This course will introduce the tools, techniques, and procedures used by adversaries to compromise networks. Students will become familiar with the various categories of malware, attacker methodologies, and various attack vendors as well as the methodology for detecting, containing, eradicating, and recovering from a breach or malware outbreak. As an advanced course, the content is technical in nature, and the course is not meant to provide 'how to' guidance for conducting an IT bank examination.
Upon completion of this course, participants will be able to:
- Identify general techniques used to exploit vulnerabilities;
- Explain the various categories of malware, attacker methodologies, and various attack vendors;
- Discuss the methodology for detecting, containing, eradicating, and recovering from a breach or malware outbreak; and
- Explain the security controls financial institutions should have in place for detecting, preventing, or minimizing incidents.
Facilitated in-person classroom discussion and lectures
Four and one-half days
Examiners or ITEAs who will lead or participate on level B and A examinations.
This course is open to appropriate staff of the FDIC and partner government regulatory agencies. This course is not open to the public or staff of private banks.
Participants should have completed all of the basic- level and, at least most of, the intermediate-level IT courses. In addition, we recommend (not required) Mainframe Security for Examiners and Incident Response.
Post Course FeedbackThis course should be followed by Cyber Forensics.
This course may provide CPE/CEU credits; however, any credits offered will be handled by the vendor.
For more information concerning course content and administration, please email Dr. Allen Yarbrough or call (703) 516-1235.
For questions regarding course registration, please contact the CURegistrar.