CCTC is a nine-week course that provides students with intermediate skills in Cyberspace Operations involving the analysis, exploitation, and remediation of Windows and Linux Operating Systems, Networking, and IT Security systems. Upon completion of this course, students will possess the necessary technical knowledge and skill required to perform network analysis of Windows and Linux-based systems and provide recommended solutions to reduce network vulnerabilities.

PnS is a two-week course that provides students with basic skills in Python programming and scripting. Students are introduced to the following topics: Git repositories, variables and loops, test-drive development, incorporating files, abstraction, inheritance, ciphers, working with regrex, encrypted communication, DNS zone transfers, DNS cache poisoning, log parsing, log cleaning, memory dump analysis, and scripting Metasploit.

Upon graduation from the four-week OCOA course, students will demonstrate the ability to identify oversight and compliance principles, applicable laws, policies, and regulations associated with Offensive Cyberspace Operations, identify adversary threats and methods, have a basic understanding of the countermeasures that can be taken, will possess a basic knowledge of the technologies and mediums over which Offensive Cyberspace Operations are conducted, and will have a basic knowledge of the techniques, tactics, and procedures that are employed by Offensive Cyberspace Operations analysts. Students must have a Top Secret (TS) w/ Sensitive Compartmented Information (SCI) security clearance.

COPC is a two-week course that enables students to plan and brief Cyber Operations (CO); define, plan, and advise for Defensive Cyberspace Operations (DCO); define, plan, and advise for Offensive Cyberspace Operations (OCO); define Cyber Mission Force (CMF) structure and organizations; define, plan, and advise for Cyber Support to Corps and Below (CSCB); and demonstrate a proficiency to target in Cyberspace. The Cyber School offers three versions of COPC: version 1 (COPC) requires students to have a Top Secret (TS) w/ Sensitive Compartmented Information (SCI) security clearance; version 2 (FVEY COPC) is for FVEY students (must have TS/FVEY security clearance); and version 3 (UNCLASS COPC) is an Unclassified version for students from coalition partner countries.

This course will produces graduates capable of leading Offensive Cyber Operations (OCO) and meeting USCYBERCOM Mission Commander pipeline training requirements. This course is designed to certify Cyber Mission Force (CMF) personnel to act as Mission Commanders (MCs) for OCO. The course consists of OCO planning, live operation observations, and a final operational walk through. At the end of the course, students are prepared to lead OCO as MCs. Students must have a Top Secret (TS) w/ Sensitive Compartmented Information (SCI) security clearance.

CEAC is a two-week course that educates Cyber Mission Force (CMF) Targeteers on the intrinsic aspects of targeting in cyberspace. Using the Joint Targeting Cycle as the framework for the course, CEAC emphasizes characteristics of targeting in cyberspace that are doctrinally unique and/or require an amended process not codified in joint targeting doctrine. Completion of this course will better enable students to successfully plan and execute effects in cyberspace in conjunction with the Joint Targeting Cycle. Students must have a Top Secret (TS) w/ Sensitive Compartmented Information (SCI) security clearance.

T10 BOC is a five-week course that is designed to prepare students to qualify as Basic Cyber Mission Force (CMF) Operators who will execute Title 10 operations as an integral member of Offensive Cyber Operations (OCO). This course includes education and training on the following topics to include: Linux operating systems, Windows operating systems, Exploitation Methodology, CMF Operations, and Operational Planning. Attendees must have passed the Computer Network Assessment Battery (CNAB). It is recommended that attendees be graduates of the Computer Network Operations Qualification Course (CNOQC). Students must have a Top Secret (TS) w/ Sensitive Compartmented Information (SCI) security clearance.

AOC-A is a 19 week, 4 day course that meets pipeline training requirements for Senior skill-level qualification of Cyber Mission Force (CMF) Operators. AOC-A consists of eight (8) SANS courses: SEC560 (Enterprise Penetration Testing), SEC542 (Web App Penetration Testing and Ethical Hacking), SEC580 (Metasploit for Enterprise Penetration Testing), SEC565 (Red Team Operations and Adversary Emulation), FOR508 (Advanced Incident Response, Threat Hunting, and Digital Forensics), SEC599 (Defeating Advanced Adversaries – Purple Team Tactics & Kill Chain Defenses), SEC660 (Advanced Penetration Testing, Exploit Writing and Ethical Hacking), and SEC699 (Purple Team Tactics – Adversary Emulation for Breach Prevention & Detection). Students complete five (5) GIAC exams as well as the requirements for the remaining three (3) SANS courses. NSA has granted reciprocity to FORGE 201 thru 501 for individuals that obtain the five (5) specified GIAC certifications and three (3) SANS course completion certificates. Attendees must have passed the Computer Network Assessment Battery (CNAB) and be graduates of Computer Network Operations Qualification Course (CNOQC).

AOC-P is the USCYBERCOM-directed training requirement for Senior skill-level qualification of Title 10 Cyber Mission Force (CMF) Operator work-role personnel. The course educates personnel on USCYBERCOM policies, tools, infrastructure, tradecraft, and tactics, techniques, and procedures (TTPs) approved for use during offensive cyber operations (OCO). Attendees must have passed the Computer Network Assessment Battery (CNAB); be graduates of Computer Network Operations Qualification Course (CNOQC); and be graduates of the Title 10 Basic Operator Course (T10 BOC); as well as be certified Basic skill-level CMF Operators. Students must have a Top Secret (TS) w/ Sensitive Compartmented Information (SCI) security clearance.

The Title 10 Exploitation Analyst (EA) course educates Cyber Mission Force (CMF) EA personnel to perform technical analysis of metadata and content to ensure target continuity, to evaluate intelligence value of targets, and develop techniques to establish continued collection or gain additional target information. The EA Course blends traditional intelligence analysis with a technical understanding of communication infrastructures, physical and logical network topographies, protocols and applications, and trending technologies. Specific topics include: conducting target research from various sources; identifying vulnerabilities, indicators and warnings; performing intelligence analysis through the application of analytic tools and techniques; providing government clients with analysis of targeting options; and providing CMF analytic tradecraft training. Students must have a Top Secret (TS) w/ Sensitive Compartmented Information (SCI) security clearance.