TN-855: Advanced and In-Depth ICD 503 RMF, Controls, and Assessments

Course Overview:

This course is very hands-on with respect to SP 800-53 controls as related to ICD-503, leveraging experience with DCD 6/3, and incorporating a broad array of technologies found in the field. Assessors and Auditors have to face many technologies that are not part of the main stream. TechNow has gone to great efforts to build a very broad, comprehensive, and complex lab to simulate many scenarios and architectures. Technologies such as a network appliance that is not a typical infrastructure product, a radio/satellite communications device, or many other technologies that build up a weapon system. Students learn how controls are integrated into many different devices and how they fit in the overall security architecture of monitoring, reporting, and compliance testing.

Directly discussed are overlays for different requirements i.e.: tactical, medical, network type: JWICS, SIPR; IC or AF. TechNow has developed a funnel concept to overlays to exemplify the encapsulation of a control within different requirements. TechNow has over 15 years experience in Trusted Solaris/Trusted Extensions and labeled security. Cross Domain overlays are presented that fits the work flow of an assesor. PII overlays and any overlays that an organization uses and can be made available are also presented.

This course allows the student to leverage years of experience in DoD DCD 6/34 for transition to the Risk Management Framework (RMF) applied to the Intelligence Community as mandated by ICD 503. Utilizing NIST SP 800-37 to establish a baseline of RMF knowledge, the student learns how to integrate the NIST pubs to provide cohesive information assurance architectures and compliance. ICD 503 scorecard evaluations are integral in demonstrating a successful ICD 503 compliance program. TechNow's ICD 503 course provides students with the skill to assess security programs and evaluate ICD 503 compliance to build an improvement and sustainable program for score consistency. TechNow's instructors have unparralleled expertise in federal compliance initiatives, and we bring this expertise instructing students on the complete life cycle of RMF.

More than a simple checklist, we instruct students not only how to validate essential security controls, programs, and metrics, but that they are operating effectively. The student leaves the course knowing how to: identify gaps where controls, programs, or metrics are incomplete, missing or ineffective, and provide actionable findings and recommend remediation strategies. Students learn to internalize NIST pubs to meaningul and effective IA guidelines and work with the Body of Evidence templates which include: Risk Assessment Report (RAR), Systems Security Plan (SSP), Security Assessment Report (SAR), and Plans of Action and Milestone (POAM).

TechNow training materials are aligned with the most recent set of National Institute of Standards and Technology (NIST), Committee on National Security Systems (CNSS), and Office of the Director of National Intelligence (ODNI) policies standards, processes, policies and instructions to be addressed/explained include ICD 503, ICS 503-1, ICS 500-16, ICS 500-18, ICS 500-27, ICD 502, NIST SP 800-37, NIST SP 800-30, NIST SP 800-53, NIST SP 800-53A, NIST SP 800-137, NIST SP 800-47, CNSSP 22, CNSSI 1253, and CNSSI 4009.

A majority of time is spent on in-depth compliance review of NIST SP 800-53 controls. Instruction discusses which method should be used to test and validate each security control and what evidence should be gathered. This course is not theory or death by power point. Real scenarios are presented as exercises. A complete live cyber range simulating the IC is utilized for hands-on labs for techniques of validating and documenting compliance of NIST SP 800-53 controls as related to ICD 503.

Date/Locations:

No Events

Duration: 5 days

Course Objectives:

Establish a baseline of RMF knowledge
Validate essential security controls, programs, and metrics
DoD DCD 6/3 to ICD 503 Transition
Lab Environtment and the Cyber Range
Overlays: Tactical, Medical, Network type(JWICS, SIPR; IC or AF), Cross Domain, PII
Risk Assessment Report (RAR)
Systems Security Plan (SSP)
Security Assessment Report (SAR)
Plans of Action and Milestone (POAM)

Prerequisites:

Experience in the field of auditing and assesments.

Comments

Latest comments from students

Liked the class? Then let everyone know!

Trademark Recognition

(ISC)², CBK, and CISSP are registered marks of the International Information Systems Security Certification Consortium in the United States and other countries.

Access, Excel, Hyper-V, Outlook, Microsoft, SharePoint, Silverlight, SQL Server, Visual Basic, Win32, Windows, Windows PowerShell and Windows Server are registered trademarks of Microsoft Corporation.

Adobe, Acrobat, Flash and Photoshop are registered trademarks of Adobe Systems Incorporated in the United States and/or other countries

Amazon Web Services is a trademark of Amazon.com, Inc.

Android is a trademark of Google Inc.

APMG-International Change Management, The APMG-International Change Management and Swirl Device logo, APMG-International AgilePM and The APMG-International AgilePM and Swirl Device logo are trademarks of The APM Group Limited.

Certified Ethical Hacker (CEH) is a registered trademark of EC-Council.

Cisco is a registered trademark of Cisco Systems Inc.

CMMI® is registered in the U.S. Patent and Trademark Office by Carnegie Mellon University.

IIBA®, the IIBA® logo, BABOK® and Business Analysis Body of Knowledge® are registered trademarks owned by International Institute of Business Analysis. These trademarks are used with express permission of International Institute of Business Analysis.

CAPM, Certified Associate in Project Management (CAPM), PMP, Project Management Professional (PMP), PMI-ACP, PMI Agile Certified Practitioner (PMI-ACP), PMBOK, and the R.E.P. Logo are marks of Project Management Institute, Inc.

CBAP® and CCBA® are registered certification marks owned by International Institute of Business Analysis. These trademarks are used with express permission of International Institute of Business Analysis.

Certified Business Analysis Professional, Certification of Competency in Business Analysis, Endorsed Education Provider, EEP and the EEP logo are trademarks owned by International Institute of Business Analysis. These trademarks are used with express permission of International Institute of Business Analysis.

COBIT is a trademark of ISACA, registered in the U.S. and other countries.

CompTIA A+ and CompTIA Network+ are registered trademarks of the Computing Technology Industry Association, Inc.

CompTIA CASP and CompTIA Cloud Essentials are trademarks of the Computing Technology Industry Association, Inc.

GIAC and associated certifications: GSEC, GPEN, GXPN, GCFW, GCUX, GCWN, GCIA, GREM are registered trademarks of the SANS Institute

Hadoop is a registered trademark of the Apache Software Foundation.

Hibernate is a registered trademark and servicemark of Red Hat, Inc.

iPad, iPhone, Mac and Mac OS are trademarks of Apple Inc., registered in the U.S. and other countries.

ITIL®, PRINCE2® and MSP® are registered trademarks of AXELOS Limited.

JavaScript, JavaServer, JavaServer Pages, Enterprise JavaBeans, MySQL and PL/SQL are trademarks of Oracle Corporation.

Linux is a registered trademark of Linus Torvalds.

Java and Oracle are registered trademarks of Oracle Corporation.

Palo Alto Networks, PAN-OS, App-ID, Content-ID, Url-ID, GlobalProtect, Wildfire, and Panorama are trademarks of Palo Alto Networks, Inc.

"Python" is a registered trademark of the Python Software Foundation, used by Learning Tree International with permission from the Foundation.

Red Hat and Red Hat Enterprise Linux are registered trademarks of Red Hat, Inc. in the United States and other countries.

SANS and associated certifications: GSEC, GPEN, GXPN, GCFW, GCUX, GCWN, GCIA, GREM are registered trademarks of the SANS Institute

SAP Crystal Reports is the registered trademark of SAP AG in Germany and in several other countries.

Scrum Alliance REP^SM is a service mark of Scrum Alliance, Inc. Any unauthorized use is strictly prohibited.

TechNow® is a registered trademark of TechNow Incorporated.

The Swirl logo™ is a trademark of AXELOS Limited.

Transact-SQL is a trademark of Sybase, Inc.

UNIX is a registered trademark of The Open Group.

VMware is a registered trademark of VMware, Inc. in the United States and/or other jurisdictions.

XML is a trademark of MIT, INRIA or Keio on behalf of the World Wide Web Consortium.

PM-224: PMI Agile Certified Practitioner (PMI-ACP)® Prep Course

Course Overview:

This course is developed for those individuals seeking to pass the Project Management Institute’s PMI-ACP Exam. PMI Agile Certified Practitioner (PMI-ACP)® is one of the newest certifications offered by PMI and is expected to become the industry standard certification for agile over the next few years. The PMI-ACP® certification clearly illustrates to colleagues, organizations or even potential employers that students are ready and able to lead in this new age of product development, management, and delivery.

While preparing you for the exam, you will explore various approaches to agility including Scrum, Kanban, Lean, Extreme Programming (XP), and Test-Driven Development (TDD). By the end of the course, you’ll have mastered the practices and techniques that Agile practitioners use to improve team performance, resolve problems and engage in continuous process improvements and be equipped with job-ready skills.

This course provides students with 21 contact hours in agile practices to help attain the Project Management Institute (PMI)® credential. PMI® and PMI-ACP® are registered marks of the Project Management Institute, Inc.

Attendees to PM-224: PMI Agile Certified Practitioner (PMI-ACP) Prep Course will receive TechNow approved course materials and expert instruction.

Dates/Locations:

Date/Time	Event
02/18/2025 - 02/20/2025 08:00 -16:00	PM-224: PMI Agile Certified Practitioner (PMI-ACP)® Prep Course TechNow, Inc, San Antonio TX
04/28/2025 - 04/30/2025 08:00 -16:00	PM-224: PMI Agile Certified Practitioner (PMI-ACP)® Prep Course TechNow, Inc, San Antonio TX
08/11/2025 - 08/13/2025 08:00 -16:00	PM-224: PMI Agile Certified Practitioner (PMI-ACP)® Prep Course TechNow, Inc, San Antonio TX
11/17/2025 - 11/19/2025 08:00 -16:00	PM-224: PMI Agile Certified Practitioner (PMI-ACP)® Prep Course TechNow, Inc, San Antonio TX

Duration: 3 Days

Course Objectives:

Agile Principles and Mindset
Value-driven delivery
Stakeholder engagement
Team performance
Adaptive planning
Problem detection and Resolution
Continuous Improvement

Prerequisites:

Secondary degree
21 contact hours of training in agile practices
12 months of general project experience within the last 5 years. A current PMP^® or PgMP^® will satisfy this requirement but is not required to apply for the PMI-ACP
8 months of agile project experience within the last 3 years

Comments

Latest comments from students

Liked the class? Then let everyone know!

TN-822: Certified Information Systems Auditor (CISA) Seminar

Course Overview:

The mark of excellence for a professional certification program is the value and recognition it bestows on the individual who achieves it. The technical skills & practices the CISA promotes and evaluates are the building blocks of success in the field. Possessing the CISA designation demonstrates proficiency and is the basis for measurement in the profession. With a growing demand for professionals possessing IS audit, control and security skills, CISA has become a preferred certification program by individuals and organizations around the world. CISA certification signifies commitment to serving an organization and the IS audit, control and security industry with distinction. This course will help the student prepare to obtain this credential.

Attendees to TN-822: Certified Information Systmes Auditor (CISA) Seminar will receive TechNow approved course materials and expert instruction.

Dates/Locations:

Date/Time	Event
02/10/2025 - 02/14/2025 08:00 -16:00	TN-822: Certified Information Systems Auditor (CISA) Seminar TechNow, Inc, San Antonio TX
03/03/2025 - 03/07/2025 08:00 -16:00	TN-822: Certified Information Systems Auditor (CISA) Seminar TechNow, Inc, San Antonio TX
05/05/2025 - 05/09/2025 08:00 -16:00	TN-822: Certified Information Systems Auditor (CISA) Seminar TechNow, Inc, San Antonio TX
10/06/2025 - 10/10/2025 08:00 -16:00	TN-822: Certified Information Systems Auditor (CISA) Seminar TechNow, Inc, San Antonio TX

Duration: 5 Days

Course Objectives:

The IS Audit Process (10%)
- Provide IS audit services in accordance with IS audit standards, guidelines, and best practices to assist the organization in ensuring that its information technology and business systems are protected & controlled.
IT Governance (15%)
- Provide assurance that the organization has the structure, policies, accountability, mechanisms and monitoring practices in place to achieve the requirements of corporate governance of IT.
System and Infrastructure Life Cycle Management (16%)
- Provide assurance that the management practices for the development/acquisition, testing, implementation, maintenance and disposal of systems and infrastructure will meet the organization's objectives.
IT Service Delivery and Support (14%)
- Provide assurance that the IT service management practices will ensure the delivery of the level of services required to meet the organization's objectives.
Protection of Information Assets (31%)
- Provide assurance that the security architecture (policies, standards, procedures and controls) ensures the confidentiality, integrity and availability of information assets.
Business Continuity and Disaster Recovery (14%)
- Provide assurance that, in the event of a disruption, the business continuity and disaster recovery processes will ensure the timely resumption of IT services, while minimizing the business impact.

Prerequisites:

A minimum of five years of professional information systems auditing, control & security work experienced is required. Experience must have been gained within the 10-year period preceding the application date for certification, or within five years from the date of initially passing the examination.

Comments

Latest comments from students

User: fsarisen

Instructor comments: Thank you Tim for all the great information! I am confident that I'll do well on the ICND exam.

User: storoy30

Instructor comments: The instructor, Tim Burkard, was very knowledgeable on the course material and skilled at explain more complex ideas.

Liked the class? Then let everyone Know!

TN-335: Advanced Penetration Testing Using Open Source Tools

Course Overview:

This is an advanced course that assumes the attendee is a qualified security professional with experience using security tools and understands the concepts behind penetration testing. Courses that build up the expertise that enables a student to succeed in this course is Security+, CEH, CISSP, and any of the GIAC certifications. This course is completely hands-on and utilizes the BackTrack tool suite from backtrack-linux.org. The course covers, in detail, various attacks and tools that are contained in the BackTrack tool suite.

Attendees to TN-335: Advanced Penetration Testing Using Open Source Tools will receive TechNow approved course materials and expert instruction.

Dates/Locations:

No Events

Duration: 5 days

Course Objectives:

Information Security and Open Source Software
Operating System Tools
Firewalls
Scanners
Vulnerability Scanners
Network Sniffers
Intrusion Detection Systems
Analysis and Management Tools
Encryption Tools
Wireless Tools
Forensic Tools
More on Open Source Software