• Military
• WMD
• Intelligence

• Security Menu                     

• Systems
• Industry
• Operations
• Hot Documents
• News
• Reports
• Policy
• Budget
• Congress
• Links

• Space

October 14, 2022
By David Vergun , DOD News

DOD Cyber Training Academy Aims to Arm Students With Essential Cybersecurity Tools

To meet the continuously evolving cybersecurity threats facing the United States, the Defense Department established what is now known as the DOD Cyber Crime Center's Cyber Training Academy in 1998 near Linthicum Heights, Maryland.

Today, DC3 functions as a designated federal cyber center and a DOD Center of Excellence for digital and multimedia forensics. DC3 operates under the secretary of the Air Force executive agency.

"The academy provides valuable training, accessible virtually anywhere and at any time," said Casey Szyper, director of DC3 CTA. "A rigorous curriculum provides department personnel with the relevant knowledge and cutting-edge skills they need to meet mission goals."

CTA's mission is to provide cyber training to ensure defense information systems are secure from unauthorized use, counterintelligence and criminal and fraudulent activities, said Szyper.

Students can access training courses in four ways: in-residence; instructor-led virtual; online self-paced; or mobile training teams in locations throughout the U.S. and abroad.

The academy provides training in more than a dozen courses—ranging from computer basics to network intrusions and cyber analysis—designed to meet the evolving needs of students, said Szyper.

Also, the academy offers training in modern cybersecurity tools such as open vulnerability assessment scanner and network mapper.

In an effort to offer cyber training across the department, the academy offers a newly designed "CyberCast" which can train common access card/personal identity verification cyber operators through virtual self-paced and skillset-specific materials.

The academy offers three DOD certifications, widely recognized as validations of competency in digital forensic skills, to students who pass the following combinations of courses: digital media collector, digital forensic examiner and cyber-crime investigator with counterintelligence/law enforcement badge.

Another unique offering from CTA is their International Cyber Forensics Course.

"The ICFC provides students with the solid working knowledge necessary to conduct incident response and digital forensics of digital media to include networks." said Angela Jenkins, CTA ICFC Training Coordinator. "The course is in-residence for five weeks with 200-hours of instruction, and more than 94-hours of hands-on training."

The following encompasses the ICFC schedule:

Week 1: Introduction to Networks and Computer Hardware

Week 2: Cyber Incident Response Course

Week 3: Windows Forensics Examination-En-Case

Weeks 4 and 5: Forensics and Intrusions in a Windows Environment

The latest ICFC, held Aug. 1 through Sept. 2, included students from Hungary, Kuwait, Korea, and Jordan. This was the largest student population in any one iteration since inception of the course in 2019. To date, and through COVID-19 pandemic international limitations, the academy has trained 22 international partners in six separate iterations of the ICFC.

Upon completion of the ICFC, students will master the following:

Identify hardware components in a computer system

Employ operating system tools to manage disks, partitions and file systems

Perform domain management and administrative tasks using Windows server active directory and group policy tools

Configure a system to be able to communicate on a network

Perform basic computer troubleshooting

Perform basic computer tasks using Windows

Prepare for a cyber incident response and perform the role of a first responder

Prepare accurate documentation of a cyber investigation to include all actions taken

Examine where digital data resides in a variety of digital devices

Collect volatile and non-volatile data

Demonstrate how to handle digital media effectively upon responding to an incident

Generate hash values for collected data and forensic images

Conduct a forensic examination of an image of the Windows operating system

Demonstrate the basic functions, configurations, outputs, tools and settings of EnCase

Examine a forensic image from a Windows computer using basic forensic processes and automated tools in EnCase

Use password recovery toolkit to defeat protected files

Generate a detailed and accurate account of a network intrusion

Analyze network-based evidence

Analyze host-based evidence

Explain how to conduct a lawful network investigation

"DC3 has the unique privilege of interacting with our globally-positioned cyber partners in an educational forum," said Jude Sunderburch, DC3 executive director. "Graduating students of our ICFC have helped to foster positive relationships between DC3 and their host U.S. embassy representatives, national security counterparts, and both U.S. and foreign military training delegates."

Currently, the academy is only approved to train ministry of defense personnel in partner nations. Collaboration and discussions between the International Military Student Office and Defense Security Cooperation Agency continue in an effort to increase support and funding for training non-MOD personnel through the Section 345 Regional Defense Fellowship Program.