CSFI: Defensive Cyber Operations Engineer Training (DCOE)

Print Friendly, PDF & Email

CSFI: Defensive Cyber Operations Engineer Training (DCOE) Course with Hands-on Labs (Online, Onsite and Classroom Live)

Develop your cyberspace operations skills for the deployment of DCO, NETOPS, and OCO with this CSFI: Defensive Cyber Operations Engineer Training (DCOE)

In this CSFI: Defensive Cyber Operations Engineer Training (DCOE) course, you will acquire the skills for the planning, executing, and integrating defensive cyberspace operations (DCO) into organizational missions and DCO requirements. The CSFI: Defensive Cyber Operations Engineer  (DCOE) course builds on the planning skills learned in the Introduction to Cyber Warfare and Operations Design (ICWOD) course. Adversarial use of tools and their associated techniques are presented to assess network vulnerabilities and to defend friendly networks against adversary threats.

The CSFI: Defensive Cyber Operations Engineer (DCOE) course covers the use of open source tools and websites for system configuration, penetration testing, and control testing. You will use Linux and Windows command lines and unleash an attack on target servers and analyze the results. Attacks and analysis of will expose you to live attacks in a controlled environment where students can see first-hand the adversary realm of possible actions, how to detect, mitigate, and counter such activities.


  • This course requires you to bring your own laptop preloaded with VMware Workstation 9 or 10.
  • In order to attain the DCOE certification, you must have an ICWOD completion certificate as well as pass the DCOE exam.


  • Defensive Cyberspace Operations Engineer (CSFI-DCOE)

Duration: 3 days

Related Courses
Customize It
  • We can adapt this CSFI: Defensive Cyber Operations Engineer Training (DCOE) course to your group’s background and work requirements at little to no added cost.
  • If you are familiar with some aspects of this CSFI: Defensive Cyber Operations Engineer Training (DCOE) course, we can omit or shorten their discussion.
  • We can adjust the emphasis placed on the various topics or build the CSFI: Defensive Cyber Operations Engineer Training (DCOE) course around the mix of technologies of interest to you (including technologies other than those included in this outline).
  • If your background is nontechnical, we can exclude the more technical topics, include the topics that may be of special interest to you (e.g., as a manager or policy-maker), and present the CSFI: Defensive Cyber Operations Engineer (DCOE) course in manner understandable to lay audiences.
CSFI: Defensive Cyber Operations Engineer Training (DCOE) - Audience / Target Group

The target audience for this Defensive Cyber Operations Engineer (DCOE) course:

  • Information operations officers
  • Information security / assurance professionals
  • Cybersecurity consultants
  • Cyber planners
  • Military members (J2, J3, J6)
  • Security analysts
  • Network security engineers
  • Penetration testers
  • Auditors
  • Security engineers
CSFI: Defensive Cyber Operations Engineer Training (DCOE) - Objectives:

After completing this Defensive Cyber Operations Engineer  (DCOE)course, attendees will be able to:

  • Assess adversary intent and how threat vectors can support malicious intent
  • How to counter known and emerging threat vectors
  • Allocation and guidance for resource usage to counter adversary threats
  • Integration of DCO into larger organizational constructs
  • Deception methods
  • Data exfiltration and defense against exfiltration methodologies
CSFI: Defensive Cyber Operations Engineer Training (DCOE) - Course Content:

1. Cyber Operating Environment

• How We Got Here
• Managing Networks and Security
• Traditional Nation State Espionage
• The Militarization of Cyberspace
• Cyberspace as War Fighting Domain
• Traditional Warfare Concepts and Cyber
• DoD Cyber Strategy
• Cyberspace Operations (DCO,OCO, DODIN OPS, DCO-RA, DCO-IDM, CMTs)
• Section Review

2. The Cyber Kill Chain

• Traditional Kill Chain
• Cyber Kill Chain
• Case Study: Target Data Breach
• Section Review

3. Kali Linux

• Overview of Kali Linux
• Installation
• Post Installation Tasks
• Navigating Kali
• Introduction to Shell Scripting
• Section Review

4. OSINT and Passive Reconnaissance

• Reconnaissance Introduction
• Information Sources
• Social Media (Robin Sage)
• Kali Linux Reconnaissance Tools (whois, theHarvester, recon-ng)
• Google Hacking
• Popular Sites and Tools (Shodan, Maltego)
• Adversary Tradecraft
• Section Review

5. Active Reconnaissance and Network Scanning

Active Reconnaissance
nmap and ncat
Port Scanning
Adversary Tradecraft
Analyze Network Traffic with Wireshark
SQL Mapping
Vulnerability Scanning
Section Review

6. Web Application Vulnerability

• Web Application Vulnerabilities
• Cross-Site Scripting (XSS)
• SQL Injection Attacks (SQLi)
• Adversary Tradecraft
• Apache
• Section Review

7. Wireless Networking

• Wireless Networking
• WEP and WPA
• Adversary Tradecraft
• Analyzing Wireless Network Traffic with Wireshark
• Attacking WEP
• Attacking WPA
• Section Review

8. Network Attacks and Metasploit

• Network Attacks
• Introduction to Metasploit
• Conducting Attacks with Metasploit
• Adversary Tradecraft
• Section Review

9. Maintaining Access and Covering Tracks

• HTTP Tunneling
• PowerSploit
• dns2tcp
• Altering Log and History Files
• Hidden Files
• Timestamps
• Covert Channels
• Adversary Tradecraft
• Section Review

10. Intrusion Detection System

• IDS and IPS
• Types of IDS
• IDS Alerts and Tuning
• Section Review


Lab 1: Installing and Navigating Kali
Lab 2: Shell Scripting
Lab 3: Passive Reconnaissance
Lab 4: Network Scanning
Lab 5: Apache Web Server
Lab 6:  MySQL Database
Lab 7: PHP Page Form Processing
Lab 8: Cracking WEP
Lab 9: Cracking WPA
Lab 10: Shell on Remote Target with Metasploit
Lab 11: IDS

Request More Information

Time Frame: 0-3 Months4-12 Months