MITRE ATT&CK & CKC Framework
- Cyber Security, Programs
- 0 (Registered)
-
(0 Review)
MITRE ATT&CK Defender™ (MAD) is a training and credentialing program for cybersecurity operations and individuals looking to strengthen their threat-informed defense approach to security.
Course Outline:
Module 1: Introducing training and understanding ATT&CK
- Introduction to the course and objectives
- What is MITRE ATT&CK and its significance in CTI
- Understanding the ATT&CK framework and its components
- Examining the different stages of an attack and how they relate to ATT&CK
Module 2 with Exercise 2: Mapping to ATT&CK from finished reporting
- Identifying sources of finished reporting for mapping to ATT&CK
- Techniques for mapping finished reporting to ATTCK
- Hands-on exercise: Mapping finished reporting to ATT&CK
Module 3 with Exercise 3: Mapping to ATT&CK from raw data
- Identifying sources of raw data for mapping to ATT&CK
- Techniques for mapping raw data to ATT&CK
- Hands-on exercise: Mapping raw data to ATT&CK
Module 4 with Exercise 4: Storing and analyzing ATT&CK-mapped intel
- Challenges in storing ATT&CK-mapped data and their solutions
- How to analyze and interpret ATT&CK-mapped data
- Hands-on exercise: Storing and analyzing ATT&CK-mapped intel
Module 5 with Exercise 5: Making ATT&CK-mapped data actionable with defensive recommendations
- How to make defensive recommendations using CTI analysis
- Practical applications of ATT&CK-mapped data in security operations
- Hands-on exercise: Making ATT&CK-mapped data actionable with defensive recommendations
CKC FRAMEWORK
This course offers a detailed overview of the Cyber Kill Chain (CKC) Framework, which is used to understand and respond to cyberattacks. Students will learn about the seven stages of the CKC, including reconnaissance, weaponization, delivery, exploitation, installation, command and control, and actions on objectives. Through case studies and simulations, students will gain the knowledge and skills required to identify, analyze, and mitigate cyber threats
Course Outline
Module 1: Introduction to Cyber Kill Chain
- What is a Cyber Kill Chain?
- The history and evolution of Cyber Kill Chain
- Cyber Kill Chain process
- Cyber Kill Chain model
Module 2: Understanding Cyber Kill Chain Phases
- How does the Cyber Kill Chain Work?
- Phases of the Cyber Kill Chain
- Reconnaissance
- Weaponization
- Delivery
- Exploitation
- Installation
- Command and Control
- Actions on Objectives
Module 3: Exploring the Eight Phases of the Cyber Kill Chain
- Reconnaissance phase
- Intrusion phase
- Exploitation phase
- Privilege Escalation phase
- Lateral Movement phase
- Obfuscation/Anti-Forensics phase
- Denial of Service phase
- Exfiltration phase
Module 4: Applying Cyber Kill Chain Methodology
- How can Cyber Kill Chain protect against attacks?
- Create a simulation of cyberattacks
- Identify security gaps by evaluating the controls
- Remediate cybersecurity gaps
Module 5: Best Practices for Cyber Kill Chain Implementation
- Implementing Cyber Kill Chain in the organization
- Measuring and monitoring the effectiveness of Cyber Kill Chain
- Incident Response Planning
- Cyber Kill Chain case studies and examples
Prerequisites
Participants should have a basic understanding of networking and cybersecurity concepts. Familiarity with common cyber threats and vulnerabilities is recommended. Participants should also have experience with the command-line interface and basic scripting skills. Familiarity with a scripting language such as Python is helpful but not required.
Course Content
Curriculum is empty
Instructor
Related Courses
