FedVTE Course Catalog

This video explains the features of the current ES-3 version of the CDM Agency Dashboard.

Date: 2021

Training Proficiency Area: Level 1 - Basic

Training Purpose: Skill Development

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

The next evolution of the CDM Agency Dashboard is being offered in a cloud-based format, which provides agencies with the same functionality but relieves them from having to manage and continue to fund all of the aspects of an “on-prem” security solution. CISA is making this dashboard tool available in a Dashboard as a Service format, or DBaaS. This video will describe DBaaS and its many benefits to federal agencies.

Learning Objectives:

• Understand the basic principals of DBaaS and the CDM Agency Dashboard
• How DBaaS can help minimize agency vulnerabilities
• Provide a demonstration of how DBaaS works

Date: October 2022

Length: 7 minutes

Training Proficiency Area: Level 1 - Beginner

Training Purpose: Skill Development

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

In this video, Mr. Dave Otto, the Risk expert of the CDM program, explains the Binding Operational Directive 22-01, the CISA KEV (Known Exploited Vulnerabilities) Catalog, and how agencies can better protect their assets.

Date: 2022

Training Proficiency Area: Level 1 - Basic

Training Purpose: Skill Development

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

In this video, Mr. Richard Grabowski, acting CDM PMO, explains CDM Enabled Threat Hunting (CETH) and how CETH benefits the federal agencies. He also discusses how the CDM Dashboard supports the implementation of Endpoint Detection and Response (EDR).

Date: 2022

Training Proficiency Area: Level 1 - Basic

Training Purpose: Skill Development

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This course is a recording of a virtual two-hour course which provides participants with the essential knowledge of the ES-4 version of the CDM Agency Dashboard. It explains basic features and navigation within the environment, and includes demonstrations using the new CDM Agency Dashboard to identify and report on vulnerabilities.

Register to join the next live iteration of this course via https://www.cisa.gov/cdm-training.

Learning Objectives:

• Understand CDM Agency Dashboard basic features and functionality
• Instructor demonstrates the CDM Agency Dashboard

Date: July 2022

Training Proficiency Area: Level 1 - Beginner

Training Purpose: Skill Development

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

Learning Objectives:

• Understand CDM agency dashboard functionalities around asset management
• Learn how to create asset management queries
• Learn how to create reports

Date: October 2022

Training Proficiency Area: Level 1 - Beginner

Training Purpose: Skill Development

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This CDM Agency Dashboard video will provide a foundation level of knowledge and background that will help end users of the dashboard better understanding the functionality of ES-5 of the CDM Agency Dashboard.

Learning Objectives:

• Understand the Header Section of the CDM Agency Dashboard ES-5
• Utilize the Tool Bar feature the dashboard
• Provide an overview of the Query Bar
• Become familiar with the Time Filter of the dashboard
• Understand the Navigation Panel and Navigation Drawer features of the dashboard

Date: May 2022

Length: 10 minutes

Training Proficiency Area: Level 1 - Beginner

Training Purpose: Skill Development

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This course is a recording of a virtual two-hour course covering the ES-4 version of the CDM Agency Dashboard. This course introduces participants to the updated version 1.5 of the CDM Agency-Wide Adaptive Risk Enumeration (AWARE) and other vulnerability management topics. With the information provided, dashboard users can identify the most critical vulnerabilities and prioritize mitigation activities at their agency.

Register to join the next live iteration of this course via https://www.cisa.gov/cdm-training.

Learning Objectives:

• Understand the CDM Agency-Wide Adaptive Risk Enumeration (AWARE) Score
• Walkthrough how to identify vulnerabilities in the CDM Agency Dashboard

Date: July 2022

Training Proficiency Area: Level 1 - Beginner

Training Purpose: Skill Development

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

In this video, the AWARE 1.5 risk scoring overview is described and how it can benefit the federal agencies.

Date: May 2022

Training Purpose: Skill Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This video explains the new AWARE 1.5 scoring and features.

Date: 2022

Training Purpose: Skill Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This video explains the features of AWARE 1.5 on the current ES-3 version of the CDM Agency Dashboard.

Date: 2021

Training Proficiency Area: Level 1 - Basic

Training Purpose: Skill Development

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This 2 hour 15 minute course is a recording of a virtual four-hour course covering the ES-4 and ES-5 version of the CDM Agency Dashboard. This course introduces participants to the four identity management capabilities - PRIV, CRED, TRUST, and BEHAVE - and to the use of the new CDM Agency Dashboard to reduce risks associated with each.

Register to join the next live iteration of this course via https://www.cisa.gov/cdm-training.

Learning Objectives:

• Overview of how the CDM Agency Dashboard addresses user-centric data in addition to hardware and software information
• Strategies for integrating PRIV/CRED/TRUST/BEHAVE capabilities into routine processes workflows to drive increased risk awareness and mitigation.

Date: November 2022

Training Proficiency Area: Level 2 - Intermediate

Training Purpose: Skill Development

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This 39 minute video is an interview recording of a Mr. Ross Foard, subject matter expert for DHS/CISA, and Identity and Access Management (IAM) . This video provides participants with the essential knowledge of IAM and the CDM Agency Dashboard.

Learning Objectives:

• Understand CDM Agency Dashboard basic features and IAM functionality.

Date: 2021

Training Proficiency Area: Level 2 - Intermediate

Training Purpose: Skill Development

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This video provides an overview of the configuration settings management (CSM) capability and how CSM helps to reduce cyber-attacks in software and hardware assets within the Continuous Diagnostics and Mitigation (CDM) Program.

Date: 2022

Training Purpose: Skill Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This video discusses the need for standardized benchmarks in the federal government and the use of Defense Information Systems Agency’s (DISA) Security Technical Implementation Guides (STIGs) for integration within the CDM solution. A review of DISA’s role, authority, and DISA STIG compliance levels is provided as well.

Date: 2022

Training Purpose: Skill Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This video explains the CSM features of the current ES-3 version of the CDM Agency Dashboard.

Date: 2021

Training Proficiency Area: Level 1 - Basic

Training Purpose: Skill Development

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This 2.5 hour virtual course demonstrates the configuration settings management (CSM) capability within the CDM Agency Dashboard. In this course students are shown the basic concepts associated with CSM, the importance of Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIGs), how CSM scoring is incorporated into the current AWARE calculations, and students will gain an understanding of how the CSM capability of the CDM Agency Dashboard can be used to reduce the misconfiguration of assets in their agency IT inventory.

Learning Objectives:

• Overview of the importance of Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIGs) and how CSM scoring is incorporated into the AWARE calculations.
• Walkthrough of how CSM scoring affect the AWARE algorithm and can reduce asset misconfiguration.

Date: December 2022

Training Proficiency Area: Level 2 - Intermediate

Training Purpose: Skill Development

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This video presents an overview of the System Security Analyst role and the six key responsibilities associated with that role. The importance of these six key responsibilities is covered including adherence to agency policy and assessing metrics and data.

Date: 2022

Training Purpose: Skill Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This video presents cybersecurity concepts associated with continuous monitoring of issues that affect networks. A review of workplan concepts, checks and reviews, and mitigation recommendations is also covered.

Date: 2022

Training Purpose: Skill Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This 2.5 hour course demonstrates the continuous monitoring and analysis capability with version ES-5 of the CDM Agency Dashboard. This is a role-based course for those in the cybersecurity workforce that use the dashboard routinely. In this course students are shown concepts associated with continuous monitoring and analysis of the top issues that affect networks. Topics include an overview of the responsibilities of the Security analyst, continuous monitoring, how the CDM Agency Dashboard can be used to identify vulnerabilities, AWARE scoring, the reporting function, and possible courses of action.

Learning Objectives:

• Overview of the importance of the CDM Agency Dashboard role of system security analyst, which includes monitoring and vulnerability identification.
• Strategies for securing agency assets and creating report functionality using the CDM Agency Dashboard.

Date: December 2022

Training Proficiency Area: Level 2 - Intermediate

Training Purpose: Skill Development

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This is a two hour recording of the August 2022 class offering and focuses on the CDM-Enabled Threat Hunting (CETH) capability which aggregates endpoint collection of measurements for monitoring and log data in the CDM Agency Dashboard to enhance analysis by allowing disparate data sets to be queried for proactive threat detection and incident response activities. The course reviews the CDM capabilities and focuses on CETH reporting.

Learning Objectives:

• Provide an overview of CDM-Enabled Threat Hunting (CETH)
• Demonstrate continuous monitoring, threat hunting, and incident response using the CDM Dashboard
• Demonstrate how to create visualizations and Saved Searches using the CDM Dashboard
• Discuss agency remediation and reporting practices

Date: August 2022

Training Proficiency Area: Level 1 - Intermediate

Training Purpose: Skill Development

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This is a three hour recording of the October 2022 class and focuses on policy origination, provides an historic timeline, describes current directives and will guide the learner on how the CDM Dashboard can be used to address a directive, adhere to policies, and understand how to continuously monitor known exploitable vulnerabilities (KEVs.).

Learning Objectives:

• Describe the federal policy and directive origination process
• Identify the most current / relevant government directives that relate to cybersecurity
• Utilize the CDM Agency Dashboard to identify vulnerabilities in response to federal directives
• Identify characteristics of BOD 22-01 and the response procedures

Date: October 2022

Training Proficiency Area: Level 1 - Intermediate

Training Purpose: Skill Development

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This two hour course provides managers with an overview of the CDM Agency Dashboard. In this course students are shown concepts associated with the CDM Agency Dashboard and how to create appropriate reports.

Target Audience: This course is applicable to workforce Executives and Senior-level Managers who need to understand how Information Assurance and cybersecurity principles affect their agencies, how the CDM program helps support those principles, and how their CDM Agency Dashboard can help establish a cybersecurity baseline and identify and reduce their attack surface.

The National Initiative for Cybersecurity Education (NICE) roles of: Authorizing Official/Designated Representative, Executive Cyber Leadership, Program Managers, and other senior management roles responsible for cybersecurity within their agency will benefit from this course.

Learning Objectives:

• Discuss the principles of information assurance
• Discuss Federal laws and required executive and Senior-level management responsibilities
• Discuss the purpose and function of the CDM Program
• Discuss the purpose and benefit of the CDM Agency and Federal Dashboards
• Reviewing the CDM Agency Dashboard information to make risk-based decisions Includes lab exercises

Date: November 2022

Training Proficiency Area: Level 1 - Beginner

Training Purpose: Skill Development

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This course orients analysts to analyzing common protocols, identifying suspicious or malicious traffic and provides an introduction to the Wireshark packet filter syntax.

By the end of this course, you should be able to use network flow data to do the following:

• Evaluate the correct implementation of application traffic on the network.
• Find anomalous traffic on a large network.
• Find malicious activity given additional network and intelligence data sources.
• Identify potential malicious activity on a network.
• Provide input for appropriate techniques in an operational environment.

This three-module course teaches the beginner analyst how to develop the analytical skills and capabilities needed to handle a potential cyber incident— from analysis to reporting findings.

Learning Objectives: By the end of this course, participants will be familiar with

• How to think about the approach to analysis
• Writing a proper hypothesis and prediction
• The Importance of Organizational Context
• Impact of the Organization Environment
• Gathering the necessary information to analyze an incident
• Analyzing the Functional elements of an incident
• Analyzing the Strategic elements of an incident
• Assembling the elements to solve the cyber puzzle
• Reporting the finding results of the analysis
• Accessing CISA resources for incident and vulnerability cases.

Date: 2022

Training Purpose: Skill Development

Training Proficiency Area: Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This short CDM Agency Dashboard video will provide a foundation level of knowledge and background that will help end users of the dashboard prepare for training demonstrations and hands-on activities, as well as the implementation of the Elastic dashboard.

Learning Objectives:

• Become familiar with the Kibana User Interface of the CDM Agency Dashboard
• Better understand the CDM Agency Dashboard architecture and data flow
• Understand the general architecture, data flow, and data structure and schema
• Become familiar with JSON Documents

Date: 2022

Training Proficiency Area: Level 1 - Beginner

Training Purpose: Skill Development

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This course introduces concepts around Infrastructure as a Service (IaaS), Platform as a Service (PaaS), Software as a Service (SaaS), Multiple Cloud Hosting and Hybrid Cloud Hosting.

Date: 2021

Training Purpose: Skill Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This course features National Defense University Professor Robert Richardson who discusses important security and oversight requirements for commercial cloud solutions.

Learning Objectives:

• Overview of the cloud physically, logically, and architecturally.
• Discuss cloud deployment models and characteristics.
• Overview of cloud infrastructure characteristics.
• Cloud Supply Chain Risk Management and considerations of commercial cloud as third-party cloud services; senior leaders should "beware of the gaps and seams."
• Cloud software components - microservices & APIs.
• The driving forces and key technology enablers of commercial cloud services in the Federal Government.
• Must-have security requirements and policies for cloud solutions.
• The top ten cybersecurity cloud risks such as: loss of service, data breaches, human error. As well as non-cybersecurity risks such as: outsourcing risks, personnel security, and supply chain risk management.
• Where Federal Government adoption of commercial cloud is now and predictions for the future.

Date: 2020

Training Purpose: Skill Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

Think about your organization’s most critical functions: what do others depend on you to provide? Your high-value assets (HVAs), also known as critical assets across many industries, are the information or information systems that have serious impact to your organization’s ability to conduct its mission or business operations if lost, corrupted, or inaccessible. Across sectors and industries, data and information systems that underpin core business and operational functions- or those systems that connect to core functionalities- make highly tempting targets for sophisticated criminal, politically motivated, or state-sponsored actors to exploit directly or compromise to undermine public trust.

The HVA program was established by CISA to help organizations gain a comprehensive understanding of the risks that dynamic threat actors pose and identify the high-value information and systems that are likely targets.

This webinar provides an overview of the following key information:

• HVA and critical asset overview: Define high-value assets, and how to assess and prioritize risks.
• Common threats: Understand the most likely threats to HVAs and how to mitigate associated vulnerabilities.
• CISA guidance: Learn the steps and parameters to identify, categorize, prioritize, and secure your HVAs or critical assets.
• Case studies: Explore the impacts of documented critical or high-value asset cyberattacks, and the success of resulting response and recovery efforts.

This course is accessible to a non-technical audience including managers and business leaders and provides an organizational perspective useful to technical specialists.

Date: July 2021

Training Purpose: Skill Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This course discusses the influence, impact, and need for cybersecurity when defending the critical infrastructure and key resources of the United States. This course provides the definition of critical infrastructure, examples of cybersecurity threats to critical infrastructure, and information on what is being done to protect critical infrastructure from these cybersecurity threats.

Learning Objectives:

• Define and give examples of critical infrastructure.
• Identify possible cyber threats to critical infrastructure.
• Describe U.S. cybersecurity policies and programs.
• Explain the cybersecurity roles of the Department of Homeland Security (DHS) and other Federal agencies.

Date: 2017

Training Purpose: Skill Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This course was developed for organizations and individuals who are at the beginning of their planning and implementation process for creating a computer security incident response team or an incident management capability. This course begins with definitions and context for defining a CSIRT framework, followed by services that may be provided and building an action plan. An attendee workbook is included with questions and exercises to use in conjunction with the training.

Learning Objectives:

• Understand the function of Computer Security Incident Response Teams (CSIRTs) and the philosophy behind them.
• Understand the role of CSIRT in the incident management process.
• Identify the requirements to establish an effective CSIRT.
• Appreciate the key issues and decisions that must be addressed when creating a CSIRT.
• Learn to strategically plan the development and implementation of your CSIRT.

Date: 2017

Training Purpose: Management Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This course focuses on how leaders can develop actionable items to start implementing organizational cybersecurity practices and introduces the six essential elements of building a culture of cyber readiness.

Learning Objectives:

• Identify actionable items to reduce your organization's cyber risks through a holistic approach.
• Identify the six essential elements of building a culture of cyber readiness.
• Identify the steppingstones to building a culture of cyber readiness.

Date: 2019

Training Purpose: Skill Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This course focuses on cyber supply chain risk management, also known as C-SCRM, and the role it plays within our society today. This course will explain how to securely provision, analyze, oversee and govern, protect and defend a supply chain.

Learning Objectives:

• Describe product supply chains and life cycles.
• Identify the role of adversaries in supply chain risk management.
• Define the risks associated with supply chains.
• State the principles of supply chain management.
• Identify security measures taken to protect a supply chain.
• Apply suggested tools to address supply chain vulnerabilities.
• Explain how knowledge of the 'internet of things' (IoT) is used to evaluate products as IoT devices.
• Recognize potential dangers posed by various devices brought to work.
• Identify the threats outlined for acquisitions personnel through the Federal Acquisition Regulation (FAR).
• Define how to personally safeguard your organization's cybersecurity.

Date: 2019

Training Purpose: Skill Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This 1/2-day course is a joint collaboration of the Cybersecurity & Infrastructure Security Agency (CISA) and the CERT Division of the Software Engineering Institute at Carnegie Mellon University. The purpose of this training is to help federal civilian agencies meet required actions of BOD 20-01, the Binding Operational Directive to Develop and Publish a Vulnerability Disclosure Policy (VDP) by covering the knowledge of and providing resources for:

• Vulnerability report receipt and intake
• Developing and publishing a vulnerability disclosure policy
• Developing vulnerability disclosure handling procedures
• Developing a vulnerability disclosure capability development
• Reporting metrics

After completing this course, participants should be able to

• Describe agency requirements for developing and publishing a vulnerability disclosure policy (VDP).
• Describe the minimum capacity needed to support your vulnerability disclosure handling process.
• Explain how vulnerability disclosure and handling is dependent on successful human interaction.
• Explain the importance of establishing trust and good relationships with reporters and stakeholders.
• List the key resources that can help your agency build your VDP and supporting processes.
• Meet the requirements to develop and publish a VDP and supporting handling process.
• Understand how and when to work with CISA for assistance and escalation.

Date: 2022

Training Purpose: Skill Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This course is a collaboration between the U.S. Election Assistance Commission (EAC) and the U.S. Department of Homeland Security (DHS) and provides an opportunity to learn why election officials must view themselves as IT managers. The course serves as an overview of information technology and how to ensure security is included in the planning, procuring, designing, implementing, and maintaining of interconnected electronic election systems, including public-facing websites. The content introduces the key concepts of identifying vulnerabilities and how to protect election systems from internal and external threats and provides information on cybersecurity resources available from the EAC and DHS.

Date: 2018

Training Purpose: Management Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This course focuses on why Election Officials must view themselves as IT systems managers and introduces the knowledge and skills necessary to effectively function as an IT manager. The course includes a review of Election Systems, Election Night Reporting, and Interconnected Election Systems vulnerabilities and liabilities. The content also covers Social Media and Website best practices, vulnerabilities, and liabilities, and addresses Procuring IT, Vendor Selection, Testing and Audits, Security Measures, and Risk Assessments. In addition, this course includes a review of resources available to the election community from the Department of Homeland Security.

Date: 2018

Training Purpose: Management Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This course covers a broad range of cybersecurity elements that pose threats to information security posture. The various threats are covered in detail, followed by mitigation strategies and best practices. It will cover what the policies are, the roles it plays in cybersecurity, how they are implemented. The course will also look at cybersecurity laws, standards, and initiatives. Topics include policy, knowing your enemy, mobile device security, cloud computing security, Radio Frequency Identification (RFID) security, LAN security using switch features, securing the network perimeter, securing infrastructure devices, security and DNS and IPv6 security. Video demonstrations are included to reinforce concepts.

Date: 2010

Training Purpose: Skill Development

Training Proficiency Area: Level 2 - Intermediate

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

In this hour-long webinar National Defense University Professor Roxanne Everetts discusses some key leadership decisions around using Federal Risk and Authorization Management Program (FedRAMP) solutions. FedRAMP is a unique government cloud - it is a combination of cloud security, cybersecurity, and risk management.

Learning Objectives:

• Explain FedRAMP and why Federal agencies use FedRAMP. (Hint: It's the law!)
• Discuss knowledge key leaders need for cloud solutions, including: FedRAMP structure, how it helps, and how agencies can leverage it.
• Describe the FedRAMP governing bodies.
• Examine the roles of Cloud Service Providers (CSPs) and Third-Party Assessment Organizations (3PAOs) as FedRAMP participants.
• Identify agency responsibilities, which include ensuring they have an Authority to Operate (ATO) letter on file with the FedRAMP Program Management Office (PMO).
• Explore the FedRAMP Security Framework (SAF), based on the National Institute of Standards and Technology (NIST) Special Publication (SP) 800-37.
• Use the FedRAMP Marketplace to find services that meet agency needs. Any service listed in the Marketplace meets federal security requirements and has already been authorized.

Date: 2020

Training Purpose: Management Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This course is designed for managers and other stakeholders who may be involved in decision making that would include considerations for security in a cyber environment but do not have a strong technical background. Discussions focus on cybersecurity concepts and methodologies that are part of building a resilient cyber enterprise. This course explains how people and technology work together to protect mission-critical assets, and the frameworks leveraged to assess and apply security controls. Beginning with governance, laws, and regulations, the course progresses into threats to the environment and identifying corresponding controls and countermeasures, concluding with strategies for business continuity.

Learning Objectives:

• Know key concepts of cybersecurity and its relation to the business mission.
• Recall risk management strategies and related frameworks.
• Identify how cloud services are leveraged and pros and cons of doing so.
• Describe common threats, threat actor types, and mitigation techniques.

Date: 2020

Training Purpose: Skill Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This course focuses on key concepts, issues, and considerations for managing risk. Discussions include identifying critical assets and operations, risk assessment and analysis methodologies, risk management frameworks, and how to determine threats to your business function, mitigation strategies, and response and recovery.

Learning Objectives:

• Describe key concepts related to cyber risk management.
• Detail risk assessment and analysis methodologies and frameworks.
• Identify security controls and countermeasures to mitigate risks and support response and recovery.

Date: 2020

Training Purpose: Skill Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This course focuses on cyberattacks, specifically compromises via ransomware. Implementing strategies to defend against attacks as well as preparations for response and recovery in the event of an incident is critical to an organization’s resilience. This course reviews malware types and vectors for compromise, common issues hindering an effective response, best practices for preparing and responding to an infection incident, and defensive measures to strengthen the cybersecurity posture.

Learning Objectives:

• Identify the various types of disruptionware, vectors for compromise, and the impact of an infection on business operations.
• Recognize the common problems that can hinder effective incident response and prevention activities.
• Know the ordered steps in following documented incident reporting procedures including immediate actions and communication.
• Explain the importance of defense-in-depth layered strategy for protecting the enterprise with examples of implementation.

Date: 2020

Training Purpose: Skill Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This course orients analysts to the various types of information that can be found in packets, uses Wireshark as the packet capture and analysis tool, and explains why data available in packets can be affected by the location of the packet capture in the network environment.

The self-study resource prepares learners for the CISM exam. This course focuses on information security management expertise through in-depth lecture topics, reinforcing demonstrations, and a practice exam. This course includes concepts from the four job practice areas: Information Security Governance, Information Risk Management and Compliance, Information Security Program Development and Management, and Information Security Incident Management.

Learning Objectives:

• Explain how information security governance and supporting processes are used to align security strategy with organizational goals and objectives.
• Detail strategies to manage risk to an acceptable level in support of organization goals and objectives.
• Describe the information security program's role in the organization's security posture by managing and protecting assets while supporting goals.
• Detail means to minimize the impact to operations in the event of a security incident through establishing detection, response, and recovery capabilities.

Date: 2015

Training Purpose: Skill Development

Training Proficiency Area: Level 2 - Intermediate

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This course prepares learners for the Information Security Certification (ISC)2 Certified Authorization Professional (CAP) certification exam. This course focuses on the process of authorizing and maintaining information systems. Topics include understanding the Risk Management Framework (RMF), selection, implementation, and monitoring of security controls as well as the categorization of information systems. A practice exam is included.

Learning Objectives:

• Provide a review of the 7 (ISC)2 CAP domains.
• Supplemental preparation for the (ISC)2 CAP certification exam.

Date: 2014

Training Purpose: Skill Development

Training Proficiency Area: Level 2 - Intermediate

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This course prepares learners for the CISSP certification exam. This course focuses on the information security field, exam objectives, and the eight domains upon which the exam is based. This course includes reinforcing video demonstrations and a final practice exam.

Learning Objectives:

• Explain and apply concepts to design, implement, and manage secure cyber operations.
• Develop, document, and implement security policy, standards, procedures, and guidelines.
• Apply risk management concepts.

Date: 2019

Training Purpose: Management Development

Training Proficiency Area: Level 3 - Advanced

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This course is focused on applying security and systems engineering principles into business functions. This self-study prep course is designed to help learners prepare for the specialized Information Systems Security Engineering Professional (ISSEP) certification exam. The topics in the course cover the five domain areas of the CISSP-ISSEP.

Learning Objectives:

• Incorporate security into business processes and information systems.
• Demonstrate subject matter expertise in security engineering.
• Apply engineering principles into business functions.

Date: 2018

Training Purpose: Skill Development

Training Proficiency Area: Level 3 - Advanced

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This course is intended for individuals with strong management and leadership skills and interested in focusing on establishing, presenting, and governing information security programs. This self-study prep course reviews the six common body of knowledge domains for the Information Security System Management Professional (CISSP-ISSMP) certification exam.

Learning Objectives:

• Demonstrate ability to apply leadership and management skills to manage an organization information security program.
• Apply the security lifecycle management processes and principles into the system Development lifecycles.
• Apply contingency management practices to plan and implement processes to reduce the impact of adverse events.

Date: 2018

Training Purpose: Management Development

Training Proficiency Area: Level 3 - Advanced

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This hour-long webinar recorded on July 31, 2020 features National Defense University Professor Mark Duke discussing some key leadership decisions when assessing and authorizing systems. The Assessment & Authorization (A&A) process is a comprehensive assessment of policies, technical and non-technical security components, and a system's technical controls followed by leadership agreement that the system meets adequate risk levels before the system is authorized to go into full production.

Learning Objectives:

• Explain why we have to do Assessment & Authorization.
• Explain Roles & Responsibilities of Assessment & Authorization.
• Introduce seven major components of Assessment & Authorization.
• Establish Authorization Boundaries.
• Introduce Assessment Scanning Tools.
• Explain the Role of Security Technical Implementation Guides (STIGs) as potential criteria for Assessment activities.

Date: 2020

Training Purpose: Skill Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This course focuses on the type and nature of work the CSIRTs may be expected to handle. It provides an overview of the incident response field, including the nature of incident response activities and an overview of the incident handling processes. The course focuses on foundation material, staffing issues, incident management processes, and other issues such as working with law enforcement, insider threat, and publishing information.

Learning Objectives:

• Provide an overview of the incident response arena, the nature of incident response activities, and incident handling processes.
• Guide learners to understand technical issues from a management perspective, problems and pitfalls to avoid, and best practices where applicable.
• Emphasize the importance of CSIRT management predefined policies and procedures.
• Discuss what is needed to operate an effective CSIRT.

Date: 2020

Training Purpose: Management Development

Training Proficiency Area: Level 2 - Intermediate

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This workshop focuses on how to measure the right things in order to make informed management decisions, take the appropriate actions, and change behaviors. But how do managers figure out what those right things are? Public and private organizations today often base cyber risk management decisions on fear, uncertainty, and doubt (FUD), and the latest attack. The Measuring What Matters: Security Metrics Workshop, the learner will learn how to refine a strategic or business objective that meets that S.M.A.R.T.E.R. criteria: Specific, Measurable, Achievable, Relevant, Time-bound, Evaluated, Reviewed, and can be used to initiate the Goal - Question - Indicator - Metric (GQIM) process.

Learning Objectives:

• Identify a core set of business goals, based on the business objective, to which the cybersecurity risk measurement program will be applied.
• Formulate one or more key questions for each business goal, and use them to help determine the extent to which the goal is being achieved.
• Identify one or more indicators for each business goal key question.
• Identify one or more metrics for each indicator that most directly inform the answer to one or more questions.

Date: 2020

Training Purpose: Skill Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

The Migration and Security Strategies for FedRAMP Cloud Computing course is designed to introduce students to the structure and employment of cloud computing using the Federal Risk and Authorization Management Program, or FedRAMP. Topics include cloud computing architecture, FedRAMP structure and roles, FedRAMP security implementations, and FedRAMP-approved cloud deployment options.

Learning Objectives:

• Describe the three major deployment models for cloud computing
• Discuss cybersecurity issues related to cloud computing
• Explain the authority, structure, and roles of major parties that make up FedRAMP
• Explain how Cloud Service Providers (CSPs) and FedRAMP processes work to meet federal security requirements
• Describe how the FedRAMP framework of "do once, use many times" allows government agencies to reuse previously-approved security documents and structures to simplify data deployments to the cloud
• Describe how FedRAMP processes enable a second agency to use a previously approved CSP.
• Identify how FedRAMP processes map to and are designed to assure compliance with applicable standards outlined by the National Institute for Standards and Technology (NIST) in its Special Publications 800 series of documents.

Date: 2021

Training Purpose: Management Development

Training Proficiency Area: Level 2 - Intermediate

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

This course focuses on mobile devices, how they operate, and their security implications. This course includes topics such as signaling types, application stores, managing mobile devices, and emerging trends and security and privacy concerns with social media.

Learning Objectives:

• Discover mobile device technology components and architectures and how to properly secure them.
• Examine historical and current threats to mobile devices and methods for remediating against them.
• Establish best practices and procedures for performing mobile device forensic investigations.

Date: 2015

Training Purpose: Skill Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

At the end of this course, participants will be able to

• list the characteristics that distinguish Mothra from SiLK,
• identify the major architectural features of Mothra,
• describe how analysis can be performed in Mothra, and
• discuss the advantages of using a Jupyter Notebook for collaborative analysis.

This course focuses on what is needed to create and operate a Computer Security Incident Response Team (CSIRT). The intended audience is individuals tasked with creating a CSIRT and those who may be new to CSIRT issues and processes. Objectives within the course include the benefits and limitations of a CSIRT, CSIRT requirements, services, common policies and procedures, and operational best practices. Previous incident handling experience is not required to partake in this course.

Learning Objectives:

• Identify managerial, organizational, procedural, and operational issues regarding the CSIRT role and function.
• Describe the issues involved with creating and operating a CSIRT.
• Discuss specific topics regarding CSIRT benefits and limitations, requirements and framework, services, policies and procedures, and operational best practices.

Date: 2020

Training Purpose: Skill Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework

Pre-Assessment and Post-Assessment Training (P2T) Description

The P2T training supports CISA strategies that are designed to provide more consistent and effective outcome-based cyber risk management support for its customers. The course provides information that includes:

• Overview of the CISA assessment process, the Pre-Assessment Questionnaire, and suggested post-assessment support enhancements
• How to utilize the Pre-Assessment Questionnaire and the post assessment materials to facilitate an improved customer experience with DHS assessments
• Tips and strategies for the effective delivery of an assessment engagement

Audience

• DHS Cybersecurity Advisors (CSA), and regional/state cyber support teams
• Users of DHS assessments such as the CRR, CRE, and EDM

Objectives

• Provide training on the use of the Pre-Assessment Questionnaire and the PostAssessment Process
• Facilitate making the assessment engagement more customer relevant
• Provide an understanding of techniques that can help CSAs leverage assessments to assist customers with managing cyber risk
• Improve cyber risk outcomes for organizations

This webinar recorded on July 10, 2020 features National Defense University Professor Mark Duke discussing key leadership decisions to implement the NIST Risk Management Framework (RMF). The RMF is a risk-based approach to implement security within an existing enterprise - it is leadership’s responsibility to ensure adequate and effective system security.

Learning Objectives:

• How to prepare your component or organization to initiate the RMF.
• How to define, understand, and manage risk to your Information Systems by identifying your threats and vulnerabilities.
• Understand the link to the RMF with Supply Chain Risk Management (SCRM) and the Software Development Life Cycle (SDLC).
• Understand the new "Prepare" step of the National Institute of Standards and Technology (NIST) Special Publication (SP) 800-37 v2 RMF.
• Explain managers’ roles and involvement in each step of the RMF.

Date: 2020

Training Purpose: Skill Development

Training Proficiency Area: Level 1 - Beginner

Alignment to the NIST SP 800-181 Cybersecurity Workforce Framework