Live Chat
Monday - Friday 8am - 6pm EST Chat Now
Contact Us
Monday - Friday 8am - 8pm EST 1-800-268-7737 Other Contact Options

Cart () Loading...

    • Quantity:
    • Delivery:
    • Dates:
    • Location:


CSFI-CSCOE- Certified SCADA Cyberspace Operations Engineer

Learn how to execute cyber missions in which a SCADA environment is part of the greater cyberspace operational environment.

This course provides you with a thorough understanding of Industrial Control System (ICS) and Supervisory Control and Data Acquisition (SCADA) devices and their inner workings. You will learn how to execute cyber missions in which a SCADA environment is part of the greater cyberspace operational environment. By performing incident response on SCADA devices, you will learn in-depth concepts about SCADA devices. 

Note: Labs will be available for 30 days after class.

GK# 9791
Vendor Credits:
No matching courses available.
Start learning as soon as today! Click Add To Cart to continue shopping or Buy Now to check out immediately.
Scheduling a custom training event for your team is fast and easy! Click here to get started.

Who Should Attend?

Anyone involved with designing, monitoring, or operating SCADA/ICS network.

What You'll Learn

  • Concepts of SCADA devices
  • SCADA devices work and function
  • Security concepts and challenges directly with SCADA devices
  • Vulnerability assessments within SCADA environments
  • Incident response within a SCADA environment
  • Penetration tests on Industrial Control systems
  • Vulnerabilities in web applications used in industrial control systems
  • Hardware, network, user interface, and server-side vulnerabilities
  • Incident response on industrial control systems
  • Unique differences between ICS incident response and traditional

Here is some additional information that you will learn about in class:

Pen-testing SCADA Network Protocols

  • ICS Systems Overview
  • Controllers, Embedded Systems and Protocols
  • PLCS, DCS, Hybrid Controllers, PC-Control
  • SCADA and ICS Protocols
  • Working with Modbus, OPC, and HMIs
  • Different Levels of Network Communication Penetration Testing
  • Serial Communications (RS-485, RS-232, Modbus RTU)

Pentesting SCADA Field and Floor Devices

  • Tests performed against SCADA networks
  • External Penetration Testing
  • Internal Penetration Testing
  • Vulnerability Assessments
  • Wireless Audits
  • SCADA Vulnerability Assessment Methodology
  • SCADA Protocols
  • PLC< RTU, DCS, and Embedded Controllers
  • SCADA Exploitation
  • Analysis of embedded electronics in SCADA field and floor devices
  • Discussion of device disassembly

Pentesting SCADA Field and Floor Devices Continued and Intro to SCADA Incident Response

  • Introduction to SCADA Incident Response
  • SCADA Incident Response Overview
  • SCADA Incident Response In-Depth
  • Analyzing Data Obtained from Data Dumping and Bus Snooping
  • End-to-End Analysis and Reporting

SCADA Active Defense Methodologies

  • Introduction to SCAA Active Defense
  • Network Segmentation

Labs will include the following areas:

  • Lab 1 – Introduction to SamuraiSTFU (Security Testing Framework for Utilities)
  • Lab 2 – Pentesting RF Communications Between Master Servers and Field Devices
  • Lab 3 – Pentesting TCP/IP Based SCADA Protocols
  • Lab 4 – Pentesting Technician Interfaces On SCADA Field and Floor Devices
  • Lab 5 – Analyzing Field and Floor Device FirmwareLab 6 – Overview of Pentesting Field and Floor Device Embedded Circuits
  • Lab 7 – Dumping Data at Rest On Embedded Circuits
  • Lab 8 – Bus Snooping On Embedded Circuits
  • Lab 9 – Capture the Flag Event


  • Familiarity with basic network topology such as switching, routing, and IP addressing
  • Recommended course book: Cybersecurity for Industrial Control Systems: SCADA, DCS, PLC, HMI, and SIS

Related Certifications

This course is part of the following programs or tracks: