Fundamentals of Cyber Test and Evaluation

Register / Course Info

Gain an overview of the Cyber domain and how test and evaluation is used for Cyber systems. The course includes the perspectives of the Department of Defense and industry test and evaluation practitioners, covering roles, responsibilities, processes, procedures, and tools to work effectively in this space. Gain an understanding of modeling, simulation, and stimulation tools used to test wired and wireless networks. Cover Developmental, Operational, and Interoperability test and evaluation as it applies to Cyber systems. Gain an introduction to Cyber warfare, concepts, relevant systems (defensive and offensive), and testing considerations for wireless and wired networked systems.

How You Will Benefit

Upon completion of this course, student will:

What Is Covered

Course Materials

Each participant will receive a copy of the course notebook with slides.

Course Administrator

Steven "Flash" Gordon

Instructors

Course Agenda

Day One

Introduction to the Cyber domain, including fundamental components of Cyber and information security, risk assessment and risk management, Cyber policies and standards, and the relationship between Cyber, traditional C4I systems, ISR, and Electronic Warfare. Overview of Developmental, Operational, and Interoperability testing
Introduction of the Cyber domain continues, including an overview of line and wireless network security, host security, and server attacks; overview of incident detection, response, and handling; and the use and vulnerability of system modifications resulting from incident handling. Includes in-class small group project in a demo/lab setting, review, and a short graded quiz

Day Two

Discussion of wireless security, host security, and server attacks. Introduction of the threat, including recent attacks on social, informational, financial, and military networks by non-state and state sponsored actors; risk and reward for successful attacks; and the benefits of Cyber warfare as a supporting, diversionary, or simultaneous attack weapon
Introduction to Cyber defenses, including data and enterprise encryption, off-line screening servers, ghost servers, cloud servers, distributed network servers, and passive versus active defenses. Security and penetration testing. Includes in-class small group host security and penetration lab demo/lab, review, and quiz

Day Three

Discussion of incident detection and response and encryption. Overview of various security testing methods, including vulnerability scanning and penetration testing, methods to preserve data and system integrity during testing, system security and information assurance during testing, and benefits and hazards in testing in a live or virtual environment. Verifying and validating the virtual or live environment.
Overview and demonstration of tools and sources of tools for cyber testing. Discussions of encryption, information exchange, and identification security. Lessons learned in Cyber and information security testing. Test design for capture and analysis of data from Cyber testing. Instructor-optional in-class small group project on capturing and analysis of Cyber testing data and test reporting, including a group out-brief. Final exam is optional depending on in-class quiz scores and quality of group out-briefs.

Continuing Education Credit

This program meets the criteria for the nationally accepted Continuing Education Unit (CEU). Each participant successfully completing this 3 day course will earn 2.1 CEUs. These CEUs apply to the elective requirements for the TEREC Test & Evaluation Certificate.

Course Schedule, Fees, and Location

Course Info

Registration

Registration for this course is done through the Georgia Tech Continuing Education Department. To register on-line, use the Continuing Education Information/Registration Page for this course. Once there, click on "Register." A phone number is provided for those who do not wish to register and pay on-line.

Last Updated March 8, 2013