Course Description
Short Course | 18 hours | 1.8 CEUs | $1,795
Cyber Defense: Hacking, Response, and Forensics provides a hands-on, comprehensive exploration of offensive security techniques, cyber-attack methodologies, incident response practices, and digital forensics fundamentals. Students will learn how attackers perform reconnaissance, scanning, enumeration, exploitation, privilege escalation, social engineering, and web-based attacks. The course also teaches how to detect and analyze intrusions using logs, network evidence, and memory forensics, including the investigation of malware and rootkits. Learners will practice the full incident response lifecycle—from preparation through remediation—and perform forensically sound evidence handling, data collection, and analysis. This course is ideal for students seeking practical, real-world skills across the full attack, detection, response, and investigation lifecycle.
SEC250 is the second course in the Cybersecurity Professional Certificate. To complete the certificate students will also enroll in SEC150.
Course Outline
- Offensive Security Foundations (Ethical Hacking)
- Foot printing
- Scanning
- Enumeration, Gaining Access, Escalating Privileges, Covering Traps, Creating Backdoors
- Denial of Service, Social Engineering, Google Hacking
- Web Based Attacks
- Introduction to Incident Response and Forensics
- Incident Response Process
- Preparing for an Incident
- Data Collection
- Evidence Handling
- Network Evidence
- Memory Evidence
- Remediation
Learner Outcomes
- Understand common attack types, vulnerabilities, and exploitation methods including web attacks, password attacks, DoS, and social engineering.
- Conduct reconnaissance, scanning, enumeration, and controlled exploitation in a safe lab environment.
- Identify attacker tactics such as privilege escalation, lateral movement, and backdoor creation.
- Detect indicators of compromise using system logs, artifacts, network traffic, and host-based evidence.
- Apply the NIST Incident Response process—preparation, identification, containment, eradication, recovery, and lessons learned.
- Collect, preserve, and document digital evidence following chain-of-custody and forensically sound procedures.
- Utilize foundational forensic tools to analyze network traffic, file systems, memory, malware, and rootkits.
- Produce clear, defensible reports documenting findings, analysis steps, and recommendations.
Prerequisites
- Completion of Cyber Foundations (SEC150) or equivalent experience
Duration
18 Hours | 3 Days or 6 NightsEnroll Now - Select a section to enroll in
*Academic Unit eligibility to be determined by college/university in which you are enrolled in a degree seeking program.