Critical infrastructure Monitoring and Detection
RCCE students will learn critical infrastructure protection for sectors including energy, water, transportation, healthcare, and communications, covering sector-specific threats, regulatory frameworks, and defense strategies. RCCE students will learn to assess security posture for critical infrastructure environments, implement ICS-specific security controls, comply with frameworks like NERC CIP and IEC 62443, design network architectures that protect operational technology from IT-based threats, monitor industrial systems for cyber-physical attacks, conduct vulnerability assessments without disrupting operations, and coordinate with government agencies including CISA for threat intelligence sharing. This monitoring course teaches comprehensive detection and observability strategies for proactive security operations. Starting from foundational concepts, RCCE students will learn to instrument systems for security telemetry, build detection pipelines, configure alerting, and maintain monitoring coverage as environments evolve. Students gain the visibility and detection capabilities needed to catch threats early.
- Security Engineers building defensive controls
- Security Analysts and Blue Team members
- Systems Administrators with security responsibilities
- GRC and Risk Professionals supporting controls
- Professionals implementing Critical infrastructure Monitoring and Detection
- Execute hands-on tasks for critical infrastructure
- Monitor and audit privilege usage; detect escalation attempts
- Execute hands-on tasks for learning objectives
- Execute hands-on tasks for critical infrastructure protection
- Execute hands-on tasks for regulatory compliance — covering Identify CI sectors and threats, NERC CIP requirements, Instrument systems for telemetry.
- Build detections and response workflows for privilege escalation, including Coordinate with CISA agencies.
- Execute hands-on tasks for critical infrastructure sectors
- Execute hands-on tasks for water and wastewater — covering Power generation and grid.
- Execute hands-on tasks for healthcare and public health — covering Aviation, rail, maritime.
- Execute hands-on tasks for critical infrastructure sectors (continued)
- Execute hands-on tasks for financial services — covering Telecom infrastructure, Banking core systems.
- Execute hands-on tasks for defense industrial base — covering Federal buildings and bases.
| Module 01 | Critical Infrastructure |
| Module 02 | Monitoring and Detection |
| Module 03 | Learning Objectives |
| Module 04 | Critical Infrastructure Protection |
| Module 05 | Regulatory Compliance |
| Module 06 | Incident Response for OT |
| Module 07 | Critical Infrastructure Sectors |
| Module 08 | Water and Wastewater |
| Module 09 | Healthcare and Public Health |
| Module 10 | Critical Infrastructure Sectors (Continued) |
| Module 11 | Financial Services |
| Module 12 | Defense Industrial Base |
| Module 13 | ICS/SCADA Architecture Fundamentals |
| Module 14 | The Purdue Enterprise Reference Architecture (PERA) model |
All hands-on labs run on Rocheston Rose X OS. Students practice critical infrastructure monitoring and detection by implementing the controls discussed in class, with a focus on real-world deployment, monitoring, and validation.
- Lab 1: Execute hands-on tasks for critical infrastructure
- Lab 2: Monitor and audit privilege usage; detect escalation attempts
- Lab 3: Execute hands-on tasks for learning objectives
- Lab 4: Execute hands-on tasks for critical infrastructure protection
- Lab 5: Execute hands-on tasks for regulatory compliance
Upon successful completion of this course, students will receive an official RCCE Course Completion Certificate for Critical infrastructure Monitoring and Detection, verifiable through the Rocheston certification portal.
- Full access to all course materials and slide decks
- Hands-on lab access on Rocheston Rose X OS environment
- Access to Rocheston CyberNotes
- Access to Rocheston Zelfire — EDR/XDR SIEM platform
- Access to Rocheston Raven — online cyber range exercise platform
- Access to Rocheston Vulnerability Vines AI