Cybersecurity Programs
Fusion Cyber's Cybersecurity Programs
(1) Cyber Risk Competency
(RMF - Risk Management Framework)
FC RMF 101
Risk Management Policy and Methods
FC RMF 201
Risk Management Methodology
Integrating enterprise and cloud systems risk management, students apply the NIST RMF as they complete project deliverables and communicate project results. In addition, students develop in-depth analytic competencies.
In this virtual practicum, focusing on integrated enterprise on-prem and cloud systems, students develop the capability to evaluate a test case scenario system, develop an SSP, and select and/or write appropriate security controls. Students then document results.
Focusing on integrated enterprise on-prem and cloud systems, students develop the capability to evaluate system security, analyze system assessment reports to make recommendations for a POA&M, comply with all Authorization to Operate package requirements, and strategically develop ISCM. Recommendations based on completed assessment and authorization project for the enterprise on-prem and cloud systems.
FC RMF 301
Categorize and Implement
Learn the latest commercial-grade hacking tools, techniques, and methodologies used by hackers and information security professionals to lawfully hack an organization.
Including select Cyber Range lab activities to be selected by the instructor:
– Cyber concepts
– Linux Fundamentals
– Networking basics
– Linux logging
– Web hosting
– Security Operations
– Snort IDS
– Vulnerability Assessments
– Digital Forensics
– IoT Security
– Microsoft OS Management
– Splunk
FC RMF 401
Monitor and Authorize
Learn the latest commercial-grade hacking tools, techniques, and methodologies used by hackers and information security professionals to lawfully hack an organization.
(Continued from 301)
FC RMF 501
Testing and Vulnerability Management
Learn the latest commercial-grade hacking tools, techniques, and methodologies used by hackers and information security professionals to lawfully hack an organization.
(Continued from 401)
- – Security Monitoring
– Threat Hunting
– Incident Response Process and Procedures
– Analyzing Indicators of Compromise
– Basic Digital Forensics
– Group/Team Activities Project (real-world scenario)
– Career Portfolio Wrap Up
– Certification Prep and Tips
FC RMF SP
Specializations (AI, ML, 5G, UAS)
Students will learn how to conduct a risk assessment, create a target profile, implement an action plan, and determine, analyze, and prioritize gaps.
Specializations include:
- – UAS
- – 5G
- – Artificial intelligence, and machine learning.
Cyber Risk Jobs and Salary
* Based on the statistical average of industry certification. After the exam is taken and passed by the certification holder.
** Specialties may be developed with University researchers.
(2) Cyber Defense Competency
FC IOD 101
Security Fundamentals /
Computer Network Exploitation
PART 1
Students will learn the fundamentals of information assurance and methodologies of securing a network and its hosts.
Students will learn the necessary skills to identify risks and implement defense in depth via a multitude of methods.
Students will learn about firewalls, anti-virus solutions, honeypots, proxies and IDS/IPS solutions.
Including select Cyber Range lab activities to be selected by the instructor:
– Cyber concepts
– Linux Fundamentals
– Networking basics
– Linux logging
– Web hosting
– Security Operations
– IoT Security
– Microsoft OS Management
– Splunk
– SIEM & SOAR
– Firewalls
– Battlepath – SOC 1 & 2
– Battlepath – MITRE ATT&CK
FC IOD 101
Security Fundamentals /
Computer Network Exploitation
PART 2
In addition, students will learn through each stage of offensive operations methodologies using tradecraft, stealth, and detection avoidance as the key principles.
Students will gain proficiency with open-source penetration tools and learn techniques in vulnerability scanning, remote and client-side exploitation, and advanced post-exploitation techniques targeting both Windows and Unix based operating systems.
FC IOD 201
Cyber Operations and Intermediate Incident Response
This course focuses heavily on deep packet inspection, statistical flow record analysis, post-exploitation forensics, intrusion detection, network tunneling, and malware network behavior.
Extensive network analysis is conducted throughout each stage of the hacker methodology to include packet capturing of scanning, service enumeration, exploitation, man-in-the-middle techniques, and tunneling.
The course progresses into understanding breach detection, damage assessment procedures, and incident response actions from both technical and legal perspectives.
Students detect and respond to simulated system intrusions, develop, and implement mitigation strategies, and create documentation of the incident with supporting custodial forensic evidence.
Including select Cyber Range lab activities to be selected by the instructor:
– Cyber concepts
– Linux Fundamentals
– Networking basics
– Linux logging
– Web hosting
– Security Operations
– Snort IDS
– Vulnerability Assessments
– Digital Forensics
– IoT Security
– Microsoft OS Management
– Splunk
FC IOD 301
Windows, Linux, and Network-based Intrusion Detection and Analysis
Within the networking section, students will learn proper placement of intrusion detection systems and proper setup. Students will focus on using open-source detection software to capture, analyze, and report on different types of intrusions.
Within the host-based sections, students will configure security products and use analytic tools to identify anomalous behavior on the hosts.
Students will use timeline and log analysis to craft meaningful written reports categorizing identified behaviors and anomalies in addition to building actor profiles based off their findings.
Using the incident response techniques, they learned previously, students will implement real-time solutions for simulated customers while providing risk management analysis to mitigate security holes and establish protective tactics.
FC IOD 401
Malware Analysis, Threat Assessment, Reverse Engineering, and Behavioral Malware Analysis
Students will profile malicious executables, identify key metadata and setup for static and behavioral analysis. Each lab represents the different threats found on the internet and walks the students through the process of collecting passive observables, running through behavioral analysis in a Sandbox environment, and performing memory analysis.
FC IOD SP
Specializations (Artificial Intelligence, Machine Learning, 5G, UAS)
Cyber Defense Jobs and Salary
* Based on the statistical average of industry certification. After the exam is taken and passed by the certification holder.
** Specialties may be developed with University researchers.
| The Security+ certification holds significant value and is widely respected in the industry. It serves as an important credential for professionals seeking career opportunities in cybersecurity and related fields. This certification demonstrates your ability to identify security risks, implement appropriate security controls, and protect information systems against potential threats. | Security+ certification is not only recognized by organizations worldwide but also holds specific approvals from authoritative bodies. It is compliant with the ISO/IEC 17024:2012 standards, which are internationally recognized for personnel certification. Furthermore, the Security+ certification is approved by the US Department of Defense (DoD) to fulfill the requirements outlined in directive 8140/8570.01-M. |
| The Certified Information Systems Auditor (CISA) certification validates your knowledge of information systems auditing, assurance, control, security, cybersecurity, and governance. | CISA Certification is DoD Approved. CISA certification complies with ISO/IEC 17024:2012 standards and is approved by the US DoD to meet directive 8140/8570.01-M requirements. |
| The CISSP – Certified Information Systems Security Professional, Exam Prep offers ten weeks (50 hours) of self-directed content covering all eight domains, including 10 hours of live instructor coaching and 40 hands-on virtual labs. | The Certified Information Systems Security Professional certification is approved under the DoD 8570 Directive for the IAT Level III, IAM Level II, LAM Level III, IASAE I, and IASAE II categories. |
| EC-Council Certified Ethical Hacker Certification Boot Camp covers how to work with various systems to find out where their weaknesses or vulnerabilities may be and how you can identify and reinforce these gaps to prevent successful hacking attempts. | The CEH Certification is approved under the DoD 8570 Directive for the CSSP Analyst, CSSP Infrastructure Support, CSSP Auditor, and CSSP Incident Responder categories. |
| Certification | Junior Level | Mid-Level | Senior Level |
| Sec+ | Security Specialist | Sr. Security Specialist | Security Manager |
| Security Engineer | Sr. Security Engineer | Security Engineering Manager | |
| Jr. Information Security Analyst | Information Security Analyst | Information Systems Security Manager (ISSM) | |
| SOC Analyst | Sr. SOC Analyst | SOC Manager |
| Certification | Junior Level | Mid-Level | Senior Level |
| CISA | IT Auditor | Sr. It Auditor | It Audit Manager |
| IT Security Auditor | Sr. IT Security Auditor | It Security Manager | |
| Security Control Assessor | Sr. Security Control Assesor | IT Security Manager | |
| Certification | Junior Level | Mid-Level | Senior Level |
| CISSP | Cybersecurity Analyst | Sr. Cybersecurity Analyst | Information systems Security Manager |
| Risk and Compliance Specialist | Risk and Compliance Lead | Risk & Compliance Director | |
| Information Systems Security Officer | It Security Director | Chief Information Security Officer | |
| Security Analyst | Security Engineer | Security Architect |
The Common Body of Practice includes the following seven domains:
1. Categorize the information system and information processed, stored, & transmitted by thatsystem.
2. Select an initial set of baseline security controls for the system based on the security categorization.
3. Implement selected security controls and describe how the controls are employed.
4. Assess security controls using appropriate assessment procedures to determine how the controls are
implemented correctly, operating as intended, and producing the desired outcomes for meeting the
system’s security requirements.
5. Authorize the information system operation based on determining the risk and the decision that this risk is
acceptable.
6. Monitor the security controls continuously in the information system.
7. Manage the risk exposure of on-premises systems by assessing the boundaries between on-premises and
cloud-based systems.
| Certification | Junior Level | Mid-Level | Senior Level |
| CEH | Jr. Penetration Tester | Sr. Penetration Tester | Security Consultant |
| Cybersecurity Engineer | Sr. Cybersecurity Engineer | IT Security Architect | |
| SOC Analyst | Sr. SOC Analyst | SOC Manager | |
| IT Security | Sr IT Security | IT Security Audit Manager |
The materials within FC RMF bootcamps, programs, and courses focus on the Knowledge Skills and Abilities (KSAs) identified within the National Cybersecurity Workforce Framework specialty areas.
The FC RMF program uniquely combines top industry-recognized certifications into one pathway and 3rd parties and self-help guides to enable students to pass their certification exams. If you’re looking to start a career in cyber consider our Risk Management Framework Program and get a good start to your cybersecurity career
Fusion Cyber provides 3 unique Cybersecurity Certificate Programs, leveraging a U.S. Department of Homeland Security recognized curriculum and taught by practitioners. See how you can advance and excel in the lucrative Cybersecurity Industry today. Take this survey and see if it’s the right program for you!
