This course equips the student with an overview of the system Authorization and Assessment process (also known as A&A) and the Risk Management Framework (RMF) for DoD IT and National Security Systems (NSS).This course reviews, at an in-depth level, NIST SP 800-37, NIST SP 800-53, Rev 4, DoDI 8510.01, DoDI 8500.1,CNSS 1253, and other crucial directives that govern this process. In addition to the classroom instruction, the student will also participate in several scenario-based hands-on exercises in the implementation of the RMF using the CNSS, DoD, and Special Access Program (SAP) requirements to provide a clear knowledge bridge to the revised system authorization processes – for those currently working with A&A or for those who have limited orno A&A experience. These exercises will include the development of Systems Security Plans (SSPs), Security Assessment Reports (SARs), and Plans Of Action and Milestones (POA&Ms) for NSS and DoD Systems.
The fourth day of this Intensity course provides each student with a hands-on experience in using automated vulnerability assessment and other tools used to support the DoD and IC system authorization process. This is taught through lecture, hands-on exercises, and group discussion.
Course includes the following takeaway items: a printed training book and a CD that includes reference materials pertaining to the course.
You will receive your National Security Agency (NSA) and Committee on National Security Systems (CNSS) NSTISSI 4011, Information System Security Professional Certificate. As well as earning CPE’s to your existing certifications with CompTIA, ISC2, ISACA and IAPP.