Overview What You Will Learn Curriculum Instructor

Course Overview

Industrial Control Systems (ICS) and Operational Technology (OT) environments form the backbone of critical infrastructure, making them prime targets for cyber adversaries. Understanding how attackers operate in these networks is essential to building resilience. This course explores cyber-attack tactics, techniques, and procedures (TTPs) specific to ICS/OT, mapped to the MITRE ATT&CK for ICS framework. 

This is not a practical course; this is solely for learning the concepts. This course begins with an introduction to MITRE ATT&CK and the concept of tactics in OT environments. It then covers the entire adversary kill-chain, including initial access, execution, persistence, privilege escalation, evasion, discovery, lateral movement, collection, and command-and-control. You will also examine techniques that inhibit response functions, impair process control, and generate real-world impacts, concluding with mitigation strategies and defensive measures. 

By the end, you will be able to identify ICS/OT-specific attack vectors, map them to MITRE ATT&CK, and apply effective mitigation practices to strengthen critical infrastructure defenses. 

What You Will Learn

  • Understand the MITRE ATT&CK for ICS framework and its application to OT environments.
  • Identify and analyze attacker tactics
  • techniques
  • and procedures across the ICS/OT kill-chain.
  • Recognize and evaluate vulnerabilities in ICS networks
  • devices
  • and protocols.
  • Apply defensive strategies and mitigations to protect against ICS-specific attack vectors.
  • Map real-world incidents to MITRE techniques for improved detection and response.

Program Curriculum

  • Introduction
  • Tactics
  • Chapter 1 Quiz

  • Initial Access
  • Drive-by Compromise
  • Exploit Public-facing Application
  • Exploitation of Remote Services
  • External Remote Services
  • Internet Accessible Device
  • Remote Services
  • Replication Through Removable Media
  • Rogue Master
  • Spear Phishing Attachment
  • Supply Chain Compromise
  • Transient Cyber Asset
  • Wireless Compromise
  • Chapter 2 Quiz

  • Execution
  • Change Operating Mode
  • Command Line Interface
  • Execution Through API
  • Graphical User Interface
  • Hooking
  • Modify Controller Tasking
  • Native API
  • Scripting
  • User Execution
  • Chapter 3 Quiz

  • Persistence
  • Modify Program
  • Module Firmware
  • Project File Infection
  • System Firmware
  • Valid Accounts
  • Chapter 4 Quiz

  • Privilege Escalation
  • Exploitation for Privilege Escalation
  • Hooking
  • Chapter 5 Quiz

  • Evasion
  • Exploitation for Evasion
  • Indicator Removal on Host
  • Masquerading
  • Rootkit
  • Spoof Reporting Message
  • Chapter 6 Quiz

  • Discovery
  • Network Connection Enumeration
  • Network Sniffing
  • Remote System Discovery
  • Remote System Information Discovery
  • Wireless Sniffing
  • Chapter 7 Quiz

  • Lateral Movement
  • Default Credentials
  • Exploitation of Remote Services
  • Lateral Tool Transfer
  • Program Download
  • Remote Services
  • Chapter 8 Quiz

  • Collection
  • Automated Collection
  • Data from Information Repositories
  • Detect Operating Mode
  • I/O Image
  • Man in the Middle
  • Monitor Process State
  • Point & Tag Identification
  • Program Upload
  • Screen Capture
  • Wireless Sniffing
  • Chapter 9 Quiz

  • Command & Control
  • Commonly Used Port
  • Connection Proxy
  • Standard Application Layer Protocol
  • Chapter 10 Quiz

  • Inhibit Response Function
  • Activate Firmware Update Mode
  • Alarm Suppression
  • Block Command Message
  • Block Reporting Message
  • Block Serial COM
  • Data Destruction
  • Denial of Service
  • Device Restart/Shutdown
  • Manipulate I/O Image
  • Modify Alarm Settings
  • Service Stop
  • Chapter 11 Quiz

  • Impair Process Control
  • Brute Force I/O
  • Modify Parameter
  • Unauthorized Command Message
  • Chapter 12 Quiz

  • Impact
  • Damage to Property
  • Denial of Control
  • Denial of View
  • Loss of Availability
  • Loss of Control
  • Loss of Productivity and Revenue
  • Loss of Protection
  • Loss of Safety
  • Loss of View
  • Manipulation of Control
  • Manipulation of View
  • Theft of Operational Information
  • Chapter 13 Quiz

  • Mitigation and MITRE Navigation
  • Chapter 14 Quiz
Load more modules

Instructor

Sourabh Suman

Sourabh Suman is a renowned ICS cybersecurity expert, instructor, and speaker. With over a decade of experience working with organizations such as JPL, Schneider Electric, Siemens, and Capgemini, he has implemented several major cybersecurity projects. He is the author of “Unblocking Your Potential in ICS Cybersecurity” and teaches popular Udemy courses on automation, network security, and risk management. He holds a bachelor’s degree in Control and Instrumentation and a postgraduate degree in Management.

Join over 1 Million professionals from the most renowned Companies in the world!

certificate

Fastest Way to Level Up Your Cybersecurity Skills

Invest in your future with flexible subscription plans that give you access to the world’s largest online cybersecurity course library. Whether you're exploring cybersecurity courses for beginners or advancing your expertise,
access in-demand courses, practical labs, and CTF challenges designed to support continuous learning.

Monthly Plans
Annual Plans
Save 20% with our annual plans!

Pro

Build your cybersecurity skills with 900+ bite-sized courses and curated learning paths designed for continuous learning.

$ 69.00
Billed monthly or $599.00 billed annually
Get Started Now
Start your 7-day trial for $1

What is included

  • 880+ Premium Short Courses
  • 70+ Structured Learning Paths
  • Validation of Completion with all courses and learning paths
  • New Courses added every month
Early Access Offer

Pro +

Develop real-world cybersecurity skills through hands-on labs and CTF challenges designed for practical learning.

$ 79.00
Billed monthly or $699.00 billed annually
Get Started Now
Start your 7-day trial for $1

Everything in Pro, Plus:

  • 1600+ Hands-on lab exercises with guided instructions
  • 150+ CTF Challenges with detailed walkthroughs
  • New Hands-on Labs and Challenges added every month

Related Courses

  • Bootstrap 4 Quick Website Bootstrap Components Course
    Short Course

    Bootstrap 4 Quick Website Bootstrap Components Course

    Software Development

    Explore the basics of Bootstrap and learn to create a website...

    $49.99

    Beginner

    1 hr 30 m

  • CCNA - Understanding Routers and Switches
    Short Course

    CCNA - Understanding Routers and Switches

    Security Architecture and Operations

    A comprehensive guide to understanding the in-depth functioni...

    $49.99

    Intermediate

    2 hr 0 m

  • The Complete Full-Stack JavaScript Course
    Short Course

    The Complete Full-Stack JavaScript Course

    Software Development

    Learn full-stack web development using JavaScript (ReactJS, N...

    $79.99

    Beginner

    24 hr 17 m

  • React.JS for Ecommerce: Building a Store with React.JS
    Short Course

    React.JS for Ecommerce: Building a Store with React.JS

    DevSecOps

    From React.js Fundamentals to Crafting an Online Storefront

    $49.99

    Advanced

    3 hr 30 m

  • CISSP Certification Domains 5, 6, 7, and 8 Video Training
    Short Course

    CISSP Certification Domains 5, 6, 7, and 8 Video Training

    Cybersecurity

    This course is ideal for individuals who desire to pass the I...

    $69.99

    Intermediate

    6 hr 30 m

  • Helm 3 - Package Manager for Kubernetes
    Short Course

    Helm 3 - Package Manager for Kubernetes

    Software Development

    A must tool for every DevOps engineer

    $49.99

    Intermediate

    1 hr 27 m

  • Learn Ethical Hacking by Hacking Real Websites Legally
    Short Course

    Learn Ethical Hacking by Hacking Real Websites Legally

    Vulnerability Assessment and Pentesting

    Fun way to learn ethical hacking by playing online hacking ga...

    $69.99

    Beginner

    4 hr 18 m

  • Mastering Ansible Playbooks: Debugging and Security
    Short Course

    Mastering Ansible Playbooks: Debugging and Security

    Software Development

    Securing and Automating Linux and Windows Systems with Advanc...

    $99.99

    Advanced

    5 hr 34 m

1 50
View all