CYB-5240 Monitoring, Detection, Response, and Recovery in Utility Environments

The students will learn methods and techniques for monitoring information technology (IT) and operational technology (OT) environments. Along with developing an expertise in system monitoring techniques, students will learn methods for detecting compromise and develop strategies for effectively responding to and recovering from compromise. Students will learn methods and techniques such as network baselining, perimeter and internal monitoring and defense, situational awareness, intrusion detection, detecting exploits, "kill chain" management, event analysis and correlation, incident response, evidence collection and preservation, and system recovery and restoration.