Tabletops Deep Dive
RCCE students will learn tabletop exercise design, facilitation, and analysis for testing incident response readiness across security teams and business stakeholders. RCCE students will learn to develop realistic scenarios based on current threat intelligence, facilitate tabletop exercises that test communication protocols, decision-making under pressure, and coordination between technical and executive teams. The course covers exercise planning, participant briefing, inject management, observer evaluation criteria, after-action report writing, and translating exercise findings into concrete improvements to incident response plans and organizational resilience. This deep-dive course provides comprehensive technical coverage that goes beyond surface-level understanding. At an expert level, RCCE students will learn to master the nuances, edge cases, and advanced configurations that separate competent practitioners from true experts. Students will engage with complex real-world scenarios and gain the depth of knowledge required to troubleshoot difficult situations, mentor junior team members, and make architectural decisions with confidence.
- Security Engineers building defensive controls
- Security Analysts and Blue Team members
- Systems Administrators with security responsibilities
- GRC and Risk Professionals supporting controls
- Professionals implementing Tabletops Deep Dive
- Execute hands-on tasks for tabletops deep dive
- Execute hands-on tasks for advanced cyber defense mastery
- Explain Executive Overview fundamentals
- Execute hands-on tasks for why tabletop exercises matter
- Execute hands-on tasks for of orgs improved ir after ttx — covering IR plans before real incidents.
- Measure attack surface reduction and program effectiveness
- Execute hands-on tasks for core definitions & exercise taxonomy
- Execute hands-on tasks for functional exercise
- Execute hands-on tasks for full-scale exercise
- Design a scalable privilege management architecture with policy and enforcement
- Design a scalable privilege management architecture with policy and enforcement, including Align scenarios to org threat landscape.
- Execute hands-on tasks for threat intelligence-driven scenarios
| Module 01 | Tabletops Deep Dive |
| Module 02 | Advanced Cyber Defense Mastery |
| Module 03 | Executive Overview |
| Module 04 | Why Tabletop Exercises Matter |
| Module 05 | of orgs improved IR after TTX |
| Module 06 | Risk Reduction |
| Module 07 | Core Definitions & Exercise Taxonomy |
| Module 08 | Functional Exercise |
| Module 09 | Full-Scale Exercise |
| Module 10 | Exercise Design & Scenario Development |
| Module 11 | Key Design Principles |
| Module 12 | Threat Intelligence-Driven Scenarios |
| Module 13 | Intelligence Sources |
| Module 14 | Scenario Realism Checklist |
All hands-on labs run on Rocheston Rose X OS. Students practice tabletops deep dive by implementing the controls discussed in class, with a focus on real-world deployment, monitoring, and validation.
- Lab 1: Execute hands-on tasks for tabletops deep dive
- Lab 2: Execute hands-on tasks for advanced cyber defense mastery
- Lab 3: Explain Executive Overview fundamentals
- Lab 4: Execute hands-on tasks for why tabletop exercises matter
- Lab 5: Execute hands-on tasks for of orgs improved ir after ttx
Upon successful completion of this course, students will receive an official RCCE Course Completion Certificate for Tabletops Deep Dive, verifiable through the Rocheston certification portal.
- Full access to all course materials and slide decks
- Hands-on lab access on Rocheston Rose X OS environment
- Access to Rocheston CyberNotes
- Access to Rocheston Zelfire — EDR/XDR SIEM platform
- Access to Rocheston Raven — online cyber range exercise platform
- Access to Rocheston Vulnerability Vines AI