My Account
Get Started

Offensive and Defensive Security

22 Lessons
CPEs 4.5
Information Technology

Learn how organizations defend against cyber threats by exploring offensive security (red teams), defensive security (blue teams), and incident response fundamentals. This beginner-friendly course introduces real-world tools, attack simulations, and practical strategies used to strengthen cybersecurity resilience.

Course video preview

Current Status

Not Enrolled

Get Started

View Pricing & Plans
Access all courses starting at $25/m

Course Description

Course 8 of 9 in our IT Audit Learning Path! This course provides a comprehensive introduction to the core practices of offensive and defensive security, giving learners a clear understanding of how modern organizations identify, defend against, and respond to cyber threats. You’ll explore how red teams simulate attacks to uncover vulnerabilities, how blue teams detect and contain threats in real time, and how both sides collaborate to improve overall security posture.

Through practical explanations, real-world examples, and tool demonstrations, you’ll gain insight into threat simulations, phishing exercises, network reconnaissance, incident response workflows, and post-incident analysis. The course also highlights the role of cybersecurity in broader governance, risk management, and compliance functions, helping learners understand how technical events translate into business risk.

Designed for beginners, this course equips you with foundational knowledge to confidently engage with cybersecurity concepts and better understand how organizations build resilience against today’s evolving digital threats.

This course covers topics that align with concepts addressed in Domain 4 of the Certified Information Systems Auditor (CISA®) exam framework. It is not affiliated with, endorsed by, or sponsored by ISACA®, nor does it guarantee exam preparation or certification outcomes.

In this course, you'll learn...

Course Objectives

To differentiate between Red Team and Blue Team roles and objectives in cybersecurity simulations.

To identify common techniques used in Red Team exercises and recognize key defensive strategies used by Blue Teams.

To understand the purpose and structure of incident response plans (IRPs) and how they align with broader governance frameworks.

To evaluate post-breach audit findings and understand the auditor’s role in tracking remediation and control maturity.

To assess the business and financial impact of cybersecurity incidents and their implications for audit and risk reporting.

To apply practical knowledge of basic cybersecurity tools for understanding offensive and defensive methods in a safe environment.

How you'll apply these skills...

Assess Red Team Techniques: Review phishing simulations, reconnaissance steps, and exploitation methods to identify weaknesses in people, processes, and technology

Evaluate Blue Team Detection Capabilities: Analyze SOC alerts, log data, and response timelines to measure detection accuracy and effectiveness

Validate Incident Response Processes: Examine containment, eradication, and recovery actions to confirm alignment with documented IR procedures

Interpret Security Event Data: Review SIEM logs, EDR alerts, and network traffic indicators to identify potential compromise patterns

Measure Operational Resilience: Analyze response metrics such as MTTD and MTTR to determine whether security operations meet organizational expectations

Support Post-Incident Reviews: Identify root causes, document findings, and confirm corrective actions adequately address discovered risks

Course Instructor

Michael Carroll, CPA, CISA, CISM

Michael is an accounting and information security professional. He is also an Adjunct Professor at several higher education institutions, where he is responsible for teaching various accounting and information technology courses.

Michael earned his MBA in Accounting and B.S. in Accounting / Accounting Information Systems from Canisius University. Additionally, Michael is a Certified Public Accountant (CPA) and a Certified Information Systems Security Professional (CISSP). Michael is a current member of the NYCPA’s Education Committee and has been an Advisory Board Member for the Academy of Finance (AOF) since 2020.

Michael enjoys traveling, hiking, and watching the Buffalo Bills. He has also participated in several marathon events.

Course Content

Final Exam: Offensive and Defensive Security

Additional Info

Format

5-20 min. videos, 2 quizzes, and a final assessment

Field of study

Information Technology

CPE Credits

CPEs 3.0

Prerequisites

Completion of prior courses in Wisdify’s IT Audit Learning Path is recommended.

Corey

Corey is the owner of Wisdify.  He is passionate about learning and development, he loves helping people achieve their professional and personal goals. Corey is a big believer in the power of online learning and community with 15 years of finance and accounting experience.

Joe

Joe is the owner of Wisdify.  He is passionate about learning and development, he loves helping people achieve their professional and personal goals. Joe is a big believer in the power of online learning and community with 20 years of finance and accounting experience.

 

Kelsey Murphy

Kelsey is Wisdify’s expert content developer. Taking feedback from our students, Kelsey creates extremely relevant blog posts and leads the development of Wisdify’s other free resources.

Prior to Wisdify, Kelsey worked as a business technology strategy consultant for Forrester, a global research and advisory firm. While there, she acted as project manager for numerous research-based consulting projects.

Kelsey earned a BA in Economics and Mathematics from Wellesley College.

Madison Bess

Madison oversees the social media strategy at Wisdify and makes sure we stay closely connected with our students, receive their feedback, and provide our students with valuable information.

Prior to Wisdify, Madison successfully ran the social media accounts for multiple companies. She also found time to start her own personal training company (which she still runs).

Madison earned a BA in English from Brigham Young University.

Maryn Coughran

Maryn is a co-founder and leads the marketing and outreach efforts at Wisdify. She ensures we are connecting with our customers, hearing their feedback, and then implementing their suggestions.

Prior to Wisdify, Maryn co-founded (along with Nate) BostonExcel, a Microsoft Excel training company that worked with dozens of companies in virtually every industry. Maryn’s clients included numerous Fortune 1000 companies, prestigious universities, startups and everything in between. She also happened to write and illustrate a children’s book. Let’s just say she’s a woman of many talents.

Maryn earned a BA in Economics from Wellesley College.

The Buckaroos

Gwyn, Jack, and Kate are the adorable tow-heads that lead up Wisdify’s campaigns on cuteness, energy, and sleep-deprivation.