Hands-On Containment: Bootcamp Module
RCCE students will learn incident containment strategies including network isolation, account suspension, system quarantine, and threat neutralization during active security incidents. RCCE students will learn to make rapid containment decisions that balance security with business continuity, implement network-level containment using firewall rules and VLAN isolation, execute host-level containment through endpoint isolation and process termination, contain compromised accounts through credential reset and session revocation, document containment actions for forensic and legal purposes, and coordinate containment activities across distributed teams and environments. This practice-intensive course emphasizes applied skills through lab exercises, real-world scenarios, and production-realistic workflows. Starting from foundational concepts, RCCE students will learn by doing, building muscle memory and practical confidence through repeated hands-on engagement. Students complete exercises that mirror actual workplace tasks, ensuring skills transfer directly to their professional roles.
- Security Engineers building defensive controls
- Security Analysts and Blue Team members
- Systems Administrators with security responsibilities
- GRC and Risk Professionals supporting controls
- Professionals implementing Hands-On Containment: Bootcamp Module
- Execute hands-on tasks for hands-on containment
- Execute hands-on tasks for bootcamp module
- Explain Module Overview fundamentals
- Execute hands-on tasks for what you will learn
- Execute hands-on tasks for containment strategies — covering Network isolation techniques.
- Execute hands-on tasks for rapid decision making — covering Balance security vs. business needs.
- Execute hands-on tasks for hands-on execution — covering Firewall rule deployment.
- Execute hands-on tasks for documentation & coordination — covering Forensic-ready logging.
- Execute hands-on tasks for learning objectives
- Execute hands-on tasks for containment decisions
- Execute hands-on tasks for network containment
- Execute hands-on tasks for host containment — covering Evaluate incident severity, Deploy firewall ACLs, Isolate endpoints via EDR.
| Module 01 | Hands-On Containment |
| Module 02 | Bootcamp Module |
| Module 03 | Module Overview |
| Module 04 | What You Will Learn |
| Module 05 | Containment Strategies |
| Module 06 | Rapid Decision Making |
| Module 07 | Hands-On Execution |
| Module 08 | Documentation & Coordination |
| Module 09 | Learning Objectives |
| Module 10 | Containment Decisions |
| Module 11 | Network Containment |
| Module 12 | Host Containment |
| Module 13 | Team Coordination |
| Module 14 | NIST SP 800-61 Alignment |
All hands-on labs run on Rocheston Rose X OS. Students practice hands-on containment: bootcamp module by implementing the controls discussed in class, with a focus on real-world deployment, monitoring, and validation.
- Lab 1: Execute hands-on tasks for hands-on containment
- Lab 2: Execute hands-on tasks for bootcamp module
- Lab 3: Explain Module Overview fundamentals
- Lab 4: Execute hands-on tasks for what you will learn
- Lab 5: Execute hands-on tasks for containment strategies
Upon successful completion of this course, students will receive an official RCCE Course Completion Certificate for Hands-On Containment: Bootcamp Module, verifiable through the Rocheston certification portal.
- Full access to all course materials and slide decks
- Hands-on lab access on Rocheston Rose X OS environment
- Access to Rocheston CyberNotes
- Access to Rocheston Zelfire — EDR/XDR SIEM platform
- Access to Rocheston Raven — online cyber range exercise platform
- Access to Rocheston Vulnerability Vines AI