Path icon Learning Paths
Skills

Cyber Defense Analyst | PR-CDA-001 | Work Role 511

  • Number of Courses27 courses
  • Duration42 hours

A cyber defense analyst uses defensive measures and information collected from a variety of sources to identify, analyze, and report events that occur or might occur within the network to protect information, information systems, and networks from threats.

 

This path will get you started on your journey to becoming a cyber defense analyst! Begin with the fundamental concepts of networking and endpoint security through hands-on labs, dive into the essential skills necessary to perform the day-to-day functions and then expand your skill set with tools, more advanced concepts and knowledge from adjacent roles!

Path estimated completion time is ~40 hours for total content.

 

This path aligns to the Knowledge, Skills, Abilities and Tasks (KSAs) within the Workforce Framework for Cybersecurity (CSWF) and the DoD Cyber Workforce Framework (DCWF) for the work role of:

Cyber Defense Analyst Work Role 511 or PR-CDA-001

 

For complete coverage of skill paths and tooling for the Cyber Defense Analyst role, please navigate to the SOC Analyst Channel

Courses in this path

Fundamentals

Begin your learning journey with the fundamental concepts of operating systems, networking and endpoint security through some hands-on labs and courses!

*Note the lab length is showing the allotted time that the environment will be open and available before resetting. The estimated completion time of each lab is 45 minutes.

Enterprise Security: Executive Briefing

  • by Aaron Rosenmund
  • 39m Duration
  •  (35)

Identify Common Cyber Network Attacks with Wireshark

  • by Chris Greer
  • 2h 34m Duration
  •  (41)

Linux Endpoint Security: Processes

  • by Aaron Rosenmund
  • 25m Duration
  •  (11)

Windows Endpoint Security: Networking

  • by Michael Teske
  • 21m Duration

Role Essentials

Now that you know the fundamentals, dive into the essential skills necessary to perform the day-to-day functions of a cyber defense analyst.

Security Event Triage: Operationalizing Security Analysis

  • by Aaron Rosenmund
  • 54m Duration
  •  (29)

Security Event Triage: Detecting Malicious Traffic with Signature and Session Analysis

  • by Guillaume Ross
  • 1h 59m Duration
  •  (21)

Security Event Triage: Leveraging Existing Security Device Alerts

  • by Daniel Lachance
  • 1h 18m Duration

Security Event Triage: Monitoring Assets and Topology

  • by Daniel Lachance
  • 1h 36m Duration

Security Event Triage: Detecting Network Anomalies with Behavioral Analysis

  • by Aaron Rosenmund
  • 2h 50s Duration
  •  (20)

Security Event Triage: Monitoring Network Application Services

  • by Alan Monnox
  • 2h 32m Duration

Security Event Triage: Revealing Attacker Methodology in Web Application Events

  • by Aaron Rosenmund
  • 2h 8m Duration

Security Event Triage: Analyzing Live System Process and Files

  • by Cristian Pascariu
  • 1h 34m Duration
  •  (14)

Security Event Triage: Detecting System Anomalies

  • by Aaron Rosenmund
  • 1h 47m Duration
  •  (19)

Security Event Triage: Statistical Baselining with SIEM Data Integration

  • by Cristian Pascariu
  • 1h 31m Duration
  •  (14)

Expanded Skill Set

It's time to expand your skill set with tools, more advanced concepts and emerging trends and vulnerabilities!

This section gives you a brief introduction into many, additional skills that you will find helpful as a cyber defense analyst. We have full training paths on all of these skills; see the Supplemental Skill Paths section to learn more.

Incident Response: Detection and Analysis

  • by Aaron Rosenmund
  • 2h 18m Duration
  •  (25)

PowerShell Functions for Security Analysis

  • by Liam Cleary
  • 1h 50m Duration

Network Activity and Packet Analysis with Python

  • by Sean Wilkins
  • 2h 15m Duration

System Services and Activity Monitoring with Python

  • by Sean Wilkins
  • 1h 46m Duration

Network Security Monitoring with Suricata

  • by Open Information Security Foundation (OISF)
  • 2h 28m Duration

Elastic Stack: Getting Started

  • by Aaron Rosenmund
  • 1h 41m Duration
  •  (88)

Blue Team Tools: Defense against Adversary Activity Using MITRE Techniques

  • by Aaron Rosenmund
  • 19m Duration
  •  (25)

Adjacent Roles

Now that you've mastered all the skills for cyber defense analyst, learn about additional cyber roles and their responsibilities.

Network Security Basics

  • by Ross Bagurdes
  • 2h 58m Duration
  •  (22)

Pen Testing: Planning, Scoping, and Recon

  • by Alexander Tushinsky
  • 1h 13m Duration

Red Team Tools for Emulated Adversary Techniques with MITRE ATT&CK

  • by Aaron Rosenmund
  • 17m Duration
  •  (20)

Information and Cyber Security Literacy: Governance, Risk, and Compliance

  • by John Elliott
  • 59m Duration

Security Compliance, Governance, and Frameworks

  • by Richard Harpur
  • 1h 41m Duration
  •  (11)

Cryptography: Executive Briefing

  • by John Elliott
  • 29m Duration
  •  (19)

Learn with the best

Aaron Rosenmund
Aaron Rosenmund
Aaron M. Rosenmund is a cyber security operations subject matter expert, with a background in federal and business defensive and offensive cyber operations and system automation. Leveraging his administration and automation experience, Aaron actively contributes to multiple open and closed source security operation platform projects and continues to create tools and content to benefit the community. As an educator & cyber security researcher at Pluralsight, he is focused on advancing cyber secur... more
Chris Greer
Chris Greer
Chris Greer is a network analyst for Packet Pioneer, delivering training and packet analysis consulting services to customers all over the world. He specializes in using Wireshark to combat network and application performance problems on networks of all sizes. Chris leverages his 20 years of practical experience in network monitoring, analysis, and troubleshooting to heighten the experience of any attendee to his interactive and energetic courses. When he is not digging deep into packets or te... more
Michael Teske
Michael Teske
Michael Teske is an Author Evangelist with Pluralsight helping people build their skills toolkit. Michael has 20+ years of experience in the IT Ops industry including 17 of those years as an IT instructor at a technical college focusing on Microsoft server infrastructure solutions as well as Microsoft enterprise applications including automation using PowerShell. During his time as an instructor, Michael has developed curriculum for several courses as well as authored curriculum for Microsoft's ... more
Guillaume Ross
Guillaume Ross
Guillaume Ross is an experienced information security professional, providing services to many organizations as the lead consultant and founder of Caffeine Security Inc. Having worked in multiple verticals, from Fortune 50 to startups, his specialty is providing the right security program and architecture for each specific environment and company, and leading blue teams.
Daniel Lachance
Daniel Lachance
Daniel Lachance, CompTIA Security+, CompTIA A+®, CompTIA Network+®, CompTIA Server+, CompTIA Cloud Essentials, MCITP, MCTS, MCSA, is the owner of Lachance IT Consulting Inc. He is the author of the CompTIA Server+ Certification All-in-One Exam Guide, CompTIA Cloud Essentials Certification Study Guide, and co-author of CompTIA Security+ Certification Practice Exams. Mr. Lachance is an experienced trainer having delivered IT training in Canada and the Caribbean since the 1990s on topics ranging f... more
Alan Monnox
Alan Monnox
Alan is the Lead Architect for the cyber security company Reveille Security. He is also the author of the book Rapid J2EE Development published by Prentice Hall. Alan’s tenure in the IT industry goes back over several decades and during that time he has been fortunate to work on many large-scale systems for a range of business-sectors and industries, including energy, finance, retail and healthcare. His core skills are in information security, solution architecture, and systems integration. Much... more
Cristian Pascariu
Cristian Pascariu
Cristian took part in auditing and implementation of infosec capabilities to uplift security posture. He managed codification efforts to extract indicators of compromise and created rules in the scope of defending against new emerging threats. He has also developed tools and scripts to overcome security gaps within the corporate network. Cristian has mentored L1 and L2 analysts to increase triage efficiency and combat new threats. He has experience in the field of Application Security and has pr... more
Liam Cleary
Liam Cleary
Liam began his career as a trainer of all things computer-related. He quickly realized that programming, breaking, and hacking were much more fun. Liam spent the next few years working within core infrastructure and security services. He is the founder and owner of SharePlicity, a consulting company that focuses on Microsoft 365 and Azure technology. His role within SharePlicity is to help organizations implement Microsoft 365 and Azure technology to enhance internal and external collaboration, ... more
Sean Wilkins
Sean Wilkins
Sean Wilkins is an accomplished networking consultant and writer for Tech Building Blocks (www.techbuildingblocks.com) who has been in the IT field for over 20 years working with several large enterprises. Sean holds certifications with Cisco (CCNP/CCDP), Microsoft (MCSE) and CompTIA (A+ and Network+). His educational accomplishments include: a Master’s of Science in Information Technology with a focus in Network Architecture and Design, and a Master’s of Science in Organizational Management.
Open Information Security Foundation (OISF)
Open Information Security Foundation (OISF)
The Open Information Security Foundation is a a 501(c)3 nonprofit organization created to build community and to support open source security technologies like Suricata, the world-class IDS/IPS network monitoring engine.
Ross Bagurdes
Ross Bagurdes
Ross has had a diverse career. He has a Structural Engineering degree from Milwaukee School of Engineering, but gave up the career shortly after graduating from college. Beginning in 1997, Ross began officially working in IT, implementing and supporting a paperless work order system for a Natural Gas Utility in Illinois. Since then, Ross has spent his years teaching and managing data networks. Ross spent 7 years at University of Wisconsin Hospitals and Clinics, supporting and managing the large ... more
Alexander Tushinsky
Alexander Tushinsky
Alex has spent the past 30+ years working as a software developer, application architect, cybersecurity professional, and technical trainer. He is a lifelong learner and holds over 20 active certifications in IT. Alex is a Microsoft Certified Trainer and enjoys sharing his knowledge with others. He has taught at Rutgers University, Bergen Community College, County College of Morris, College of Southern Nevada, and UNLV. He holds a BS in Software Development and a Masters in Cybersecurity from We... more
John Elliott
John Elliott
John Elliott is a specialist in regulated security and data protection. His fascination is the way that people engage with security directives: whether that’s a company following external regulation, an information security team developing policies, an IT team following them, or a colleague who is just trying to do their job securely. John has led information security and data protection functions in aviation and financial services. He’s represented both Visa Europe and Mastercard on the PCI S... more
Richard Harpur
Richard Harpur
Richard is a highly experienced technology leader with a remarkable career ranging from software development, project management through to C-level roles as CEO, CIO, and CISO. Richard is highly rated and ranked in Ireland's top 100 CIOs. As an author for Pluralsight - a leader in online training for technology professionals - Richard's courses are highly-rated in the Pluralsight library and focus on teaching critical skills in cybersecurity including ISO27001 and Ransomware. As a Certified Info... more

Join our learners and upskill
in leading technologies