MASTERING CYBERSECURITY
The Center for Continuing Education and
Workforce Development BMCC - White Hat Program

Our Courses-by-Design

CSGA Cyber College in Partnership with the Center for Continuing Education and Workforce Development at BMCC is proud to introduce our new online course content to you based on our online and fully mentored programs starting this September 2025

Cyber Defense (White Hat Program)

This is our primary online and fully mentored cybersecurity program that is endorsed by the U.S. Department of Commerce through Terranova Aerospace and Defense Group in partnership with Cyber Security Global Alliance.

Halt-A-Hack Program

This is a short 4-hour program, designed to help students build awareness in cybersecurity and cyber threat issues and topics.

Immediate Immersion (Pre-Education Program)

This is our signature pre-qualifier program that is part of the BMCC Cybersecurity White Hat Program.

Lunch and Learn Sessions

This is a 2-hour program over lunch to introduce you to the CSGA Cyber College in Partnership with the Center for Continuing Education and Workforce Development at BMCC's online and fully mentored Cyber Defense White Hat Program. Our application process and to answer any of your questions. This will allow us to learn more about you as well.

CSGA Cyber College and Terranova Aerospace and Defense Group in Partnership with the Center for Continuing Education and Workforce Development at BMCC

~ Endorsed by the U.S. Department of Commerce ~

Our Courses-by-Design

CSGA Cyber College in Partnership with the Center for Continuing Education and Workforce Development at BMCC – Immediate Immersion Pre-Program

The Immediate Immersion Pre-Program is designed to help prospective students with no prior experience in cyber defense determine whether the PRIME Cyber Defense Online Program is the right fit for them. This preparatory course serves as a required first step before entering the Cyber Defense White Hat Program.

Eligibility:
To participate, applicants must have successfully completed Grade 12 or an equivalent level of education. If accepted into the White Hat Program, you will first be enrolled in the Immediate Immersion Pre-Qualifier. This allows us to assess your readiness and ensure the program aligns with your goals and capabilities.

Cost:
The Immediate Immersion Program is free for anyone who has registered, paid, or secured approved financing for the Cyber Defense White Hat Program—a savings of $1,500 USD.

Important Note:
All students accepted into the CSGA Cyber Defense White Hat Program will undergo a formal background security screening. This vetting process, conducted with the support of our student community, ensures that each graduate is matched with a suitable and secure work environment upon program completion.

CSGA Immediate Immersion
Pre-Program

The field of Information Security is tasked with defending against an ever-growing array of threats targeting businesses and government organizations. While strengthening computer and network infrastructure through patching, firewalls, and intrusion prevention systems is essential, these tools alone are not enough to eliminate all risks. Skilled professionals are needed to monitor these systems, identifying threats that slip past automated defenses. This is where Security Operations Center (SOC) analysts play a critical role—they are the last line of defense, responsible for detecting and responding to threats that evade initial protections. Although the SOC analyst role is often considered entry-level, it demands a strong foundation of knowledge and technical skill to be effective.

Measuring the success of a SOC is inherently challenging. Cyber threats are constantly evolving, making the landscape a moving target. Success is generally defined by the ability to reduce organizational risk through timely detection, effective remediation, and the automation of defenses against known threats. However, most SOCs today struggle to meet these goals. Analysts often lack the necessary tools, procedures, and training to address the full spectrum of modern threats. The difficulty of the role is frequently underestimated, making it hard to initiate honest conversations about the challenges SOC teams face.

One of the biggest hurdles in building effective SOC teams is the lack of qualified entry-level candidates. Many applicants have little to no formal training in information security. Realistically, the most that can be expected from a new SOC analyst is a strong interest in cybersecurity and a basic understanding of networking—both of which are prerequisites for this course. In this six-week "on-ramp" program, you will gain hands-on experience working with a managed security service provider (MSSP) that delivers outsourced security services to a variety of clients.

Throughout the course, you will investigate security alerts by analyzing network traffic. We've designed the curriculum to give you practical experience interpreting alerts through three realistic, hands-on scenarios. Future courses will expand on this foundation, covering topics such as log analysis, malware analysis, digital forensics, and incident response.

Course Outline

Immediate Immersion 2025 includes the following tasks:

1. Exploit a website and fix its vulnerabilities Students learn to think like attackers. They investigate a defense contractor’s website surreptitiously, fix a vulnerability, and remove malware.

To accomplish this, they must use an LFI exploit uncovered by human intelligence to access the web server themselves and then crack the webmaster’s encrypted password, so they can remove the malware and patch the vulnerability that left the system open to attack.

OBJECTIVE: Think like an attacker
OBJECTIVE: Exploit a website using a local file inclusion vulnerability OBJECTIVE: Crack a password
OBJECTIVE: Determine if a website has embedded malware OBJECTIVE: Conduct online technical research
OBJECTIVE: Patch the code of a website to eliminate a local file inclusion

Vulnerability

2. Investigate suspicious behavior - You receive a report that an employee had unusual text on his screen which didn’t seem to be work-related. The company’s security team captured a recording of that employee’s network traffic from the time of the report. Your task is to use two traffic analysis tools to determine what the employee was doing. Was his activity benign—or was this evidence of an insider attack?

OBJECTIVE: Conduct an investigation of a cybersecurity incident OBJECTIVE: Analyze network traffic using Network Miner OBJECTIVE: Analyze network traffic using Wireshark

3. Analyze malicious network traffic - You will analyze suspicious network traffic moving in and out of a US military aide’s personal laptop. Using packet capture (PCAP) files, you will determine

if it was infected by malware and if so what malware and how did the infection occur.

OBJECTIVE: Analyze suspicious network traffic in a PCAP using Snort and Wireshark.

OBJECTIVE: Recognize a cushion redirect in network traffic. OBJECTIVE: Recognize the identifying features of a specific exploit kit.

OBJECTIVE: Recognize a malware payload being transferred to a targeted host.

Who Should Enroll

Students who wish to explore a career in cybersecurity to determine if it is right for them. The ideal student is intensely curious, unwilling to give up on a problem no matter how difficult it is and predisposed toward self-directed learning.

Learning Outcomes

Students will learn and practice key SOC analyst skills including:

• Conducting online technical and open-source intelligence research
• Analyzing and verifying Snort alerts
• Distinguishing between true and false positive alerts
• Analyzing packet capture (PCAP) files
• Analyzing suspicious user behavior
• Identifying vulnerabilities based on vulnerability scans
• Distinguishing between attacks and vulnerability scans
• Identifying open ports using scanners such as NMAP, Nikto, and WPScan
• Identifying OS/Application fingerprints
• Analyzing attacks that employ exploit kits.

Prerequisites

1. Only basic computer skills are required, but basic knowledge of computer networks, protocols, and the fundamentals of operating systems is strongly recommended.

2. Taking and passing a free pre-assessment is REQUIRED before students are allowed to register for this program. If students have an IT background, they can ask to be exempted from this requirement.

Additional Info

Textbook: Practical Packet Analysis: Using Wireshark to Solve Real-World Network Problems, 3rd Edition by Chris Sanders is highly recommended for this course (ISBN-13: 978-1593278021).

It can be ordered from nostarch.com (purchases made from nostarch.com include a full-text searchable e-book version of the text, available for download immediately after purchase) (Links to many additional online learning resources are provided within the course, specific to each task.)

Students must successfully complete Immediate Immersion 2025 to be permitted to enroll in the next course in this program, CSGA Cyber College: Defense. Success will be assessed by a student’s mentors whose decision is final.

CSGA Immediate Immersion Pre-Program

Our Courses-by-Design

CSGA Cyber College in Partnership with the Center for Continuing Education and Workforce Development at BMCC – CSGA Cyber Defense "White Hat" Program

The CSGA Cyber Defense "White Hat" Program is designed to help prospective students with no prior experience in cyber defense determine whether the PRIME Cyber Defense Online Program is the right fit for them. This preparatory course serves as a required first step before entering the Cyber Defense White Hat Program.

Eligibility:
To participate, applicants must have successfully completed Grade 12 or an equivalent level of education. If accepted into the White Hat Program, you will first be enrolled in the Immediate Immersion Pre-Qualifier. This allows us to assess your readiness and ensure the program aligns with your goals and capabilities.

Cost:
The Immediate Immersion Program is free for anyone who has registered, paid, or secured approved financing for the Cyber Defense White Hat Program—a savings of $1,500 USD.

Important Note:
All students accepted into the CSGA Cyber Defense White Hat Program will undergo a formal background security screening. This vetting process, conducted with the support of our student community, ensures that each graduate is matched with a suitable and secure work environment upon program completion.

CSGA Cyber Defense
"White Hat" Program

CSGA Cyber Defense "White Hat" Program builds upon the foundational skills students developed in Cyber Attack and Defense: Immediate Immersion 2020. This 13-week course, requiring approximately 25 hours of study per week, is designed to equip students with robust defensive cybersecurity skills. By the end of the program, participants will be well-prepared for entry-level roles such as Security Operations Center (SOC) analysts and digital forensics analysts.

Students engage in six realistic, hands-on tasks delivered through a secure private cloud environment. Each task spans one to two weeks and is supported by expert mentorship, personalized feedback, and a wealth of online learning resources. The course is set within a fictional but highly realistic scenario, placing students in the role of a junior analyst working for a government cyber operations agency. This immersive context helps bridge the gap between theory and practice, ensuring students gain practical, job-ready experience.

Course Outline

CSGA Cyber College: Cyber Defense builds on the defensive skills and experience students gained in Cyber Attack and Defense: Immediate Immersion 2025. The course is designed to impart a strong foundation of defensive information security skills in 13 weeks of study at 25 hours per week, preparing students for entry-level careers as security operations center analysts and digital forensics analysts.

Students work through 6 on-line real-life tasks (spending 1-2 weeks per task) in a private cloud environment with help, advice, and feedback from a knowledgeable mentor and extensive on-line learning resources. The tasks are embedded in the realistic, but fictional, context of work as an entry-level employee of a government cyber operations agency.

CSGA – Cyber Defense includes the following tasks:

1. Analyze a remote intrusion attempt

A security operations center analyst has seen evidence of a password cracking attempt within a key network. Students analyze a packet capture file (PCAP) and event logs within a security information and event management system (the Splunk SIEM) to determine if any passwords were compromised and if the network was breached as a result. The student must also identify which tools were used by the attacker and which steps should be taken to safeguard specific hosts in the network from similar cracking attempts in the future.

OBJECTIVE: Analyze suspicious network traffic in a PCAP using Wireshark. OBJECTIVE: Analyze network and system logs using Splunk

OBJECTIVE: Cross-correlate events seen in a PCAP with events seen in logs OBJECTIVE: Recognize a Hydra brute-forcing attack

OBJECTIVE: Determine if a brute-forcing attack has been successful Tasks 2 through 6 are set in the context of a single complex cyber-attack.

2. Investigate an incident using a SIEM

Students analyze a possible “watering hole” attack in which clicking on a malicious link embedded in an otherwise legitimate website launches an exploit kit that infects a user’s machine with a “banking trojan.” To accomplish this, they must analyze multiple logs within the Splunk SIEM.

OBJECTIVE: Analyze network and system logs using Splunk
OBJECTIVE: Pivot among multiple logs using Splunk’s search facilities
OBJECTIVE: Identify possible indicators of compromise
OBJECTIVE: Determine if devices are likely to have been infected using indicators of compromise
OBJECTIVE: Tentatively identify the malware used and the intent of the attack

3. Begin to understand malware:

Students use a “hash” of a possible malware-containing file to conduct research using VirusTotal, online sandboxes, and open-source intelligence sources to determine specific indicators of compromise to guide forensic analysis of memory and file system images of infected devices.

OBJECTIVE: Use Virus Total to identify a malware sample
OBJECTIVE: Use advanced features of Virus Total to learn detailed information about a malware sample
OBJECTIVE: Use the Hybrid Analysis sandbox to perform static and dynamic analysis of a malware sample
OBJECTIVE: Use open-source threat intelligence to learn more about specific malware

4. Examine a compromised host’s memory

Students perform a forensic examination of a memory image taken from a computer to identify sophisticated malware that infected the system.

OBJECTIVE: Acquire a working knowledge of process structures in memory using Volatility

OBJECTIVE: “Know normal to find evil”
OBJECTIVE: Formulate a plan for a memory forensics investigation
OBJECTIVE: Recognize malware “footprints” in a forensic memory image
OBJECTIVE: Locate a malicious binary in a forensic memory image
OBJECTIVE: Corroborate findings with other sources such as [Splunk] SIEM logs
OBJECTIVE: Identify malware actions such as privilege escalation and browser hooking

5. Conduct a forensic disk examination

Students perform disk forensics on an infected system. By analyzing an image of the computer’s file system, the students are able to identify malware infections and to create a timeline for the attack.

OBJECTIVE: Analyze a forensic disk image and identify indicators of compromise using Autopsy.

OBJECTIVE: Generate a timeline of suspicious events in a forensic disk image.
OBJECTIVE: Determine how a device was infected and what malware variant was used.

6. Close your investigation

Students are asked to conclude their investigation by compiling a timeline for the attack and writing a comprehensive report for technical and non-technical Stakeholders.

OBJECTIVE: Cross-correlate information from a range of sources
OBJECTIVE: Combine information from a range of sources into a comprehensive report
OBJECTIVE: Communicate a complex story effectively to technical and non-technical audiences.

Who Should Enroll

Students who have successfully completed cyber academy: Immediate Immersion and who aspire to professional careers in defensive cyber security.

Learning Outcomes Students will learn to:

• Analyze network traffic
• Analyze network and system logs using security information and event monitoring system
• Cross-correlate log information and network packet traffic
• Use online sandboxes for static and dynamic analysis of malicious executable files to identify indicators of compromise
• Use threat intelligence
• Identify malware
• Perform memory forensics
• Perform disk forensics
• Compile a comprehensive timeline of a cyber attack
• Report appropriately to technical and non-technical stakeholders

In addition to the task-based curriculum, an implicit curriculum runs throughout the course via which students will learn and practice the cognitive skills essential for success in all areas of information security.

These include:

• Understanding complex, novel problems
• Effectively researching solutions
• Designing and testing solutions
• Self-directed learning

Prerequisites

Successful completion of The Cyber Academy: Immediate Immersion. Only basic computer skills are required, but basic knowledge of computer networks and protocols and the fundamentals of operating systems is strongly recommended.

CSGA Cyber Defense
"White Hat" Program

Our Courses-by-Design

CSGA Cyber College in Partnership with the Center for Continuing Education and Workforce Development at BMCC – Halt-A-Hack Program

The Halt-A-Hack is designed to help prospective students with no prior experience in cyber defense determine whether the PRIME Cyber Defense Online Program is the right fit for them. This preparatory course serves as a required first step before entering the Cyber Defense White Hat Program.

Eligibility:
To participate, applicants must have successfully completed Grade 12 or an equivalent level of education. If accepted into the White Hat Program, you will first be enrolled in the Immediate Immersion Pre-Qualifier. This allows us to assess your readiness and ensure the program aligns with your goals and capabilities.

Cost:
The Immediate Immersion Program is free for anyone who has registered, paid, or secured approved financing for the Cyber Defense White Hat Program—a savings of $1,500 USD.

Important Note:
All students accepted into the CSGA Cyber Defense White Hat Program will undergo a formal background security screening. This vetting process, conducted with the support of our student community, ensures that each graduate is matched with a suitable and secure work environment upon program completion.

CSGA HALT-A-HACK PROGRAM

Important Note:

Halt-A-Hack is a stand-a-lone program that is provided to all our paid students FREE of charge. This is a 4-hour certificate program for our graduates and in mandatory to complete your training.

Our Courses-by-Design

CSGA Cyber College in Partnership with the Center for Continuing Education and Workforce Development at BMCC – Lunch and Learn Program

The Lunch and Learn is designed to help prospective students with no prior experience in cyber defense determine whether the PRIME Cyber Defense Online Program is the right fit for them. This preparatory course serves as a required first step before entering the Cyber Defense White Hat Program.

Eligibility:
To participate, applicants must have successfully completed Grade 12 or an equivalent level of education. If accepted into the White Hat Program, you will first be enrolled in the Immediate Immersion Pre-Qualifier. This allows us to assess your readiness and ensure the program aligns with your goals and capabilities.

Cost:
The Lunch and Learn will cost $??.?? for anyone who is interested in joining the Cyber Defense White Hat Program..

Important Note:
All students accepted into the CSGA Cyber Defense White Hat Program will undergo a formal background security screening. This vetting process, conducted with the support of our student community, ensures that each graduate is matched with a suitable and secure work environment upon program completion.

CSGA Cyber Defense Lunch and Learn

Lunch and Learn Sessions - Coming Soon