Essentials of Prompt injection
RCCE students will learn prompt injection attacks against AI/LLM systems including direct prompt injection, indirect prompt injection, jailbreaking techniques, and prompt leaking. RCCE students will learn to identify prompt injection vulnerabilities in AI-powered applications, execute prompt injection attacks in controlled environments to demonstrate data extraction, instruction override, and unintended actions, implement defensive measures including input sanitization, system prompt hardening, output filtering, and architectural separation of trusted and untrusted content, monitor AI systems for prompt injection attempts, and develop incident response procedures for compromised AI systems. This essentials course covers the core knowledge needed to operate competently in this domain. Starting from foundational concepts, RCCE students will learn the fundamental concepts, terminology, risks, and defenses that form the foundation for all further study and professional practice. Students build a solid knowledge base that prepares them for more advanced courses and real-world security responsibilities.
- Security Engineers building defensive controls
- Security Analysts and Blue Team members
- Systems Administrators with security responsibilities
- GRC and Risk Professionals supporting controls
- Professionals implementing Essentials of Prompt injection
- Explain Course Overview fundamentals
- Execute hands-on tasks for what you will learn
- Execute hands-on tasks for course structure
- Execute hands-on tasks for learning objectives
- Integrate privilege controls with identity providers and SIEM telemetry, including Perform controlled injection.
- Design a scalable privilege management architecture with policy and enforcement
- Execute hands-on tasks for core concepts
- Execute hands-on tasks for key characteristics — covering Neural networks trained on text data, Follow instructions in natural language.
- Execute hands-on tasks for user input
- Execute hands-on tasks for input layer
- Execute hands-on tasks for processing layer
| Module 01 | Course Overview |
| Module 02 | What You Will Learn |
| Module 03 | Course Structure |
| Module 04 | Learning Objectives |
| Module 05 | Assess LLM integration risks |
| Module 06 | What Are Large Language Models |
| Module 07 | Core Concepts |
| Module 08 | Key Characteristics |
| Module 09 | User Input |
| Module 10 | → Tokenization → Context Window → Model Inference → Output Generation |
| Module 11 | Input Layer |
| Module 12 | Processing Layer |
| Module 13 | Output Layer |
| Module 14 | User Interface |
All hands-on labs run on Rocheston Rose X OS. Students practice essentials of prompt injection by implementing the controls discussed in class, with a focus on real-world deployment, monitoring, and validation.
- Lab 1: Explain Course Overview fundamentals
- Lab 2: Execute hands-on tasks for what you will learn
- Lab 3: Execute hands-on tasks for course structure
- Lab 4: Execute hands-on tasks for learning objectives
- Lab 5: Integrate privilege controls with identity providers and SIEM telemetry
Upon successful completion of this course, students will receive an official RCCE Course Completion Certificate for Essentials of Prompt injection, verifiable through the Rocheston certification portal.
- Full access to all course materials and slide decks
- Hands-on lab access on Rocheston Rose X OS environment
- Access to Rocheston CyberNotes
- Access to Rocheston Zelfire — EDR/XDR SIEM platform
- Access to Rocheston Raven — online cyber range exercise platform
- Access to Rocheston Vulnerability Vines AI