Welcome to Lunarline School of Cybersecurity (SCS) - Providing Excellence in Cybersecurity Training and Certifications Since 2008
Contact SCS
School of Cybersecurity
To get started, contact us today at 571-481-9307
LinkedIn
YouTube
shopping_cart
Product was added to your cart

Cart

Certified Expert Hunt Team (CEHT)®

Home Cyber Certified Experts (CCE)® Program Available Certifications Certified Expert Hunt Team (CEHT)®

Certification Description

Successful completion of this exam will demonstrate a candidate’s ability to understand tactics, techniques and procedures (TTP) in the process of proactively and iteratively searching through networks, systems, and data (internal and external) to detect and isolate advanced threats that evade existing security solutions. The candidate will be able to develop, implement, configure, and enhance organizational wide and system-level security hunt tools and use threat information from multiple sources to conduct analysis of system / network anomalies.
The candidate will be able detect, respond, recover, and report these findings in accordance with Government and organizations incident handling requirements.
Review the Current CEHT Exam Content Outline
Authoritative Sources
  1. NIST SP 800-150 Guide to Cyber Threat Information Sharing
  2. NIST SP 800-101 Rev. 1 – Guidelines on Mobile Device Forensics
  3. NIST SP 800-86 – Guide to Integrating Forensic Techniques into Incident Response
  4. NIST SP 800-83 Rev. 1 – Guide to Malware Incident Prevention and Handling for Desktops and Laptops​
  5. NIST SP 800-61 Rev.2 – Computer Security Incident Handling Guide
Requirements

Candidates must possess at least 3 years of experience in cyber hunt, advanced malware analysis, or incident response and forensics (or forensic sampling) in order to obtain the expert level credential.  The associate level credential will be awarded to those who pass the exam, but do not have the required experience.  The credential can be elevated to expert level upon attaining the required experience.  Simply email [email protected] to start the experience verification process.

Mapping to the NICE Framework

NICE Work Role Name:

Threat/Warning Analyst

NICE Framework Category
CCE® Concentration Area:
Analyze (AN)
NICE Specialty Area:
Threat Analysis (TWA)
NICE Work Role ID:
AN-TWA-001
OPM Code | DCWF Code:
141
NICE Work Role Description:

Develops cyber indicators to maintain awareness of the status of the highly dynamic operating environment. Collects, processes, analyzes, and disseminates cyber threat/warning assessments.

Lunarline Training Courses:
*Read our disclaimer
Disclaimer
Independence: The Lunarline SCS Training Program and Certification Program are independent from one another. Although they may target the same NICE category, specialty area, work role, and/or authoritative sources, certification exams are not based on any SCS training. Taking SCS training is NOT required and Lunarline does not guarantee that an individual will pass nor have any advantage based on participation with SCS training. The following training offerings are intended to show linkage only to the same NICE category, and not linkage to the certification or exam content.

Continuing Education: The Lunarline SCS Training Program and other third-party vendors offer activities, products and services across the country that qualify as Professional Development Credits (PDCs) that target the same NICE category, specialty area, work role, and/or authoritative sources as our certifications. We encourage candidates to use a variety of tools and resources that will enhance their understanding of relevant principles and reflect their learning styles and needs.  ​

  1. Threat/Warning Analyst (AN101-RBT)
  2. Cybersecurity Hunt (CO280)
Menu