Cybersecurity education training opportunities – including DoD approved baseline certifications – are offered as private classes for your organization and through Merit Network’s Cyber Range Hubs. Most training opportunities can be offered through a virtual presence only.
DURATION: 4 HOURS
Organizations will learn to prioritize actions to improve enterprise security posture using a threat-focused approach, rather than regulatory compliance. This workshop offers a lens for focusing activity on improving the areas which will have the largest impact on security by concentrating on specific threats and how they can be used to exploit security weaknesses.
DURATION: 50 MINUTES
K-12 focused presentations discuss social engineering, critical controls for IT managers, cybersecurity from a hacker’s vantage point, OWASP 10 and SANS Top 20 Controls, securing endpoints and applications and IT risk management. Any individual in the K-12 arena will benefit from gaining an understanding in beginning an onsite security program through this workshop. Contact us to develop a custom program for your organization!
For those starting out in cybersecurity field; a great basic cybersecurity course with opportunity to learn and use popular open source tools. Learn the fundamental skills required to defend your networks against most computer hacking attempts in Defense Essentials. Eligible for Merit Academy Program.
Thinking like a hacker is crucial to being a skilled security professional and to proficiently test an organization’s security. Hacking Essentials provides understanding and insight about how to look for weaknesses and vulnerabilities in target systems and shows you how to use the same knowledge and tools as a malicious hacker. This class is taught with a combination of lecture, demonstration, and access to a Secure Sandbox for lab exercises on your own set VMs. Eligible for Merit Academy Program.
DURATION: 4 HOURS
Develop a roadmap for tracking and addressing risks throughout your development lifecycles. This workshop discusses implementation of NIST’s (National Institute of Standards and Technology) Risk Management Framework to reduce overall risk in your organization.
DURATION: 4 HOURS
Build an incident response plan for your organization. The IR Workshop is based on the National Institute of Standards and Technology (NIST) 800 framework for managing computer security incidents. Attendees will learn the format of an IR plan, how to determine a reportable incident, roles of a response team and more. Participants will leave the workshop with a drafted incident response plan.
Any company that must comply with the North American Electric Reliability Corporation (NERC) critical infrastructure protection (CIP) cybersecurity standards should attend, as well as accounting firms, emergency managers, government officials and police personnel.
This workshop can be tailored to instruct on development and testing for NERC CIPv6.
This is an introductory secure coding class aimed at the practice of developing computer software in a way that guards against the accidental introduction of security vulnerabilities. A critical first step in developing secure applications is effective training that allows developers to learn important secure coding principles and how they can be applied, then integrate it to your platform.
DURATION: 4 HOURS
With the cost of security products and services skyrocketing, how can organizations afford to protect themselves?
Larger organizations are able to purchase the necessary equipment and hire security staff, but small and medium sized businesses have difficulty keeping up. Hackers are very aware of this trend and are now targeting these smaller organizations with gaps in their security plan in the hopes of pulling off a successful breach.
Gartner is predicting that prices will continue to rise for security protection and firewall services. The industry could see as much as $170 billion in growth over the next four years.
DURATION: 4 OR 8 HOURS
Threat At Your Doorstep is comprised of several 50-minute modules focusing on the current threat landscape, social engineering, critical controls, common attack vectors and more. Participants receive an in-depth overview of the types of various hackers, the nature and role of training programs and warning signs of an attack. Attendees will also participate in a phishing demonstration.
Table Top Exercises test and validate an organization’s ability to handle cyber incidents, and execute procedures at an organizational level. Executives and employees from within finance, human resources, IT and legal departments should attend. Table Top exercises are designed to facilitate discussion around policies and procedures.
DURATION: 4 HOURS
From hardware and software configuration to end-user security, there are multiple potential vulnerabilities in the IoT space. The growing demand of new device technology often means that security is a secondary concern. With the global rise in hacking attempts, organizations must develop IoT security frameworks, secure programming best practices and end-user education.
In this introductory session on IoT, attendees will gain an understanding of how to apply IoT frameworks for increased security in manufacturing and consumer products.
DURATION: 50 MINUTES
Phishing attempts, the tactics employed to trick users into sharing personal information, passwords and credit card numbers, are growing in frequency and sophistication. This demonstration illustrates the ease and speed of phishing attempts and arms attendees with tactics to protect their personal data.
Michigan Cyber Range exercises, powered by Merit network, offer an affordable, hands-on training environment that provides real life scenarios that teach users to detect and mitigate cyber attacks.
These exercises complement other elements of cybersecurity training by challenging participants to apply the skills they’ve learned in classes and on-the-job training in realistic settings.
All teams can participate in Michigan Cyber Range exercises virtually – there is no requirement to be onsite. User experience is augmented through the use of our scoreboard and 3D visualization of the Alphaville training environment.
Unlike our competitors, Michigan Cyber Range exercises are wholly contained within the secure Michigan Cyber Range and are extremely affordable for organizations of all sizes and can be customized to meet your scheduling and organizational needs:
Game-based problem solving, more effective than book learning, Flexible scheduling with ½ day to week-long exercises, Facilitated by Cybersecurity Experts, Some exercises are self-paced, Customize teams to the needs of your organization, Training takes place at a Cyber Range facility or your site, All exercises mapped to the NICE Workforce Development framework.
Statewide hubs operate as a physical extension of the Michigan Cyber Range, the nation’s largest unclassified cyber range. Hubs offer more than forty industry-recognized certifications, exercises and workshops aimed at qualifying individuals for positions and contracts in cybersecurity fields.
DURATION: 4-8 HOURS
SKILL LEVEL: INTERMEDIATE
Capture the Flag, or CTF, is a challenge designed to cover the spectrum of cybersecurity. From Python scripting and web application hijacking to penetrating SCADA networks, reverse engineering and database hacking, the exercise challenges participants’ technical skills. Attendees will also learn to become better defenders by using open source tools.
Participants will use open source tools to fire off live attacks on networked systems in real time. A self-paced exercise, the CTF is a means to assess individual skills across a broad range of systems.
Teams and individuals can play from any location in a complete Capture the Flag environment. This means that nobody can prevent another’s ability to capture a flag or achieve a challenge. User experience is augmented through the use of our scoreboard and 3D visualization of the Alphaville environment. This is ideal for Capstone activity.
CTF participants should have basic computer skills, familiarity with the command line, understanding of IP addressing and DNS, familiarity with basic security concepts, problem solving skills, and resourcefulness. Participants will not know all the solutions to problems encountered in the CTF. The solutions will require research outside of the game.
PLEASE NOTE: Participants are shown how to access to the CTF and how to interact with the environment. A proctor is onsite to solve technical problems only. No assistance in how to solve challenges is offered. All participants must hold intermediate to advanced cybersecurity and programming skills in order to succeed in the exercise.
DURATION: 8 HOURS
SKILL LEVEL: INTERMEDIATE – ADVANCED
The Cyber Defense Exercise scenario is a force-on-force cyber exercise that challenges cybersecurity professionals with a live, thinking, adapting adversary.
This exercise is completely customizable – your teams can attack, defend or both. Cyber Defense Exercise takes place in a subset of our larger Alphaville Training environment. Teams are assessed based on learning objectives in an after-action review.
DURATION: 8 HOURS
SKILL LEVEL: INTERMEDIATE – ADVANCED EXISTING CYBER INCIDENT RESPONSE TEAMS
Cyber Sentinel Active is a version of Cyber Sentinel that is intended to strengthen and assess the response capability of an organization’s already established Incident Response team. This exercise is intended for established teams who understand their current roles during an incident.
Your preexisting cyber incident response teams will play against one or more Red Teams to secure your network and conduct forensic analysis.
DURATION: 8 HOURS
SKILL LEVEL: NEWLY FORMED CYBER IR TEAMS WITH INTERMEDIATE SKILLS
Cyber Sentinel Passive is a hands-on foundational Incident Response exercise that maps to the NIST 800 standards. Sentinel will lay the groundwork for establishing and strengthening your Incident Response teams, assigning team member roles and assessing your organization’s readiness to an actual incident. Newly formed teams should participate in this exercise – Cyber Range Analysts will leave forensic clues for your participants to work through as a team.
Teams will need to quickly distinguish between precursors, indicators and false positives to secure the network and conduct forensic analysis. Problem solving and tool selection play an integral role in progressing through the exercise, as well as utilizing various open source tools to enumerate actual threats. Traditionally this exercise is not scripted, and requires players to simulate their actions and policies as they would in defending a live network against passive adversaries.
• Preparation and IR planning
• Detection and analysis
• Containment, eradication and recovery
• Post-incident activity
DURATION: 8 HOURS
SKILL LEVEL: INTERMEDIATE – ADVANCED
Paintball is a multi-team-based engagement, which challenges the penetration and defense skills across the spectrum of cybersecurity. Similar to Capture The Flag, teams use open source tools to fire off live attacks on networked systems in real time.
Teams compete against each other in the Alphaville environment with the goal of penetrating, controlling, and securing as many systems as possible.
DURATION: 4- 8 HOURS
SKILL LEVEL: NOVICE – EXECUTIVES
Tabletop Exercises test and validate an organization’s ability to handle cyber incidents, and execute procedures at an organizational level.
Executives and employees from within finance, human resources, IT and legal departments should attend. Tabletop exercises are designed to facilitate discussion around policies and procedures.
The Michigan Cyber Range can design custom tabletop exercises to fit nearly any learning objective.
- Continuity of operations
- DDoS mitigation
- Ransomware mitigation
- Disaster recovery planning
The Michigan Cyber Range features a cybersecurity education experience based upon the National Institute of Standards and Technology National Initiative for Cybersecurity Education (NICE). The NICE framework organizes and presents the skills and work requirements that America’s cybersecurity workforce requires to support the National Preparedness Goals of detecting, mitigating, and defeating malicious actors and cyber-based threats. The framework engages all levels of the workforce, presenting essential concepts, techniques and practices based on an individual’s function within the organization.
The 8570 compliant courses are offered through four out of the five recognized certification providers in partnership with Cyber World Institute. Merit Network is the only non-profit in North America able to offer EC Council, ISC2, CompTIA and ISACA. Courses are available live online, in person, and private on-site.
EC-Council classes are offered by Cyber World Institute, an EC-Council Accredited Training Center(ATC) Partner. All trademarks are sole property of EC-Council.
Scholarships may be available for Merit Members who may not otherwise be able to attend.
CAP – Certified Authorization Professional – ISC2
The CAP certification is an objective measure of the knowledge, skills, and abilities required for personnel involved in the process of authorizing and maintaining information systems. Specifically, this credential applies to those responsible for formalizing processes used to assess risk and establish security requirements and documentation. Earning the CAP is a powerful way to validate your knowledge. It shows you thoroughly understand information security and risk management processes and procedures. You’ll stand out and be more competitive.
CCFP – Certified Computer Forensics Professional – ISC2 CCFP addresses more experienced cyber forensics professionals who already have the proficiency and perspective to effectively apply their cyber forensics expertise to a variety of challenges. In fact, many new CCFP professionals likely hold one or more other digital forensics certifications. Given the varied applications of cyber forensics, CCFP professionals can come from an array of corporate, legal, law enforcement, and government occupations.
CCSP – Certified Cloud Security Professional – ISC2
Instant credibility and differentiation. The CCSP positions you as an authority figure on cloud security. It’s a quick way to communicate your knowledge and earn trust from your clients or senior leadership. Unique recognition. When you earn the CCSP, you achieve the highest standard for cloud security expertise. This certification is powered by the two leading non-profits focused on cloud and information security.
CISSP – Certified Information Systems Security Professional – ISC2
As other CISSPs will tell you, this certification will raise your visibility and credibility, improve your job security, create new opportunities for you or even increase your salary — depending on your country and employer. Challenge yourself to grow and be better. The CISSP exam is a rigorous test of your knowledge. But well beyond the exam, the CISSP is about reaching a deeper, better and broader understanding of the common body of knowledge for cybersecurity. It’s an exhilarating feeling to become a CISSP.
CSSLP – Certified Secure Software Lifecycle Professional – ISC2
Instant credibility. The CSSLP proves you’re a subject matter expert in application security. It shows you have desirable skills for employers around the world, giving you more opportunities. Increased compensation. While pay practices vary by employer, many CSSLPs find that this software security certification can lead to pay gains and “skill premiums.” Relevant, new knowledge. Earning the CSSLP is a great way to expand your security knowledge, in addition to affirming your expertise. It offers continuing education, so you can keep your skills current and relevant.
HCISPP – HealthCare Information Security and Privacy Practitioner – ISC2
The HCISPP is the only certification that proves you have the practical skills, foundational knowledge and experience in both security and privacy on an international level. It shows you know best practices and have real-world expertise in both healthcare information security and privacy. The HCISPP exam covers current, global topics. This ensures you’re up-to-speed on evolving threats and regulations around the world. You’re better prepared to protect your organization and patient data.
C)NDA – Certified Network Defense Architect – EC-Council
This course will significantly benefit security officers, auditors, security professionals, site administrators, and anyone who is concerned about the integrity of the network infrastructure. This course was specially designed for Government Agencies.
CCISO – Certified Chief Information Security Officer – EC-Council
The Certified CISO (CCISO) program is the first of its kind training and certification program aimed at producing top-level information security executives. The CCISO does not focus solely on technical knowledge but on the application of information security management principles from an executive management point of view. The program was developed by sitting CISOs for current and aspiring CISOs. In order to sit for the CCISO exam and earn the certification, candidates must meet the basic CCISO requirements.
CEH – Certified Ethical Hacker – EC-Council
A Certified Ethical Hacker is a skilled professional who understands and knows how to look for weaknesses and vulnerabilities in target systems and uses the same knowledge and tools as a malicious hacker, but in a lawful and legitimate manner to assess the security posture of a target system(s). The CEH credential certifies individuals in the specific network security discipline of Ethical Hacking from a vendor-neutral perspective.
CHFI – Computer Hacking Forensic Investigator – EC-Council
The Computer Hacking Forensic Investigator course provides a strong baseline knowledge of key concepts and practices in the digital forensic domains relevant to today’s organizations. CHFI provides its attendees a firm grasp on the domains of digital forensics. In the event of a cyber-attack or incident, it is critical investigations be carried out in a manner that is forensically sound to preserve evidence in the event of a breach of the law.
E)CES – EC-Council Certified Encryption Specialist – EC-Council
A person successfully completing this course will be able to select the encryption standard that is most beneficial to their organization and understand how to effectively deploy that technology. This course is excellent for ethical hackers and penetration testing professionals as most penetration testing courses skip cryptanalysis completely.
ECIH – EC-Council Certified Incident Handler – EC-Council
The EC-Council Certified Incident Handler program is designed to provide the fundamental skills to handle and respond to the computer security incidents in an information system. The course addresses various underlying principles and techniques for detecting and responding to current and emerging computer security threats. Students will learn how to handle various types of incidents, risk assessment methodologies, and various laws and policy related to incident handling.
ECSA – EC-Council Certified Security Analyst – EC-Council
The ECSA penetration testing course provides you with a real world hands-on penetration testing experience and is a globally accepted hacking and penetration testing class available that covers the testing of modern infrastructures, operating systems and application environments while teaching the students how to document and write a penetration testing report.
ENSA – EC-Council Network Security Administrator – EC-Council
The EC-Council Network Security Administrator (ENSA) certification verifies candidate’s network security skills and knowledge from defensive perspective while the CEH certification looks at the security from an offensive view. An ENSA should have fundamental skills to analyze the internal and external security threats against a network, and to develop security policies that will protect an organization’s information. Certified professionals should know how to evaluate network and Internet security issues and design, and how to implement successful security policies and firewall strategies.
L)PT – Licensed Penetration Tester – EC-Council
EC-Council’s prestigious endorsement as a licensed penetration testing professional, allows successful candidates to practice penetration testing and consulting internationally. You will need to demonstrate a mastery of the skills required to conduct a full blackbox penetration test of a network provided to you by EC-Council on our cyber range, iLabs. You will follow the entire process taught to you through Ethical Hacking and Security Assessment, taking you from reconnaissance, scanning, enumeration, gaining access, maintaining access, then exploiting vulnerabilities that you will have to seek out in a network that only a true professional will be able to break.
A+ – CompTIA A+ – CompTIA
Held by over 1 million IT professionals worldwide, CompTIA A+ is the most essential IT certification for establishing an IT career. If you’re new to the IT industry, this will help you put your best foot forward. And if you’re already an IT professional, the CompTIA A+ certification validates your skills and can boost your career.
N+ – Network+ – CompTIA
The stakes are high. Data networks are more crucial for businesses than ever before. They are the lifeline to the critical financial, healthcare and information services that need to function at the highest, most secure level. With a CompTIA Network+ certification, you will possess the key skills to troubleshoot, configure and manage these systems and keep your company productive.
S+ – Security+ – CompTIA
IT security is paramount to organizations as cloud computing and mobile devices have changed the way we do business. With the massive amounts of data transmitted and stored on networks throughout the world, it’s essential to have effective security practices in place. That’s where CompTIA Security+ comes in. Get the Security+ certification to show that you have the skills to secure a network and deter hackers and you’re ready for the job.
C)DFE – Certified Digital Forensics Examiner – Mile2
The Certified Digital Forensics Examiner vendor neutral certification is designed to train Cyber Crime and Fraud Investigators whereby students are taught electronic discovery and advanced investigation techniques. This course is essential to anyone encountering digital evidence while conducting an investigation. The Certified Digital Forensics Examiner course will benefit organizations, individuals, government offices, and law enforcement agencies interested in pursuing litigation, proof of guilt, or corrective action based on digital evidence.
C)DRE – Certified Disaster Recovery Engineer – Mile2
The comprehensive Certified Disaster Recovery Engineer course goes beyond traditional BCP training -preparing students for industry certification in Business Continuity planning, and presenting the latest methodologies and best practices for real-world systems recovery. Students will receive a solid foundation of instruction that will enable them to create meaningful business continuity plans. This course offers up-to-date information that has been developed by leading risk management professionals.
C)IHE – Certified Incident Handling Engineer – Mile2
The Certified Incident Handling Engineer vendor neutral certification is designed to help Incident Handlers, System Administrators, and any General Security Engineers understand how to plan, create and utilize their systems in order to prevent, detect and respond to attacks. Furthermore, students will enjoy numerous hands-on laboratory exercises that focus on topics, such as reconnaissance, vulnerability assessments using Nessus, network sniffing, web application manipulation, malware and using Netcat plus several additional scenarios for both Windows and Linux systems.
C)ISA – Certified Information Systems Auditor – Mile2
Earning the CISA designation helps assure a positive reputation as a qualified IS audit, control and/or security professional, and because the CISA program certifies individuals who demonstrate proficiency in today’s most sought-after skills, employers prefer to hire and retain those who achieve and maintain their designation. Learn how to decode the technical situation and report on compliance using accurate, non-technical facts. Learn how to avoid the common pitfalls so you can remain safe from liability.
C)ISSM – Certified Information Systems Security Manager – Mile2
The Certified Information Systems Security Manager covers the skills and knowledge to assess threat analysis and risks, Risk & incident management, Security programs and CISO roles, IS security strategy and frameworks, Audit and Risk management creation of policies, compliance and awareness, as well as DR and BCP development, deployment and maintenance. The Certified Information Systems Security Manager will receive in-depth knowledge.
C)ISSO – Certified Information Systems Security Officer – Mile2
The C)ISSO course addresses the broad range of industry best practices as well as the knowledge and skills expected of a security leader. The C)ISSO candidate learns BOTH the theory and the requirements for practical implementation of core security concepts, practices, monitoring and compliance. Through the use of a risk-based approach, the C)ISSO is able to implement and maintain cost-effective security controls that are closely aligned with not only business requirements but global industry standards.
C)NFE – Certified Network Forensics Examiner – Mile2
The C)NFE takes a digital and network forensic skill set to the next level by navigating through over twenty modules of network forensic topics. The CNFE provides practical experience through our lab exercises that simulate real-world scenarios that cover investigation and recovery of data in network, Physical Interception, Traffic Acquisition, Analysis, Wireless Attacks and SNORT. The course focuses on the centralizing and investigating of logging systems as well as network devices.
C)PEH – Certified Professional Ethical Hacker – Mile2
The CPEH certification training enables students to understand the importance of vulnerability assessments by providing industry knowledge and skills in Vulnerability Assessments. In doing so, the CPEH student is able to understand how malware and destructive viruses function. In addition, the CPEH course helps students learn how to implement counter response and preventative measures when it comes to a network hack.
C)PTC – Certified Penetration Testing Consultant – Mile2
The vendor neutral Certified Penetration Testing Consultant course is designed for IT Security Professionals and IT Network Administrators who are interested in conducting Penetration tests against large network infrastructures similar to large corporate networks, Services Providers and Telecommunication Companies.
C)PTE – Certified Penetration Testing Engineer – Mile2
The C)PTE presents information based on the 5 Key Elements of Pen Testing; Information Gathering, Scanning, Enumeration, Exploitation and Reporting. The latest vulnerabilities will be discovered using these tried and true techniques. This course also enhances the business skills needed to identify protection opportunities, justify testing activities and optimize security controls to reduce risk associated to working with the internet.
C)SLO – Certified Security Leadership Officer – Mile2
The C)SLO course was designed to give management an essential understanding of current security issues, best practices, and technology. Because a security officer or manager understands the value of security, he or she is prepared to manage the security component of an information technology security projects. A C)SLO candidate can be seen as the bridge between the cyber security team and operations as well as business management.
C)SAP – Certified Security Awareness Principles – Mile2 Certified Security Awareness Principles certification course is intended for anyone that uses a computer on the internet. Attendees will understand the security threats as well as the countermeasures associated with these attacks. Employees will learn that the weakest link in any security program is a poorly trained department. This course teaches general security awareness as well as how to develop a strong security culture within your company’s community.
C)SWAE – Certified Secure Web Application Engineer – Mile2
The Secure Web programmer knows how to identify, mitigate and defend against all attacks through designing and building systems that are resistant to failure. The secure web application developer knows how to develop web applications that aren’t subject to common vulnerabilities, and how to test and validate that their applications are secure, reliable and resistant to attack. The vendor neutral Certified Secure Web Application Engineer certification provides the developer with a thorough and broad understanding of secure application concepts, principles and standards.
C)VME – Certified Virtual Machine Engineer – Mile2
The Certified Virtual Machine Engineer course is designed for those who need to understand virtualization and the impacts it can have on an organization. This high impact course provides not only the foundational level of knowledge needed for an efficient datacenter. It also provides the most recent in virtualization and cloud technologies which gives the Certified Virtual Machine Engineer the knowledge and skills necessary to design and manage the datacenter effectively.
C)WSE – Certified Wireless Security Engineer – Mile2
The Certified Wireless Security Engineer is prepared to identify those risk that wireless networks present for a business and to create and implement a plan to mitigate those risk. The C)WSE course will give students real-world experience with solving security vulnerabilities in wireless networks.
Ultimate Penetration Testing Bootcamp – Mile2
The Ultimate Penetration Testing Bootcamp will teach you the necessary skills to work as a penetration testing team, the exploitation process, how to create a buffer overflow against programs running on Window and Linux while subverting features such as DEP and ASLR.
IS20 Security Controls – Mile2
IS20 Controls certification course covers proven general controls and methodologies that are used to execute and analyze the Top Twenty Most Critical Security Controls. This course allows the security professional to see how to implement controls in their existing network(s) through highly effective and economical automation. For management, this training is the best way to distinguish how you’ll assess whether these security controls are effectively being administered or if they are falling short to industry standards.
CCNP – Cisco Certified Network Professional – CISCO
Cisco Certified Network Professional Security (CCNP Security) certification program is aligned specifically to the job role of the Cisco Network Security Engineer responsible for Security in Routers, Switches, Networking devices and appliances, as well as choosing, deploying, supporting and troubleshooting Firewalls, VPNS, and IDS/IPS solutions for their networking environments.
DoD 8570 to 8140
The Department of Defense (DoD) released the Cyberspace Workforce Management directive, DoD Directive (DoDD) 8140.01, on August 11, 2015. This directive is for personnel who support DoD intelligence, security and law enforcement missions in cyberspace. Through NIST Publication 800-181, the NICE Framework establishes 7 broad categories, 31 specialty areas, and 52 work roles. All supported by KSATs – Knowledge, Skills, Abilities, and Tasks.
8140.01 reissues and renumbers DoDD 8570.01 to update and expand established policies and assigned responsibilities for managing the DoD cyberspace workforce. The goal of this directive is to unify the overall cyberspace workforce and establish specific workforce elements (cyberspace effects, cybersecurity and cyberspace information technology) to align, manage and standardize cyberspace work roles, baseline qualifications and training requirements.
Until the Information Assurance (IA) Workforce Improvement Program 8140.01 manual is issued, the 8570.01 baseline certifications remain in effect.
It is important to note that the DoD has added new certifications to the 8570.01 – COMPTIAs CySA+, Logical Operations Certified First Responder CFR, and Cisco’s SCyber. The DoD Approved Baseline Certifications table provides a list of DoD-approved certifications aligned to each category and level of the IA workforce. Personnel performing IA functions must obtain one of the certifications required for their position’s category or specialty and level.
MERIT’S TRAINING PARTNER
Merit Network, in partnership with Cyber World Institute, is the only non-profit in North America able to offer EC-Council, ISC2, CompTIA and ISACA courses. Many classes include certification test fees and course offerings include most of the Department of Defense Directive 8570.1 requirements.
EC-Council classes are offered by Cyber World Institute, an EC-Council Accredited Training Center(ATC) Partner. All trademarks are sole property of EC-Council.
DOD APPROVED BASELINE CERTIFICATIONS
ARCHITECTURE & ENGINEERING
The Merit Academy Program is the first of its kind in the nation, offering accredited cybersecurity certification courses that support your curriculum. This comes at a greatly reduced cost for institutions that have their own teaching or training staff. While the Academy program is used more often in a Higher Education platform, it is available to any organization. The duration of the course is at the sole discretion of the institution and is required to be greater than one week and less than six months in length. A Merit membership is required to offer the Academy Program.
- Instructor portal includes: PowerPoint, lab guides, quiz and test generators, videos, study material and additional on-demand learning for students
- Academy courses are accredited by the NSA, the National Initiative for Cybersecurity Education (NICE), the National Initiative for Cybersecurity Careers and Studies (NICCS), and ISACA.
- Access to trainer and Merit staff best practices learning for students
- Virtualized lab environment provides students and instructors with 24×7 access from anywhere in the world
- Full curriculum and instructor materials provided to the instructor
- Industry certified examination (upon institution approval) provided at no additional costs for all students and one re-take exam (optional) included
- Early access to instructor material and virtual lab environment
- While certificates do not comply with DOD 8570 credentialing, they are regarded as the best preparation courses to sit for those exams in the nation
- Virtualized lab environment allows participants to practice live attacks and network scans without fear of damaging your production network or compromising institutional servers
CIHE: The Certified Incident Handling Engineer 5 day course is designed to help Incident Handlers, System Administrators, and Cyber Security Engineers understand how to plan, create and utilize their systems in order to prevent, detect and respond to attacks. In this in depth training, students will learn step-by-step approaches used by hackers globally, the latest attack vectors and how to safeguard against them, Incident Handling procedures (including developing the process from start to finish and establishing your Incident Handling team), strategies for each type of attack, recovering from attacks and much more.
The C)ISSO is internationally regarded as the most complete and comprehensive prep course to sit for the C)ISSP and includes instruction for all of the eight domains associated with proper Information Security Management. Where applicable, students may also receive proprietary study material for the C)ISSP exam in conjunction with the Mile2 curriculum. This course is theoretical and does not contain labs. Most members place this in the Information Security or MIS platform but that is at the member’s discretion.
The C)PEH training presents information on the latest exploit techniques, vulnerabilities and defenses. This class also enhances the business skills needed to identify protection opportunities, justify testing activities and optimize security controls appropriate to the business needs in order to reduce business risk. This course was developed based on principles and methods used by malicious hackers, but its focus is professional penetration testing and securing information assets. The course provides in-depth labs that focus on open source and commercial based tools, and on industry best practices. These hands-on labs emulate real world hacking scenarios. The labs equip the candidate to assess an organization’s security posture, help implement controls to better secure network infrastructure.
This course is the introductory training in the line of penetration testing courses and certifications. The course helps students gain a foundational knowledge of vulnerability assessments, penetration testing and report writing. Students will learn the process of penetration testing with an emphasis on the business skills needed to identify protection opportunities, justify testing activities and optimize security controls appropriate with organizational needs to reduce risk. The course provides in-depth labs that focus on both open source and commercial based tools with industry best practices. These hands-on labs emulate real world hacking scenarios and equip the candidate to assess your company’s security posture, help implement controls to better secure network infrastructure.
This course provides students with the knowledge and processes needed to identify and defend against security vulnerabilities in software applications. This course provides the aspiring developer or experienced developer with a thorough and broad understanding of secure application concepts, principles and standards. The student will be able to design, develop and test web applications that will provide reliable web services that meet functional business requirements and satisfy compliance and assurance needs. Students will put theory to practice by completing real world labs that include testing applications for software vulnerabilities, identifying weaknesses in design through architecture risks analysis and threat modeling and conducting secure code reviews. This course was developed in conjunction with leading OWASP experts and industry demand in web applications.
This course empowers the student to put together a more complete report using evidence from reconstructed and recovered network transactions. Students learn principles of network forensics analysis and how to apply them by using common tools to recognize traffic patterns associated with suspicious network behavior and subsequently perform network repair procedures. Students will put theory to practice by completing real world labs that simulate real-world scenarios, which cover investigation and recovery of data in network, physical interception, traffic acquisition, analysis, wireless attacks and SNORT. The course focuses on the centralizing and investigating of logging systems as well as network devices.
Certified Digital Forensics Examiner training teaches the methodology for conducting a computer forensic examination. Students will learn to use forensically sound investigative techniques in order to evaluate the scene, collect and document all relevant information, interview appropriate personnel, maintain chain-of-custody, and write a findings report. The Certified Digital Forensics Examiner course will benefit organizations, individuals, government offices, and law enforcement agencies interested in pursuing litigation, proof of guilt, or corrective action based on digital evidence.
WHO SHOULD ATTEND?
• Security Officers
• IS Managers
• Agents/Police Officers
• Data Owners
• IT managers
• IS Manager/Officers