TN-855: Advanced and In-Depth ICD 503 RMF, Controls, and Assessments

Course Overview:

This course is very hands-on with respect to SP 800-53 controls as related to ICD-503, leveraging experience with DCD 6/3, and incorporating a broad array of technologies found in the field.  Assessors and Auditors have to face many technologies that are not part of the main stream.  TechNow has gone to great efforts to build a very broad, comprehensive, and complex lab to simulate many scenarios and architectures.  Technologies such as a network appliance that is not a typical infrastructure product, a radio/satellite communications device, or many other technologies that build up a weapon system.  Students learn how controls are integrated into many different devices and how they fit in the overall security architecture of monitoring, reporting, and compliance testing.

Directly discussed are overlays for different requirements i.e.: tactical, medical, network type: JWICS, SIPR; IC or AF.  TechNow has developed a funnel concept to overlays to exemplify the encapsulation of a control within different requirements.  TechNow has over 15 years experience in Trusted Solaris/Trusted Extensions and labeled security.  Cross Domain overlays are presented that fits the work flow of an assesor.  PII overlays and any overlays that an organization uses and can be made available are also presented.  

This course allows the student to leverage years of experience in DoD DCD 6/34 for transition to the Risk Management Framework (RMF) applied to the Intelligence Community as mandated by ICD 503.  Utilizing NIST SP 800-37 to establish a baseline of RMF knowledge, the student learns how to integrate the NIST pubs to provide cohesive information assurance architectures and compliance.  ICD 503 scorecard evaluations are integral in demonstrating a successful ICD 503 compliance program.  TechNow's ICD 503 course provides students with the skill to assess security programs and evaluate ICD 503 compliance to build an improvement and sustainable program for score consistency.  TechNow's instructors have unparralleled expertise in federal compliance initiatives, and we bring this expertise instructing students on the complete life cycle of RMF.

More than a simple checklist, we instruct students not only how to validate essential security controls, programs, and metrics, but that they are operating effectively.  The student leaves the course knowing how to: identify gaps where controls, programs, or metrics are incomplete, missing or ineffective, and provide actionable findings and recommend remediation strategies.  Students learn to internalize NIST pubs to meaningul and effective IA guidelines and work with the Body of Evidence templates which include: Risk Assessment Report (RAR), Systems Security Plan (SSP), Security Assessment Report (SAR), and Plans of Action and Milestone (POAM).

TechNow training materials are aligned with the most recent set of National Institute of Standards and Technology (NIST), Committee on National Security Systems (CNSS), and Office of the Director of National Intelligence (ODNI) policies standards, processes, policies and instructions to be addressed/explained include ICD 503, ICS 503-1, ICS 500-16, ICS 500-18, ICS 500-27, ICD 502, NIST SP 800-37, NIST SP 800-30, NIST SP 800-53, NIST SP 800-53A, NIST SP 800-137, NIST SP 800-47, CNSSP 22, CNSSI 1253, and CNSSI 4009.

A majority of time is spent on in-depth compliance review of NIST SP 800-53 controls.  Instruction discusses which method should be used to test and validate each security control and what evidence should be gathered.  This course is not theory or death by power point.  Real scenarios are presented as exercises.  A complete live cyber range simulating the IC is utilized for hands-on labs for techniques of validating and documenting compliance of NIST SP 800-53 controls as related to ICD 503.

Date/Locations:

No Events

Duration: 5 days

Course Objectives:

  • Establish a baseline of RMF knowledge
  • Validate essential security controls, programs, and metrics
  • DoD DCD 6/3 to ICD 503 Transition
  • Lab Environtment and the Cyber Range
  • Overlays: Tactical, Medical, Network type(JWICS, SIPR; IC or AF), Cross Domain, PII
  • Risk Assessment Report (RAR)
  • Systems Security Plan (SSP)
  • Security Assessment Report (SAR)
  • Plans of Action and Milestone (POAM)

Prerequisites:

Experience in the field of auditing and assesments.

Comments

Latest comments from students

Liked the class?  Then let everyone know!

TN-715: Systems Security Certified Practitioner (SSCP)

Course Overview:

Looking to move up in the information security field? If you have at least one year of security experience, you qualify for the Systems Security Certified Practitioner (SSCP) certification, which offers junior security professionals a way to validate their experience and demonstrate competence with (ISC²)®’s seven domains.

Attendees to TN-715: Systems Security Certified Practitioner (SSCP) will receive TechNow approved course materials and expert instruction.

Dates/Locations:

No Events

Duration: 5 Days

Course Objectives:

  • Access Controls
  • Security Operations and Administration
  • Analysis and Monitoring
  • Cryptography
  • Networks and Telecommunications
  • Malicious Code/Malware
  • Risk, Response, and Recovery

Prerequisites:

  • One year security experience
  • Some knowledge of the (ISC²)®’s seven domains

Comments

Latest comments from students

User: boyleb15

Instructor comments: Instructor was very knowledgeable on most items covered during this course. There were some topics he did lack the answer to. Instructor would also get sidetracked easily

User: keginth

Instructor comments: he was phenomenal with test prep and knew the book well

Facilities comments: adequate

Like the class?  Then let everyone know!

MS-10175: Developing & Customizing Applications for Microsoft SharePoint 2010 & 2013

Course Overview:

TechNow’s Course provides existing .NET developers with practical information and labs that enables them to build solutions on the Microsoft SharePoint 2010/2013 platform.

Attendees to MS-10175: Developing & Customizing Applications for Microsoft SharePoint 2010/2013 will receive TechNow approved course materials and expert instruction.

Date/Locations:

No Events

Duration: 5 days

Course Objectives:

  • Introduction to SharePoint 2010/2013 Development Platform
  • Using SharePoint 2010/2013 Developer Tools
  • Developing SharePoint 2010/2013 Web Parts
  • Working with SharePoint Objects on the Server
  • Creating Event Receivers and Application Settings
  • Developing Solutions by Using Business Connectivity Services
  • Developing SharePoint 2010/2013 Workflows
  • Working with Client-based APIs for SharePoint 2010/2013
  • Developing Interactive User Interfaces
  • Developing Silverlight Applications for SharePoint
  • Developing Sandboxed Solutions
  • Working with SharePoint Server Profiles and Taxonomy APIs
  • Developing Content Management Solutions

    Prerequisites:

    • An understanding of the problem-solving techniques that apply to software development
    • Approximately 12 months experience with ASP .NET 3.5 with Visual Studio 2008 (or later)
    • Approximately 1 month development experience with SharePoint 2007 or SharePoint 2010/2013 and VS2010/2013 (includes beta releases) creating code that interacts with the SharePoint Sever-side APIs
    • Experience performing end user tasks with SharePoint 2007 or SharePoint 2010/2013 and an understanding of the purpose and use of the following:
      • Lists
      • Documents and Libraries
      • Personalizing an SP Page/Site
      • Using MySites
      • Using SharePoint Designer

    Comments

    Latest comments from students

    User: kelleyd10

    Instructor comments: Clay was / is an outstanding instructor. He was very flexible in what the class needed. He was very accommodating and resourceful in answering the class questions. Clay's teaching style is greatly appreciated.

    Facilities comments: Were good

    User: dennij

    Instructor comments: Very professional and knowledgeable. Available before and after class.

    Facilities comments: Location was nice but too far from Lackland.

    Liked the class?  Then let everyone know!

    MS-10231: Designing a Microsoft SharePoint 2010 and 2013 Infrastructure

     

    Course Overview:

    This course is intended for IT Professionals who use Microsoft SharePoint 2010 in a team-based, medium-sized to large environment. While they may have implemented a SharePoint deployment, they have limited experience in designing a SharePoint infrastructure. They likely work as a senior administrator who acts as a technical lead over a team of administrators. Members of this audience should have at least 6 months experience with SharePoint 2010 (including pre-released versions of the product).

    Attendees to MS-10231: Designing a Microsoft SharePoint 2010/2013 Infrastructure will receive TechNow approved course materials and expert instruction.

    Date/Location:

    No Events

    Duration: 5 days

    Course Objectives:

    • Designing a Logical Architecture
    • Planning Service Application Architecture
    • Planning for Performance and Capacity
    • Designing a Physical Architecture
    • Designing a Security Plan
    • Planning Authentication
    • Planning Managed Metadata
    • Planning Social Computing
    • Designing Enterprise Search Strategy
    • Planning Enterprise Content Management
    • Developing a Plan for Governance
    • Designing a Maintenance and Monitoring Plan

    Prerequisites:

    • At least 2 years experience administering, deploying, managing, monitoring, upgrading, migrating, and designing SharePoint servers
    • At least one year’s experience of mapping business requirements to logical and physical technical design
    • Working knowledge of network design, including network security

    Comments

    Latest comments from students

     

    Liked the class?  Then let others know!