TN-855: Advanced and In-Depth ICD 503 RMF, Controls, and Assessments

Course Overview:

This course is very hands-on with respect to SP 800-53 controls as related to ICD-503, leveraging experience with DCD 6/3, and incorporating a broad array of technologies found in the field. Assessors and Auditors have to face many technologies that are not part of the main stream. TechNow has gone to great efforts to build a very broad, comprehensive, and complex lab to simulate many scenarios and architectures. Technologies such as a network appliance that is not a typical infrastructure product, a radio/satellite communications device, or many other technologies that build up a weapon system. Students learn how controls are integrated into many different devices and how they fit in the overall security architecture of monitoring, reporting, and compliance testing.

Directly discussed are overlays for different requirements i.e.: tactical, medical, network type: JWICS, SIPR; IC or AF. TechNow has developed a funnel concept to overlays to exemplify the encapsulation of a control within different requirements. TechNow has over 15 years experience in Trusted Solaris/Trusted Extensions and labeled security. Cross Domain overlays are presented that fits the work flow of an assesor. PII overlays and any overlays that an organization uses and can be made available are also presented.

This course allows the student to leverage years of experience in DoD DCD 6/34 for transition to the Risk Management Framework (RMF) applied to the Intelligence Community as mandated by ICD 503. Utilizing NIST SP 800-37 to establish a baseline of RMF knowledge, the student learns how to integrate the NIST pubs to provide cohesive information assurance architectures and compliance. ICD 503 scorecard evaluations are integral in demonstrating a successful ICD 503 compliance program. TechNow's ICD 503 course provides students with the skill to assess security programs and evaluate ICD 503 compliance to build an improvement and sustainable program for score consistency. TechNow's instructors have unparralleled expertise in federal compliance initiatives, and we bring this expertise instructing students on the complete life cycle of RMF.

More than a simple checklist, we instruct students not only how to validate essential security controls, programs, and metrics, but that they are operating effectively. The student leaves the course knowing how to: identify gaps where controls, programs, or metrics are incomplete, missing or ineffective, and provide actionable findings and recommend remediation strategies. Students learn to internalize NIST pubs to meaningul and effective IA guidelines and work with the Body of Evidence templates which include: Risk Assessment Report (RAR), Systems Security Plan (SSP), Security Assessment Report (SAR), and Plans of Action and Milestone (POAM).

TechNow training materials are aligned with the most recent set of National Institute of Standards and Technology (NIST), Committee on National Security Systems (CNSS), and Office of the Director of National Intelligence (ODNI) policies standards, processes, policies and instructions to be addressed/explained include ICD 503, ICS 503-1, ICS 500-16, ICS 500-18, ICS 500-27, ICD 502, NIST SP 800-37, NIST SP 800-30, NIST SP 800-53, NIST SP 800-53A, NIST SP 800-137, NIST SP 800-47, CNSSP 22, CNSSI 1253, and CNSSI 4009.

A majority of time is spent on in-depth compliance review of NIST SP 800-53 controls. Instruction discusses which method should be used to test and validate each security control and what evidence should be gathered. This course is not theory or death by power point. Real scenarios are presented as exercises. A complete live cyber range simulating the IC is utilized for hands-on labs for techniques of validating and documenting compliance of NIST SP 800-53 controls as related to ICD 503.

Date/Locations:

No Events

Duration: 5 days

Course Objectives:

Establish a baseline of RMF knowledge
Validate essential security controls, programs, and metrics
DoD DCD 6/3 to ICD 503 Transition
Lab Environtment and the Cyber Range
Overlays: Tactical, Medical, Network type(JWICS, SIPR; IC or AF), Cross Domain, PII
Risk Assessment Report (RAR)
Systems Security Plan (SSP)
Security Assessment Report (SAR)
Plans of Action and Milestone (POAM)

Prerequisites:

Experience in the field of auditing and assesments.

Comments

Latest comments from students

Liked the class? Then let everyone know!

TN-335: Advanced Penetration Testing Using Open Source Tools

Course Overview:

This is an advanced course that assumes the attendee is a qualified security professional with experience using security tools and understands the concepts behind penetration testing. Courses that build up the expertise that enables a student to succeed in this course is Security+, CEH, CISSP, and any of the GIAC certifications. This course is completely hands-on and utilizes the BackTrack tool suite from backtrack-linux.org. The course covers, in detail, various attacks and tools that are contained in the BackTrack tool suite.

Attendees to TN-335: Advanced Penetration Testing Using Open Source Tools will receive TechNow approved course materials and expert instruction.

Dates/Locations:

No Events

Duration: 5 days

Course Objectives:

Information Security and Open Source Software
Operating System Tools
Firewalls
Scanners
Vulnerability Scanners
Network Sniffers
Intrusion Detection Systems
Analysis and Management Tools
Encryption Tools
Wireless Tools
Forensic Tools
More on Open Source Software

Prerequisites:

Experience in IT Security
Solid basic knowledge of networks and TCP/IP
Experience in command line under Linux and Windows is required

Comments

Latest comments from students

Liked the class? Then let everyone know!

N-455: Securing Networks with ASA Fundamentals (SNAF)

Course Overview:

In this course, you will gain the knowledge and skills needed to configure, maintain, and operate Cisco ASA 5500 Series Adaptive Security Appliance.

Attendees to N-455: Securing Networks with ASA Fundamentals (SNAF) will receive TechNow approved course materials and expert instruction.

Dates/Locations:

No Events

Duration: 5 Days

Course Objectives:

Introducing Cisco Security Appliance Technology and Features
Cisco Adaptive Security Appliance and PIX Security Appliance Families
Getting Started with Cisco Security Appliances
Essential Security Appliance Configuration
Configuring Translations and Connection Limits
Using ACLS and Content Filtering
Configuring Object Grouping
Switching and Routing on Security Appliances
Configuring AAA for Cut-Through Proxy
Configuring the Cisco Modular Policy Framework
Configuring Advanced Protocol Handling
Configuring Threat Detection
Configuring Site-to-Site VPNS Using PreShared Keys
Configuring Security Appliance Remote Access VPNs
Configuring Cisco Security Appliance for SSL VPN
Configuring Transparent Firewalls Mode
Configuring Security Contexts
Configuring Failover
Managing Security Appliances

Prerequisites:

CCNA certification

Comments

Latest comments from students

Liked the class? Then let everyone know!

TN-5425: Networking with Windows Server 2016

Course Overview:

Course two of a three course series to obtain a Server 2016 MCSA certification. This 5-day course provides the fundamental networking skills required to deploy and support Windows Server 2016 in most organizations. It covers IP fundamentals, remote access technologies, and more advanced content including Software Defined Networking.

The course leads directly to preparing for the(MCSA):Windows Server 2016 exam “70-741: Installation, Storage, and Compute with Windows Server 2016”. It also maps to Microsoft’s course 20741A, and is part of the Server 2016 MCSA certification.

Attendees to TN-5425: Networking with Window Server 2016 will receive TechNow approved course materials and expert instruction.

Dates/Locations:

No Events

Duration: 5 Days

Course Objectives:

Plan and implement an IPv4 network
Implement Dynamic Host Configuration Protocol (DHCP)
Implement IPv6
Implement Domain Name System (DNS)
Implement and manage IP address management (IPAM)
Plan for remote access
Implement DirectAccess
Implement virtual private networks (VPNs)
Implement networking for branch offices
Configure advanced networking features
Implement Software Defined Networking

Prerequisites:

A basic understanding of networking fundamentals
Experience working with Windows Server 2008 or Windows Server 2012
Experience working in a Windows Server infrastructure enterprise environment
Knowledge of the Open Systems Interconnection (OSI) model
Understanding of core networking topologies and architectures such as local area networks (LANs), wide area networks (WANs) and wireless networking
Basic knowledge of the TCP/IP protocol stack, addressing and name resolution
Experience with and knowledge of Hyper-V and virtualization
Hands-on experience working with the Windows client operating systems such as Windows 8.1 or Windows 10

Liked the class? Then let everyone know!

CL-315: CCSP – Certified Cloud Security Professional Preparation Seminar

Course Overview:

TechNow’s CCSP Certification Preparation Seminar is an accelerated course designed to meet the high demands of the information security industry by preparing students for the industry standard Certified Cloud Security Professional exam. The exam covers (ISC)²’s 6 Domains from the Common Body of Knowledge, which encompass the whole of cloud security.

This course is an intense 5 day program. TechNow has a proven training and certification track record that you can depend on. CCSP test is 125 questions that typically require more comprehension than CISSP questions. The instructor takes time to walk through scenarios that assume comprehensive knowledge of enterprise infrastructures.

Attendees to CL-315: CCSP Certification Preparation Seminar will receive TechNow approved course materials and expert instruction.

The 6 domains of the CCSP CBK:

Architectural Concepts & Design Requirements
Cloud Data Security
Cloud Platform & Infrastructure Security
Cloud Application Security
Operations
Legal & Compliance

Duration: 5 days

Audience: Mid-level to advanced professionals involved with IT architecture, web and cloud security engineering, information security, governance, risk and compliance, and even IT auditing. CCSPs will be responsible for cloud security architecture, design, operations, and/or service orchestration.

DoD 8140: Not Mandated

Course Prerequisites: IT professional with 5 years of experience, 3 years of security experience, and at least 1 year of cloud security experience. GSEC, CISSP, CASP or equivalent experience in managing enterprise infrastructures. CCSP test is 125 questions that typically require more comprehension than CISSP questions. This course is for those who are already qualified at the enterprise level for IT infrastructures, have Cloud experience, and are looking for a Cloud Security certification.

Course Objectives:

Domain 1: Architectural Concepts and Design Requirements

Module 1: Understand cloud computing concepts
Module 2: Describe cloud reference architecture
Module 3: Understand security concepts relevant to cloud computing
Module 4: Understand design principles of secure cloud computing
Module 5: Identify trusted cloud services

Domain 2: Cloud Data Security

Module 1: Understand Cloud Data Life Cycle
Module 2: Design and Implement Cloud Data Storage Architectures
Module 3: Understand and implement Data Discovery and Classification Technologies
Module 4: Design and Implement Relevant Jurisdictional Data Protection for Personally Identifiable Information (PII)
Module 5: Design and implement Data Rights Management
Module 6: Plan and Implement Data Retention, Deletion, and Archival policies
Module 7: Design and Implement Auditability, Traceability, and Accountability of Data Events

Domain 3: Cloud Platform Infrastructure Security

Module 1: Comprehend Cloud Infrastructure Comp
Module 2: Analyze Risks Associated to Cloud Infrastructure
Module 3: Design and Plan Security Controls
Module 4: Plans Disaster Recovery & Business Continuity Management

Domain 4: Cloud Application Security

Module 1: Recognize Need for Training and Awareness in Application Security
Module 2: Understand Cloud Software Assurance and Validation
Module 3: Use Verified Secure Software
Module 4: Comprehend the Software Development Life Cycle (SDLC) Process
Module 5: Apply the Secure Software Development Life Cycle
Module 6: Comprehend the Specifics of Cloud Application Architecture
Module 7: Design Appropriate Identity and Access Management (IAM) Solutions

Domain 5: Operations

Module 1: Support the Planning Process for the Data Center Design
Module 2: Implement and Build Physical Infrastructure for Cloud Environment
Module 3: Run Physical Infrastructure for Cloud Environment
Module 4: Manage Physical Infrastructure for Cloud Environment
Module 5: Build Logical Infrastructure for Cloud Environment
Module 6: Run Logical Infrastructure for Cloud Environment
Module 7: Manage Logical Infrastructure for Cloud Environment
Module 8: Ensure Compliance with Regulations and Controls
Module 9: Conduct Risk Assessment to Logical and Physical Infrastructure
Module 10: Understand the Collection and Preservation of Digital Evidence
Module 11: Manage Communications with Relevant Parties

Domain 6: Legal and Compliance

Module 1: Understand Legal Requirements and Unique Risks Within the Cloud Environment
Module 2: Understand Privacy Issues, Including Jurisdictional Variances
Module 3: Understand Audit Process, Methodologies, and Required Adaptions for a Cloud Environment
Module 4: Understand Implication of Cloud to Enterprise Risk Management
Module 5: Understand Outsourcing and Cloud Contract Design
Module 6: Execute Vendor Management

Dates/Locations: No Events