Program Overview
This course will introduce the tools, techniques, and procedures used by adversaries to compromise networks. Students will become familiar with the various categories of malware, attacker methodologies, and various attack vendors as well as the methodology for detecting, containing, eradicating, and recovering from a breach or malware outbreak. As an advanced course, the content is technical in nature, and the course is not meant to provide 'how to' guidance for conducting an IT bank examination.
Key Objectives
Upon completion of this course, participants will be able to:
- Identify general techniques used to exploit vulnerabilities;
- Explain the various categories of malware, attacker methodologies, and various attack vendors;
- Discuss the methodology for detecting, containing, eradicating, and recovering from a breach or malware outbreak; and
- Explain the security controls financial institutions should have in place for detecting, preventing, or minimizing incidents.
Instructional Format
Facilitated in-person classroom discussion and lectures
Duration
Four and one-half days
Level
AdvancedTarget Audience
Examiners or ITEAs who will lead or participate on level B and A examinations.
This course is open to appropriate staff of the FDIC and partner government regulatory agencies. This course is not open to the public or staff of private banks.
Prerequisites
Participants should have completed all of the basic- level and, at least most of, the intermediate-level IT courses. In addition, we recommend (not required) Mainframe Security for Examiners and Incident Response.
Pre-Course Assignment
NoneSpecial Requirements
NonePost Course Feedback
This course should be followed by Cyber Forensics.Credits
This course may provide CPE/CEU credits; however, any credits offered will be handled by the vendor.
More Information
For more information concerning course content and administration, please e-mail cuelp@fdic.gov.