Advanced Adversary profiling Mastery: Bootcamp Unit
RCCE students will learn Active Directory security including AD architecture, authentication protocols (Kerberos, NTLM), group policy security, trust relationships, privilege escalation paths, and AD attack detection. RCCE students will learn to assess Active Directory environments for security weaknesses, identify misconfigured permissions, detect Kerberoasting, AS-REP roasting, DCSync, Golden Ticket, and Silver Ticket attacks, implement tiered administration models, configure AD security monitoring with Windows event logs, harden group policy configurations, clean up stale accounts and excessive permissions, and respond to AD compromise with containment and recovery procedures. This advanced mastery course challenges experienced practitioners with complex scenarios, expert-level techniques, and nuanced decision-making. Building on core knowledge, RCCE students will learn to handle the most demanding situations in this domain, developing the expertise expected of senior security professionals. Students tackle multi-layered problems that require synthesizing knowledge across multiple disciplines.
- Security Engineers building defensive controls
- Security Analysts and Blue Team members
- Systems Administrators with security responsibilities
- GRC and Risk Professionals supporting controls
- Professionals implementing Advanced Adversary profiling Mastery: Bootcamp Unit
- Execute hands-on tasks for advanced adversary profiling mastery
- Execute hands-on tasks for active directory security
- Explain Course Overview fundamentals
- Execute hands-on tasks for what you will master
- Execute hands-on tasks for skills you will gain — covering AD architecture and security models, AD environments for weaknesses.
- Execute hands-on tasks for learning objectives
- Design a scalable privilege management architecture with policy and enforcement
- Execute hands-on tasks for implement tiered admin — covering forests, domains, trusts, and OUs, Deploy privilege tier model.
- Monitor and audit privilege usage; detect escalation attempts
- Execute hands-on tasks for harden group policy — covering Evaluate Kerberos and NTLM weaknesses, Secure GPO configurations, Identify Kerberoasting, DCSync, tickets.
- Execute hands-on tasks for map forests, domains, trusts, and ous — covering Deploy privilege tier model.
- Execute hands-on tasks for evaluate kerberos and ntlm weaknesses — covering Secure GPO configurations.
| Module 01 | Advanced Adversary Profiling Mastery |
| Module 02 | Active Directory Security |
| Module 03 | Course Overview |
| Module 04 | What You Will Master |
| Module 05 | Skills You Will Gain |
| Module 06 | Learning Objectives |
| Module 07 | Analyze AD Architecture |
| Module 08 | Implement Tiered Admin |
| Module 09 | Audit Authentication |
| Module 10 | Harden Group Policy |
| Module 11 | Map forests, domains, trusts, and OUs |
| Module 12 | Evaluate Kerberos and NTLM weaknesses |
| Module 13 | Respond to Compromise |
| Module 14 | Identify Kerberoasting, DCSync, tickets |
All hands-on labs run on Rocheston Rose X OS. Students practice advanced adversary profiling mastery: bootcamp unit by implementing the controls discussed in class, with a focus on real-world deployment, monitoring, and validation.
- Lab 1: Execute hands-on tasks for advanced adversary profiling mastery
- Lab 2: Execute hands-on tasks for active directory security
- Lab 3: Explain Course Overview fundamentals
- Lab 4: Execute hands-on tasks for what you will master
- Lab 5: Execute hands-on tasks for skills you will gain
Upon successful completion of this course, students will receive an official RCCE Course Completion Certificate for Advanced Adversary profiling Mastery: Bootcamp Unit, verifiable through the Rocheston certification portal.
- Full access to all course materials and slide decks
- Hands-on lab access on Rocheston Rose X OS environment
- Access to Rocheston CyberNotes
- Access to Rocheston Zelfire — EDR/XDR SIEM platform
- Access to Rocheston Raven — online cyber range exercise platform
- Access to Rocheston Vulnerability Vines AI