Program Overview
This course will introduce the tools, techniques, and procedures used by adversaries to compromise networks. Students will become familiar with the various categories of malware, attacker methodologies, and various attack vendors as well as the methodology for detecting, containing, eradicating, and recovering from a breach or malware outbreak. As an advanced course, the content is technical in nature, and the course is not meant to provide 'how to' guidance for conducting an IT bank examination.
Key Objectives
Upon completion of this course, participants will be able to:
- Identify general techniques used to exploit vulnerabilities;
- Explain the various categories of malware, attacker methodologies, and various attack vendors;
- Discuss the methodology for detecting, containing, eradicating, and recovering from a breach or malware outbreak; and
- Explain the security controls financial institutions should have in place for detecting, preventing, or minimizing incidents.
Instructional Format
Virtual classroom discussion and lectures via Microsoft Teams
Duration
Five days
Level
Advanced
Target Audience
Examiners or ITEAs who will lead or participate on level B and A examinations.
This course is open to appropriate staff of the FDIC and partner government regulatory agencies. This course is not open to the public or staff of private banks.
Prerequisites
Participants should have completed all of the basic- level and, at least most of, the intermediate-level IT courses. In addition, we recommend (not required) Mainframe Security for Examiners and Incident Response.
Pre-Course Assignment
None
Special Requirements
None
Post Course Feedback
This course should be followed by Cyber Forensics.
Credits
This course may provide CPE/CEU credits; however, any credits offered will be handled by the vendor.
More Information
For more information concerning course content and administration, please e-mail cuelp@fdic.gov.