clearance credentials are also required to perform higher-level duties, such as participating as an ML-2 (Maturity Level 2) assessment team member. \u003c\/li\u003e\n\u003cli\u003eHave college degree in a cyber or information technical field, or 2+ years of related education experience, or 2+ years of related experience (including military) in a cyber, information technology, or assessment field.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\u003ch3\u003eCMMC Certification Training Outline\u003c\/h3\u003e\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eLesson 1:  Managing Risk within the Defense Supply Chain\u003c\/h4\u003e\n\u003cp\u003eTopic A:Identify Threats to the Defense Supply Chain \u003c\/p\u003e\n\u003cp\u003eTopic B:Identify Regulatory Responses against Threats \u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eLesson 2: Handling Sensitive Information\u003c\/h4\u003e\n\u003cp\u003eTopic A: Identify Sensitive Information\u003c\/p\u003e\n\u003cp\u003e\u003cb\u003eTopic B: Manage Sensitive Information\u003c\/b\u003e\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eLesson 3: Ensuring Compliance through CMMC\u003c\/h4\u003e\n\u003cp\u003eTopic A: Describe the CMMC Model Architecture\u003c\/p\u003e\n\u003cp\u003e\u003cb\u003eTopic B: Define the CMMC Program and Its Ecosystem\u003c\/b\u003e\u003c\/p\u003e\n\u003cp\u003eTopic C: Define Self-Assessments\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eLesson 4: Performing CCP Responsibilities\u003c\/h4\u003e\n\u003cp\u003eTopic A: Identify Responsibilities of the CCP\u003c\/p\u003e\n\u003cp\u003e\u003cb\u003eTopic B: Demonstrate Appropriate Ethics and Behavior\u003c\/b\u003e\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eLesson 5: Scoping Certification and Assessment Boundaries\u003c\/h4\u003e\n\u003cp\u003eTopic A: Use the CMMC Assessment Scope Documentation\u003c\/p\u003e\n\u003cp\u003e\u003cb\u003eTopic B: Get Oriented to the OSC Environment\u003c\/b\u003e\u003c\/p\u003e\n\u003cp\u003eTopic C: Determine How Sensitive Information Moves\u003c\/p\u003e\n\u003cp\u003eTopic D: Identify Systems in Scope\u003c\/p\u003e\n\u003cp\u003eTopic E: Limit Scope\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eLesson 6: Preparing the OSC\u003c\/h4\u003e\n\u003cp\u003eTopic A: Foster a Mature Cybersecurity Culture\u003c\/p\u003e\n\u003cp\u003e\u003cb\u003eTopic B: Evaluate Readiness\u003c\/b\u003e\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eLesson 7: Determining and Assessing Evidence\u003c\/h4\u003e\n\u003cp\u003eTopic A: Determine Evidence\u003c\/p\u003e\n\u003cp\u003e\u003cb\u003eTopic B: Assess the Practices Using the CMMC Assessment Guides\u003c\/b\u003e\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eLesson 8: Implementing and Evaluating Level 1\u003c\/h4\u003e\n\u003cp\u003eTopic A: Identify CMMC Level 1 Domains and Practices\u003c\/p\u003e\n\u003cp\u003e\u003cb\u003eTopic B: Perform a CMMC Level 1 Gap Analysis\u003c\/b\u003e\u003c\/p\u003e\n\u003cp\u003eTopic C: Assess CMMC Level 1 Practices\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eLesson 9: Identifying Level 2 Practices\u003c\/h4\u003e\n\u003cp\u003eTopic A: Identify CMMC Level 2 Practices \u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eLesson 10: Working through an Assessment\u003c\/h4\u003e\n\u003cp\u003eTopic A: Identify Assessment Roles and Responsibilities\u003c\/p\u003e\n\u003cp\u003e\u003cb\u003eTopic B: Plan and Prepare the Assessment\u003c\/b\u003e\u003c\/p\u003e\n\u003cp\u003eTopic C: Conduct the Assessment\u003c\/p\u003e\n\u003cp\u003eTopic D: Report on the Assessment Results\u003c\/p\u003e\n\u003cp\u003eTopic E: Conduct the CMMC POA\u0026amp;M (Plan of Action and Milestones) Close-Out Assessment\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eCMMC Certification Training Outline Appendixes\u003c\/h4\u003e\n\u003cp\u003eAppendix A: Evidence Collection Approach for CMMC Level 1 Practices\u003c\/p\u003e\n\u003cp\u003e\u003cb\u003eAppendix B: Additional Documentation for CCPs (Certified CMMC Professionals)\u003c\/b\u003e\u003c\/p\u003e\n\u003cp\u003eAppendix C: Mapping Course Content to the CCP Exam\u003c\/p\u003e\n\u003c\/div\u003e","brand":"Learning Tree","offers":[{"title":"267B54US \/ 2026-07-21T09:00:00 \/ Online","offer_id":47534198456539,"sku":"US-2072-IL","price":2512.0,"currency_code":"USD","in_stock":true},{"title":"266D67US \/ 2026-06-15T09:00:00 \/ Online","offer_id":48216585961691,"sku":"US-2072-IL","price":2512.0,"currency_code":"USD","in_stock":true},{"title":"269A85CN \/ 2026-09-01T09:00:00 \/ Online","offer_id":48216585994459,"sku":"US-2072-IL","price":2512.0,"currency_code":"USD","in_stock":true},{"title":"26AC17US \/ 2026-10-13T09:00:00 \/ Online","offer_id":48216586027227,"sku":"US-2072-IL","price":2512.0,"currency_code":"USD","in_stock":true},{"title":"26BC77US \/ 2026-11-03T09:00:00 \/ Online","offer_id":48216586059995,"sku":"US-2072-IL","price":2512.0,"currency_code":"USD","in_stock":true},{"title":"26CB82US \/ 2026-12-01T09:00:00 \/ Online","offer_id":48216586092763,"sku":"US-2072-IL","price":2512.0,"currency_code":"USD","in_stock":true},{"title":"271A38CN \/ 2027-01-19T09:00:00 \/ Online","offer_id":48216586125531,"sku":"US-2072-IL","price":2512.0,"currency_code":"USD","in_stock":true},{"title":"273C05US \/ 2027-03-02T09:00:00 \/ Online","offer_id":48310906912987,"sku":"US-2072-IL","price":2512.0,"currency_code":"USD","in_stock":true},{"title":"273C06US \/ 2027-03-30T09:00:00 \/ Online","offer_id":48523463655643,"sku":"US-2072-IL","price":2512.0,"currency_code":"USD","in_stock":true},{"title":"275C55US \/ 2027-05-04T09:00:00 \/ Online","offer_id":48738853683419,"sku":"US-2072-IL","price":2512.0,"currency_code":"USD","in_stock":true}]},{"product_id":"vulnerability-assessment-training-protecting-your-organization","title":"Vulnerability Assessment Training: Protecting Your Organization","description":"\u003cdiv\u003e\n\u003cp\u003eThis training course on Vulnerability Assessment instructs participants on minimizing expensive security breaches and assessing risks within their enterprise stemming from various vulnerabilities.\u003c\/p\u003e\r\n\u003cp\u003eParticipants will learn to develop a comprehensive checklist for network security vulnerability assessments, pinpointing weaknesses in infrastructure, servers, web applications, and desktops. Moreover, the course covers report creation and interpretation, configuration of vulnerability scanners, identification of vulnerability points, and strategies for preventing network exploitation.\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch3\u003eVulnerability Assessment Training: Protecting Your Organization Benefits\u003c\/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eIn this course, you will learn how to:\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eDetect and respond to vulnerabilities, and minimize exposure to security breaches\u003c\/li\u003e\n\u003cli\u003eEmploy real-world exploits and evaluate their effect on your systems\u003c\/li\u003e\n\u003cli\u003eConfigure vulnerability scanners to identify weaknesses\u003c\/li\u003e\n\u003cli\u003eAnalyze the results of vulnerability scans\u003c\/li\u003e\n\u003cli\u003eEstablish an efficient strategy for vulnerability management\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003ePrerequisites\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003eBefore taking this course, you should have a basic understanding of network security and security issues at the level of\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eLearning Tree course 468, Introduction to Cybersecurity,\u003c\/li\u003e\n\u003cli\u003eLearning Tree course 446, CompTIA Security+® Training,\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003eAnd you should have an understanding of the following:\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eTCP\/IP networking\u003c\/li\u003e\n\u003cli\u003eNetwork security goals and concerns\u003c\/li\u003e\n\u003cli\u003eThe roles of firewalls and intrusion detection systems\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eContinuing Education Information\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eThis course covers multiple domains on the ISC2™ CISSP certification exam\u003c\/li\u003e\n\u003cli\u003eIf you are interested in achieving the CISSP certification, see CISSP® Training and Certification Prep Course • Course 2058\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\u003ch3\u003eVulnerability Assessment Course Outline\u003c\/h3\u003e\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 1: Fundamentals\u003c\/h4\u003e\n\u003cp\u003e\u003cstrong\u003eIntroduction\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eDefining vulnerability, exploit, threat and risk\u003c\/li\u003e\n\u003cli\u003eCreating a vulnerability report\u003c\/li\u003e\n\u003cli\u003eConducting an initial scan\u003c\/li\u003e\n\u003cli\u003eCommon Vulnerabilities and Exposure (CVE) list\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eScanning and exploits\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eVulnerability detection methods\u003c\/li\u003e\n\u003cli\u003eTypes of scanners\u003c\/li\u003e\n\u003cli\u003ePort scanning and OS fingerprinting\u003c\/li\u003e\n\u003cli\u003eEnumerating targets to test information leakage\u003c\/li\u003e\n\u003cli\u003eTypes of exploits: worm, spyware, backdoor, rootkits, Denial of Service (DoS)\u003c\/li\u003e\n\u003cli\u003eDeploying exploit frameworks\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 2: Analyzing Vulnerabilities and Exploits\u003c\/h4\u003e\n\u003cp\u003e\u003cstrong\u003eUncovering infrastructure vulnerabilities\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eUncovering switch weaknesses\u003c\/li\u003e\n\u003cli\u003eVulnerabilities in infrastructure support servers\u003c\/li\u003e\n\u003cli\u003eNetwork management tool attacks\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eAttacks against analyzers and IDS\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eIdentifying Snort IDS bypass attacks\u003c\/li\u003e\n\u003cli\u003eCorrupting memory and causing Denial of Service\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eExposing server vulnerabilities\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eScanning servers: assessing vulnerabilities on your network\u003c\/li\u003e\n\u003cli\u003eUploading rogue scripts and file inclusion\u003c\/li\u003e\n\u003cli\u003eCatching input validation errors\u003c\/li\u003e\n\u003cli\u003ePerforming buffer overflow attacks\u003c\/li\u003e\n\u003cli\u003eSQL injection\u003c\/li\u003e\n\u003cli\u003eCross-Site Scripting (XSS) and cookie theft\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eRevealing desktop vulnerabilities\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eScanning for desktop vulnerabilities\u003c\/li\u003e\n\u003cli\u003eClient buffer overflows\u003c\/li\u003e\n\u003cli\u003eSilent downloading: spyware and adware\u003c\/li\u003e\n\u003cli\u003eIdentify browser privilege escalation vulnerabilities\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 3: Configuring Scanners and Generating Reports\u003c\/h4\u003e\n\u003cp\u003e\u003cstrong\u003eImplementing scanner operations and configuration\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eChoosing credentials, ports and dangerous tests\u003c\/li\u003e\n\u003cli\u003ePreventing false negatives\u003c\/li\u003e\n\u003cli\u003eCreating custom vulnerability tests\u003c\/li\u003e\n\u003cli\u003eCustomizing Nessus scans\u003c\/li\u003e\n\u003cli\u003eHandling false positives\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eCreating and interpreting reports\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eFiltering and customizing reports\u003c\/li\u003e\n\u003cli\u003eInterpreting complex reports\u003c\/li\u003e\n\u003cli\u003eContrasting the results of different scanners\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 4: Assessing Risks in a Changing Environment\u003c\/h4\u003e\n\u003cp\u003e\u003cstrong\u003eResearching alert information\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eUsing the National Vulnerability Database (NVD) to find relevant vulnerability and patch information\u003c\/li\u003e\n\u003cli\u003eEvaluating and investigating security alerts and advisories\u003c\/li\u003e\n\u003cli\u003eEmploying the Common Vulnerability Scoring System (CVSS)\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eIdentifying factors that affect risk\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eEvaluating the impact of a successful attack\u003c\/li\u003e\n\u003cli\u003eDetermining vulnerability frequency\u003c\/li\u003e\n\u003cli\u003eCalculating vulnerability severity\u003c\/li\u003e\n\u003cli\u003eWeighing important risk factors\u003c\/li\u003e\n\u003cli\u003ePerforming a risk assessment\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 5: Managing Vulnerabilities\u003c\/h4\u003e\n\u003cp\u003e\u003cstrong\u003eThe vulnerability management cycle\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eExamine Common Platform Enumeration and how to use it\u003c\/li\u003e\n\u003cli\u003ePatch and configuration management\u003c\/li\u003e\n\u003cli\u003eAnalyzing the vulnerability management process\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eVulnerability controversies\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eInvestigating CPE\u003c\/li\u003e\n\u003cli\u003eBaseline management\u003c\/li\u003e\n\u003cli\u003eAchieving compliance\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e","brand":"Learning Tree","offers":[{"title":"267C24US \/ 2026-07-07T09:00:00 \/ Herndon, VA","offer_id":47534198882523,"sku":"US-589-IL","price":2512.0,"currency_code":"USD","in_stock":true},{"title":"269C36US \/ 2026-09-01T09:00:00 \/ Herndon, VA","offer_id":48216588026075,"sku":"US-589-IL","price":2512.0,"currency_code":"USD","in_stock":true},{"title":"26BB11US \/ 2026-11-03T09:00:00 \/ Herndon, VA","offer_id":48216588058843,"sku":"US-589-IL","price":2512.0,"currency_code":"USD","in_stock":true},{"title":"271B16US \/ 2027-01-05T09:00:00 \/ Herndon, VA","offer_id":48216588091611,"sku":"US-589-IL","price":2512.0,"currency_code":"USD","in_stock":true},{"title":"273A93US \/ 2027-03-02T09:00:00 \/ Herndon, VA","offer_id":48310906978523,"sku":"US-589-IL","price":2512.0,"currency_code":"USD","in_stock":true},{"title":"275B06US \/ 2027-05-04T09:00:00 \/ Herndon, VA","offer_id":48738858336475,"sku":"US-589-IL","price":2512.0,"currency_code":"USD","in_stock":true}]},{"product_id":"cyber-security-risk-assessment-training","title":"Cyber Security Risk Assessment Training","description":"\u003cdiv\u003e\u003cp\u003eThis \u003cstrong\u003erisk assessment training\u003c\/strong\u003e course will teach you how to conduct a security risk assessment to protect your organization. You will learn about the laws and regulations that impose strict cybersecurity requirements on all organizations. You will also gain the skills to develop a compliance assessment plan and employ a standards-based risk management process while maintaining a satisfactory security posture.\u003c\/p\u003e\u003c\/div\u003e\u003cdiv\u003e\n\u003ch3\u003eCyber Security Risk Assessment Training Benefits\u003c\/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eIn this Cyber Security Risk Assessment \u0026amp; Management training, you will learn how to: \u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eImplement standards-based, proven methodologies for assessing and managing your organization's information infrastructure risks. \u003c\/li\u003e\n\u003cli\u003eSelect and implement security controls that ensure compliance with applicable laws, regulations, policies, and directives. \u003c\/li\u003e\n\u003cli\u003eExtend security protection to ICS (Industrial Control Systems) and the cloud. \u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eRisk Assessment Training Prerequisites \u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003eAttendees should have a basic knowledge of business processes and technology concepts. No specialized technical knowledge is assumed. \u003c\/p\u003e\n\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\u003ch3\u003eCyber Security Risk Assessment Training Course Outline\u003c\/h3\u003e\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 1: Introduction to Risk Assessment and Management\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003eEnsuring compliance with applicable regulatory drivers \u003c\/li\u003e\n\u003cli\u003eProtecting the organization from unacceptable losses \u003c\/li\u003e\n\u003cli\u003eDescribing the RMF (Risk Management Framework) \u003c\/li\u003e\n\u003cli\u003eApplying NIST\/ISO risk management processes \u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 2: Characterizing System Security Requirements\u003c\/h4\u003e\n\u003cp\u003eDefining the system \u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eOutlining the system security boundary \u003c\/li\u003e\n\u003cli\u003ePinpointing system interconnections \u003c\/li\u003e\n\u003cli\u003eIncorporating the unique characteristics of Industrial Control Systems and cloud-based systems \u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003eIdentifying security risk components \u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eEstimating the impact of compromises on confidentiality, integrity, and availability \u003c\/li\u003e\n\u003cli\u003eAdopting the appropriate model for categorizing system risk \u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003eSetting the stage for successful risk management \u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eDocumenting critical risk assessment and management decisions in the SSP (System Security Plan) \u003c\/li\u003e\n\u003cli\u003eAppointing qualified individuals to risk governance roles\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 3: Selecting Appropriate Security Controls\u003c\/h4\u003e\n\u003cp\u003eAssigning a security control baseline \u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eInvestigating security control families \u003c\/li\u003e\n\u003cli\u003eDetermining the baseline from system security risk \u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003eTailoring the baseline to fit the system \u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eExamining the structure of security controls, enhancements, and parameters \u003c\/li\u003e\n\u003cli\u003eBinding control overlays to the selected baseline \u003c\/li\u003e\n\u003cli\u003eGauging the need for enhanced assurance \u003c\/li\u003e\n\u003cli\u003eDistinguishing system-specific, compensating, and non-applicable controls \u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 4: Reducing Risk Through Effective Control Implementation\u003c\/h4\u003e\n\u003cp\u003e\u003cspan data-contrast=\"auto\"\u003eSpecifying the implementation approach\u003c\/span\u003e\u003cspan data-ccp-props='{\"134233117\":true,\"134233118\":true,\"201341983\":0,\"335559739\":160,\"335559740\":240}'\u003e \u003c\/span\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli data-leveltext=\"\" data-font=\"Symbol\" data-listid=\"3\" data-list-defn-props='{\"335552541\":1,\"335559684\":-2,\"335559685\":720,\"335559991\":360,\"469769226\":\"Symbol\",\"469769242\":[8226],\"469777803\":\"left\",\"469777804\":\"\",\"469777815\":\"hybridMultilevel\"}' aria-setsize=\"-1\" data-aria-posinset=\"1\" data-aria-level=\"1\"\u003e\n\u003cspan data-contrast=\"auto\"\u003eMaximizing security effectiveness by \"building in\" security\u003c\/span\u003e\u003cspan data-ccp-props='{\"134233117\":true,\"134233118\":true,\"201341983\":0,\"335559739\":160,\"335559740\":240}'\u003e \u003c\/span\u003e\n\u003c\/li\u003e\n\u003cli data-leveltext=\"\" data-font=\"Symbol\" data-listid=\"3\" data-list-defn-props='{\"335552541\":1,\"335559684\":-2,\"335559685\":720,\"335559991\":360,\"469769226\":\"Symbol\",\"469769242\":[8226],\"469777803\":\"left\",\"469777804\":\"\",\"469777815\":\"hybridMultilevel\"}' aria-setsize=\"-1\" data-aria-posinset=\"2\" data-aria-level=\"1\"\u003e\n\u003cspan data-contrast=\"auto\"\u003eReducing residual risk in legacy systems via \"bolt-on\" security elements\u003c\/span\u003e\u003cspan data-ccp-props='{\"134233117\":true,\"134233118\":true,\"201341983\":0,\"335559739\":160,\"335559740\":240}'\u003e \u003c\/span\u003e\n\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cspan data-contrast=\"auto\"\u003eApplying NIST\/ISO controls\u003c\/span\u003e\u003cspan data-ccp-props='{\"134233117\":true,\"134233118\":true,\"201341983\":0,\"335559739\":160,\"335559740\":240}'\u003e \u003c\/span\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cspan data-contrast=\"auto\"\u003eEnhancing system robustness through the selection of evaluated and validated components\u003c\/span\u003e\u003cspan data-ccp-props='{\"134233117\":true,\"134233118\":true,\"201341983\":0,\"335559739\":160,\"335559740\":240}'\u003e \u003c\/span\u003e\n\u003c\/li\u003e\n\u003cli\u003e\n\u003cspan data-contrast=\"auto\"\u003eCoordinating implementation approaches to administrative, operational, and technical controls\u003c\/span\u003e\u003cspan data-ccp-props='{\"134233117\":true,\"134233118\":true,\"201341983\":0,\"335559739\":160,\"335559740\":240}'\u003e \u003c\/span\u003e\n\u003c\/li\u003e\n\u003cli\u003e\n\u003cspan data-contrast=\"auto\"\u003eProviding evidence of compliance through supporting artifacts\u003c\/span\u003e\u003cspan data-ccp-props='{\"134233117\":true,\"134233118\":true,\"201341983\":0,\"335559739\":160,\"335559740\":240}'\u003e \u003c\/span\u003e\n\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 5: Assessing Compliance Scope and Depth\u003c\/h4\u003e\n\u003cp\u003eDeveloping an assessment plan \u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003ePrioritizing depth of control assessment \u003c\/li\u003e\n\u003cli\u003eOptimizing validation through sequencing and consolidation \u003c\/li\u003e\n\u003cli\u003eVerifying compliance through tests, interviews, and examinations \u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003eFormulating an authorization recommendation \u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eEvaluating overall system security risk \u003c\/li\u003e\n\u003cli\u003eMitigating residual risks \u003c\/li\u003e\n\u003cli\u003ePublishing the POA\u0026amp;M (Plan of Action and Milestones), the risk assessment, and recommendation \u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 6: Authorizing System Operation\u003c\/h4\u003e\n\u003cp\u003eAligning authority and responsibility \u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eQuantifying organizational risk tolerance \u003c\/li\u003e\n\u003cli\u003eElevating authorization decisions in high-risk scenarios \u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003eForming a risk-based decision \u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eAppraising system operational impact \u003c\/li\u003e\n\u003cli\u003eWeighing residual risk against operational utility \u003c\/li\u003e\n\u003cli\u003eIssuing ATO (Authority to Operate) \u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 7: Maintaining Continued Compliance\u003c\/h4\u003e\n\u003cp\u003eJustifying continuous reauthorization \u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eMeasuring the impact of changes on system security posture \u003c\/li\u003e\n\u003cli\u003eExecuting effective configuration management \u003c\/li\u003e\n\u003cli\u003ePerforming periodic control reassessment \u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003ePreserving an acceptable security posture \u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eDelivering initial and routine follow-up security awareness training \u003c\/li\u003e\n\u003cli\u003eCollecting ongoing security metrics \u003c\/li\u003e\n\u003cli\u003eImplementing vulnerability management, incident response, and business continuity processes\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e","brand":"Learning Tree","offers":[{"title":"268A62US \/ 2026-08-04T09:00:00 \/ New York","offer_id":47534180761819,"sku":"US-2013-IL","price":2512.0,"currency_code":"USD","in_stock":true},{"title":"269C50US \/ 2026-09-22T09:00:00 \/ Herndon, VA","offer_id":48216568135899,"sku":"US-2013-IL","price":2512.0,"currency_code":"USD","in_stock":true},{"title":"26BB75US \/ 2026-11-03T09:00:00 \/ New York","offer_id":48216568168667,"sku":"US-2013-IL","price":2512.0,"currency_code":"USD","in_stock":true},{"title":"26CB25US \/ 2026-12-15T09:00:00 \/ Herndon, VA","offer_id":48216568201435,"sku":"US-2013-IL","price":2512.0,"currency_code":"USD","in_stock":true},{"title":"272B10US \/ 2027-02-02T09:00:00 \/ New York","offer_id":48216568234203,"sku":"US-2013-IL","price":2512.0,"currency_code":"USD","in_stock":true},{"title":"273B40US \/ 2027-03-22T09:00:00 \/ Herndon, VA","offer_id":48498606670043,"sku":"US-2013-IL","price":2512.0,"currency_code":"USD","in_stock":true},{"title":"275B59US \/ 2027-05-04T09:00:00 \/ New York","offer_id":48738858959067,"sku":"US-2013-IL","price":2512.0,"currency_code":"USD","in_stock":true}]},{"product_id":"penetration-testing-training-tools-and-techniques","title":"Penetration Testing Training: Tools and Techniques","description":"\u003cdiv\u003e\n\u003cp\u003eIn this Penetration Testing course, you'll delve into understanding how hackers breach operating systems and circumvent antivirus measures. By adopting hackers' strategies and approaches, you'll uncover vulnerabilities within your network. This hands-on experience equips you with the ability to test and exploit your defenses, enabling the implementation of effective countermeasures to mitigate risks within your enterprise.\u003c\/p\u003e\r\n\u003cul\u003e\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch3\u003ePenetration Testing Training: Tools and Techniques Benefits\u003c\/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eIn this Penetration Testing course, you will learn how to:\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eDeploy ethical hacking to expose weaknesses in your organization.\u003c\/li\u003e\n\u003cli\u003eGather intelligence by employing reconnaissance, published data, and scanning tools.\u003c\/li\u003e\n\u003cli\u003eTest and improve your security by compromising your network using hacking tools.\u003c\/li\u003e\n\u003cli\u003eProtect against unauthorized access by identifying key weakness proactively.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003ePrerequisites\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003eBefore taking this course, you should have knowledge of TCP\/IP concepts and experience with security issues at the level of:\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eLearning Tree course 468, Introduction to Cybersecurity, or\u003c\/li\u003e\n\u003cli\u003eLearning Tree course 446, CompTIA Security+® Training.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\u003ch3\u003ePenetration Testing Course Outline\u003c\/h3\u003e\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 1: Introduction to Ethical Hacking\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003eChoosing a penetration testing framework\u003c\/li\u003e\n\u003cli\u003eCreating a security testing plan\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 2: Footprinting and Intelligence Gathering\u003c\/h4\u003e\n\u003cp\u003e\u003cstrong\u003eAcquiring target information\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eLocating useful and relevant information\u003c\/li\u003e\n\u003cli\u003eScavenging published data\u003c\/li\u003e\n\u003cli\u003eMining archive sites\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eScanning and enumerating resources\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eIdentifying authentication methods\u003c\/li\u003e\n\u003cli\u003eHarvesting email information\u003c\/li\u003e\n\u003cli\u003eInterrogating network services\u003c\/li\u003e\n\u003cli\u003eScanning from the inside out with HTML and egress busting\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 3: Identifying Vulnerabilities\u003c\/h4\u003e\n\u003cp\u003e\u003cstrong\u003eCorrelating weaknesses and exploits\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eResearching databases\u003c\/li\u003e\n\u003cli\u003eDetermining target configuration\u003c\/li\u003e\n\u003cli\u003eEvaluating vulnerability assessment tools\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eLeveraging opportunities for attack\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eCrafting malware and undetectable exploits\u003c\/li\u003e\n\u003cli\u003eAttacking with Metasploit\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 4: Attacking Servers and Devices to Build Better Defenses\u003c\/h4\u003e\n\u003cp\u003e\u003cstrong\u003eBypassing router Access Control Lists (ACLs)\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eDiscovering filtered ports\u003c\/li\u003e\n\u003cli\u003eManipulating ports to gain access\u003c\/li\u003e\n\u003cli\u003eConnecting to blocked services\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eCompromising firewalls\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eBypassing URL filtering\u003c\/li\u003e\n\u003cli\u003ePerforming Man-in-the-Middle attacks\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eSubverting web applications\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eInjecting SQL and HTML code\u003c\/li\u003e\n\u003cli\u003eHijacking web sessions by prediction and Cross-Site Scripting (XSS)\u003c\/li\u003e\n\u003cli\u003eBypassing authentication mechanisms\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 5: Manipulating Clients to Uncover Internal Threats\u003c\/h4\u003e\n\u003cp\u003e\u003cstrong\u003eBaiting and snaring inside users\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eExecuting client-side attacks\u003c\/li\u003e\n\u003cli\u003eGaining control of browsers\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eManipulating internal clients\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eHarvesting client information\u003c\/li\u003e\n\u003cli\u003eEnumerating internal data\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDeploying the social engineering toolkit\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eCloning a legitimate site\u003c\/li\u003e\n\u003cli\u003eDiverting clients by poisoning DNS\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 6: Exploiting Targets to Increase Security\u003c\/h4\u003e\n\u003cp\u003e\u003cstrong\u003eInitiating remote shells\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eSelecting reverse or bind shells\u003c\/li\u003e\n\u003cli\u003eLeveraging the Metasploit Meterpreter\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003ePivoting and island hopping\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003ePerforming lateral movement\u003c\/li\u003e\n\u003cli\u003eRouting through compromised clients\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003ePilfering target information\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eStealing password hashes\u003c\/li\u003e\n\u003cli\u003eExtracting infrastructure routing, DNS and NetBIOS data\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eUploading and executing payloads\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eControlling memory processes\u003c\/li\u003e\n\u003cli\u003eBypassing User Account Controls\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 7: Testing Antivirus and IDS Security\u003c\/h4\u003e\n\u003cp\u003e\u003cstrong\u003eMasquerading network traffic\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eObfuscating vectors and payloads\u003c\/li\u003e\n\u003cli\u003eSidestepping perimeter defenses\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eEvading antivirus systems\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eDiscovering stealth techniques to inject malware\u003c\/li\u003e\n\u003cli\u003eUncovering the gaps in antivirus protection\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 8: Mitigating Risks and Next Steps\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003eReporting results and creating an action plan\u003c\/li\u003e\n\u003cli\u003eManaging patches and configuration\u003c\/li\u003e\n\u003cli\u003eRecommending cyber security countermeasures\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e","brand":"Learning Tree","offers":[{"title":"267C23US \/ 2026-07-21T09:00:00 \/ Herndon, VA","offer_id":47534213497051,"sku":"US-537-IL","price":2512.0,"currency_code":"USD","in_stock":true},{"title":"26AB08US \/ 2026-10-20T09:00:00 \/ Herndon, VA","offer_id":48216587927771,"sku":"US-537-IL","price":2512.0,"currency_code":"USD","in_stock":true},{"title":"271B15US \/ 2027-01-19T09:00:00 \/ Herndon, VA","offer_id":48216587960539,"sku":"US-537-IL","price":2512.0,"currency_code":"USD","in_stock":true},{"title":"274A85US \/ 2027-04-20T09:00:00 \/ Herndon, VA","offer_id":48619716411611,"sku":"US-537-IL","price":2512.0,"currency_code":"USD","in_stock":true}]},{"product_id":"fundamentals-of-a-zero-trust-architecture-training","title":"Fundamentals of a Zero Trust Architecture Training","description":"\u003cdiv\u003e\u003cp\u003eZero trust architecture is a new security paradigm focused on eliminating implicit trust in IT environments. This \u003cstrong\u003eZero Trust Architecture training\u003c\/strong\u003e course provides a comprehensive introduction to zero trust concepts, principles, and deployment models. By the end of the course, participants will have the knowledge to assess zero trust readiness, create adoption roadmaps, and design pilot programs aligned with business risk priorities.\u003c\/p\u003e\u003c\/div\u003e\u003cdiv\u003e\n\u003ch3\u003eFundamentals of a Zero Trust Architecture Training Benefits\u003c\/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cb\u003eCourse Benefits:\u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eUnderstand the limitations of traditional network security and the rationale for zero trust\u003c\/li\u003e\n\u003cli\u003eLearn the core concepts and guiding tenets of zero trust architecture\u003c\/li\u003e\n\u003cli\u003eExplore zero trust reference models like NIST 800-207\u003c\/li\u003e\n\u003cli\u003eDiscuss key technologies like micro-segmentation, software-defined perimeters, multi-factor authentication, and continuous authorization\u003c\/li\u003e\n\u003cli\u003eExamine zero trust use cases for applications, data, infrastructure, and people\u003c\/li\u003e\n\u003cli\u003eLearn deployment, adoption, and maintenance best practices for zero trust\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cb\u003eTraining Prerequisites\u003c\/b\u003e\u003c\/p\u003e\n\u003cp\u003eA basic understanding of enterprise security concepts, network infrastructure, authentication, and access controls is recommended.\u003c\/p\u003e\n\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\u003ch3\u003eZero Trust Architecture Training Outline\u003c\/h3\u003e\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eChapter 1:\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003eFundamentals of a Zero Trust Architecture\u003c\/li\u003e\n\u003cli\u003eZero Trust Definition\u003c\/li\u003e\n\u003cli\u003eWhy Is Zero Trust Needed?\u003c\/li\u003e\n\u003cli\u003eZero Trust Protections Include...\u003c\/li\u003e\n\u003cli\u003eZero Trust Architecture Design Principles\u003c\/li\u003e\n\u003cli\u003eDiscover Users, Devices, Data, and Applications\u003c\/li\u003e\n\u003cli\u003eCloud Asset API\u003c\/li\u003e\n\u003cli\u003eIdentities for Users, Services, and Devices\u003c\/li\u003e\n\u003cli\u003eSample AWS IAM Dashboard\u003c\/li\u003e\n\u003cli\u003eIAM Access Management User, Groups, and Roles\u003c\/li\u003e\n\u003cli\u003eIdentity Life Cycle\u003c\/li\u003e\n\u003cli\u003eIdentity and Access Management (IAM)\u003c\/li\u003e\n\u003cli\u003eMulti-Factor Authentication\u003c\/li\u003e\n\u003cli\u003eUser and Service Accounts\u003c\/li\u003e\n\u003cli\u003eService Accounts\u003c\/li\u003e\n\u003cli\u003eGoogle GCP Roles and Permissions Demo\u003c\/li\u003e\n\u003cli\u003eDevice Identity\u003c\/li\u003e\n\u003cli\u003eWindows Device Security\u003c\/li\u003e\n\u003cli\u003eSecurity Processor\u003c\/li\u003e\n\u003cli\u003eVerified Access\u003c\/li\u003e\n\u003cli\u003eDoD Zero Trust Strategy\u003c\/li\u003e\n\u003cli\u003eDoD Zero Trust Capabilities Execution Enablers\u003c\/li\u003e\n\u003cli\u003eCISA Zero Trust Maturity Model (ZTMM)\u003c\/li\u003e\n\u003cli\u003eZero Trust Maturity Journey\u003c\/li\u003e\n\u003cli\u003eZero Trust Maturity Evolution\u003cb\u003e\u003c\/b\u003e\n\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eChapter 2: Use of Policies to Authenticate and Authorize Users, Devices, Applications, and Services\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003eIAM Policies\u003c\/li\u003e\n\u003cli\u003eGCP IAM Permissions\u003c\/li\u003e\n\u003cli\u003eAWS IAM Groups, Users, and Roles\u003c\/li\u003e\n\u003cli\u003eVerified Access\u003c\/li\u003e\n\u003cli\u003eShielded VMs\u003c\/li\u003e\n\u003cli\u003eMeasured Boot and Integrity Monitoring\u003c\/li\u003e\n\u003cli\u003eShielded VM Demo\u003c\/li\u003e\n\u003cli\u003eAWS UEFI Secure Boot\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eChapter 3: Continuously Monitor and Assess Health and Behaviors\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003eMonitoring Strategy\u003c\/li\u003e\n\u003cli\u003eBYOD and Guest Devices\u003c\/li\u003e\n\u003cli\u003eControlling BYOD and Guest Devices\u003c\/li\u003e\n\u003cli\u003eRogue Device Detection\u003c\/li\u003e\n\u003cli\u003eMonitoring Web Server Logs\u003c\/li\u003e\n\u003cli\u003eMonitoring Web Server Logs Patch Management\u003c\/li\u003e\n\u003cli\u003eNetwork Monitoring\u003c\/li\u003e\n\u003cli\u003eNetwork Monitoring SIEM Dashboard\u003c\/li\u003e\n\u003cli\u003eAmazon CloudWatch\u003c\/li\u003e\n\u003cli\u003eMonitoring User and Entity Behaviors to Identify Threats\u003c\/li\u003e\n\u003cli\u003eWays to Determine Device and Service Health—Windows\u003c\/li\u003e\n\u003cli\u003eWays to Determine Device and Service Health—Linux\u003c\/li\u003e\n\u003cli\u003eWays to Determine Service Health—Cloud Providers\u003c\/li\u003e\n\u003cli\u003eWays to Determine Service Health—Kubernetes\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e","brand":"Learning Tree","offers":[{"title":"268A20US \/ 2026-08-31T09:00:00 \/ Online","offer_id":47534222213339,"sku":"US-1218-IL","price":716.0,"currency_code":"USD","in_stock":true},{"title":"267C96US \/ 2026-07-13T09:00:00 \/ Online","offer_id":48216560173275,"sku":"US-1218-IL","price":716.0,"currency_code":"USD","in_stock":true},{"title":"26BA33US \/ 2026-11-09T09:00:00 \/ Online","offer_id":48216560206043,"sku":"US-1218-IL","price":716.0,"currency_code":"USD","in_stock":true},{"title":"271A30US \/ 2027-01-26T09:00:00 \/ Online","offer_id":48216560238811,"sku":"US-1218-IL","price":716.0,"currency_code":"USD","in_stock":true},{"title":"273A28US \/ 2027-03-30T09:00:00 \/ Online","offer_id":48523464966363,"sku":"US-1218-IL","price":716.0,"currency_code":"USD","in_stock":true},{"title":"276A28US \/ 2027-06-01T09:00:00 \/ Online","offer_id":48823752392923,"sku":"US-1218-IL","price":716.0,"currency_code":"USD","in_stock":true}]},{"product_id":"ai-cybersecurity-attack-and-defend","title":"AI and Cyber Security: Attack and Defend","description":"\u003cdiv\u003e\n\u003cp\u003eThis course explores the intersection of AI and cybersecurity, starting with a deep dive into AI architecture, including machine learning, deep neural networks, large language models (LLMs), Retrieval-Augmented Generation (RAG) and Agentic AI.\u003c\/p\u003e\r\n\u003cp\u003eParticipants will learn to securely train models, and manage risks using frameworks like the NIST AI RMF. The curriculum covers OWASP vulnerabilities in ML, LLMs, RAG and agentic AI, and focuses on adversarial AI attacks, and the weaponization of AI for social engineering and deepfakes. Finally, it demonstrates how to transform Security Operations (SecOps) with AI-powered detection and response and navigate the global regulatory landscape, including the EU AI Act.\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch3\u003eAI and Cyber Security: Attack and Defend Benefits\u003c\/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eIn this course, you will:\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eDiscover the AI security ecosystem and the core principles of ML\u003c\/li\u003e\n\u003cli\u003eIdentify attack points of foundation models, genAI, LLM, RAG, and Agentic AI\u003c\/li\u003e\n\u003cli\u003eSecurely train deep neural networks and ensure privacy with federated learning\u003c\/li\u003e\n\u003cli\u003eEstablish a foundation in security risk management and categorize threats to ML models\u003c\/li\u003e\n\u003cli\u003eApply the NIST AI RMF to govern risks throughout the AI lifecycle\u003c\/li\u003e\n\u003cli\u003eImplement defense-in-depth to mitigate vulnerabilities in ML, GenAI, and Agentic systems\u003c\/li\u003e\n\u003cli\u003eUtilize AI hacking techniques for red team proactive defense\u003c\/li\u003e\n\u003cli\u003eLeverage AI-powered SecOps, using SIEM, and SOAR to enhance threat hunting and automate response\u003c\/li\u003e\n\u003cli\u003eComply with AI regulations, including the EU AI Act and US Executive Orders\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\n\u003cli\u003e\n\u003cdiv\u003e\n\u003cp paraeid=\"{b3c84709-5dae-4dc0-b97d-e0e815dde4cd}{188}\" paraid=\"690594779\"\u003e\u003cstrong\u003e\u003cspan xml:lang=\"EN-US\" data-contrast=\"auto\"\u003e\u003cspan data-ccp-parastyle=\"No Spacing\"\u003eTraining Prerequisites\u003c\/span\u003e\u003c\/span\u003e\u003c\/strong\u003e\u003c\/p\u003e\n\u003c\/div\u003e\n\u003cdiv\u003e\n\u003cp paraeid=\"{b3c84709-5dae-4dc0-b97d-e0e815dde4cd}{194}\" paraid=\"707607176\"\u003e\u003cspan xml:lang=\"EN-US\" data-contrast=\"auto\"\u003e\u003cspan data-ccp-parastyle=\"No Spacing\"\u003eAttendees should have foundational knowledge in networking and cybersecurity.\u003c\/span\u003e\u003c\/span\u003e\u003c\/p\u003e\n\u003c\/div\u003e\n\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\u003ch3\u003eAI Cybersecurity Training Outline\u003c\/h3\u003e\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eLearning Objectives\u003c\/h4\u003e\n\u003cp\u003eChapter 1: Architecture and Operation of AI\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eEvolution of AI technology from ML and Deep Neural Networks to Agentic AI\u003c\/li\u003e\n\u003cli\u003eGenAI system architecture and attack points\u003c\/li\u003e\n\u003cli\u003eTraining models with MLOps pipeline, and securing and partitioning datasets\u003c\/li\u003e\n\u003cli\u003eTransfer learning of Foundation Models and fine-tuning\u003c\/li\u003e\n\u003cli\u003eNLP mechanics comprising word embeddings, self-attention, and LLM context window\u003c\/li\u003e\n\u003cli\u003eConnecting to knowledge bases with RAG and context window overflow\u003c\/li\u003e\n\u003cli\u003eAI agents functions (Perception, Planning, Action, Learning), and enrichment “Loop of death”\u003c\/li\u003e\n\u003cli\u003eDiscriminative vs Generative AI models and multimodal prompting\u003c\/li\u003e\n\u003cli\u003eDo Nows: Tinker With a Neural Network using TensorFlow Playground, Exploring CNN, Examine Federated Learning, Google Natural Language API Analysis, Building AI Agents with Vertex AI, Google AI Studio\u003c\/li\u003e\n\u003cli\u003eDemo: Creating a Co-Occurrence Matrix\u003c\/li\u003e\n\u003cli\u003eLAB: Utilizing a Small Language Model\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003eChapter 2: Risk in Adopting AI Solutions\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eMitigating risk with CIANA+PS pillars and Risk Register\u003c\/li\u003e\n\u003cli\u003eTracking AI vulnerabilities using CVE and CWE dictionaries\u003c\/li\u003e\n\u003cli\u003eZero Trust Frameworks applied to AI “Quad of IAM”\u003c\/li\u003e\n\u003cli\u003eEthics and Autonomy with human in the loop, and risks with PII, Intellectual Property and Bias\u003c\/li\u003e\n\u003cli\u003eAI Threat Mind Map categorizing threats to\/from models, including human risks\u003c\/li\u003e\n\u003cli\u003eNIST AI RMF core functions(Govern, Map, Measure, and Manage), risks and TEVV processes\u003c\/li\u003e\n\u003cli\u003eMitigate Risk With Trustworthy AI and Privacy-Enhanced AI\u003c\/li\u003e\n\u003cli\u003eAssessing maturity with the AI CMM\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cul\u003e\n\u003cli\u003eAI Risk Assessment Process with RMF Generative AI Profile\u003c\/li\u003e\n\u003cli\u003eMitigating GenAI Risks with grounding, risk signals and DLP safeguards\u003c\/li\u003e\n\u003cli\u003eOWASP Top 10 ML, LLM and Agentic AI Security Risks\u003c\/li\u003e\n\u003cli\u003eDo Nows: Known AI Vulnerabilities, Harm to Organizations, NIST AI RMF Playbook, OWASP AI Privacy, Trolley Problem Ethical Dilemma, Risks of “Free Services”, DoD RAI Risk Assessment, Detection with DLP and GenAI, Attacking the OWASP Top Ten ML, LLM and Agentic AI\u003c\/li\u003e\n\u003cli\u003eLAB: Conducting an AI Risk Assessment\u003c\/li\u003e\n\u003cli\u003eLAB: Deidentify GenAI Responses\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cul type=\"disc\"\u003e\u003c\/ul\u003e\n\u003cp\u003eChapter 3: Securing AI Vulnerabilities\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eIntegrate security into all phases of AI SDLC Lifecycle\u003c\/li\u003e\n\u003cli\u003eAdversarial attacks including, GenAI classification, NLP, Dataset poisoning, backdoor Trojan, “Man in the Prompt”\u003c\/li\u003e\n\u003cli\u003eSecure AI with AI-BOM, sanitization, and security controls\u003c\/li\u003e\n\u003cli\u003eSecure RAG against, indirect prompt injection, data poisoning, embedding inversion, pirate attack\u003c\/li\u003e\n\u003cli\u003eAgentic AI kill chain and threat model\u003c\/li\u003e\n\u003cli\u003eExtending the SAIF Risk Map for AI Agents\u003c\/li\u003e\n\u003cli\u003eHacking Agentic AI through rebus, excessive agency, goal hijacking and tool misuse\u003c\/li\u003e\n\u003cli\u003ePrompt Hacking with injection, jailbreaking and system prompt leaking\u003c\/li\u003e\n\u003cli\u003eDefensive Guardrails including the Google SAIF, AI Agent Firewalls and Model Armor\u003c\/li\u003e\n\u003cli\u003eOWASP AI Threat Model\u003c\/li\u003e\n\u003cli\u003eAI red teaming for proactive defense and interactive testing\u003c\/li\u003e\n\u003cli\u003eSecuring Gen AI with Logging and Monitoring, and Agentic AI with Evaluation Services and AgentOps\u003c\/li\u003e\n\u003cli\u003eDo Nows: Coercing Misclassification of an ML Model, OWASP Agentic AI Threats and Mitigations, OWASP Agentic AI Top 10: Threats in the Wild, System Prompt Security, Prompt Engineering for Generative AI, SAIF Risk Self Assessment, OWASP AI Security Matrix, OWASP Threat Modeling of an LLM Application, DEFCON GenAI Attack Strategies, OWASP GenAI Red Teaming Strategy, RAI Toolkit, Investigating Adversarial Attacks with ART\u003c\/li\u003e\n\u003cli\u003eLAB: Penetration Testing an AI System\u003c\/li\u003e\n\u003cli\u003eLAB: Safeguarding With Gemini AI\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003eChapter 4: AI Powered Hacking\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eTraditional hacking phases enhanced by AI smart automation, reinforcement learning to evade detection and Out-of-the-Box AI Thinking\u003c\/li\u003e\n\u003cli\u003eAutonomous hacking in the DARPA DEFCON Cyber Grand Challenge\u003c\/li\u003e\n\u003cli\u003eBelievable AI-Infused Social Engineering and GenAI fraud\u003c\/li\u003e\n\u003cli\u003eDeepfake technology fabricates target’s video and audio\u003c\/li\u003e\n\u003cli\u003eAI infused tools including Nmap, Metasploit, and Wireshark enhancements\u003c\/li\u003e\n\u003cli\u003eSide channel attacks like AI acoustic keyboard monitoring\u003c\/li\u003e\n\u003cli\u003eThe Long Con using AI to build trust and erode resilience over time\u003c\/li\u003e\n\u003cli\u003eDoNows: Bing Chat as a Social Engineer, Famous Deepfakes, Creating Deepfakes\u003c\/li\u003e\n\u003cli\u003eLAB: Enhance Hacking With GenAI\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003eChapter 5: Defending Security Operations With AI\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eModern SecOps using Autonomic Security Operations and CD\/CR pipelines\u003c\/li\u003e\n\u003cli\u003eBenefits of AI in Cybersecurity and AI Powering SecOps Functions\u003c\/li\u003e\n\u003cli\u003eAI Powered detection for intrusions and malware\u003c\/li\u003e\n\u003cli\u003eAI-Powered IGA, IAM, Security Analytics and Incident Response\u003c\/li\u003e\n\u003cli\u003eGenAI in SIEM, SOAR, TIM using intelligent data ingestion, automated playbooks and NLP\u003c\/li\u003e\n\u003cli\u003eThe MITRE ATLAS matrix for understanding AI adversarial tactics\u003c\/li\u003e\n\u003cli\u003eGoogle AI SecOps leveraging Gemini, SecLM and Mandiant for threat intelligence\u003c\/li\u003e\n\u003cli\u003eGoogle Agentic SOC Defense\u003c\/li\u003e\n\u003cli\u003eMicrosoft Security Copilot and GitHub Copilot for malware reverse engineering and policy summarization\u003c\/li\u003e\n\u003cli\u003eDoNows: Threat Intelligence Platform AV-ATLAS, MITRE ATLAS Navigator\u003c\/li\u003e\n\u003cli\u003eLAB: Analyze a Codebase With Gemini\u003c\/li\u003e\n\u003cli\u003eLAB: SecOps Threat Hunting With AI\u003c\/li\u003e\n\u003cli\u003eLAB: Anatomy of an AI Model Attack\u003c\/li\u003e\n\u003cli\u003eLAB: Secure Coding With AI\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003eChapter 6: Regulating AI Governance\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eGlobal regulations such as UN Ethics of AI and accountability standards\u003c\/li\u003e\n\u003cli\u003eThe EU AI Act risk based framework\u003c\/li\u003e\n\u003cli\u003eUS Executive AI Order\u003c\/li\u003e\n\u003cli\u003ePillars of Trustworthy AI comprising responsible, reliable, and resilient systems\u003c\/li\u003e\n\u003cli\u003eGoogle’s Responsible AI and the \"Agentic\" Shift\u003c\/li\u003e\n\u003cli\u003eEU AIGA Hourglass Model Governance framework\u003c\/li\u003e\n\u003cli\u003eThe OECD AI system lifecycle stages\u003c\/li\u003e\n\u003cli\u003eModel AI Governance Framework (MGF) for Agentic AI\u003c\/li\u003e\n\u003cli\u003eFour dimensions of Agentic AI\u003c\/li\u003e\n\u003cli\u003eDoNow: AIGA AI Governance Lifecycle\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e","brand":"Learning Tree","offers":[{"title":"267C01US \/ 2026-07-22T09:00:00 \/ Online","offer_id":47534203404507,"sku":"US-1216-IL","price":2228.0,"currency_code":"USD","in_stock":true},{"title":"268A04CN \/ 2026-08-26T09:00:00 \/ Ottawa","offer_id":47534203437275,"sku":"US-1216-IL","price":2228.0,"currency_code":"USD","in_stock":true},{"title":"268B62US \/ 2026-08-05T09:00:00 \/ Austin","offer_id":47534203470043,"sku":"US-1216-IL","price":2228.0,"currency_code":"USD","in_stock":true},{"title":"269B27US \/ 2026-09-09T09:00:00 \/ New York","offer_id":47572772847835,"sku":"US-1216-IL","price":2228.0,"currency_code":"USD","in_stock":true},{"title":"266A64CN \/ 2026-06-16T09:00:00 \/ Online","offer_id":48216538448091,"sku":"US-1216-IL","price":2228.0,"currency_code":"USD","in_stock":true},{"title":"26AA38US \/ 2026-10-21T09:00:00 \/ San Francisco","offer_id":48216538480859,"sku":"US-1216-IL","price":2228.0,"currency_code":"USD","in_stock":true},{"title":"26BA05CN \/ 2026-11-04T09:00:00 \/ Toronto","offer_id":48216538513627,"sku":"US-1216-IL","price":2228.0,"currency_code":"USD","in_stock":true},{"title":"26BA32US \/ 2026-11-23T09:00:00 \/ Aurora, CO","offer_id":48216538546395,"sku":"US-1216-IL","price":2228.0,"currency_code":"USD","in_stock":true},{"title":"26CA33US \/ 2026-12-09T09:00:00 \/ Herndon, VA","offer_id":48216538579163,"sku":"US-1216-IL","price":2228.0,"currency_code":"USD","in_stock":true},{"title":"26CA34US \/ 2026-12-16T09:00:00 \/ Austin","offer_id":48216538611931,"sku":"US-1216-IL","price":2228.0,"currency_code":"USD","in_stock":true},{"title":"271A04CN \/ 2027-01-20T09:00:00 \/ Ottawa","offer_id":48216538644699,"sku":"US-1216-IL","price":2228.0,"currency_code":"USD","in_stock":true},{"title":"272A21US \/ 2027-02-03T09:00:00 \/ New York","offer_id":48216538677467,"sku":"US-1216-IL","price":2228.0,"currency_code":"USD","in_stock":true},{"title":"274A04CN \/ 2027-04-14T09:00:00 \/ Toronto","offer_id":48591359770843,"sku":"US-1216-IL","price":2228.0,"currency_code":"USD","in_stock":true},{"title":"275A25US \/ 2027-05-05T09:00:00 \/ Bellevue, WA","offer_id":48741617402075,"sku":"US-1216-IL","price":2228.0,"currency_code":"USD","in_stock":true},{"title":"275A26US \/ 2027-05-19T09:00:00 \/ Herndon, VA","offer_id":48783423373531,"sku":"US-1216-IL","price":2228.0,"currency_code":"USD","in_stock":true},{"title":"276A26US \/ 2027-06-02T09:00:00 \/ Austin","offer_id":48825878610139,"sku":"US-1216-IL","price":2228.0,"currency_code":"USD","in_stock":true},{"title":"269D10US \/ 2026-09-16T09:00:00 \/ Online","offer_id":48837147459803,"sku":"US-1216-IL","price":2228.0,"currency_code":"USD","in_stock":true},{"title":"269D11US \/ 2026-09-23T09:00:00 \/ Online","offer_id":48837147492571,"sku":"US-1216-IL","price":2228.0,"currency_code":"USD","in_stock":true}]},{"product_id":"defend-against-cyberthreats-with-microsoft-defender-xdr-sc-5004","title":"Defend against cyberthreats with Microsoft Defender XDR (SC-5004)","description":"\u003cdiv\u003e\u003cp\u003eThis hands-on course teaches Security Operations Analysts how to implement Microsoft Defender XDR to detect, investigate, and mitigate cyberthreats. Learn how to deploy Microsoft Defender for Endpoint, configure security settings, manage incidents, automate responses, and use Advanced Hunting with Kusto Query Language (KQL) to identify and respond to threats in real time. Gain practical experience in securing endpoints, managing alerts, and improving your organization’s security posture.\u003c\/p\u003e\u003c\/div\u003e\u003cdiv\u003e\n\u003ch3\u003eDefend against cyberthreats with Microsoft Defender XDR (SC-5004) Benefits\u003c\/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eIn this course, you will:\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eGain expertise in Microsoft Defender XDR for threat detection and response.\u003c\/li\u003e\n\u003cli\u003eLearn to deploy and manage Microsoft Defender for Endpoint environments.\u003c\/li\u003e\n\u003cli\u003eConfigure security alerts, automated investigations, and response policies.\u003c\/li\u003e\n\u003cli\u003eUtilize Advanced Hunting with KQL to detect unique threats.\u003c\/li\u003e\n\u003cli\u003eInvestigate incidents, alerts, and forensic data using Microsoft Defender tools.\u003c\/li\u003e\n\u003cli\u003eEnhance security automation and policy enforcement across devices.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003ePrerequisites\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eExperience using the Microsoft Defender portal\u003c\/li\u003e\n\u003cli\u003eBasic understanding of Microsoft Defender for Endpoint\u003c\/li\u003e\n\u003cli\u003eBasic understanding of Microsoft Sentinel\u003c\/li\u003e\n\u003cli\u003eExperience using Kusto Query Language (KQL) in Microsoft Sentinel\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\u003ch3\u003eDefend Against Cyberthreats Course Training Outline\u003c\/h3\u003e\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eLearning Objectives\u003c\/h4\u003e\n\u003cp\u003e\u003cstrong\u003eModule 1: Mitigate Incidents Using Microsoft Defender\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eNavigating the Microsoft Defender portal and managing incidents.\u003c\/li\u003e\n\u003cli\u003eInvestigating alerts, sign-in logs, and security reports.\u003c\/li\u003e\n\u003cli\u003eUtilizing Microsoft Secure Score and Threat Analytics.\u003c\/li\u003e\n\u003cli\u003ePerforming Advanced Hunting to detect threats.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eModule 2: Deploy the Microsoft Defender for Endpoint Environment\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eSetting up Microsoft Defender for Endpoint.\u003c\/li\u003e\n\u003cli\u003eOnboarding and managing devices across operating systems.\u003c\/li\u003e\n\u003cli\u003eConfiguring role-based access control (RBAC) and device groups.\u003c\/li\u003e\n\u003cli\u003eEnabling advanced security features for endpoint protection.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eModule 3: Configure Alerts and Detections in Microsoft Defender for Endpoint\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eManaging alert notifications and suppression settings.\u003c\/li\u003e\n\u003cli\u003eConfiguring threat indicators and detection rules.\u003c\/li\u003e\n\u003cli\u003eCustomizing security policies for threat mitigation.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eModule 4: Configure and Manage Automation Using Microsoft Defender for Endpoint\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eAutomating incident response and remediation.\u003c\/li\u003e\n\u003cli\u003eManaging upload settings and folder security.\u003c\/li\u003e\n\u003cli\u003eBlocking at-risk devices to prevent breaches.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eModule 5: Perform Device Investigations in Microsoft Defender for Endpoint\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eUsing device inventory to track and investigate endpoint activity.\u003c\/li\u003e\n\u003cli\u003eLeveraging behavioral blocking and device discovery tools.\u003c\/li\u003e\n\u003cli\u003eConducting forensic analysis on compromised devices.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eModule 6: Hands-On Lab – Defend Against Cyberthreats with Microsoft Defender XDR\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eConfiguring the Microsoft Defender XDR environment.\u003c\/li\u003e\n\u003cli\u003eDeploying and integrating Microsoft Defender for Endpoint.\u003c\/li\u003e\n\u003cli\u003eMitigating attacks and responding to real-world cybersecurity threats.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e","brand":"Microsoft","offers":[{"title":"266B13US \/ 2026-06-29T09:00:00 \/ Online","offer_id":47534213890267,"sku":"US-8741-IL","price":716.0,"currency_code":"USD","in_stock":true},{"title":"269A94US \/ 2026-09-28T09:00:00 \/ Online","offer_id":47634347524315,"sku":"US-8741-IL","price":716.0,"currency_code":"USD","in_stock":true},{"title":"271C49US \/ 2027-01-08T09:00:00 \/ Online","offer_id":48216579178715,"sku":"US-8741-IL","price":716.0,"currency_code":"USD","in_stock":true},{"title":"273B92US \/ 2027-03-30T09:00:00 \/ Online","offer_id":48523465130203,"sku":"US-8741-IL","price":716.0,"currency_code":"USD","in_stock":true}]},{"product_id":"certified-cybersecurity-operations-analyst-ccoa-certification-exam-preparation","title":"Certified Cybersecurity Operations Analyst (CCOA) Training","description":"\u003cdiv\u003e\n\u003cp\u003eISACA’s Certified Cybersecurity Operations Analyst™ (CCOA™) certification focuses on the technical skills to evaluate threats, identify vulnerabilities, and recommend countermeasures to prevent cyber incidents. As emerging technologies like automated systems using AI evolve, the role of the cyber analyst will only become more critical in protecting digital ecosystems.\u003c\/p\u003e\r\n\u003cp\u003eAnalysts specialize in understanding the what, where and how behind cybersecurity incidents. By identifying patterns, anomalies and indicators of compromise, you become the eyes and ears of your organization’s defense.\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch3\u003eCertified Cybersecurity Operations Analyst (CCOA) Training Benefits\u003c\/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eIn this training, you will: \u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eIdentify the key components of computer and cloud networking.\u003c\/li\u003e\n\u003cli\u003eUnderstand cybersecurity governance and alignment with business drivers.\u003c\/li\u003e\n\u003cli\u003eUnderstand common adversarial tactics, techniques, and procedures (TTPs) and develop critical and creative thinking skills for threat detection and response.\u003c\/li\u003e\n\u003cli\u003eUnderstand the importance of cybersecurity-incident preparedness and recognize the significance of incident detection and response in mitigating their impact.\u003c\/li\u003e\n\u003cli\u003eUnderstand the importance of designing countermeasures to protect digital assets.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003ePrerequisites \u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003eCCOA certification is particularly beneficial for cybersecurity professionals with 2-3 years of experience who are looking to enhance their technical skill set and address cybersecurity challenges more effectively.\u003c\/p\u003e\n\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\u003ch3\u003eCertified Cybersecurity Operations Analyst Training Outline\u003c\/h3\u003e\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eLearning Objectives\u003c\/h4\u003e\n\u003cp\u003e\u003cb\u003eDomain 1: Technology Essentials \u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eIdentify the key components of both computer and cloud networking.\u003c\/li\u003e\n\u003cli\u003eUnderstand how databases, virtualization, and containerization are leveraged.\u003c\/li\u003e\n\u003cli\u003eBecome familiar with command line interfaces.\u003c\/li\u003e\n\u003cli\u003eIdentify the purpose, benefits, and use of APIs.\u003c\/li\u003e\n\u003cli\u003eUnderstand the principles and concepts of DevOps, SecDevOps, and the CI\/CD pipeline.\u003c\/li\u003e\n\u003cli\u003eFundamentally understand programming and scripting.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e \u003c\/p\u003e\n\u003cp\u003e\u003cb\u003eDomain 2: Cybersecurity Principles  \u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eUnderstand cybersecurity governance and alignment with business drivers.\u003c\/li\u003e\n\u003cli\u003eDefine cybersecurity strategy based on enterprise objectives.\u003c\/li\u003e\n\u003cli\u003eEstablish effective cross-organizational communication for cybersecurity.\u003c\/li\u003e\n\u003cli\u003eDefine roles and responsibilities for cybersecurity initiatives.\u003c\/li\u003e\n\u003cli\u003eDevelop metrics for evaluating cybersecurity program performance.\u003c\/li\u003e\n\u003cli\u003eInform stakeholders about investment needs for asset protection.\u003c\/li\u003e\n\u003cli\u003eImplement repeatable processes for cybersecurity risk management.\u003c\/li\u003e\n\u003cli\u003eRecognize internal and external compliance requirements.\u003c\/li\u003e\n\u003cli\u003eDocument risk associated with enterprise operations.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003e \u003c\/b\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cb\u003eDomain 3: Adversarial Tactics, Techniques, and Procedures \u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eUnderstand common adversarial tactics, techniques, and procedures (TTPs).\u003c\/li\u003e\n\u003cli\u003eDevelop critical and creative thinking skills for threat detection and response.\u003c\/li\u003e\n\u003cli\u003eDifferentiate between dashboard events and attacker mindset insights.\u003c\/li\u003e\n\u003cli\u003eTune baseline detections for malicious and anomalous behaviors.\u003c\/li\u003e\n\u003cli\u003eImplement time-optimized reactive detection capabilities.\u003c\/li\u003e\n\u003cli\u003eEngage in proactive threat-hunting activities.\u003c\/li\u003e\n\u003cli\u003eExplore the threat landscape, including attack vectors and threat actors.\u003c\/li\u003e\n\u003cli\u003eIdentify motivations behind cyberattacks.\u003c\/li\u003e\n\u003cli\u003eUtilize threat intelligence sources effectively.\u003c\/li\u003e\n\u003cli\u003eRecognize various attack types and cyberattack stages.\u003c\/li\u003e\n\u003cli\u003eAnalyze exploit techniques used by threat actors.\u003c\/li\u003e\n\u003cli\u003eUnderstand the significance of security testing in cybersecurity.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e \u003c\/p\u003e\n\u003cp\u003e\u003cb\u003eDomain 4: Incident Detection and Response \u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eUnderstand the inevitability of cybersecurity incidents and the importance of incident preparedness.\u003c\/li\u003e\n\u003cli\u003eRecognize the significance of incident detection and response in mitigating the impact of cybersecurity events.\u003c\/li\u003e\n\u003cli\u003eAppreciate the role of proactive planning, practice, and process refinement in effective incident response.\u003c\/li\u003e\n\u003cli\u003eIdentify the components and techniques involved in incident detection, from data analytics to security logs and alerts.\u003c\/li\u003e\n\u003cli\u003eLearn to develop detection use cases and recognize indicators of compromise for early threat identification.\u003c\/li\u003e\n\u003cli\u003eExplore the various security monitoring tools and technologies essential for effective incident detection.\u003c\/li\u003e\n\u003cli\u003eMaster the fundamentals of incident response, including containment strategies and handling procedures.\u003c\/li\u003e\n\u003cli\u003eGain proficiency in forensic analysis, malware analysis, network traffic analysis, packet analysis, and threat analysis for comprehensive incident response.\u003c\/li\u003e\n\u003cli\u003eExplore the various security monitoring tools and technologies essential for effective incident detection.\u003c\/li\u003e\n\u003cli\u003eMaster the fundamentals of incident response, including containment strategies and handling procedures.\u003c\/li\u003e\n\u003cli\u003eGain proficiency in forensic analysis, malware analysis, network traffic analysis, packet analysis, and threat analysis for comprehensive incident response.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e \u003c\/p\u003e\n\u003cp\u003e\u003cb\u003eDomain 5: Securing Assets \u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eUnderstand the importance of designing countermeasures to protect digital assets.\u003c\/li\u003e\n\u003cli\u003eRecognize the iterative nature of securing systems and their ecosystems.\u003c\/li\u003e\n\u003cli\u003eAppreciate the holistic approach to securing assets, considering technical aspects and organizational products, services, and critical business processes.\u003c\/li\u003e\n\u003cli\u003eDifferentiate between the security needs of various industries based on the unique values assigned to digital assets and risk tolerance levels.\u003c\/li\u003e\n\u003cli\u003eGain insight into how an organization’s business goals and risk assessments influence the selection of security controls.\u003c\/li\u003e\n\u003cli\u003eDevelop foundational knowledge of contingency planning to ensure business continuity during security incidents.\u003c\/li\u003e\n\u003cli\u003eExplore different control techniques applicable to securing digital assets.\u003c\/li\u003e\n\u003cli\u003eUnderstand the principles and practices of identity and access management to ensure proper authorization and authentication.\u003c\/li\u003e\n\u003cli\u003eBecome familiar with industry best practices, guidance, frameworks, and standards relevant to asset security.\u003c\/li\u003e\n\u003cli\u003eMaster the processes of vulnerability assessment, identification, remediation, and tracking to effectively manage vulnerabilities and mitigate risk.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e","brand":"Learning Tree","offers":[{"title":"268A94US \/ 2026-08-31T09:00:00 \/ Herndon, VA","offer_id":47534201569499,"sku":"US-2057-IL","price":3080.0,"currency_code":"USD","in_stock":true},{"title":"26BC57US \/ 2026-11-30T09:00:00 \/ Herndon, VA","offer_id":48216579539163,"sku":"US-2057-IL","price":3080.0,"currency_code":"USD","in_stock":true}]},{"product_id":"ai-powered-secops-with-siem-and-soar","title":"AI Powered SecOps with SIEM and SOAR","description":"\u003cdiv\u003e\n\u003cp\u003eThis course explores the intersection of AI and cybersecurity, starting with a foundational understanding of AI technologies such as machine learning, deep learning, and natural language processing, as well as their applications in various industries. The content delves into mitigating risks associated with AI adoption, including risk management and ethical considerations, and identifying vulnerabilities in AI systems.\u003c\/p\u003e\r\n\u003cp\u003eThe importance of integrating AI into security operations is covered through the use of AI for intrusion detection, threat intelligence, and automated incident response, as well as AI’s potential for transforming hacking techniques while highlighting AI-powered attacks and tools.  The Course also emphasizes the need for aligning AI with common security frameworks and regulatory compliance, as well as exploring future trends such as federated learning, AI-powered cyber deception, quantum computing for AI, explainable AI, and AI-driven security automation.\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch3\u003eAI Powered SecOps with SIEM and SOAR Benefits\u003c\/h3\u003e\n\u003cul\u003e\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003ePrerequisites\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003eAttendees should have foundational knowledge in networking and cybersecurity.\u003c\/p\u003e\n\u003c\/li\u003e\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\u003ch3\u003eAI Powered SecOps with SIEM \u0026amp; SOAR Course Outline\u003c\/h3\u003e\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eLearning Objectives\u003c\/h4\u003e\n\u003cp\u003e\u003cb\u003eChapter 1: Modernizing threat management\u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eConstantly evolving landscape of cybersecurity\u003c\/li\u003e\n\u003cli\u003eIdentify technology challenges to stay ahead of emerging threats\u003c\/li\u003e\n\u003cli\u003eUncover people and process challenges and explore strategies for improvement\u003c\/li\u003e\n\u003cli\u003eTransform threat management with autonomic security\u003c\/li\u003e\n\u003cli\u003eAI based SecOps Tools: Google Chronicle, Microsoft Sentinel, Splunk\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eChapter 2: Basics of AI and Security Operations\u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eSOC Core Functions\u003c\/li\u003e\n\u003cli\u003eChallenges of Traditional SecOps\u003c\/li\u003e\n\u003cli\u003eEmbrace Autonomic Security Operations\u003c\/li\u003e\n\u003cli\u003eContinuous detection continuous response, CDCR\u003c\/li\u003e\n\u003cli\u003eManagement and ticketing systems for incident tracking\u003c\/li\u003e\n\u003cli\u003eTrack and measure team performance\u003c\/li\u003e\n\u003cli\u003eEnhancing SecOps with AI \u0026amp; ML\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eChapter 3:  Collection\u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eGather host and network data\u003c\/li\u003e\n\u003cli\u003eIdentify data sources and information needs\u003c\/li\u003e\n\u003cli\u003eConfigure logging and data sources\u003c\/li\u003e\n\u003cli\u003eIngest and normalize data\u003c\/li\u003e\n\u003cli\u003eImplement data quality checks and validation\u003c\/li\u003e\n\u003cli\u003eImplement data retention policies\u003c\/li\u003e\n\u003cli\u003ePrioritize your crown jewel assets\u003c\/li\u003e\n\u003cli\u003eAI enhanced collection\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eChapter 4: Threat Detection\u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eIdentify patterns of suspicious activity and detect potential security incidents\u003c\/li\u003e\n\u003cli\u003eLeverage SIEM tools to correlate and analyze security events\u003c\/li\u003e\n\u003cli\u003eUtilize threat intelligence feeds to enrich data\u003c\/li\u003e\n\u003cli\u003eIdentify indicators of compromise (IOCs)\u003c\/li\u003e\n\u003cli\u003eTactics, techniques, and procedures (or TTPs)\u003c\/li\u003e\n\u003cli\u003eAI enhanced detection\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eChapter 5: Triage\u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eConduct initial investigation on security alerts to identify actual threats\u003c\/li\u003e\n\u003cli\u003ePrioritize security alerts\u003c\/li\u003e\n\u003cli\u003ePerform initial investigation on identified alerts\u003c\/li\u003e\n\u003cli\u003eDisregard false positives or low priority alerts\u003c\/li\u003e\n\u003cli\u003eEnrich investigation cases with additional data\u003c\/li\u003e\n\u003cli\u003eEscalate to senior investigators or incident response team\u003c\/li\u003e\n\u003cli\u003eAI enhanced triage\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eChapter 6: Investigation\u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eDeeper analysis of alerts by Tier 2 analysts\u003c\/li\u003e\n\u003cli\u003eVerify whether the alert is a true or false positive\u003c\/li\u003e\n\u003cli\u003eAdvanced analysis of available data and IOCs\u003c\/li\u003e\n\u003cli\u003eGather additional information by pivoting to other data sources\u003c\/li\u003e\n\u003cli\u003eDetermine the duration of the investigation\u003c\/li\u003e\n\u003cli\u003eAddress false positives for proactive threat management\u003c\/li\u003e\n\u003cli\u003eCollaborate with other teams, document, and share knowledge\u003c\/li\u003e\n\u003cli\u003eAI enhanced investigation\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eChapter 7: Incident Response\u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eContain, eradicate, and recover from a security incident\u003c\/li\u003e\n\u003cli\u003eIdentify the root cause, implement necessary controls, and remediate\u003c\/li\u003e\n\u003cli\u003eMinimize impact and restore operations\u003c\/li\u003e\n\u003cli\u003eConduct a post-incident review\u003c\/li\u003e\n\u003cli\u003eCollaborate with adjacent teams and stakeholders\u003c\/li\u003e\n\u003cli\u003eAI enhanced Incident Response\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eChapter 8: Shift left adjacencies\u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eProactive Detection and Response\u003c\/li\u003e\n\u003cli\u003eThreat Intelligence\u003c\/li\u003e\n\u003cli\u003eThreat Hunting\u003c\/li\u003e\n\u003cli\u003eRed Teaming\/Pen Testing\u003c\/li\u003e\n\u003cli\u003eVulnerability Management\u003c\/li\u003e\n\u003cli\u003eUpstream Influence\u003c\/li\u003e\n\u003cli\u003eTabletop Exercises\u003c\/li\u003e\n\u003cli\u003eCompliance\u003c\/li\u003e\n\u003cli\u003eCollaboration with Developers\u003c\/li\u003e\n\u003cli\u003eBlameless Post-Mortems\u003c\/li\u003e\n\u003cli\u003eThreat Modeling\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e","brand":"Learning Tree","offers":[{"title":"267A84US \/ 2026-07-29T09:00:00 \/ Herndon, VA","offer_id":47534214447323,"sku":"US-2015-IL","price":2228.0,"currency_code":"USD","in_stock":true},{"title":"26AB38US \/ 2026-10-28T09:00:00 \/ Herndon, VA","offer_id":48216565154011,"sku":"US-2015-IL","price":2228.0,"currency_code":"USD","in_stock":true},{"title":"271B57US \/ 2027-01-27T09:00:00 \/ Herndon, VA","offer_id":48216565186779,"sku":"US-2015-IL","price":2228.0,"currency_code":"USD","in_stock":true},{"title":"274B24US \/ 2027-04-28T09:00:00 \/ Herndon, VA","offer_id":48696364761307,"sku":"US-2015-IL","price":2228.0,"currency_code":"USD","in_stock":true}]},{"product_id":"isaca-advanced-in-ai-security-management-aaism-certification","title":"ISACA Advanced in AI Security Management (AAISM) Certification","description":"\u003cdiv\u003e\u003cp\u003eISACA Advanced in AI Security Management (AAISM) validates security management professionals’ ability to demonstrate their expertise in AI. This credential builds upon existing security best practices to enhance expertise and adapt to the evolving AI-driven landscape, ensuring robust protection and a strategic edge.\u003c\/p\u003e\u003c\/div\u003e\u003cdiv\u003e\n\u003ch3\u003eISACA Advanced in AI Security Management (AAISM) Certification Benefits\u003c\/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cb\u003eIn this course you will learn skills which:\u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eEstablishes AI-Specific Security Expertise\u003c\/li\u003e\n\u003cli\u003eBridges the Gap Between AI and Cybersecurity\u003c\/li\u003e\n\u003cli\u003eAligns with Enterprise Governance and Risk Needs\u003c\/li\u003e\n\u003cli\u003eBuilt on ISACA’s Trusted Frameworks\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003cb\u003ePrerequisites\u003c\/b\u003e\u003c\/p\u003e\n\u003cp\u003eMust possess a CISM or CISSP to be eligible for Certification.\u003c\/p\u003e\n\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\u003ch3\u003eAI Security Management Certification Course Outline\u003c\/h3\u003e\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eLearning Objectives\u003c\/h4\u003e\n\u003cp\u003e\u003cstrong\u003eDomain 1: AI Governance and Program Management\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eStakeholder Considerations, Industry Frameworks, and Regulatory Requirements\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eOrganizational Structure and Overall Governance\u003c\/li\u003e\n\u003cli\u003eRoles and Responsibilities\u003c\/li\u003e\n\u003cli\u003eCharter and Steering Committee\u003c\/li\u003e\n\u003cli\u003eIdentifying Stakeholders\u003c\/li\u003e\n\u003cli\u003eRisk Appetite and Tolerance\u003c\/li\u003e\n\u003cli\u003eFrameworks, Standards, and Regulations\u003c\/li\u003e\n\u003cli\u003eSelecting appropriate Frameworks\u003c\/li\u003e\n\u003cli\u003eBusiness and Use Cases for AI\u003c\/li\u003e\n\u003cli\u003ePrivacy Considerations\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eAI-related Strategies, Policies, and Procedures\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eAI Strategy\u003c\/li\u003e\n\u003cli\u003eConsumer v. Enterprise\u003c\/li\u003e\n\u003cli\u003eBuy vs. Build\u003c\/li\u003e\n\u003cli\u003eAI Policies\u003c\/li\u003e\n\u003cli\u003eResponsible Use\u003c\/li\u003e\n\u003cli\u003eAcceptable Use\u003c\/li\u003e\n\u003cli\u003eAI Procedures\u003c\/li\u003e\n\u003cli\u003eImplementation\u003c\/li\u003e\n\u003cli\u003eManuals\u003c\/li\u003e\n\u003cli\u003eEthics\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eAI Asset and Data Life Cycle Management\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eAI Asset and Data Inventory\u003c\/li\u003e\n\u003cli\u003eInventory management\u003c\/li\u003e\n\u003cli\u003eModel cards\u003c\/li\u003e\n\u003cli\u003eData handling, classification, discovery\u003c\/li\u003e\n\u003cli\u003eData Augmentation and Cleaning\u003c\/li\u003e\n\u003cli\u003eData Storage\u003c\/li\u003e\n\u003cli\u003eData Protection\u003c\/li\u003e\n\u003cli\u003eDestruction\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eAI Security Program Development and Management\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eDocumented Program Plan\u003c\/li\u003e\n\u003cli\u003eSecurity team, roles, responsibilities, and proficiencies\u003c\/li\u003e\n\u003cli\u003eAlignment to existing info sec\u003c\/li\u003e\n\u003cli\u003eUse of AI-enabled security tools in the program\u003c\/li\u003e\n\u003cli\u003eMetrics and management\u003c\/li\u003e\n\u003cli\u003eKRIs and KPIs for AI use with regard to the security\u003c\/li\u003e\n\u003cli\u003eManagement reporting\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eBusiness Continuity and Incident Response\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eIncident detection\u003c\/li\u003e\n\u003cli\u003eNotification\u003c\/li\u003e\n\u003cli\u003eIncident classification\u003c\/li\u003e\n\u003cli\u003eCriticality and severity\u003c\/li\u003e\n\u003cli\u003eResiliency\u003c\/li\u003e\n\u003cli\u003eBusiness Continuity Plan\u003c\/li\u003e\n\u003cli\u003eRed-button requirements for compliance\u003c\/li\u003e\n\u003cli\u003eIncident response playbooks specifically for AI\u003c\/li\u003e\n\u003cli\u003eBreak glass policies\/ go no go • Authority\u003c\/li\u003e\n\u003cli\u003eRTO RPO – AI perspective\u003c\/li\u003e\n\u003cli\u003eDisaster recovery\u003c\/li\u003e\n\u003cli\u003eTesting\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDomain 2. AI Risk Management\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eAI Risk Assessment, Thresholds, and Treatment\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eImpact assessment\u003c\/li\u003e\n\u003cli\u003eConformity assessment\u003c\/li\u003e\n\u003cli\u003ePIAs\u003c\/li\u003e\n\u003cli\u003eRisk documentation\u003c\/li\u003e\n\u003cli\u003eAcceptable levels of risk\u003c\/li\u003e\n\u003cli\u003eTreatment plans\u003c\/li\u003e\n\u003cli\u003eKRIs and KPIs for AI us\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eAI-related Strategies, Policies, and Procedures\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003ePEN test\u003c\/li\u003e\n\u003cli\u003eVulnerability tests\u003c\/li\u003e\n\u003cli\u003eRed teaming\u003c\/li\u003e\n\u003cli\u003eAI related vulnerabilities\u003c\/li\u003e\n\u003cli\u003eAdversarial threats\u003c\/li\u003e\n\u003cli\u003eThreat intelligence\u003c\/li\u003e\n\u003cli\u003eAI-enabled threats\/Attack chains\u003c\/li\u003e\n\u003cli\u003eAnomalies\u003c\/li\u003e\n\u003cli\u003eThreat landscape\u003c\/li\u003e\n\u003cli\u003eDeep fakes\u003c\/li\u003e\n\u003cli\u003eInsider threat\u003c\/li\u003e\n\u003cli\u003eAI agents\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eAI Vendor and Supply Chain Management\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eDependencies of software packages and libraries\u003c\/li\u003e\n\u003cli\u003eVendor due diligence and contracts\u003c\/li\u003e\n\u003cli\u003eSLAs\u003c\/li\u003e\n\u003cli\u003eVendor usage\u003c\/li\u003e\n\u003cli\u003eAccountability models\u003c\/li\u003e\n\u003cli\u003eProvider vs. deployer\u003c\/li\u003e\n\u003cli\u003eThird, fourth, and fifth parties\u003c\/li\u003e\n\u003cli\u003eOwnership and intellectual property\u003c\/li\u003e\n\u003cli\u003eAccess controls\u003c\/li\u003e\n\u003cli\u003eLiability\u003c\/li\u003e\n\u003cli\u003eVendor monitoring for risk and changes\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eModule 3. AI Technologies and Controls\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eAI Security Architecture and Design\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eChange management\u003c\/li\u003e\n\u003cli\u003eSDL\u003c\/li\u003e\n\u003cli\u003eSecure by design\u003c\/li\u003e\n\u003cli\u003eSecuring infrastructure as code\u003c\/li\u003e\n\u003cli\u003eData flows\u003c\/li\u003e\n\u003cli\u003eApproved base models\u003c\/li\u003e\n\u003cli\u003eInterconnectivity and interaction with architecture\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eAI Life Cycle (e.g., model selection, training, and validation)\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eTesting models interconnectivity\u003c\/li\u003e\n\u003cli\u003eLinkages between models\u003c\/li\u003e\n\u003cli\u003eRegression\u003c\/li\u003e\n\u003cli\u003eModel testing\u003c\/li\u003e\n\u003cli\u003eProgression\u003c\/li\u003e\n\u003cli\u003eTEVV\u003c\/li\u003e\n\u003cli\u003eModel accuracy testing and evaluation\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eData Management Controls\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eData collection\u003c\/li\u003e\n\u003cli\u003eData control\u003c\/li\u003e\n\u003cli\u003eData Poisoning\u003c\/li\u003e\n\u003cli\u003eBIAS\u003c\/li\u003e\n\u003cli\u003eAccuracy\u003c\/li\u003e\n\u003cli\u003eData position requirements\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003ePrivacy, Ethical, Trust and Safety Controls\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eExplainability\u003c\/li\u003e\n\u003cli\u003ePrivacy controls – like right to be forgotten, data subject rights\u003c\/li\u003e\n\u003cli\u003eConsent\u003c\/li\u003e\n\u003cli\u003eTransparency\u003c\/li\u003e\n\u003cli\u003eDecision making\u003c\/li\u003e\n\u003cli\u003eFairness\u003c\/li\u003e\n\u003cli\u003eEthics\u003c\/li\u003e\n\u003cli\u003eAutomated decision making\u003c\/li\u003e\n\u003cli\u003eHuman in the loop\u003c\/li\u003e\n\u003cli\u003eTrust and safety - content moderation\u003c\/li\u003e\n\u003cli\u003ePotential harm\u003c\/li\u003e\n\u003cli\u003eEnvironmental impacts\u003c\/li\u003e\n\u003cli\u003eData minimization and anonymization\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eSecurity Controls and Monitoring\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity monitoring metrics\u003c\/li\u003e\n\u003cli\u003eSelecting the right controls\u003c\/li\u003e\n\u003cli\u003eImplementing controls\u003c\/li\u003e\n\u003cli\u003eSelf-assessment of controls (CSA)\u003c\/li\u003e\n\u003cli\u003eControl life cycle\u003c\/li\u003e\n\u003cli\u003eContinuous monitoring\u003c\/li\u003e\n\u003cli\u003eKPIs and KRIs for security controls and monitoring\u003c\/li\u003e\n\u003cli\u003eTechnical controls\u003c\/li\u003e\n\u003cli\u003eThreat controls mapping\u003c\/li\u003e\n\u003cli\u003eSecurity awareness training\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e","brand":"Learning Tree","offers":[{"title":"266A68US \/ 2026-06-29T09:00:00 \/ Online","offer_id":47534201602267,"sku":"US-2019-IL","price":2396.0,"currency_code":"USD","in_stock":true},{"title":"268C85US \/ 2026-08-26T09:00:00 \/ Herndon, VA","offer_id":48216556503259,"sku":"US-2019-IL","price":2396.0,"currency_code":"USD","in_stock":true},{"title":"26AB39US \/ 2026-10-26T09:00:00 \/ Herndon, VA","offer_id":48216556798171,"sku":"US-2019-IL","price":2396.0,"currency_code":"USD","in_stock":true},{"title":"26CB26US \/ 2026-12-14T09:00:00 \/ Herndon, VA","offer_id":48216556830939,"sku":"US-2019-IL","price":2396.0,"currency_code":"USD","in_stock":true},{"title":"272B12US \/ 2027-02-24T09:00:00 \/ Herndon, VA","offer_id":48294630719707,"sku":"US-2019-IL","price":2396.0,"currency_code":"USD","in_stock":true},{"title":"274B25US \/ 2027-04-26T09:00:00 \/ Herndon, VA","offer_id":48669371662555,"sku":"US-2019-IL","price":2396.0,"currency_code":"USD","in_stock":true},{"title":"269D42US \/ 2026-09-28T09:00:00 \/ Online","offer_id":48837147656411,"sku":"US-2019-IL","price":2396.0,"currency_code":"USD","in_stock":true},{"title":"269D43US \/ 2026-09-14T09:00:00 \/ Online","offer_id":48837147689179,"sku":"US-2019-IL","price":2396.0,"currency_code":"USD","in_stock":true}]},{"product_id":"comptia-secai","title":"CompTIA SecAI+ Certification","description":"\u003cdiv\u003e\n\u003cp\u003eCompTIA SecAI+ enables a safer digital future by empowering IT and cybersecurity talent worldwide to meet the emerging challenges and opportunities at the intersection of AI and security.\u003c\/p\u003e\r\n\u003cp\u003eCompTIA SecAI+ is the global IT industry’s first comprehensive “expansion” certification focused on the security of artificial intelligence systems and the secure application of AI in cybersecurity operations. This certification equips professionals with critical, vendor-neutral skills to understand, defend, and ethically deploy AI technologies within any organization.\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch3\u003eCompTIA SecAI+ Certification Benefits\u003c\/h3\u003e\n\u003cul\u003e\u003cli\u003e\n\u003cp\u003e\u003cb\u003eCourse Benefits\u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eApply foundational and advanced AI concepts to strengthen organizational cybersecurity.\u003c\/li\u003e\n\u003cli\u003eImplement robust security controls and best practices for protecting AI systems and data.\u003c\/li\u003e\n\u003cli\u003eLeverage AI-driven tools to enhance threat detection, response, and automation of security operations.\u003c\/li\u003e\n\u003cli\u003eNavigate global governance, risk, and compliance frameworks to ensure responsible AI adoption.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003ePrerequisites\u003c\/b\u003e\u003c\/p\u003e\n\u003cp\u003eThis is equivalent to 3–4 years of IT experience with approximately 2 years of hands-on cybersecurity experience.\u003c\/p\u003e\n\u003c\/li\u003e\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\u003ch3\u003eCompTIA SecAI+ AI Security Training Outline\u003c\/h3\u003e\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eLearning Objectives\u003c\/h4\u003e\n\u003cp\u003e\u003cb\u003eModule 1 — AI and Data Concepts for Cybersecurity\u003c\/b\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eAI concepts and core AI types\u003c\/li\u003e\n\u003cli\u003eGenerative AI and transformers\u003c\/li\u003e\n\u003cli\u003eMachine learning and deep learning\u003c\/li\u003e\n\u003cli\u003eNatural language processing\u003c\/li\u003e\n\u003cli\u003eAI model training approaches\u003c\/li\u003e\n\u003cli\u003ePrompt engineering fundamentals\u003c\/li\u003e\n\u003cli\u003eModel security considerations\u003c\/li\u003e\n\u003cli\u003eAI data types and data security techniques\u003c\/li\u003e\n\u003cli\u003eRAG (Retrieval Augmented Generation) concepts\u003c\/li\u003e\n\u003cli\u003eData integrity and processing controls\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eModule 2 — Threat Modeling and Securing AI Systems\u003c\/b\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eAI threat modeling fundamentals\u003c\/li\u003e\n\u003cli\u003eThreat modeling processes and prerequisites\u003c\/li\u003e\n\u003cli\u003eAI threat modeling frameworks\u003c\/li\u003e\n\u003cli\u003eAI security control types\u003c\/li\u003e\n\u003cli\u003eModel guardrails and prompt templates\u003c\/li\u003e\n\u003cli\u003eGateway and interface controls\u003c\/li\u003e\n\u003cli\u003eUsage quotas and limitation controls\u003c\/li\u003e\n\u003cli\u003eSecurity control testing\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eModule 3 — Access Controls for AI\u003c\/b\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eAI access control principles and models\u003c\/li\u003e\n\u003cli\u003eModel and agent access controls\u003c\/li\u003e\n\u003cli\u003eAPI and network access security\u003c\/li\u003e\n\u003cli\u003eAI data security controls\u003c\/li\u003e\n\u003cli\u003eEncryption and data safety measures\u003c\/li\u003e\n\u003cli\u003eMonitoring and logging AI systems\u003c\/li\u003e\n\u003cli\u003ePerformance and cost monitoring\u003c\/li\u003e\n\u003cli\u003eAI auditing and compliance monitoring\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eModule 4 — AI Threats and Compensating Controls\u003c\/b\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eAI lifecycle security\u003c\/li\u003e\n\u003cli\u003eEthical AI design considerations\u003c\/li\u003e\n\u003cli\u003eAI attack types and techniques\u003c\/li\u003e\n\u003cli\u003eBackdoor and trojan model attacks\u003c\/li\u003e\n\u003cli\u003eModel poisoning and inversion\u003c\/li\u003e\n\u003cli\u003eModel theft risks\u003c\/li\u003e\n\u003cli\u003eCompensating control strategies\u003c\/li\u003e\n\u003cli\u003ePost-incident AI analysis\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eModule 5 — Leveraging AI in Security Operations\u003c\/b\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eAI-enabled security tools\u003c\/li\u003e\n\u003cli\u003eAI use cases in detection and analysis\u003c\/li\u003e\n\u003cli\u003eAI for vulnerability assessment\u003c\/li\u003e\n\u003cli\u003eAI-enhanced attack vectors\u003c\/li\u003e\n\u003cli\u003eAI for social engineering and deception\u003c\/li\u003e\n\u003cli\u003eAI reconnaissance techniques\u003c\/li\u003e\n\u003cli\u003eAI-driven automation\u003c\/li\u003e\n\u003cli\u003eAI in DevSecOps workflows\u003c\/li\u003e\n\u003cli\u003eAI scripting and summarization\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eModule 6 — AI Governance, Risk, and Compliance\u003c\/b\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eAI governance structures\u003c\/li\u003e\n\u003cli\u003eAI organizational roles\u003c\/li\u003e\n\u003cli\u003eResponsible AI principles\u003c\/li\u003e\n\u003cli\u003eAI risk identification and assessment\u003c\/li\u003e\n\u003cli\u003eAI regulatory themes\u003c\/li\u003e\n\u003cli\u003eCompliance frameworks for AI\u003c\/li\u003e\n\u003cli\u003eOrganizational AI policy design\u003c\/li\u003e\n\u003cli\u003eCompliance reporting\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e","brand":"Learning Tree","offers":[{"title":"266B04CN \/ 2026-06-10T09:00:00 \/ Online","offer_id":48230032834779,"sku":"US-2078-IL","price":1800.0,"currency_code":"USD","in_stock":true},{"title":"267D53US \/ 2026-07-29T09:00:00 \/ Herndon, VA","offer_id":48230032867547,"sku":"US-2078-IL","price":1800.0,"currency_code":"USD","in_stock":true},{"title":"269A97CN \/ 2026-09-09T09:00:00 \/ Ottawa","offer_id":48230032900315,"sku":"US-2078-IL","price":1800.0,"currency_code":"USD","in_stock":true},{"title":"26AC21US \/ 2026-10-28T09:00:00 \/ Herndon, VA","offer_id":48230032933083,"sku":"US-2078-IL","price":1800.0,"currency_code":"USD","in_stock":true},{"title":"26CA42CN \/ 2026-12-09T09:00:00 \/ Ottawa","offer_id":48230032965851,"sku":"US-2078-IL","price":1800.0,"currency_code":"USD","in_stock":true},{"title":"271C65US \/ 2027-01-27T09:00:00 \/ Herndon, VA","offer_id":48230032998619,"sku":"US-2078-IL","price":1800.0,"currency_code":"USD","in_stock":true},{"title":"273A58CN \/ 2027-03-10T09:00:00 \/ Ottawa","offer_id":48334732951771,"sku":"US-2078-IL","price":1800.0,"currency_code":"USD","in_stock":true},{"title":"274C18US \/ 2027-04-28T09:00:00 \/ Herndon, VA","offer_id":48696395595995,"sku":"US-2078-IL","price":1800.0,"currency_code":"USD","in_stock":true}]},{"product_id":"isc2-issmp®-information-systems-security-management-professional","title":"ISC2 ISSMP®: Information Systems Security Management Professional","description":"\u003cdiv\u003e\u003cp\u003eThe Information Systems Security Management Professional (ISSMP) is a security leader who specializes in establishing, presenting and governing information security programs and demonstrates management and leadership skills. ISSMPs direct the alignment of security programs with the organization’s mission, goals and strategies in order to meet enterprise financial and operational requirements in support of its desired risk position.\u003c\/p\u003e\u003c\/div\u003e\u003cdiv\u003e\n\u003ch3\u003eISC2 ISSMP®: Information Systems Security Management Professional Benefits\u003c\/h3\u003e\n\u003cul\u003e\u003cli\u003e\n\u003cp\u003e\u003cb\u003eCourse Benefits\u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eEstablish and lead an enterprise information security program\u003c\/li\u003e\n\u003cli\u003eEnsure security is integrated and managed effectively throughout the system development and acquisition lifecycle.\u003c\/li\u003e\n\u003cli\u003eIdentify, assess, and manage information security risks\u003c\/li\u003e\n\u003cli\u003eOversee the development and execution of incident response and threat intelligence programs\u003c\/li\u003e\n\u003cli\u003eDesign and maintain business continuity and disaster recovery strategies\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003ePrerequisites\u003c\/b\u003e\u003c\/p\u003e\n\u003cp\u003eCandidates must meet \u003cb\u003eone\u003c\/b\u003e of the following:\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eHold an active \u003cb\u003eCISSP\u003c\/b\u003e in good standing \u003cb\u003eand\u003c\/b\u003e have \u003cb\u003etwo years\u003c\/b\u003e of cumulative full-time experience in one or more ISSAP domains\u003cbr\u003e\u003cb\u003eOR\u003c\/b\u003e\n\u003c\/li\u003e\n\u003cli\u003ePossess \u003cb\u003eseven years\u003c\/b\u003e of cumulative full-time experience in \u003cb\u003etwo or more\u003c\/b\u003e ISSAP domains\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eExperience Substitution:\u003c\/b\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eA relevant bachelor’s or master’s degree \u003cb\u003eor\u003c\/b\u003e an approved ISC2 credential may substitute for \u003cb\u003eone year\u003c\/b\u003e of experience\u003c\/li\u003e\n\u003cli\u003ePart-time work and internships may count toward experience requirements\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\u003ch3\u003eISSMP Security Management Certification Outline\u003c\/h3\u003e\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eLearning Objectives\u003c\/h4\u003e\n\u003cp\u003e\u003cb\u003eDomain 1: Leadership and Operational Management\u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eEstablish security’s role in organizational culture, vision and mission\u003c\/li\u003e\n\u003cli\u003eAlign security program with organizational governance\u003c\/li\u003e\n\u003cli\u003eDefine and implement information security strategies\u003c\/li\u003e\n\u003cli\u003eDefine and maintain security policy framework\u003c\/li\u003e\n\u003cli\u003eManage security requirements in contracts and agreements\u003c\/li\u003e\n\u003cli\u003eManage security awareness and training programs\u003c\/li\u003e\n\u003cli\u003eDefine, measure and report security metrics\u003c\/li\u003e\n\u003cli\u003ePrepare, obtain and manage security budget\u003c\/li\u003e\n\u003cli\u003eManage security programs\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eDomain 2: Systems Lifecyle Management\u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eManage integration of security throughout system lifecycle\u003c\/li\u003e\n\u003cli\u003eIntegrate organization initiatives and emerging technologies throughout the security architecture\u003c\/li\u003e\n\u003cli\u003eDefine and manage comprehensive vulnerability management programs\u003c\/li\u003e\n\u003cli\u003eManage security aspects of change control\u003c\/li\u003e\n\u003cli\u003eManage security programs\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eDomain 3: Risk Management\u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eDevelop and manage a risk management program\u003c\/li\u003e\n\u003cli\u003eManage security risks with the supply chain\u003c\/li\u003e\n\u003cli\u003eConduct risk assessments\u003c\/li\u003e\n\u003cli\u003eManage risk controls\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eDomain 4: Security Operations\u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eEstablish and maintain security operations center\u003c\/li\u003e\n\u003cli\u003eEstablish and maintain threat intelligence program\u003c\/li\u003e\n\u003cli\u003eEstablish and maintain incident management program\u003c\/li\u003e\n\u003cli\u003eDevelop and manage a risk management program\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eDomain 5: Contingency Management \u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eFacilitate development of contingency plans\u003c\/li\u003e\n\u003cli\u003eDevelop recovery strategies\u003c\/li\u003e\n\u003cli data-border-margin=\".25in\"\u003eMaintain contingency plan, resiliency plan\u003c\/li\u003e\n\u003cli\u003eManage disaster response and recovery process\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eDomain 6: Law , Ethics and Security Compliance Management\u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eIdentify the impact of laws and regulations\u003c\/li\u003e\n\u003cli\u003eUnderstand, adhere to and promote professional ethics\u003c\/li\u003e\n\u003cli\u003eValidate compliance in accordance with applicable laws and regulations\u003c\/li\u003e\n\u003cli\u003eDocument and manage compliance exceptions \u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e","brand":"Learning Tree","offers":[{"title":"268B06CN \/ 2026-08-10T09:00:00 \/ Ottawa","offer_id":48833424359643,"sku":"US-2082-IL","price":2986.0,"currency_code":"USD","in_stock":true},{"title":"269C91US \/ 2026-09-21T09:00:00 \/ Herndon, VA","offer_id":48833424392411,"sku":"US-2082-IL","price":2986.0,"currency_code":"USD","in_stock":true},{"title":"26BA63CN \/ 2026-11-02T09:00:00 \/ Ottawa","offer_id":48833424425179,"sku":"US-2082-IL","price":2986.0,"currency_code":"USD","in_stock":true},{"title":"26CB92US \/ 2026-12-14T09:00:00 \/ Herndon, VA","offer_id":48833424457947,"sku":"US-2082-IL","price":2986.0,"currency_code":"USD","in_stock":true},{"title":"272A46CN \/ 2027-02-08T09:00:00 \/ Ottawa","offer_id":48833424490715,"sku":"US-2082-IL","price":2986.0,"currency_code":"USD","in_stock":true},{"title":"273C20US \/ 2027-03-08T09:00:00 \/ Herndon, VA","offer_id":48833424523483,"sku":"US-2082-IL","price":2986.0,"currency_code":"USD","in_stock":true},{"title":"275A50CN \/ 2027-05-10T09:00:00 \/ Ottawa","offer_id":48833424556251,"sku":"US-2082-IL","price":2986.0,"currency_code":"USD","in_stock":true}]},{"product_id":"isc2-issap®-information-systems-security-architecture-professional","title":"ISC2 ISSAP®: Information Systems Security Architecture Professional","description":"\u003cdiv\u003e\n\u003cp\u003eThe \u003cb\u003eInformation Systems Security Architecture Professional (ISSAP)\u003c\/b\u003e is an advanced security credential for professionals who design enterprise security solutions and provide risk-based architectural guidance aligned to organizational mission, strategy, and regulatory requirements.\u003c\/p\u003e\r\n\u003cp\u003eIn this intensive one-day course, learners explore the four domains of the ISSAP Common Body of Knowledge (CBK®), gaining practical insight into governance, security architecture modeling, infrastructure and system protection, and identity and access management (IAM) architecture.\u003c\/p\u003e\r\n\u003cp\u003eSuccessful participants strengthen their ability to align security architecture with business objectives, regulatory mandates, and evolving threat landscapes across enterprise, cloud, and hybrid environments.\u003c\/p\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch3\u003eISC2 ISSAP®: Information Systems Security Architecture Professional Benefits\u003c\/h3\u003e\n\u003cul\u003e\u003cli\u003e\n\u003cp\u003e\u003cb\u003eCourse Benefits\u003c\/b\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eAlign enterprise security architecture with governance, risk, and compliance requirements\u003c\/li\u003e\n\u003cli\u003eApply security architecture modeling frameworks, threat modeling, and validation techniques\u003c\/li\u003e\n\u003cli\u003eDesign secure infrastructure, system, and cryptographic architectures across hybrid environments\u003c\/li\u003e\n\u003cli\u003eArchitect scalable identity, authentication, authorization, and auditing solutions\u003c\/li\u003e\n\u003cli\u003eProvide risk-informed architectural guidance to organizational leadership\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003ePrerequisites\u003c\/b\u003e\u003c\/p\u003e\n\u003cp\u003eCandidates must meet \u003cb\u003eone\u003c\/b\u003e of the following:\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eHold an active \u003cb\u003eCISSP\u003c\/b\u003e in good standing \u003cb\u003eand\u003c\/b\u003e have \u003cb\u003etwo years\u003c\/b\u003e of cumulative full-time experience in one or more ISSAP domains\u003cbr\u003e\u003cb\u003eOR\u003c\/b\u003e\n\u003c\/li\u003e\n\u003cli\u003ePossess \u003cb\u003eseven years\u003c\/b\u003e of cumulative full-time experience in \u003cb\u003etwo or more\u003c\/b\u003e ISSAP domains\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eExperience Substitution:\u003c\/b\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eA relevant bachelor’s or master’s degree \u003cb\u003eor\u003c\/b\u003e an approved ISC2 credential may substitute for \u003cb\u003eone year\u003c\/b\u003e of experience\u003c\/li\u003e\n\u003cli\u003ePart-time work and internships may count toward experience requirements\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\u003ch3\u003eISSAP Security Architecture Certification Outline\u003c\/h3\u003e\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eLearning Objectives\u003c\/h4\u003e\n\u003cp\u003e\u003cb\u003eDomain 1: Governance, Risk, and Compliance (GRC)\u003c\/b\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eLegal, regulatory, organizational, and industry security requirements\u003c\/li\u003e\n\u003cli\u003eSensitive data protection and privacy regulations\u003c\/li\u003e\n\u003cli\u003eThird-party and contractual obligations\u003c\/li\u003e\n\u003cli\u003eAsset identification, stakeholder alignment, and business objectives\u003c\/li\u003e\n\u003cli\u003eMonitoring, reporting, auditability, and forensic readiness\u003c\/li\u003e\n\u003cli\u003eRisk assessment integration and treatment strategies\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eDomain 2: Security Architecture Modeling\u003c\/b\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eEnterprise, cloud, network, and service-oriented architecture approaches\u003c\/li\u003e\n\u003cli\u003eFrameworks such as TOGAF®, SABSA, and reference architectures\u003c\/li\u003e\n\u003cli\u003eThreat modeling methods including STRIDE and CVSS\u003c\/li\u003e\n\u003cli\u003eDesign validation, testing, and peer review\u003c\/li\u003e\n\u003cli\u003eGap analysis, mitigations, and compensating controls\u003c\/li\u003e\n\u003cli\u003eCode review and security analysis methodologies\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eDomain 3: Infrastructure and System Security Architecture\u003c\/b\u003e\u003c\/p\u003e\n\u003cp\u003eSecurity Requirements \u0026amp; Deployment Models\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eOn-premises, cloud, and hybrid environments\u003c\/li\u003e\n\u003cli\u003eIT, OT, and physical security considerations\u003c\/li\u003e\n\u003cli\u003eMonitoring, cryptography, and secure application architecture\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003eArchitecture Design \u0026amp; Protection Controls\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003ePlatform, network, storage, and cloud security\u003c\/li\u003e\n\u003cli\u003eEndpoint protection, shared services, and third-party integrations\u003c\/li\u003e\n\u003cli\u003eInfrastructure and content monitoring\u003c\/li\u003e\n\u003cli\u003eBusiness continuity, disaster recovery, and incident communications\u003c\/li\u003e\n\u003cli\u003eSecurity control applicability across system components\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003eCryptographic Architecture\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eDesign constraints, algorithms, and lifecycle considerations\u003c\/li\u003e\n\u003cli\u003eEncryption in transit, at rest, and in use\u003c\/li\u003e\n\u003cli\u003eKey generation, storage, distribution, and management\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eDomain 4: Identity and Access Management (IAM) Architecture\u003c\/b\u003e\u003c\/p\u003e\n\u003cp\u003eIdentity Lifecycle Architecture\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eIdentity establishment, verification, provisioning, and de-provisioning\u003c\/li\u003e\n\u003cli\u003eIdentity technologies and governance\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003eAuthentication Architecture\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eSingle-factor, multi-factor, and risk-based authentication\u003c\/li\u003e\n\u003cli\u003eProtocols such as SAML, RADIUS, Kerberos, and OAuth\u003c\/li\u003e\n\u003cli\u003eTrust models and federation\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003eAuthorization Architecture\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eLeast privilege, separation of duties, and authorization models\u003c\/li\u003e\n\u003cli\u003eRole-, rule-, attribute-, and token-based access control\u003c\/li\u003e\n\u003cli\u003ePrivileged access management (PAM) and digital rights management\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003eAccounting, Auditing, and Compliance\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eAudit logging, alerts, integrity, and retention\u003c\/li\u003e\n\u003cli\u003eLog analysis, reporting, and forensic readiness\u003c\/li\u003e\n\u003cli\u003eCompliance alignment with PCI DSS, FISMA, HIPAA, and GDPR\u003c\/li\u003e\n\u003cli\u003eEnhanced ability to design security into systems from the start\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e","brand":"Learning Tree","offers":[{"title":"267A96CN \/ 2026-07-13T09:00:00 \/ Ottawa","offer_id":48833427374299,"sku":"US-2080-IL","price":3436.0,"currency_code":"USD","in_stock":true},{"title":"268D24US \/ 2026-08-31T09:00:00 \/ Herndon, VA","offer_id":48833427407067,"sku":"US-2080-IL","price":3436.0,"currency_code":"USD","in_stock":true},{"title":"26AA51CN \/ 2026-10-19T09:00:00 \/ Ottawa","offer_id":48833427439835,"sku":"US-2080-IL","price":3436.0,"currency_code":"USD","in_stock":true},{"title":"26BC88US \/ 2026-11-30T09:00:00 \/ Herndon, VA","offer_id":48833427472603,"sku":"US-2080-IL","price":3436.0,"currency_code":"USD","in_stock":true},{"title":"271A69CN \/ 2027-01-11T09:00:00 \/ Ottawa","offer_id":48833427505371,"sku":"US-2080-IL","price":3436.0,"currency_code":"USD","in_stock":true},{"title":"272B91US \/ 2027-02-22T09:00:00 \/ Herndon, VA","offer_id":48833427538139,"sku":"US-2080-IL","price":3436.0,"currency_code":"USD","in_stock":true},{"title":"274A59CN \/ 2027-04-19T09:00:00 \/ Ottawa","offer_id":48833427570907,"sku":"US-2080-IL","price":3436.0,"currency_code":"USD","in_stock":true}]},{"product_id":"isc2-issep®-information-systems-security-engineering-professional","title":"ISC2 ISSEP®: Information Systems Security Engineering Professional","description":"\u003cdiv\u003e\u003cp\u003eThe Information Systems Security Engineering Professional (ISSEP) is a security leader who specializes in the practical application of systems engineering principles and processes to develop secure systems. An ISSEP analyzes organizational needs, defines security requirements, designs security architectures, develops secure designs, implements system security, and supports system security assessment and authorization for government and industry.\u003c\/p\u003e\u003c\/div\u003e\u003cdiv\u003e\n\u003ch3\u003eISC2 ISSEP®: Information Systems Security Engineering Professional Benefits\u003c\/h3\u003e\n\u003cul\u003e\u003cli\u003e\n\u003cp\u003e\u003cb\u003eCourse Benefits\u003c\/b\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eApply systems security engineering fundamentals\u003c\/li\u003e\n\u003cli\u003eParticipate in the technology procurement management\u003c\/li\u003e\n\u003cli\u003eApply security risk management principles\u003c\/li\u003e\n\u003cli\u003eAnalyze organizational and operational environment\u003c\/li\u003e\n\u003cli\u003eImplement and integrate security solutions\u003c\/li\u003e\n\u003cli\u003eDevelop secure operations plan\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003ePrerequisites\u003c\/b\u003e\u003c\/p\u003e\n\u003cp\u003eCandidates must meet \u003cb\u003eone\u003c\/b\u003e of the following:\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eHold an active \u003cb\u003eCISSP\u003c\/b\u003e in good standing \u003cb\u003eand\u003c\/b\u003e have \u003cb\u003etwo years\u003c\/b\u003e of cumulative full-time experience in one or more ISSAP domains\u003cbr\u003e\u003cb\u003eOR\u003c\/b\u003e\n\u003c\/li\u003e\n\u003cli\u003ePossess \u003cb\u003eseven years\u003c\/b\u003e of cumulative full-time experience in \u003cb\u003etwo or more\u003c\/b\u003e ISSAP domains\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eExperience Substitution:\u003c\/b\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eA relevant bachelor’s or master’s degree \u003cb\u003eor\u003c\/b\u003e an approved ISC2 credential may substitute for \u003cb\u003eone year\u003c\/b\u003e of experience\u003c\/li\u003e\n\u003cli\u003ePart-time work and internships may count toward experience requirements\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\u003ch3\u003eISSEP Security Engineering Certification Outline\u003c\/h3\u003e\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eLearning Objectives\u003c\/h4\u003e\n\u003cp\u003e\u003cb\u003eDomain 1: Systems Security Engineering Foundations\u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eApply systems security engineering fundamentals\u003c\/li\u003e\n\u003cli\u003eExecute systems security engineering processes (e.g., hardware, software, data)\u003c\/li\u003e\n\u003cli\u003eIntegrate with system development methodology\u003c\/li\u003e\n\u003cli\u003ePerform technical management\u003c\/li\u003e\n\u003cli\u003eParticipate in the technology procurement management\u003c\/li\u003e\n\u003cli\u003eResource Analysis (e.g., Cost estimation, personnel costs, probabilities and statistics (Monte Carlo))\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cul\u003e\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eDomain 2: Risk Management \u003c\/b\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eApply security risk management principles\u003c\/li\u003e\n\u003cli\u003eManage risk to system\u003c\/li\u003e\n\u003cli\u003eManage risk to operations\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eDomain 3: Security Planning and Engineering\u003c\/b\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eAnalyze organizational and operational environment\u003c\/li\u003e\n\u003cli\u003eApply system security principles\u003c\/li\u003e\n\u003cli\u003eDevelop system requirements\u003c\/li\u003e\n\u003cli\u003eCreate system security design\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eDomain 4: Systems Security Implementation, Verification and Validation\u003c\/b\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eImplement and integrate security solutions\u003c\/li\u003e\n\u003cli\u003eVerify successful implementation\u003c\/li\u003e\n\u003cli\u003eDevelop system requirements\u003c\/li\u003e\n\u003cli\u003eCreate system security design\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eDomain 5: Secure Operations, Change Management and Disposal\u003c\/b\u003e\u003c\/p\u003e\n\u003cul type=\"disc\"\u003e\n\u003cli\u003eDevelop secure operations plan\u003c\/li\u003e\n\u003cli\u003eSupport secure operations\u003c\/li\u003e\n\u003cli\u003eParticipate in change management\u003c\/li\u003e\n\u003cli\u003eParticipate in the disposal process\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e","brand":"Learning Tree","offers":[{"title":"267A97CN \/ 2026-07-20T09:00:00 \/ Ottawa","offer_id":48833427603675,"sku":"US-2081-IL","price":3436.0,"currency_code":"USD","in_stock":true},{"title":"269C90US \/ 2026-09-14T09:00:00 \/ Herndon, VA","offer_id":48833427636443,"sku":"US-2081-IL","price":3436.0,"currency_code":"USD","in_stock":true},{"title":"26AA52CN \/ 2026-10-26T09:00:00 \/ Ottawa","offer_id":48833427669211,"sku":"US-2081-IL","price":3436.0,"currency_code":"USD","in_stock":true},{"title":"26CB91US \/ 2026-12-07T09:00:00 \/ Herndon, VA","offer_id":48833427701979,"sku":"US-2081-IL","price":3436.0,"currency_code":"USD","in_stock":true},{"title":"271A70CN \/ 2027-01-25T09:00:00 \/ Ottawa","offer_id":48833427734747,"sku":"US-2081-IL","price":3436.0,"currency_code":"USD","in_stock":true},{"title":"273C19US \/ 2027-03-01T09:00:00 \/ Herndon, VA","offer_id":48833427767515,"sku":"US-2081-IL","price":3436.0,"currency_code":"USD","in_stock":true},{"title":"274A60CN \/ 2027-04-26T09:00:00 \/ Ottawa","offer_id":48833427800283,"sku":"US-2081-IL","price":3436.0,"currency_code":"USD","in_stock":true}]},{"product_id":"agentic-security","title":"Agentic Security","description":"\u003cdiv\u003e\u003cp\u003eAgentic Security: Attack and Defend AI Agents is a three-day, hands-on course for cybersecurity professionals who need to understand, attack, and defend the autonomous AI systems now operating inside enterprise environments. Every agentic system that perceives, reasons, plans, and acts is a new attack surface. This course teaches you to exploit it and protect it.\u003c\/p\u003e\u003c\/div\u003e\u003cdiv\u003e\n\u003ch3\u003eAgentic Security Benefits\u003c\/h3\u003e\n\u003cul\u003e\u003cli\u003e\n\u003cp\u003e\u003cb\u003eIn this course you will:\u003c\/b\u003e\u003c\/p\u003e\n\u003col\u003e\n\u003cli\u003e\u003cb\u003eUnderstand\u003c\/b\u003e\u003c\/li\u003e\n\u003cul\u003e\n\u003cli\u003eTrace the AI architecture stack — ML, DNNs, transformers, LLMs, GenAI models, agentic systems — and identify the attack surface at each layer\u003c\/li\u003e\n\u003cli\u003eMaster agentic AI design patterns: Cognitive Loop, Planner-Executor-Verifier, multi-agent orchestration, and tool\/API integration via MCP\u003c\/li\u003e\n\u003cli\u003eMap the threat landscape: OWASP ML Top 10, OWASP LLM Top 10, NIST Adversarial ML Taxonomy, and MITRE ATLAS\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cli\u003e\u003cb\u003eBuild\u003c\/b\u003e\u003c\/li\u003e\n\u003cul\u003e\n\u003cli\u003eConstruct anomaly detection and deep learning malware classification models on real cybersecurity datasets\u003c\/li\u003e\n\u003cli\u003eDeploy RAG pipelines integrating AlienVault OTX threat intelligence with chunk provenance validation\u003c\/li\u003e\n\u003cli\u003eImplement multi-agent SecOps workflows using LangChain, CrewAI, or AutoGen with Apache Kafka for agent communication\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cli\u003e\u003cb\u003eAttack\u003c\/b\u003e\u003c\/li\u003e\n\u003cul\u003e\n\u003cli\u003eExecute all five prompt injection variants: direct, indirect, chained, multi-language, and refusal suppression\u003c\/li\u003e\n\u003cli\u003eConduct training data poisoning, model extraction, token inference side-channel attacks, hallucination exploits, and payload splitting\u003c\/li\u003e\n\u003cli\u003ePerform AI-assisted memory forensic analysis using Volatility 3 to detect process hollowing, DLL injection, and advanced persistence\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cli\u003e\u003cb\u003eDefend \u0026amp; Govern\u003c\/b\u003e\u003c\/li\u003e\n\u003cul\u003e\n\u003cli\u003eBuild autonomous threat detection and response workflows with human-on-the-loop oversight checkpoints\u003c\/li\u003e\n\u003cli\u003eApply NIST AI RMF AI 600-1, OWASP LLM Governance Checklist, and Zero Trust principles to agentic AI deployments\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/ol\u003e\n\u003cp\u003e\u003cb\u003ePrerequisites\u003c\/b\u003e\u003c\/p\u003e\n\u003cp\u003e2+ years cybersecurity experience; basic Python; Docker familiarity; comfort with Linux command line; understanding of common attack vectors and defensive frameworks.\u003c\/p\u003e\n\u003cp\u003e\u003cb\u003eWho Should Attend:\u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity Operations \u0026amp; Defensive Roles\u003c\/li\u003e\n\u003cli\u003eSecurity Architecture \u0026amp; Engineering\u003c\/li\u003e\n\u003cli\u003eAI \/ ML \u0026amp; Emerging Tech Roles\u003c\/li\u003e\n\u003cli\u003eDevOps, Platform \u0026amp; Automation Roles\u003c\/li\u003e\n\u003cli\u003eGovernance, Risk \u0026amp; Compliance (GRC)\u003c\/li\u003e\n\u003cli\u003eLeadership \u0026amp; Strategy Roles\u003c\/li\u003e\n\u003cli\u003eRed Team \u0026amp; Offensive Security\u003cb\u003e \u003c\/b\u003e\n\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\u003ch3\u003eAgentic Security AI Training Outline\u003c\/h3\u003e\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eLearning Objectives\u003c\/h4\u003e\n\u003cp\u003e\u003cb\u003eModule 1: AI Architecture \u0026amp; Agentic Foundations\u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eTrace the development of AI from Turing's test to modern agentic systems\u003c\/li\u003e\n\u003cli\u003eDemystify ML, deep neural networks, transformers, and LLMs\u003c\/li\u003e\n\u003cli\u003eMaster agentic AI design patterns: Cognitive Loop, Planner-Executor-Verifier, multi-agent orchestration\u003c\/li\u003e\n\u003cli\u003eIdentify the AI Security Ecosystem attack surface across compute, data, model, and agent pipeline layers\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eModule 2: Generative AI for SecOps and Risk Management\u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eDeploy RAG pipelines integrating live threat intelligence with chunk provenance validation\u003c\/li\u003e\n\u003cli\u003eBuild AI-powered security operations workflows including incident reporting chatbots\u003c\/li\u003e\n\u003cli\u003eEstablish a strong foundation in AI security risk management (CIA Triad, CVE, GenAI-specific risks, DLP)\u003c\/li\u003e\n\u003cli\u003eApply adaptive authentication and data protection patterns to AI system deployments\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eModule 3: Hacking AI Agents – Adversarial Techniques\u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eIdentify OWASP ML Security Top Ten and OWASP LLM Top Ten risks\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cul\u003e\n\u003cli\u003eExecute the full prompt injection taxonomy: direct, indirect, chained, multi-language, refusal suppression\u003c\/li\u003e\n\u003cli\u003eMaster jailbreaking (DAN), prompt leaking, and agent hijacking via crafted inputs\u003c\/li\u003e\n\u003cli\u003eApply MITRE ATLAS and NIST AML taxonomy; execute AI Red Teaming methodology\u003c\/li\u003e\n\u003cli\u003eUnderstand GenAI social engineering, deepfake attacks, and the AI offensive toolkit\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eModule 4: Exploiting the AI Attack Surface\u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eConduct training data poisoning, model extraction, and membership inference attacks\u003c\/li\u003e\n\u003cli\u003eExecute token inference side-channel attacks, hallucination exploits, and payload splitting\u003c\/li\u003e\n\u003cli\u003ePerform AI-assisted memory forensics using Volatility 3 to detect advanced threats\u003c\/li\u003e\n\u003cli\u003eMap all attacks to the NIST AI 100-2 taxonomy and MITRE ATLAS matrix\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eModule 5: Defending with Agents-Autonomous SecOps\u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eBuild autonomous multi-agent threat detection and response workflows with human-on-the-loop oversight\u003c\/li\u003e\n\u003cli\u003eIntegrate AI-based IDS, SOAR playbooks, and threat intelligence into agentic SecOps pipelines\u003c\/li\u003e\n\u003cli\u003eDeploy multi-agent systems using LangChain\/CrewAI with Kafka and Redis\/Celery for agent infrastructure\u003c\/li\u003e\n\u003cli\u003eAugment SIEM and SOAR with GenAI: NLP threat queries, playbook generation, AI-assisted triage\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cb\u003eModule 6: AI Governance \u0026amp; Zero Trust for Agents\u003c\/b\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eApply NIST AI RMF AI 600-1, OWASP LLM Governance Checklist, and regulatory frameworks to AI agent deployments\u003c\/li\u003e\n\u003cli\u003eImplement Zero Trust patterns for generative AI and agentic systems\u003c\/li\u003e\n\u003cli\u003eDeploy a role-aligned AI security agent with signed audit logging as the Zero Trust exit criterion\u003c\/li\u003e\n\u003cli\u003eUnderstand quantum computing implications and advanced persistent AI threats for future readiness\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e","brand":"Learning Tree","offers":[{"title":"267D89US \/ 2026-07-15T09:00:00 \/ Herndon, VA","offer_id":48833429962971,"sku":"US-2016-IL","price":2228.0,"currency_code":"USD","in_stock":true},{"title":"268B09CN \/ 2026-08-26T09:00:00 \/ Ottawa","offer_id":48833429995739,"sku":"US-2016-IL","price":2228.0,"currency_code":"USD","in_stock":true},{"title":"26AC33US \/ 2026-10-07T09:00:00 \/ Herndon, VA","offer_id":48833430028507,"sku":"US-2016-IL","price":2228.0,"currency_code":"USD","in_stock":true},{"title":"26CA45CN \/ 2026-12-02T09:00:00 \/ Ottawa","offer_id":48833430061275,"sku":"US-2016-IL","price":2228.0,"currency_code":"USD","in_stock":true},{"title":"271C78US \/ 2027-01-13T09:00:00 \/ Herndon, VA","offer_id":48833430094043,"sku":"US-2016-IL","price":2228.0,"currency_code":"USD","in_stock":true},{"title":"272A49CN \/ 2027-02-24T09:00:00 \/ Ottawa","offer_id":48833430126811,"sku":"US-2016-IL","price":2228.0,"currency_code":"USD","in_stock":true},{"title":"274C30US \/ 2027-04-14T09:00:00 \/ Herndon, VA","offer_id":48833430159579,"sku":"US-2016-IL","price":2228.0,"currency_code":"USD","in_stock":true},{"title":"275A53CN \/ 2027-05-19T09:00:00 \/ Ottawa","offer_id":48833430192347,"sku":"US-2016-IL","price":2228.0,"currency_code":"USD","in_stock":true}]}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0691\/4143\/0491\/collections\/EuGiSPgJQDKiTrvxxUgg_a0e6a4af-8b73-4f80-af71-c201b7971492.webp?v=1780655656","url":"https:\/\/learningtreeinternational-dirinfosec-hhs.myshopify.com\/collections\/cyber-offense-defense.oembed","provider":"Learning Tree International","version":"1.0","type":"link"}