DDoS Troubleshooting: In Practice
RCCE students will learn distributed denial of service attack types, detection, and mitigation including volumetric attacks, protocol attacks, application-layer attacks, and DDoS response procedures. RCCE students will learn to classify DDoS attack types by vector and layer, implement DDoS mitigation architectures using CDNs, scrubbing centers, and cloud-based protection services, configure rate limiting and traffic shaping, detect DDoS attacks through traffic analysis and anomaly detection, execute DDoS response procedures during active attacks, conduct post-attack analysis, and design resilient architectures that maintain availability during DDoS campaigns. This diagnostic course focuses on identifying, analyzing, and resolving common failures, misconfigurations, and operational issues. Building on core knowledge, RCCE students will learn systematic troubleshooting methodologies that accelerate root-cause analysis and minimize downtime. Students work through realistic break-fix scenarios that build the diagnostic confidence needed for high-pressure production environments.
- Security Engineers building defensive controls
- Security Analysts and Blue Team members
- Systems Administrators with security responsibilities
- GRC and Risk Professionals supporting controls
- Professionals implementing DDoS Troubleshooting: In Practice
- Execute hands-on tasks for in practice
- Execute hands-on tasks for network security
- Explain Course Overview fundamentals
- Execute hands-on tasks for learning objectives
- Execute hands-on tasks for diagnostic focus — covering Classify DDoS attack types by vector and layer.
- Execute hands-on tasks for memcached reflection — covering Goal: Saturate bandwidth, SYN Flood, ACK Flood.
- Execute hands-on tasks for goal: saturate bandwidth — covering SYN Flood, ACK Flood, TCP State Exhaustion.
- Execute hands-on tasks for syn flood — covering ACK Flood, TCP State Exhaustion, Fragmentation Attacks.
- Execute hands-on tasks for ack flood — covering TCP State Exhaustion, Fragmentation Attacks, LAND Attack.
- Execute hands-on tasks for tcp state exhaustion — covering Fragmentation Attacks, LAND Attack.
- Execute hands-on tasks for fragmentation attacks — covering LAND Attack.
- Execute hands-on tasks for api abuse — covering Goal: Exhaust app resources.
| Module 01 | In Practice |
| Module 02 | Network Security |
| Module 03 | Course Overview |
| Module 04 | Learning Objectives |
| Module 05 | Diagnostic Focus |
| Module 06 | Memcached Reflection |
| Module 07 | Goal: Saturate bandwidth |
| Module 08 | SYN Flood |
| Module 09 | ACK Flood |
| Module 10 | TCP State Exhaustion |
| Module 11 | Fragmentation Attacks |
| Module 12 | API Abuse |
| Module 13 | Volumetric Attacks: Deep Dive |
| Module 14 | Amplification Attacks |
All hands-on labs run on Rocheston Rose X OS. Students practice ddos troubleshooting: in practice by implementing the controls discussed in class, with a focus on real-world deployment, monitoring, and validation.
- Lab 1: Execute hands-on tasks for in practice
- Lab 2: Execute hands-on tasks for network security
- Lab 3: Explain Course Overview fundamentals
- Lab 4: Execute hands-on tasks for learning objectives
- Lab 5: Execute hands-on tasks for diagnostic focus
Upon successful completion of this course, students will receive an official RCCE Course Completion Certificate for DDoS Troubleshooting: In Practice, verifiable through the Rocheston certification portal.
- Full access to all course materials and slide decks
- Hands-on lab access on Rocheston Rose X OS environment
- Access to Rocheston CyberNotes
- Access to Rocheston Zelfire — EDR/XDR SIEM platform
- Access to Rocheston Raven — online cyber range exercise platform
- Access to Rocheston Vulnerability Vines AI