M.7 Overview of Cyber Defense
Cyber operations encompass both offensive and defensive operations. Defensive operations are essential in protecting our systems and associated digital assets. Understanding how defense compliments offense is essential in a well-rounded cyber operations program.
Specific topics to be covered in this knowledge unit include, but are not limited to:
- Identification of reconnaissance operations
- Anomaly/intrusion detection
- Anomaly identification
- Identification of command and control operations
- Identification of data exfiltration activities
- Identifying malicious code based on signatures, behavior and artifacts
- Network security techniques and components (e.g., firewalls, IDS, etc.)
- Cryptography (include PKI cryptography) and its uses in cybersecurity
- Malicious activity detection
- System security architectures and concepts
- Defense in depth
- Trust relationships
- Distributed/Cloud
- Virtualization
Outcome: Students will have a sound understanding of the technologies and methods utilized to defend systems and networks. They will be able to describe, evaluate, and operate a defensive network architecture employing multiple layers of protection using technologies appropriate to meet mission security goals.
In addition to course syllabi, applications must include examples of hands-on lab exercises to demonstrate that students have achieved mastery of this KU.