
This course comprises ~ 90 minutes of lectures with ~ 1.5 hours of hands-on exercises and practice assignments, allowing you to earn 3 hours of continuing learning credits (CEU, CPE) when you complete all of the assignments and pass the exam.
Don't forget to ask if your organization will reimburse your for this training. CPE + FREE = best of both worlds.
This video highlights the key difference between the RMF and FedRAMP assessment and accreditation processes - where your system is hosted? On-prem (Corporate Network) - RMF; Cloud (CSP) - FedRAMP.
Intro video on the purpose and requirement for assigning a security category to information (data) and information systems (applications, servers, networks, etc. )
Hands-on exercise demonstrating the security categorization of information and information system using a sample FIPS-199 Security Categorization form (isso101_securityCategorizationExercise.docx). Download the file and follow along or watch the demo and practice offline.
NOTE: As you will learn in this exercise, security categorization is based on the data (e.g. financial, medical, etc) AND the software (e.g. applications, websites) and hardware (e.g. servers, firewalls, cloud buckets) collecting, transmitting and storing the data.
In this exercise, we take a step-by-step approach through the process of selecting the baseline controls for our sample information system. When concluded, you will understand why it differs from the NIST 800-53 Rev 5 baseline for a low-impact system.
Let's review why it's important to continuously monitor information system logs for unusual and/or suspicious behavior.
From categorizing information systems to establishing baseline controls and identify vulnerabilities by analyzing scan reports and reviewing audit log to tracking vulnerabilities with plan of actions and milestones.
This course ensures you will be able to use your knowledge as an ISSO to establish and maintain the security posture of information systems.
From categorizing information systems to establishing baseline controls and identify vulnerabilities by analyzing scan reports and reviewing audit log to tracking vulnerabilities with plan of actions and milestones.
This course ensures you will be able to use your knowledge as an ISSO to establish and maintain the security posture of information systems.
From categorizing information systems to establishing baseline controls and identify vulnerabilities by analyzing scan reports and reviewing audit log to tracking vulnerabilities with plan of actions and milestones.
This course ensures you will be able to use your knowledge as an ISSO to establish and maintain the security posture of information systems.
From categorizing information systems to establishing baseline controls and identify vulnerabilities by analyzing scan reports and reviewing audit log to tracking vulnerabilities with plan of actions and milestones.
This course ensures you will be able to use your knowledge as an ISSO to establish and maintain the security posture of information systems. From categorizing information systems to establishing baseline controls and identify vulnerabilities by analyzing scan reports and reviewing audit log to tracking vulnerabilities with plan of actions and milestones.
This course ensures you will be able to use your knowledge as an ISSO to establish and maintain the security posture of information systems.