How To Choose the Right Cybersecurity Bootcamp
March 25, 2003, is a day I won’t struggle to remember.
4 min read
Anthony Bendas : March 29, 2023
Here’s a scenario: a cybersecurity analyst might have to respond to a network that has been compromised by sophisticated malware evading traditional security measures. The analyst would need to quickly detect and analyze the attack, identify the type of malware, and develop and implement a response plan to contain and mitigate the damage.
That’s a lot to unravel to ensure someone is competently trained to handle the challenge above.
Enter the National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework, which provides a comprehensive and detailed description of expected cybersecurity workforce roles, including the cyber defense analyst role (in other words, a cybersecurity analyst). The framework describes the skills, knowledge, and abilities required for individuals in a given role to detect, analyze, and respond to cyber threats and attacks on computer networks and systems.
Ultimately, it helps to establish a common understanding of what a role entails, which can facilitate workforce development, training, and recruitment efforts in the field of cybersecurity. More specifically, the KSAs (Knowledge Skills, Abilities) can be found here.
So why did we choose it over the CompTIA Security+ objectives? Here’s our take on why:
The competencies within the KSAs can be summarized below:
Let’s go back to that scenario now.
In the opening scenario, the NICE Cybersecurity Workforce Framework can help ensure that an analyst trained using this framework has the necessary skills and knowledge to effectively respond to the attack. The framework outlines several key competencies we can expand upon further that are required for the cyber defense analyst role in this scenario, including:
Using this framework, a cyber defense analyst would be trained to approach the malware attack in a systematic and effective way. They would use their skills and knowledge to detect and analyze the attack, identify the type of malware, and develop a response plan that includes containing the attack and mitigating the damage. They would also use their knowledge of network defense and cybersecurity tools to implement effective security measures to prevent future attacks.
So what does this look like in the course?
Well here’s a breakdown of two of our labs as a result of our mapping content to the framework using our experience in the field to ensure relativity:
Description:
It helps learners to get familiar with the three components of ELK, namely Elastic, Logstash, and Kibana. The lab content focuses on using Kibana to query the Elastic database and output data in a usable format.
Learning Objectives:
The learning objectives are to understand the layout of ELK, generate basic queries, and visualizations. By the end of the lab, learners should be able to interact with Kibana to query the Elastic database, filter results using key-value pairs, and specify a time range.
Competencies:
The competencies developed include data querying, filtering, and visualization. It helps learners develop competencies in analyzing logs and detecting threats to protect and defend systems.
NICE Mapping:
The lab is relevant to the NICE framework page provided earlier as it falls under the "Protect and Defend" category, particularly in the Cyber Defense Analysis (CDA) specialty area.
Description:
Understand how to use the Sysinternals suite to detect potentially malicious applications running on a Windows system using tools such as Autoruns, Sigcheck, and TCPView.
Learning Objectives:
The learning objectives of the lab are to teach users how to identify potentially malicious applications running on a Windows system by: Using Autoruns to identify services and scheduled tasks that start up when the computer boots, filter out Windows-related entries, and identify suspicious entries, using Sigcheck to verify the signature of a binary and determine its validity, and using TCPView to show which network sockets are open on the computer including listening ports and established connections.
Competencies:
This lab helps develop the technical skills and knowledge needed for cybersecurity professionals, particularly in the areas of malware detection and analysis, system monitoring and analysis, and network security. It also emphasizes the importance of understanding and using security tools to secure Windows systems.
NICE Mapping:
The lab is relevant to the NICE Framework particularly in the Protect and Defend category, which includes the skills needed to identify cybersecurity threats and vulnerabilities, develop and implement safeguards, and identify suspicious network activities.
Want to learn more? Check out our free 12 hour Cybersecurity Foundations course that comes with five challenging assessments and a digital badge to earn upon passing them!
March 25, 2003, is a day I won’t struggle to remember.
In a field that evolves as fast as cybersecurity, having a solid foundation is crucial for success. While many introductory courses provide a basic...
So, you’ve wrapped up your cybersecurity education or completed our Cyber Defense Analyst Program—congratulations! You’re well on your way to landing...