Critical infrastructure Incident Response
RCCE students will learn critical infrastructure protection for sectors including energy, water, transportation, healthcare, and communications, covering sector-specific threats, regulatory frameworks, and defense strategies. RCCE students will learn to assess security posture for critical infrastructure environments, implement ICS-specific security controls, comply with frameworks like NERC CIP and IEC 62443, design network architectures that protect operational technology from IT-based threats, monitor industrial systems for cyber-physical attacks, conduct vulnerability assessments without disrupting operations, and coordinate with government agencies including CISA for threat intelligence sharing. This incident response course prepares students to act decisively during security incidents with structured workflows and clear decision frameworks. Starting from foundational concepts, RCCE students will learn containment, evidence collection, eradication, and recovery procedures specific to this domain. Students practice incident scenarios that build the composure, coordination, and documentation skills essential for effective incident handling.
- Security Engineers building defensive controls
- Security Analysts and Blue Team members
- Systems Administrators with security responsibilities
- GRC and Risk Professionals supporting controls
- Professionals implementing Critical infrastructure Incident Response
- Execute hands-on tasks for critical infrastructure
- Build detections and response workflows for privilege escalation
- Explain Course Overview fundamentals
- Execute hands-on tasks for critical infrastructure sectors — covering Energy, water, transportation, healthcare, SCADA, DCS, PLC basics.
- Execute hands-on tasks for ics/ot security fundamentals — covering SCADA, DCS, PLC basics.
- Execute hands-on tasks for regulatory frameworks — covering NERC CIP compliance essentials.
- Build detections and response workflows for privilege escalation, including Containment without disruption.
- Execute hands-on tasks for what is critical infrastructure?
- Execute hands-on tasks for scale of impact — covering Assets essential to society function.
- Execute hands-on tasks for cyber-physical nature — covering Sectors rely on each other.
- Execute hands-on tasks for energy sector: threats and controls
- Execute hands-on tasks for generation systems — covering Turbine control systems.
| Module 01 | Critical Infrastructure |
| Module 02 | Incident Response |
| Module 03 | Course Overview |
| Module 04 | Critical Infrastructure Sectors |
| Module 05 | ICS/OT Security Fundamentals |
| Module 06 | Regulatory Frameworks |
| Module 07 | Incident Response for OT |
| Module 08 | What Is Critical Infrastructure? |
| Module 09 | Scale of Impact |
| Module 10 | Cyber-Physical Nature |
| Module 11 | Energy Sector: Threats and Controls |
| Module 12 | Generation Systems |
| Module 13 | Transmission & Distribution |
| Module 14 | Key Threats |
All hands-on labs run on Rocheston Rose X OS. Students practice critical infrastructure incident response by implementing the controls discussed in class, with a focus on real-world deployment, monitoring, and validation.
- Lab 1: Execute hands-on tasks for critical infrastructure
- Lab 2: Build detections and response workflows for privilege escalation
- Lab 3: Explain Course Overview fundamentals
- Lab 4: Execute hands-on tasks for critical infrastructure sectors
- Lab 5: Execute hands-on tasks for ics/ot security fundamentals
Upon successful completion of this course, students will receive an official RCCE Course Completion Certificate for Critical infrastructure Incident Response, verifiable through the Rocheston certification portal.
- Full access to all course materials and slide decks
- Hands-on lab access on Rocheston Rose X OS environment
- Access to Rocheston CyberNotes
- Access to Rocheston Zelfire — EDR/XDR SIEM platform
- Access to Rocheston Raven — online cyber range exercise platform
- Access to Rocheston Vulnerability Vines AI