Boot Camp

SCADA/ICS Security Training Boot Camp

Learn the best practices for securing SCADA networks and systems. This boot camp teaches you how to defend against both internal and external attackers to provide holistic security for critical industrial automation systems.

4.3 (365 ratings)

Get certified, guaranteed

Everything you need to earn your CSSA

  • 1-Year access to all boot camp video replays and materials
  • 100% Satisfaction Guarantee
  • Exam Pass Guarantee
  • Exam voucher
  • Free annual Infosec Skills subscription ($299 value!)
  • Hands-on cyber ranges and labs
  • Knowledge Transfer Guarantee
  • Onsite proctoring of exam
  • Pre-study learning path
  • Unlimited practice exam attempts
Wistia video thumbnail

What you'll learn

Training overview

From the power grid to water treatment facilities, SCADA controls our nation’s mission-critical infrastructure. Infosec’s ICS/SCADA Boot Camp builds your homeland security skills by teaching you how to assess and secure SCADA systems — and you’ll gain hands-on experience on the latest threats via our SCADA Cyber Range.

You’ll learn everything from field-based attacks to automated vulnerability assessments for SCADA networks. The boot camp also prepares you to pass the CSSA certification exam and become a Certified SCADA Security Architect.

Before your boot camp

Prerequisites

  • Understanding of computer hardware and operating systems
  • Basic knowledge of SCADA systems

    Syllabus

  • SCADA/ICS Overview
      • Introduction to CSSA
      • Industrial Control Systems (ICS)
      • Types of ICS
      • ICS components
      • BPCS & SIS
      • Control system strengths and weaknesses
      • ICS PCN & protocols
      • PCN evolution
      • And more!
  • SCADA security governance
      • Threat to SCADA
      • SCADA attacks and threats case studies
      • Lab: Attacking the infrastructure
      • SCADA security challenge
      • Security frameworks, strategy, policies
      • Standards, procedures and guidelines
      • SCADA security standards bodies (NIST / ISA / CFATS / NERC CIP)
      • Risk management process
      • Lab: “Theoretical” assessment with CSET
      • SCADA security assessment methodology
      • NESCOR guide to vulnerability assessment
  • Pentesting SCADA systems
      • Security assessment strategy
      • Pentesting steps
      • Safety and security considerations
      • Information gathering
      • Architecture analysis
      • Host, application and platform fingerprinting
      • DNS and SNMP recon
      • Lab: SNMP recon
      • Host and port scanning
      • Security considerations
      • Scanning tools and techniques
      • Lab: Scanning ICS/SCADA networks
      • Network communications capture and analysis
      • RF signal capture
  • Pentesting SCADA systems continued
      • Sniffing network traffic
      • Device functionality analysis
      • Lab: Datasheet analysis
      • Vulnerability identification
      • Common SCADA vulnerabilities
      • Finding vulnerabilities
      • Physical access
      • Vulnerability scanning
      • Server OS testing
      • Patch levels
      • Default and insecure configurations
      • Authentication and remote access
      • Firmware analysis
      • Attacking ICS
      • Attacking standard services (HTTP, FTP)
      • Attacking server OS
      • Lab: Exploiting OS-level vulnerabilities (Shellshock exploit)
      • Attacking ISC Protocols
      • Lab: Capturing and manipulating protocol data
      • Attacking wireless communications
      • Lab: Recovering ZigBee network keys
      • Lab: WEP/WPA2 password cracking
  • SCADA security controls
      • Categorization of system controls
      • Physical security & safety
      • Identification, Authentication & Authorization (IA&A)
      • IA&A and access control
      • Remote access security
      • Encryption
      • Logical security
      • Lab: Firewall rule design
      • Monitoring, detection and protection
      • And more!

Syllabus

Training schedule

Guaranteed results

Our boot camp guarantees

Exam Pass Guarantee

If you don’t pass your exam on the first attempt, get a second attempt for free. Includes the ability to re-sit the course for free for up to one year (does not apply to CMMC-AB boot camps).

100% Satisfaction Guarantee

If you’re not 100% satisfied with your training at the end of the first day, you may withdraw and enroll in a different online or in-person course.

Knowledge Transfer Guarantee

If an employee leaves within three months of obtaining certification, Infosec will train a different employee at the same organization tuition-free for up to one year.

Unlock team training discounts

If you’re like many of our clients, employee certification is more than a goal — it’s a business requirement. Connect with our team to learn more about our training discounts.

Enroll in a boot camp

  • January 9, 2023 - January 13, 2023

    Online only

    Exam Pass Guarantee
  • March 13, 2023 - March 17, 2023

    Online only

    Exam Pass Guarantee
  • June 5, 2023 - June 9, 2023

    Online only

    Exam Pass Guarantee
  • September 11, 2023 - September 15, 2023

    Online only

    Exam Pass Guarantee
  • November 6, 2023 - November 10, 2023

    Online only

    Exam Pass Guarantee