Operations/IT Manager

Overview

The Operations/IT Manager Learning Path includes a variety of security courses designed for those responsible for managing operations and sharing responsibility for project success and managing day-to-day IT processes. The curriculum covers secure IT Operations concepts including:

• Essential goals and controls needed for secure software development
• Managing risk associated with the software development lifecycle
• Developing, implementing, and ensuring compliance with operational application security policies and procedures

Courses

• API 250 – Controlling Access to the Kubernetes API
• CYB 210 – Cybersecurity Incident Response
• CYB 211 – Identifying and Protecting Assets Against Ransomware
• CYB 212 – Fundamentals of Security Information & Event Management (SIEM)
• DES 206 – Meeting Cloud Governance and Compliance Requirements
• DES 207 – Mitigating OWASP API Security Top 10
• DES 208 – Defending Against the CSA Top 11 Threats to Cloud Computing
• DES 217 – Securing Terraform Infrastructure and Resources
• DES 234 – Mitigating OWASP 2021 Cryptographic Failures
• DES 235 – Mitigating OWASP 2021 Insecure Design
• DES 238 – Mitigating OWASP 2021 Server-Side Request Forgery (SSRF)
• DES 261 – Securing Serverless Environments
• DES 262 – Securing Enterprise Low-Code Applications Platforms
• DSO 212 – Fundamentals of Zero Trust Security
• LAB 101 – Identifying Broken Access Control Vulnerabilities
• LAB 102 – Identifying Broken Object-Level Authorization Vulnerabilities
• LAB 103 – Identifying Broken User Authentication Vulnerabilities
• LAB 104 – Identifying Business Logic Flaw Vulnerabilities
• LAB 105 – Identifying Credential Dumping: Vulnerability Identification
• LAB 106 – Identifying Cross-Site Scripting Vulnerabilities
• LAB 107 – Identifying Injection Vulnerabilities
• LAB 108 – Identifying Reverse Engineering Vulnerabilities
• LAB 109 – Identifying Security Misconfiguration Vulnerabilities
• LAB 110 – Identifying Sensitive Data Exposure Vulnerability Identification
• LAB 114 – Identifying Cookie Tampering
• LAB 115 – Identifying Reflective XSS
• LAB 116 – Identifying Forceful Browsing
• LAB 117 – Identifying Hidden Form Field
• LAB 118 – Identifying Weak File Upload Validation
• LAB 119 – Identifying Persistent XSS
• LAB 120 – Identifying XML Injection
• TST 202 – Penetration Testing Fundamentals
• TST 206 – ASVS Requirements for Developers

Overview

The Operations/IT Manager Learning Path includes a variety of security courses designed for those responsible for managing operations and sharing responsibility for project success and managing day-to-day IT processes. The curriculum covers secure IT Operations concepts including:

• Essential goals and controls needed for secure software development
• Managing risk associated with the software development lifecycle
• Developing, implementing, and ensuring compliance with operational application security policies and procedures

Courses

• CYB 310 – Using Cyber Supply Chain Risk Management (C-SCRM) to Mitigate Threats to IT/OT (NEW)
• CYB 311 – Threat Analysis with AI (NEW)
• LAB 312 – ATT&CK: Testing for Network Services Identification (NEW)
• LAB 313 – ATT&CK: Testing for Vulnerability Identification Using Vulnerability Databases (NEW)
• TST 303 – Penetration Testing for Google Cloud Platform
• TST 304 – Penetration Testing for AWS Cloud
• TST 305 – Penetration Testing for Azure Cloud

Overview