Conducted Training for CSIRTs and Police: Cisco CCNA, EC-Council CEH, CompTIA CySA+

As part of efforts to enhance CSIRT capabilities in Mongolia, the project conducted three training programs for members of the Public CSIRT, National CSIRT, and the police forensic unit (a specialized unit responsible for collecting and analyzing electronic evidence such as digital devices and communication records).

■ Cisco CCNA (Cisco Certified Network Associate)
In December 2024, the Cisco CCNA (Cisco Certified Network Associate) training was conducted. Two participants from the Public CSIRT attended.
Provided by Cisco, one of the world’s largest network equipment manufacturers, the CCNA training offers a comprehensive learning path from foundational networking knowledge to practical skills. Participants learned key topics such as IP addressing, routing, switching, network security, and wireless communication, and acquired practical skills through hands-on exercises.

■ EC-Council CEH (Certified Ethical Hacker)
In January 2025, the CEH (Certified Ethical Hacker) training by EC-Council (International Council of E-Commerce Consultants), a provider of globally recognized information security certification programs, was conducted. One participant from the Public CSIRT and five from the police participated.
Participants acquired white-hat hacking skills—ethical hacking techniques from an attacker’s perspective—by learning the latest knowledge, tools, and attack methods to enhance cybersecurity defenses.

■ CompTIA CySA+ (Cybersecurity Analyst)
In February 2025, the CySA+ (Cybersecurity Analyst) training by CompTIA, a provider of international information security certification programs, was conducted. Four participants from the Public CSIRT and two from the National CSIRT took part.
CySA+ is an intermediate-level cybersecurity training program that equips participants with skills required for detecting, analyzing, and responding to cyber threats. Participants learned practical skills in log analysis, threat intelligence, incident response, vulnerability management, and the use of various security tools.