Certified Internet of Things Security Practitioner (CIoTSP™) Training Course

Advances in computing and engineering are driving technological progress, from blockchain and AI to gene editing and IoT, offering opportunities for productivity and human well-being. Yet, these innovations also bring new risks, as recent scandals highlight. Technology professionals face increasing pressure to address ethical concerns, balancing privacy, accuracy, fairness, and safety. This course provides practical tools to manage ethical risks in emerging data-driven technologies, drawing from theory, regulations, and industry practices. Learners will gain skills to navigate ethical dilemmas in their roles and organizations.

This course covers network defense and incident response methods, tactics, and procedures are taught in alignment with industry frameworks such as NIST 800-61 r.2 (Computer Security Incident Handling), US-CERT’s NCISP (National Cyber Incident Response Plan), and Presidential Policy Directive (PPD) 41 on Cyber Incident Coordination Policy. It is ideal for candidates who have been tasked with the responsibility of monitoring and detecting security incidents in information systems and networks, and for executing standardized responses to such incidents. The course introduces tools, tactics, and procedures to manage cybersecurity risks, identify various types of common threats, evaluate the organization's security, collect and analyze cybersecurity intelligence and remediate and report incidents as they occur. This course provides a comprehensive methodology for individuals responsible for defending the cybersecurity of their organization.

This course is designed to assist students in preparing for the CertNexus CyberSec First Responder (Exam CFR-310) certification examination. What you learn and practice in this course can be a significant part of your preparation. In addition, this course and subsequent certification (CFR-310) meets all requirements for personnel requiring DoD directive 8570.01-M position certification baselines:

• CSSP Analyst

• CSSP Infrastructure Support

• CSSP Incident Responder

• CSSP Auditor

Course Objectives: In this course, you will understand, assess and respond to security threats and operate a system and network security analysis platform. You will:

• Compare and contrast various threats and classify threat profile

• Explain the purpose and use of attack tools and technique

• Explain the purpose and use of post exploitation tools and tactic

• Explain the purpose and use of social engineering tactic

• Given a scenario, perform ongoing threat landscape research and use data to prepare for incident

• Explain the purpose and characteristics of various data source

• Given a scenario, use appropriate tools to analyze log

• Given a scenario, use regular expressions to parse log files and locate meaningful data

• Given a scenario, use Windows tools to analyze incidents

• Given a scenario, use Linux-based tools to analyze incidents

• Summarize methods and tools used for malware analysis

• Given a scenario, analyze common indicators of potential compromise

• Explain the importance of best practices in preparation for incident response

• Given a scenario, execute incident response process

• Explain the importance of concepts that are unique to forensic analysis

• Explain general mitigation methods and devices

Target Student: This course is designed primarily for cybersecurity practitioners preparing for or who currently perform job functions related to protecting information systems by ensuring their availability, integrity, authentication, confidentiality, and non-repudiation. It is ideal for those roles within federal contracting companies, and private sector firms who whose mission or strategic objectives require the execution of Defensive Cyber Operations (DCO) or DoD Information Network (DODIN) operation and incident handling. This course focuses on the knowledge, ability, and skills necessary to provide for the defense of those information systems in a cybersecurity context, including protection, detection, analysis, investigation, and response processes.

In addition, the course ensures that all members of an IT team—regardless of size, rank or budget— understand their role in the cyber defense, incident response, and incident handling process.

The Internet of Things (IoT) promises a wide range of benefits for industry, energy and utility companies, municipalities, healthcare, and consumers. Data can be collected in extraordinary volume and detail regarding almost anything worth measuring, such as public health and safety, the environment, industrial and agricultural production, energy, and utilities. New data analysis tools have been optimized for the massive amounts of data that IoT produces, enabling well-informed decisions to be made quickly.

But putting IoT systems into place can be a complicated proposition, and fraught with hazards. Solutions may involve devices and technologies from many different vendors, requiring a good understanding of software and hardware and strategies to integrate them, as well as the risks associated with security, privacy, and the safety of those whose working and living environments are managed by these systems.

IT professionals often have little or no experience working with embedded systems, sensor networks, actuators, real-time systems, and other components that are common to IoT, so this course provides a foundation for understanding how these components work with other systems that IT professionals typically have more experience working with—such as networks, cloud computing, and applications running on servers, desktop computers, and mobile devices.

In this course, students will learn general strategies for planning, designing, developing, implementing, and maintaining an IoT system through various case studies and by assembling and configuring an IoT device to work in a sensor network. Students will create an IoT device based on an ESP8266 microcontroller, implementing various common IoT features, such as analog and digital sensors, a web-based interface, MQTT messaging, and data encryption.

Course Objectives: In this course, you will learn how to apply Internet of Things technologies to solve real-world problems. You will:

• Plan an IoT implementation.

• Construct and program an IoT device.

• Communicate with an IoT device using wired and wireless connections.

• Process sensor input and control an actuator on an IoT device.

• Manage security, privacy, and safety risks on IoT projects.

• Manage an IoT prototyping and development project throughout the development lifecycle.

Target Student: This course is designed for IT professionals with baseline skills in computer hardware, software support, and development who want to learn how to design, develop, implement, operate, and manage Internet of Things devices and related systems. The student is interested in learning more about embedded systems, microcontroller programming, IoT security, and the development life cycle for IoT projects.

While students will gain hands-on experience assembling a prototype IoT device and using software development tools, these activities are closely guided, so previous experience in electronics assembly and programming are not required. This course prepares students for taking the CertNexus Certified Internet of Things (IoT) Practitioner (Exam ITP-110).

Artificial intelligence (AI) and machine learning (ML) have become an essential part of the toolset for many organizations. When used effectively, these tools provide actionable insights that drive critical decisions and enable organizations to create exciting, new, and innovative products and services. This course shows you how to apply various approaches and algorithms to solve business problems through AI and ML, follow a methodical workflow to develop sound solutions, use open source, off-the-shelf tools to develop, test, and deploy those solutions, and ensure that they protect the privacy of users. This course includes hands on activities for each topic area.

Course Objectives: In this course, you will implement AI techniques in order to solve business problems. You will:

• Specify a general approach to solve a given business problem that uses applied AI and ML.
• Collect and refine a dataset to prepare it for training and testing.
• Train and tune a machine learning model.
• Finalize a machine learning model and present the results to the appropriate audience.
• Build linear regression models.
• Build classification models.
• Build clustering models.
• Build decision trees and random forests.
• Build support-vector machines (SVMs).
• Build artificial neural networks (ANNs).
• Promote data privacy and ethical practices within AI and ML projects.

Target Student: The skills covered in this course converge on three areas—software development, applied math and statistics, and business analysis. Target students for this course may be strong in one or two or these of these areas and looking to round out their skills in the other areas, so they can apply artificial intelligence (AI) systems, particularly machine learning models, to business problems.

So the target student may be a programmer looking to develop additional skills to apply machine learning algorithms to business problems, or a data analyst who already has strong skills in applying math and statistics to business problems, but is looking to develop technology skills related to machine learning. A typical student in this course should have several years of experience with computing technology, including some aptitude in computer programming. This course is also designed to assist students in preparing for the CertNexus® Certified Artificial Intelligence (AI) Practitioner (Exam AIP-110) certification.

This course caters to individuals such as software developers, testers, and architects involved in creating software using different programming languages and platforms like desktop, web, cloud, and mobile. It aims to enhance their capacity to produce software of superior quality, with a special focus on security and privacy aspects.

Objectives:

In this course, you will identify many of the common risks involved in using conventional end-user technology, as well as ways to use it safely, to protect yourself from those risks.

You will:

• Identify security compliance measures.
• Address social engineering attempts.
• Secure devices such as desktops, laptops, tablets, smartphones, and more.
• Use the Internet securely.

Target Student

This course is designed for you as a non-technical end user of computers, mobile devices, networks, and the Internet, to enable you to use technology more securely to minimize digital risks.

This course is also designed for you to prepare for the Certified CyberSAFE credential. You can obtain your Certified CyberSAFE certificate by completing the Certified CyberSAFE credential process on the CHOICE platform following the course presentation.