FISMA 151
Enterprise Risk Management
3 Day Course/ 6 CPE Credits Per Day
Learn FISMA Certification & Accreditation concepts from top practitioners in the field. The emphasis of the course is on security Certification & Accreditation (C&A) concepts so that they can be applied to any security C&A methodology - NIST, DIACAP, NIACAP, DCID 6/ 3, ICD 503, or NISCAP. This course is not a comparison between the different C&A methodologies. Instead it teaches general concepts to create the broad knowledge base necessary in order to position your career for segue into any C&A project.
The first two days of the course presents an overview of FISMA compliance requirements and discusses what documentation is needed, and what types of information to include in that documentation. The third day offers a survey of how to test for security vulnerabilities giving students a general idea on how to actively exploit and identify security vulnerabilities. To get the most out of the third day, you should bring a laptop with you to the course.
FISMA 151 is a intermediate level course. Students should have a basic understanding of information security principles, concepts, and technologies. Although anyone performing security audits can benefit from this course, it is of particular use to U. S. federal agencies that much comply with the Federal Information Security Management Act of 2002 (FISMA). This class is appropriate for students who are novices up to seasoned experts. The hands-on lab exercises are valuable for all experience levels
Learn FISMA Certification & Accreditation concepts from top practitioners in the field. The emphasis of the course is on security Certification & Accreditation (C&A) concepts so that they can be applied to any security C&A methodology - NIST, DIACAP, NIACAP, DCID 6/ 3, ICD 503, or NISCAP. This course is not a comparison between the different C&A methodologies. Instead it teaches general concepts to create the broad knowledge base necessary in order to position your career for segue into any C&A project.
The first two days of the course presents an overview of FISMA compliance requirements and discusses what documentation is needed, and what types of information to include in that documentation. The third day offers a survey of how to test for security vulnerabilities giving students a general idea on how to actively exploit and identify security vulnerabilities. To get the most out of the third day, you should bring a laptop with you to the course.
FISMA 151 is a intermediate level course. Students should have a basic understanding of information security principles, concepts, and technologies. Although anyone performing security audits can benefit from this course, it is of particular use to U. S. federal agencies that much comply with the Federal Information Security Management Act of 2002 (FISMA). This class is appropriate for students who are novices up to seasoned experts. The hands-on lab exercises are valuable for all experience levels
Related Awards, Degrees or Certifications: Certified FISMA Compliance Practitioner (CFCP)
|
|
||||||||||||
Certificate Program
Provided by FISMA Center
- E asked: Can this course be taken online to provide CPEs for the FISMA Certification that I hold.
- E asked: Can this course be taken online to provide CPEs for the FISMA Certification that I hold.
- F asked: Do you have any seminars scheduled for June in the UK?
FISMA 151
Day 1:
Explanation of FISMA Certification and Accreditation terminology;
Types of C&A;
Understanding the C&A process;
Establishing a C&A program;
C&A Project Management;
Preparing the Hardware and Software Inventory;
Determining the C&A Level;
Lab 1: Determine the C&A Level;
Security Awareness & Training;
Creating End-User Rules of Behavior;
Incident Response;
Day 2:
Performing the Security Tests & Evaluation;
Conducting a Privacy Impact Assessment;
Performing a Business Risk Assessment;
Preparing a Business Impact Assessment;
Developing an IT Contingency Plan;
Performing a System Risk Assessment;
Developing a Configuration Management Plan;
Developing a System Security Plan;
Lab 2: Diagramming the Network;
Submitting the Certification Package;
Evaluating the Certification Package;
Addressing C&A Findings;
Day 3:
Learn the fundamentals of penetration testing;
Learn how to use leading security testing tools such as CORE Impact, Metasploit, Nmap, Nessus, and Google Dorks to simulate attacks against critical resources for the purpose of testing for vulnerabilities;
Learn how to test for improper system configurations;
Learn how to use tools to test for software flaws;
Learn how to use the same tools that auditors use to test for vulnerabilities
Explanation of FISMA Certification and Accreditation terminology;
Types of C&A;
Understanding the C&A process;
Establishing a C&A program;
C&A Project Management;
Preparing the Hardware and Software Inventory;
Determining the C&A Level;
Lab 1: Determine the C&A Level;
Security Awareness & Training;
Creating End-User Rules of Behavior;
Incident Response;
Day 2:
Performing the Security Tests & Evaluation;
Conducting a Privacy Impact Assessment;
Performing a Business Risk Assessment;
Preparing a Business Impact Assessment;
Developing an IT Contingency Plan;
Performing a System Risk Assessment;
Developing a Configuration Management Plan;
Developing a System Security Plan;
Lab 2: Diagramming the Network;
Submitting the Certification Package;
Evaluating the Certification Package;
Addressing C&A Findings;
Day 3:
Learn the fundamentals of penetration testing;
Learn how to use leading security testing tools such as CORE Impact, Metasploit, Nmap, Nessus, and Google Dorks to simulate attacks against critical resources for the purpose of testing for vulnerabilities;
Learn how to test for improper system configurations;
Learn how to use tools to test for software flaws;
Learn how to use the same tools that auditors use to test for vulnerabilities
About The Training Provider: FISMA Center
FISMA Center - The FISMA Center provides information, resources and training to assist U. S. federal agencies in complying with the Federal Information Security Management Act of 2002.
TRAINING:
The FISMA Center offers FISMA training periodically throughout the year. We can also come to your site to train your staff at your location. Registration typically opens approximately two months prior to a...
