The Cybersecurity Operational Methods Education and Training (COMET)

Incumbent Training for those building foundational knowledge.

5-Week, 3-Part Program
Daily Monday through Friday

Part One – Command Line & Linux:
This course provides program participants an introduction to working networks, workstations, operating systems, and servers via lectures and hands-on exercises. Each student is provided access to a workstation and sole access to a Linux server. Topics include workstation operating systems, the Linux OS, network configuration and interaction, and security issues. Considerable time is allocated to the review of Linux and the Linux command line implementation.

Part One begins September 29, 2025, and runs through October 17, 2025. Live instruction courses will take place each day from 1:00pm to 3:00pm.

Part Two – Cyber Range Simulation:
Building on the knowledge and skills obtained in the preceding training module, participants are exposed to real-world network attacks. Participants act as network administrators and security personnel monitoring and protecting the network while the instructor attacks and manipulates the system using a library of cyber-attacks. This course consists of eight hours of participants learning to identify attacks, mitigate the attack and in the end remediate the attack returning the network to normal operation.

Part 2 begins October 20, 2025. Five students participate and collaborate in the exercise simultaneously. Each session consists of two live 4-hour sessions, conducted from 9:00am to 1:00pm and 1:00pm to 5:00pm (only one four-hour session per day per group). 

Part Three – Fundamentals of Artificial Intelligence in the SOC:
SOC operations are always evolving and so must our SOC operators. After completing two parts on command line, Linux, and SIEM, Part 3 will focus on the fundamentals of artificial intelligence (AI). AI is a significant element of cybersecurity already, and its presence will only grow. From AI-enabled attacks to AI cyber defense tools, SOC operators will need to be proficient in AI. This part introduces concepts such as AI training methods, neural networks, generative AI, and AI for cybersecurity.

Part 3 begins October 27, 2025, and runs through November 3, 2025. Live instruction courses will take place each day from 1:00pm to 3:00pm.

Program Requirements:

• Must be either a State of Maryland or Maryland Local Government Employee
• Must have at least one year of IT and/or cyber experience
• Must receive manager approval to take training during business hours
• Must be 18 years of age or older

Advanced Incumbent Training for those seeking certification.

5-Week, 3-Part Program
Daily Monday through Friday

This course includes cybersecurity training and preparation for CompTIA Security+ certification. Security+ certification is an industry standard that demonstrates the practitioner has the knowledge and skills required to securely administrate and manage IT/cyber systems. Practitioners receive training in installation, configuration, and system management. Training topics include network devices, security appliances, threat basics, applications, and networks. The training material prepares students for threat analysis activities and outlines many risk mitigation techniques. The course includes a review of many cyber-attacks, including a general description of the attack, implementations, detection techniques and attack mitigation. Each course participant receives a test voucher for CompTIA Security+ testing.

Training will begin September 29, 2025, and run through November 3, 2025. Live instruction courses will take place each day from 3:00pm to 5:00pm.

Program Requirements:

• Must be either a State of Maryland or Maryland Local Government Employee
• Must have at least two years of IT and/or cyber experience
• Must receive manager approval to take training during business hours
• Must be 18 years of age or older