Course

Credit Type:
Course
ACE ID:
IRON-0002
Version:
1
Organization's ID:
BLUE 1
Organization:
IronCircle
Location:
Online
Length:
11 weeks (100 hours)
Minimum Passing Score:
70
ACE Credit Recommendation Period:
Credit Recommendation & Competencies
Level Credits (SH) Subject
Lower-Division Baccalaureate 3 Fundamentals of Cybersecurity
Competency Framework Statement
NICE Workforce Framework for Cybersecurity Establish enterprise information security architecture (T1186)
NICE Workforce Framework for Cybersecurity Manage computing environment system operations (T1321)
NICE Workforce Framework for Cybersecurity Skill in administering operating systems (S0678)
NICE Workforce Framework for Cybersecurity Skill in analyzing large data sets (S0435)
NICE Workforce Framework for Cybersecurity Skill in configuring computer protection components (S0685)
NICE Workforce Framework for Cybersecurity Skill in configuring network protection components (S0618)
NICE Workforce Framework for Cybersecurity Skill in configuring software-based computer protection tools (S0613)
NICE Workforce Framework for Cybersecurity Skill in containing malware (S0549)
NICE Workforce Framework for Cybersecurity Skill in executing command line tools (S0424)
NICE Workforce Framework for Cybersecurity Skill in identifying malware (S0547)
NICE Workforce Framework for Cybersecurity Skill in performing network traffic analysis (S0874)
NICE Workforce Framework for Cybersecurity Skill in protecting a network against malware (S0615)
NICE Workforce Framework for Cybersecurity Skill in reviewing logs (S0641)
Description

Objective:

The course objective is to build on foundational knowledge to prepare learners for real-time monitoring, incident detection and operational cyber defense.

Designed for individuals with basic IT literacy or those who have completed the Certified Cybersecurity Associate, this course blends interactive content with real-world labs to simulate job tasks performed in a SOC environment.

Learning Outcomes:

  • Identify the stages of the Cyber Kill Chain
  • Explain the purpose of each phase in the Cyber Kill Chain
  • Analyze network traffic in Wireshark to identify indicators of malicious activity
  • Analyze packet data to detect brute-force attempts and credential theft
  • Extract forensic artifacts for investigation
  • Implement Windows Firewall rules to block ICMP Echo Requests
  • Evaluate the effectiveness of firewall rules through system testing
  • Implement Wazuh to monitor file integrity and generate real-time alerts for sensitive file changes
  • Apply BitLocker encryption on a Windows Server to secure drive protection
  • Perform malware detection and removal on a Linux system using ClamAV
  • Implement an OpenVPN client and server connection to establish secure remote access
  • Apply chain rules in iptables to control network traffic on a Linux system
  • Implement Windows Firewall rules to control outbound and inbound network traffic
  • Apply firewall rules to secure networks and manage device communication
  • Create Snort rules to detect and alert on malicious network activity
  • Launch and manage an Ubuntu EC2 instance in AWS using SSH and basic Linux operations
  • Create an AWS Lambda function and configure CloudWatch to monitor execution behavior
  • Create an S3 bucket to host and control access to a Single Page Application
  • Create an ECS Fargate container to deploy an application in a cloud environment
  • Analyze SIEM dashboard alerts to differentiate routine events from indicators of compromise
  • Analyze Splunk alerts and logs to investigate suspicious activity related to a web-based attack
  • Create a Splunk dashboard to visualize and monitor Apache HTTP 404 errors
  • Integrate Apache access logs into Splunk and create real-time alerts to monitor server errors
  • Analyze a suspicious file with static and dynamic techniques to identify malware behavior and evasion methods
  • Perform dynamic malware analysis using Sysinternals tools to observe system behavior
  • Analyze malware using static and dynamic techniques to identify characteristics, behaviors, and removal methods
  • Analyze Shodan search results to identify internet-facing devices and potential vulnerabilities
  • Experiment with large language model parameters to evaluate their impact on chatbot responses
  • Analyze Apache and authentication logs to identify indicators of web-based attacks and unauthorized access
  • Analyze a suspicious PHP file in VirusTotal to identify malicious behavior such as reverse shell activity
  • Analyze email samples to extract indicators of compromise and determine phishing activity
  • Simulate prompt injection attacks against an LLM-powered chatbot to reveal weaknesses in guardrail implementation
  • Analyze LLM outputs to identify and mitigate risks of sensitive information disclosure

General Topics:

  • Fundamentals: Cybersecurity and SOC Operations Basics, Networking and Security Fundamentals, Windows and Linux Security
  • Essentials: Network Security, SIEM Fundamentals and Log Analysis, Incident Response
  • Analysis: Intro to Malware and Digital Forensics Basics, Cloud Security and Basic SOC Operations in the Cloud, AI for SOC Analysts
Instruction & Assessment

Instructional Strategies:

  • Audio Visual Materials
  • Case Studies
  • Computer Based Training
  • Laboratory
  • Practical Exercises
  • Work-based Learning
  • Performance Rubrics (Checklists)
  • Facilitation weekly- optional

Methods of Assessment:

  • Case Studies
  • Examinations
  • Performance Rubrics (Checklists)
  • Presentations
  • Quizzes
Supplemental Materials
Equivalencies

Other offerings from IronCircle

View All Courses
College Credit Opportunities