Live Chat
Monday - Friday 8am - 6pm EST Chat Now
Contact Us
Monday - Friday 8am - 8pm EST 1-800-268-7737 Other Contact Options

Cart () Loading...

    • Quantity:
    • Delivery:
    • Dates:
    • Location:


CSFI: Defensive Cyberspace Operations Engineer (DCOE)

Develop your cyberspace operations skills for the deployment of DCO, NETOPS, and OCO.

GK# 9733

Course Overview


In this course, you will acquire the skills for the planning, executing, and integrating defensive cyberspace operations (DCO) into organizational missions and DCO requirements. The course builds on the planning skills learned in the Introduction to Cyber Warfare and Operations Design (ICWOD) course. Adversarial use of tools and their associated techniques are presented to assess network vulnerabilities and to defend friendly networks against adversary threats.

The course covers the use of open source tools and websites for system configuration, penetration testing, and control testing. You will use Linux and Windows command lines and unleash an attack on target servers and analyze the results. Attacks and analysis of will expose you to live attacks in a controlled environment where students can see first-hand the adversary realm of possible actions, how to detect, mitigate, and counter such activities.

Note: This course requires you to bring your own laptop preloaded with VMware Workstation 9 or 10.

In order to attain the DCOE certification, you must have an ICWOD completion certificate as well as pass the DCOE exam.


  • Delivery Format:
  • Date:
  • Location:
  • Access Period:


Class is Full
This session is full. Please select a different session.

What You'll Learn

  • Assess adversary intent and how threat vectors can support malicious intent
  • How to counter known and emerging threat vectors
  • Allocation and guidance for resource usage to counter adversary threats
  • Integration of DCO into larger organizational constructs
  • Deception methods
  • Data exfiltration and defense against exfiltration methodologies


Viewing outline for:

Classroom Live Outline

  • Cyberspace Operations and Cyber Mission Force
    • Cyberspace as a Warfighting Domain
    • The Operating Environment
    • Cyberspace Militarization
    • DoD Cyber Strategy
    • Cyberspace Operations (NetOps, DODIN-OPS, DCO, DCO-IDM, DCO-RA, OCO)
    • CMF Construct – CPT, NMT, CMT
    • CPT Methodology (Survey, Secure, Protect)
  • Cyber Kill Chain
    • Steps of the Cyber Kill Chain
    • Stages of an Attack
    • Case Study: Data Breach and Lessons Learned
    • Threat Intelligence Sharing

  • Kali Linux
    • Cyber Tradecraft
    • Installation
    • Command Line Tasks
    • Navigating Kali

  • Reconnaissance (Passive and Active)
    • CIA’s MICE Motivational Framework
    • Open Source Intelligence (OSINT) – Common Tools
    • Information Sources
    • Case Study: Social Media Experiment
    • Reconnaissance with Kali Linux
    • Network Scanning
    • SQL Mapping

  • PBED Framework
    • Plan – ME3C-(PC)2 Model
    • Brief
    • Execute
    • Debrief
    • PBED Exercise

  • Attack Across Networks and Systems
    • Web Application Vulnerabilities
    • Cross-Site Scripting (XSS)
    • SQL Injection (SQLI)
    • Webshell
    • Wireless Threats
    • Network Exploitation
    • Conducting Attacks with Metasploit
    • Password Cracking
  • Persistent, Integrated Operation
    • Command and Control (C2): Maintaining Access
    • Rootkits
    • Tunneling
    • Remote Access
    • Elevated Privileges
    • Covert Channels
    • Covering Tracks: Hiding Evidence
    • Altering Logs and History Files
    • Hidden Files
    • Timestamps
  • Network Protection
    • Network Traffic Analysis
    • Vulnerability Scanning
    • Intrusion Detection System (IDS) and Intrusion Protection System (IPS)



Viewing labs for:

Classroom Live Labs

  • Lab 01: Navigating Kali Linux
  • Lab 02: Network Mapping
  • Lab 03: Python Scripting: Scanning and Brute Force
  • Lab 04: PBED Exercise
  • Lab 05: Cracking Wireless
  • Lab 06: Metasploit 1
  • Lab 07: Metasploit 2
  • Lab 08: Metasploit 3
  • Lab 09: EternalBlue
  • Lab 10: SQL Injection
  • Lab 11: Password Cracking
  • Lab 12: Data Exfiltration
  • Lab 13: Kernel Rootkit
  • Lab 14: Packet Capture and Analysis
  • Lab 15: IDS Deployment, Alert Analysis, and Reporting
  • Bonus Lab: Vulnerability Scanning
  • Bonus Lab: OSINT and Malware Analysis: Syrian Electronic Army (SEA)
  • CAPSTONE: Capture-the-Flag (CTF)



In order to attain the DCOE certification, students must have an ICWOD completion certificate as well as pass the DCOE exam

Who Should Attend

  • Information operations officers
  • Information security / assurance professionals
  • Cybersecurity consultants
  • Cyber planners
  • Military members (J2, J3, J6)
  • Security analysts
  • Network security engineers
  • Penetration testers
  • Auditors
  • Security engineers
Course Delivery

This course is available in the following formats:

Classroom Live

Receive face-to-face instruction at one of our training center locations.

Duration: 3 day

Request this course in a different delivery format.