programs

CYBER RISK MANAGEMENT FRAMEWORK (RMF) PROGRAM

fc rmF 101

risk management policy and methods

Students will learn the fundamentals of information assurance and methodologies of securing a network and its hosts. Students will learn the necessary skills to identify risks and implement defense in depth via a multitude of methods. Students review and analyze the compliance implications of selected cloud security policies and methods with a specific focus on the NIST RMF.

fc rmF 201

risk management methodology

Integrating enterprise and cloud systems risk management, students apply the NIST RMF as they complete project deliverables and communicate project results. In addition, students develop in-depth analytic competencies.

In this virtual practicum, focusing on integrated enterprise on-prem and cloud systems, students develop the capability to evaluate a test case scenario system, develop an SSP, and select and/or write appropriate security controls. Students then document results.

Focusing on integrated enterprise on-prem and cloud systems, students develop the capability to evaluate system security, analyze system assessment reports to make recommendations for a POA&M, comply with all Authorization to Operate package requirements, and strategically develop ISCM. Recommendations based on completed assessment and authorization project for the enterprise on-prem and cloud systems.

fc rmF 301

Categorize and implement

Project assignments for this course will include hacking wireless networks and mobile phones, cryptography, cloud computing, scanning networks, social engineering, and session hijacking.

Cyber concepts

Linux Fundamentals

Networking basics

Linux logging

Web hosting

Security Operations

Snort IDS

Vulnerability Assessments

Digital Forensics

IoT Security

Microsoft OS Management

Splunk

fc rmF 401

Monitor and authorize

Continued – Learn the latest commercial-grade hacking tools, techniques, and methodologies used by hackers and information security professionals to lawfully hack an organization.

fc rmF 501

Testing and Vulnerability Management

Continued – Learn the latest commercial-grade hacking tools, techniques, and methodologies used by hackers and information security professionals to lawfully hack an organization.

Security Monitoring
Threat Hunting
Incident Response Process & Procedures
Analyzing Indicators of Compromise
Basic Digital Forensics
Group/Team Activities Project (real-world scenario)
Career Portfolio Wrap Up
Certification Prep & Tips

FC RMF SP

Specializations (AI, ML, 5g, uas)

Students will learn how to conduct a risk assessment, create a target profile, implement an action plan, and determine, analyze, and prioritize gaps. Specializations include UAS, 5G, artificial intelligence, and machine learning.

* Based on the statistical average of industry certification. After the exam is taken and passed by the certification holder.
** Specialties may be developed with University researchers.

cyber defense competency program

FC IOD 101 Part 1

Security Fundamentals/Understanding Computer Network Exploitation

Students will learn the fundamentals of information assurance and methodologies of securing a network and its hosts. Students will learn the necessary skills to identify risks and implement defense in depth via a multitude of methods. Students will learn about firewalls, anti-virus solutions, honeypots, proxies and IDS/IPS solutions. Including select Cyber Range lab activities to be selected by the instructor:

Cyber concepts
Linux Fundamentals
Networking basics
Linux logging
Web hosting
Security Operations
IoT Security
Microsoft OS Management
Splunk
SIEM & SOAR
Firewalls
Battlepath – SOC 1 & 2
Battlepath – MITRE ATT&CK

FC IOD 102 Part 2

In addition, students will learn through each stage of offensive operations methodologies using tradecraft, stealth, and detection avoidance as the key principles. Students will gain proficiency with open-source penetration tools and learn techniques in vulnerability scanning, remote and client-side exploitation, and advanced post-exploitation techniques targeting both Windows and Unix based operating systems.

FC IOD 201

Cyber Operations and Intermediate Incident Response

Students will learn a wide variety of topics relevant to operationally focused cyber missions within the offensive and defensive arena. This course focuses heavily on deep packet inspection, statistical flow record analysis, post-exploitation forensics, intrusion detection, network tunneling, and malware network behavior. Extensive network analysis is conducted throughout each stage of the hacker methodology to include packet capturing of scanning, service enumeration, exploitation, man-in-the-middle techniques, and tunneling. The course progresses into understanding breach detection, damage assessment procedures, and incident response actions from both technical and legal perspectives. Students detect and respond to simulated system intrusions, develop, and implement mitigation strategies, and create documentation of the incident with supporting custodial forensic evidence. Including select Cyber Range lab activities to be selected by the instructor:

Cyber concepts
Linux Fundamentals
Networking basics
Linux logging
Web hosting
Security Operations
Snort IDS
Vulnerability Assessments
Digital Forensics
IoT Security
Microsoft OS Management
Splunk

FC IOD 301

Windows, Linux, and Network-based Intrusion detection and analysis

Students will expand on their knowledge of intrusion detection systems both within the network and on the hosts. Within the networking section students will learn proper placement of intrusion detection systems and proper setup. Students will focus on using open-source detection software to capture, analyze, and report on different types of intrusions. Within the host-based sections students will configure security products and use analytic tools to identify anomalous behavior on the hosts. Students will use timeline and log analysis to craft meaningful written reports categorizing identified behaviors and anomalies in addition to building actor profiles based off their findings. Using the incident response techniques, they learned previously, students will implement real-time solutions for simulated customers while providing risk management analysis to mitigate security holes and establish protective tactics.

FC IOD 401

Malware Analysis, Threat Assessment, Reverse Engineering, and Behavioral Malware Analysis

This course focuses on the identification and analysis of suspicious files found on both Windows and Linux operating systems. The course covers the common purpose of most malware types and exposes students to the malware triage cycle. Students will profile malicious executables, identify key metadata and setup for static and behavioral analysis. Each lab represents the different threats found on the internet and walks the students through the process of collecting passive observables, running through behavioral analysis in a Sandbox environment, and performing memory analysis.

FC IOD SP

Specializations (AI, ML, 5g, uas)

Students participate in a Cyber Information Operations Defense related to specific topics created and maintained by the University’s top researchers.

* Based on the statistical average of industry certification. After the exam is taken and passed by the certification holder.
** Specialties may be developed with University researchers.

LET’S ACCELERATE YOUR CAREER

University of Kentucky provides 3 unique Cybersecurity Certificate Programs, leveraging a U.S. Department of Homeland Security recognized curriculum and taught by practitioners. See how you can advance and excel in the lucrative Cybersecurity Industry today. Take this survey and see if it’s the right program for you!