Learn how to design, configure, troubleshoot and manage network devices.

This learning path builds a foundation of networking skills and prepares you to earn your Network+ certification. As you progress through nine courses tied to the five Network+ objectives, you’ll learn about networking concepts such as TCP/IP, cabling and topology, installing network devices, routing, remote connectivity, cloud and mobile networking, and much more. Upon completion, you’ll have the skills needed to launch a career as a networking technician or take the next step in your IT career.

This path prepares you to take the CISSP exam and covers all of the relevant topics, including the Common Body of Knowledge.

With this path, you’ll prepare to take the CISSP exam. You’ll review core relevant topics, including security and risk management, asset security, identity and access management, security operations, software development security and more. We conclude with helpful test-taking tips to prepare you for exam day.

Learn fundamental information security concepts and technical controls.

This learning path builds on your existing networking skills and prepares you to earn your Security+, one of the most popular entry-level cybersecurity certifications. You’ll learn the foundations of information security as you progress through 13 courses tied to the six Security+ certification exam objectives. Upon completion, you’ll be prepared to earn your Security+ certification and have an established base of cybersecurity knowledge you can use to progress into more advanced security certifications or career roles.

Learn all aspects of system security engineering while preparing for the exam.

Explore the ISSEP certification. CISSPs who are awarded this additional concentration have demonstrated their knowledge in the practical application of system and security engineering principles and the processes to develop a secure system. An ISSEP analyzes organizational needs, defines security requirements, designs security architectures, develops secure designs, implements system security and supports system security assessment and authorization for government and industry.

Learn why IAM is important and best practices for implementing it.

The Identity and Access Management (IAM) learning path provides an introduction to implementing an IAM system. It covers the basic concepts of IAM, information about designing and implementing an IAM system, IAM security considerations and IAM requirements for data protection and federal standards.

The Threat Intelligence learning path allows you to master the concept of threat intelligence, from intelligence analysis to building a threat intelligence program.

This learning path provides an introduction to threat intelligence with theoretical, practical and hands-on fundamentals giving students a path towards professional intelligence analysis. As you progress through the courses you will learn tools and techniques used to turn information into intelligence, apply threat intelligence methodologies and learn about threat actors.

This course explains the Risk Management Framework (RMF) and its processes.

The Risk Management Framework (RMF) provides a disciplined, structured and flexible process for managing security and privacy risk that includes information security categorization; control selection, implementation and assessment; system and common control authorizations; and continuous monitoring. It includes activities to prepare organizations to execute the framework at appropriate risk management levels.

The Linux+ Certification learning path will introduce and explain the concepts and commands required to configure, manage, operate and troubleshoot a Linux environment by using security best practices, scripting and automation.

This learning path teaches you the necessary concepts, terms, commands and skills to perform basic configuration and management tasks as part of building and maintaining Linux system. This course reviews the main test objectives for the CompTIA XK004 Linux+ exam. This includes a review of the test domains, as well as pertinent examples of usage for commands.

Learn about CUI and how to identify/protect it under the NIST 800-171 requirements.

NIST SP 800-171 is a cybersecurity framework of 110 controls in 14 families published by the National Institute of Standards and Technology (NIST). This learning path will teach you how to comply with the requirements of NIST 800-171. You will understand what CUI is and how to identify it; what a nonfederal information systems is; how to understand each of the 110 requirements in the framework and satisfy each of them if necessary; how to create a Body of Evidence (BOE) including Organizational Policy or Procedures; a System Security Plan (SSP) and Plans of Action and Milestones (POAM). Upon completion of this course, you will have the knowledge and skills to implement the controls required by the NIST 800-171 framework and build your BOE.

Learn security practices, principles and tooling for software development processes.

This learning path teaches you how to design and build security into continuous integration and continuous delivery (CI/CD) pipeline leveraging on processes and tools to automate your software delivery. As you progress through the seven courses, you will acquire core DevSecOps skills such as threat modeling, SCA, SAST, DAST and container security. At the end of the course, you will have the knowledge and skills to integrate security into DevOps platforms and run secure systems.

Learn about Linux architecture, common Linux vulnerabilities, networking and more.

This path on Linux fundamentals is ideal for the beginner. We will discuss how to install Linux. From there, we will look under the hood to learn about Linux architecture as well as the file system. Next, we will explore the fundamentals: account management, networking, jobs and processes. Finally, we dive into light scripting to automate repeatable tasks.

Learn the methodology behind intrusion detection and craft detection rules and logic.

This learning path begins with an overview of intrusion detection and then dives into the data required to build various detection use cases and various open-source tools and frameworks for building and tuning your detections. Throughout the path, we will review the various aspects and frameworks that comprise intrusion detection techniques (network- and host-based) and explore real world use-cases and examples of detection methodology. At the end of this path, you will have the necessary skills to craft meaningful detections that can aid in identifying malicious activity within your organization’s environment.

Learn the applicable rules and regulations to protect sensitive data.

The Database Security learning path gives a high-level view of rules and regulations, the NIST Framework and threats and vulnerabilities. This learning path also includes a more detailed view of database protection methods and labs for both a relational and a non-relational (NoSQL) cloud database, with labs and demos on data masking, column-level encryption, least privilege access management, auditing and more.

Learn the techniques and tactics used by real-world adversaries.

The Advanced Adversary Tactics path will be updated regularly to include new content. Completing the path will give you hands-on experience with a wide variety of different techniques that will allow you to identify and understand adversarial tactics and techniques. By carrying out attack methods, you’ll be able to identify how attackers think and move through networks. By the end you’ll know how attackers set up cloned websites, establish persistence with trojanized binaries, pivot through networks, and much more.

Learn the many facets of securing the Linux operating system.

Explore the many challenges of securing the Linux operating system. We’ll look at Linux users and groups, network security, port scanning, running daemons as a regular user versus running as root, and everything to do with sudo. We will also dig into the details of SSH hardening and tunneling, TCP wrappers, basic firewall usage and packet sniffing.