TN-911: Cyber Threat Intelligence (CTI) Analysis and 800-172 Seminar

Course Overview:

TechNow’s TN-911: Cyber Threat Intelligence (CTI) Analysis and 800-172 Updates Seminar, is a one day seminar that covers the objectives of TechNow’s TN-905: Cyber Threat Intelligence Analysis five day course in a one day seminar format plus some other security enhancements of 800-172. Upon request, this seminar can be presented in multi-day format based upon the depth of knowledge required. The NIST PUB 800-172 security enhancement update to 800-171 regarding 03.11.1 Risk Assessment, introduces the security enhancements of a Threat Awareness Program, Threat Hunting, and Predictive Cyber Analytics. TN-911 distills the TN-905 CTI five day course and aligns it to assessing compliance with 800-172. For the seminar, selected course labs are converted to demos, and the important points and outcomes of topics are presented. The TN-911 CTI Seminar discusses the applicability of the 800-172 security enhancements to the organization being assessed, and how to think about the the appropriate strength of the controls related to the organizations criticality of the information and the risk involved for contracted work with the DoD.

TechNow’s TN-911: Cyber Threat Intelligence Analysis Seminar addresses significant changes that have been made to SP 800-172 in transitioning to Revision 3, regarding new enhanced security requirements based on (1) the latest threat intelligence and (2) empirical data from cyber-attacks. With the intent of addressing CUI that may be associated with a critical program or a high value asset.

Those programs and assets are potential targets for advanced persistent threat (APT). Cyber Threat Intelligence supports the required functions of NIST 800-172 of Penetration Resistant Architecture (PRA), Damage Limiting Operations (DLO) and Cyber Resiliency (CRS).

Regarding 800-172 This seminar includes:

3.2.1E Awareness Training (rev 3 – Advanced Literacy and Awareness Training)
3.11.6E Supply Chain Risk Management SCRM (rev 3 withdrawn, moved to other controls)
3.11.7E SCRM Planning (rev 3 withdrawn, moved to other controls)
3.12.1E Penetration Testing
800-172, 3.11 Risk Assessment
- 03.11.01E Threat Awareness Program
- 03.11.02E Threat Hunting
- 03.11.03E Predictive Cyber Analytics.

TN-911 CTI Seminar directly discusses 3.11 topics:

03.11.01E Threat Awareness Program:

Share threat information, including threat events of 03.11.01E is specifically covered as:

Create Indicators of Compromise (IOCs) using STIX
Understand a solution for collecting, storing, distributing and sharing cyber security indicators and threats about cyber security incidents analysis and malware analysis.
How to assess an environment to validate:
- Support for day-to-day operations to share structured threat information efficiently.
- Confirming the presence of curated, frequently updated feeds, and the automation of enrichment workflow
- Contextualization of intelligence with internal data to prioritize alerts and improve detection
- Updated threat hunting based upon inbound Threat Intelligence

03.11.02E Threat Hunting:

Introduction to Threat Hunting practices to effectively search for indicators of compromise and to detect, track, and disrupt threats that evade existing controls.

How to assess an environment to validate:
A formalized process is being followed for Threat Hunting
- Phases of trigger (incident or CTI), SIEM utilization, and response
Integration of machine learning to provide proactive, automated, and scalable Threat Hunting
Leveraging threat intelligence for proactive threat hunting by querying historical logs for indicators of compromise (IOCs) from feeds to identify:
Dormant threats
Advance Persistent Threats (APT)

03.11.03E Predictive Cyber Analytics

Introduction leveraging data, machine learning, and real-time analysis with automation to anticipate threats before they occur.

How to assess an environment to validate:
- Data aggregation from network logs, user activities, system logs, and external threat intelligence feeds into a centralized platform like a SIEM
Use of machine learning algorithms to identify patterns, uncover correlations, and spot anomalies in real-time
Integration with incident response workflows
Staff skill competency level and integration into Predictive Cyber Analytics to mitigate advanced adversarial techniques against machine learning such as:
- Attacks of Evasion, Poisoning, and Model Tampering
- Utilization of exercises or Red Teaming to validate practices and effectiveness of Predictive Cyber Analytics.

3.2.1E Awareness Training (rev 3 – Advanced Literacy and Awareness Training)

Validate that training addresses APT

3.11.6E Supply Chain Risk Management SCRM (rev 3 withdrawn, moved to other controls)

Validate cybersecurity supply chain risk management C-SCRM:

Cross-functional team responsible for supply chain risk management (SCRM) and C-SCRM
Validating standard risk management with respect to supply chain
- FARM (Frame, Assess, Respond, and Monitor)
- Tasks outlined in NIST Pub 800-161

3.11.7E SCRM Planning (rev 3 withdrawn, moved to other controls)

This is discussed in topic 3.11.6E

3.12.1E Penetration Testing

Validate the organization is progressing through standardized Penetration Testing Protocols.

Evaluate Penetration Test reports for completeness and scope.

Attendees to TN-911: Cyber Threat Intelligence (CTI) Analysis and 800-172 Seminar will receive TechNow approved course materials and expert instruction.

Seminar Duration: 1 day (more upon request)

Seminar Objectives:

Learn to comprehend and develop complex scenarios
Identify and create intelligence requirements through practices such as threat modeling
Utilize threat modeling to drive intelligence handling and practices
Breakdown tactical, operational, and strategic-level threat intelligence
Generate threat intelligence to detect, respond to, and defeat focused and targeted threats
How to collect adversary information creating better value CTI
How to filter and qualify external sources, mitigating low integrity intelligence
Create Indicators of Compromise (IOCs) in STIX
Move security maturity past IOCs into understanding and countering the behavioral tradecraft of threats
Breaking down threats mapped against their tradecraft to tweak IOCs
Establish structured analytical techniques to be successful in any security role
Learn and apply structured principles in support of CTI and how to communicate that to any security role.

Seminar Prerequisites:

Security+, or equivalent experience

CL-345: Red Hat OpenStack Administration II

Course Overview:

The focus of this course is managing Red Hat OpenStack Platform using the unified command-line interface, managing instances, and maintaining an enterprise deployment of OpenStack. This course also teaches the management and customization of an enterprise deployment of OpenStack (overcloud) and how to manage compute nodes with Red Hat OpenStack Platform director (undercloud).

Attendees to CL-345: Red Hat OpenStack Administration II will receive TechNow approved course materials and expert instruction.

Dates/Locations:

No Events

Duration: 5 Days

Prerequisites:

This course is intended for Linux system administrators, cloud administrators, cloud operators, and infrastructure architects interested in, or responsible for, maintaining a private or hybrid cloud.

Prerequisites for this course is Red Hat Certified System Administrator (RHCSA), or demonstrate equivalent experience.

Attend Red Hat OpenStack Administration I: Core Operations for Cloud Operators (CL115), or demonstrate equivalent experience

Course Outline:

Navigate the Red Hat OpenStack Platform architecture
Describe the OpenStack control plane
Integrate Identity Management
Perform image operations
Manage storage
Manage OpenStack networking
Manage compute resources
Automate could applications
Troubleshoot OpenStack operations
Comprehensive review

Comments

Latest comments from students

Liked the class? Then let everyone know!

PM-221: Agile Overview for Executives and Leaders

Course Overview: Clear and detailed discussion on the following course content:

What is the Agile Adaptive Methodology versus the Predictive (waterfall) Methodology?
The Agile Value Proposition, by explanation of the Agile Manifesto and Agile Principles.
What is the Scrum Framework by explanation of Scrum Roles, Ceremonies and Artifacts?
What are the artifacts of Product Planning, Release Planning and Sprint Planning?
What are the Agile impacts to corporate team structures and stakeholder alignment?
What are Agile myths and why an Agile transformation will fail?
What are Agile (hybrid) tailoring considerations?

Attendees to PM-221: Agile Overview for Executives and Leaderswill receive TechNow approved course materials and expert instruction.

Dates/Locations:

No Events

Duration: 1 Days

Course Objectives: Are you and executive or leader in your organization and interested in learning about Agile principles? This course details the Agile framework that uses an adaptive life cycle, specifically related to using the Scrum approach.

Upon successful completion of this course, students will be able to:

Understand an overview of the main aspects that leadership must know to implement strategic opportunities with Agile principles for product quality and on-time product delivery
Participants will dive into understanding the strategic and tactical elements of implementing Agile and Scrum into their organization
Receive details on how to understand the organizational impact that the Agile transformation could have on the different aspects of your current business processes

Target Student:

Designed specifically for leaders and senior managers or anyone wanting to understand the high-level basics of the Agile Framework

Comments

Latest comments from students

Liked the class? Then let everyone know!

TN-323: SharePoint 2010 and 2013 for Project Management

Course Overview:

This hands-on, lab-driven course directs managers, project managers, and team leaders through the real-world process of using SharePoint to propel projects. Improve efficiency and boost the likelihood of success as you learn to build a customized Project Management Information System (PMIS), develop SharePoint project sites, build document libraries and management protocols. You will integrate Microsoft Office software, build SharePoint Workflows, archive completed projects, and much more during SharePoint project management training. Add these critical SharePoint tools to your project management expertise and experience the drastic difference that comes with truly effective project management.

Attendees to TN-323: SharePoint 2010/2013 for Project Management will receive TechNow approved course materials and expert instruction.

Date/Locations:

No Events

Duration: 3 days

Course Objectives:

SharePoint as a Project Management Information System (PMIS)
Creating a PMIS
Enabling Team Collaboration with SharePoint
Tracking Projects with SharePoint
Working with Business Intelligence
Establishing Processes and Standards with SharePoint
Managing Meeting with Meeting Workspaces
Working with Microsoft Access
Creating a PMO View
Concluding a Project

Prerequisites:

PM-223: Introduction to Project Management or equivalent knowledge
Six months experience with SharePoint as an end-user
Six months experience with SharePoint as an administrator

Comments

Latest comments from students

User: joseibarra

Instructor comments: Very patient, communicated expertly. Made the class easy to understand and how it applies in the real world.

Facilities comments: Excellent.

Liked the class? Then let everyone know!

About Us

TechNow, Inc., a training company, was founded in 1990. TechNow celebrates 35 years of regularly scheduled commercial training delivery in 2025 and has evolved into a global training company that is dynamic and able to customize our training to meet the needs of our customers. Our focus is hands-on, skills-based hardware/software and security training for those who want stay current with today’s ever-changing technologies. We are a Pearson Vue Testing Center and have developed a proven testing program, including mobile testing, that ends with certification at the end of many of our courses. Our courses are taught by professional educators and experts in their respective fields and bring to the classroom a wealth of knowledge from the “real world”. Our customers include many Fortune 500 companies as well as the Department of Defense, Federal Government, and Intelligence Agencies.

At TechNow our goal is to help you achieve your goals and we strive for 100% customer service and satisfaction. TechNow‘s certification pass rate is the highest in the industry. Our web-site and our professional training advisors will assist you with selecting courses that help meet your organization’s objectives and the right career path to stay competitive in today’s market.

To learn more about TechNow or to schedule your training, call us at 800-324-2294.