Defense Foundation Europe Homeland Security Industry Intelligence SIGNAL Magazine    

         Member Login
Member ID Password
Forgot: Password | Member ID            
Join or renew today to connect with the premier network of thought leaders in the global security community.

Join/Renew Links:



AFCEA Chapter News
Education Newsletter
Leadership Forum
Robert Howell Scholarship Fund
Scholarship Winners

Course #388-12-FXVA-1

Advanced Cyber Network Defense

Dates: Nov-01-2011 - Nov-04-2011


AFCEA Headquarters (Map)
4400 Fair Lakes Court
Fairfax, VA 22033

Hours: 8:30am-4:30pm

$2,600 Government AFCEA Member
        Government Non Member
$2,700 Non-Government AFCEA Member
$2,800 Non-Government Non Member

Note: This course has been cancelled by the company which provides the instructor, so we are unable to offer the course.

Course Description:

Course # 388

Advanced Cyber Network Defense Training


Classification: Unclassified

$2,495 Industry/Contractor Rate
$2,395 Industry/Contractor AFCEA Member Rate
$2,295 Government Rate
$2,295 Government AFCEA Member Rate

Location: AFCEA Headquarters - Map and Directions



This course is designed to train the Information Technology Professional on advanced tactics, techniques, and procedures of Advanced Cyber Network Defense (ACND) pertaining to network threats, vulnerabilities, and exploits and how to detect, analyze, mitigate, validate and report them.  The students will be critiqued on how they defend their networks against various attacks, including Denial of Service, Data Exfiltration, Web Server Attacks, and Buffer Overflow Attacks, using the skills they have learned.  The course is performance/demonstration-based training and is 75% hands-on using network simulators.



This course is suited for the seasoned Computer Security Professionals, Senior Network and Systems Administrators, Information Technology Professionals, and Computer Network Defenders with 5 years of current hands-on experience as network or systems administrators.  



MODULE 1:  Advanced Cyber Network Defense (ACND) Course Intro and Course Overview

A.  Introductions

B.  Administrivia

C.  Course Objectives and Expectations

D.  Course Format

E.  Course Overview


MODULE 2: ACND Overview

A.  What is Cyber Network Defense (CND)?

B.  CND Methodology

C.  CND Concepts

    • Know Thyself
    • Preventative Measures
    • Defense in Depth


MODULE 3:  ACND Tools Review

A.  Intrusion Detection Systems (IDS) / Intrusion Prevention Systems (IPS)

    • Host-based
    • Network-based

B.  Firewalls

C.  SMTP (Email) Filtering

D.  Infrastructure

    • Layer 2 – Switches
    • Layer 3 – Routers

E.  People


MODULE 4: ACND HOTSIM Familiarization

A.  Architecture

B.  Virtual Workstation Setup

C.  Simulator ACND Tools

    • HIDS – OSSEC
    • NIDS – SNORT
    • Firewall – IPCop
    • Mail (SMTP) Filtering – Symantec Mail Security
    • Switches – Cisco
    • External Router – Cisco
    • Useful Windows Commands

D.  Simulator Services

    • Active Directory
    • DHCP
    • Internal DNS
    • Mail (Exchange)
    • External DNS
    • WWW


MODULE 5: ACND HOTSIM Familiarization Labs

A.  Simulator Connectivity / Setup

B.  Simulator CND Tools Lab

    • HIDS – OSSEC
    • NIDS – SNORT
    • Firewall – IPCop
    • Mail (SMTP) Filtering – Symantec Mail Security
    • Switches – Cisco
    • External Router – Cisco
    • Useful Windows Commands

C.  Simulator Services Lab

    • Mail (Exchange)
    • Active Directory
    • DHCP


MODULE 6: ACND Scenario Prep

A.  Team Concept

B.  Response vs. Prevention

C.  ROEs

E.  Scenario Overview

F.  Scenario Walkthrough


MODULE 7: Protocol Abuse

A.  Definition of Protocol Abuse

B.  Tunneling and C2 (Command and Control)

C.  ICMP Abuse


E.  DNS Abuse

F.  Prevention

G.  Defense



A.  Definition of DOS / DDOS

B.  Types of DOS / DDOS

C.  Prevention

D.  Defense


MODULE 9: Botnets

A.  Definition

B.  Traditional Botnets

C.  Modern Botnets

D.  Anatomy of Botnet

E.  Botnet Usage

F.  Defense and Prevention


MODULE 10: ACND Buffer Overflow Exploits

  • General Info
  • Terminology
  • Stack-Based Overflow
  • The Exploit
  • NOP Sled


MODULE 11: ACND Password Protection and Malware

  • What is privileged account password protection?
  • Methods to obtain passwords
  • Password Defensive Countermeasures
  • Malware Definition
  • Malware Terminology
  • Type Descriptions
  • Case Studies



3-5 years of recent System Administration/Network Management



Course Coordinator and Lecturer:

Christian Espinosa is the R&D Director for EADS NA Defense Security and Systems Solutions, Inc. (DS3).  Christian holds a BS in Engineering from the U.S. Air Force Academy and an MBA in Computer and Information Management from Webster University.


Christian was stationed with the Air Force at Brooks AFB, Texas where he managed 14 personnel in support of a 500 node network.  In 1996, Christian took a Network Engineering position at Scott AFB, IL.  As a Network Engineer for Air Mobility Command (AMC), Christian designed and installed numerous networks, including the AMC Terminals for BWI and Seattle-Tacoma International Airports. Christian also completed the MCSE and taught night and weekend courses as an Adjunct Faculty member for Southwestern Illinois College.


Christian left the Air Force in 1999 and worked as a Senior Security Engineer in Scope Network.  Christian was instrumental in establishing procedures for network and security review and optimization.  Christian traveled to over 50 locations worldwide to optimize and secure DoD networks.  Christian became a Microsoft Certified Trainer (MCT) and established a Microsoft Certified Technical Education Center.


In 2002, Christian worked for ARC Information Assurance Institute, Inc. as a Senior Information Security Consultant.  Christian was instrumental with the original simulator and defense training concepts for the Joint Cyber Operations Range.  Christian also worked with the Defense Information Systems Agency (DISA) as a Network Information Assurance Officer, responsible for the security of the Global Information Grid for the Department of Defense.  In 2005, Christian took a position with DS3 as the Chief Engineer.  As Chief Engineer, Christian was instrumental in the development of the Computer Network Defense block of the Air Force Undergraduate Network Warfare Training (UNWT) School.


Christian has held over 15 industry certifications, including the CISSP, MCSE, CCSP, MCT, and CFSO.  Christian is currently pursuing a Ph. D. in Information Security.


Directions to AFCEA Headquarters     Restaurants Near AFCEA      AFCEA Travel Info


AFCEA complies with the Americans with Disabilities Act of 1990. Attendees with special needs should call (703) 631-6130 or email the PDC outlining requirements.


AFCEA will confirm that a course session is a "go" no later than Oct-18-2011, 14 days prior to the start date of the course. Please see the PDC FAQ for additional course cancellation details.


Please see the PDC FAQ for registration cancellation instructions and other PDC policies.

PDC Home | Education Home | Payment Authorization

All Courses offered in Fairfax, VA unless indicated
TELEPHONE: 1-703-631-6137 or 6135 or 1-800-336-4583, ext. 6137 or 6135
FAX: 703-631-6172 | E-Mail:

Connect with the AFCEA Educational Foundation

Like our Scholarship page on Facebook!
Follow us on Twitter
Shutterfly Photo Gallery
Event Presentations

About Us
Mission Statement
Board of Directors

Scholarships and Awards
Scholarship General Info
STEM Scholarships
STEM Teaching Tools
Scholarship Winners
Awards for Individuals
Awards for Chapters

Sponsors & Donors
Signature Sponsors
Leadership Society
Sponsorship Opportuniuties
Annual Fund Drive
Donor Recognition

Contact Us
Contact Us

AFCEA Educational Foundation
4400 Fair Lakes Court
Fairfax, VA 22033
(800) 336-4583
  © AFCEA International