Official (ISC) CBK Online Training Seminars for the CAP

Kód kurzu: CAP

Tato část není lokalizována

This course is designed for IT, information security and information assurance practitioners and contractors who use the RMF in federal government, military, civilian roles, local governments and private sector organizations. Led by an (ISC) Authorized Instructor, this training seminar provides a comprehensive review of information systems security concepts and industry best practices, covering the seven domains of the CAP Common Body of Knowledge (CBK®)

42 900 Kč

51 909 Kč s DPH

Nejbližší termín od 11.07.2022

Výběr termínů

Odborní
certifikovaní lektoři

Mezinárodně
uznávané certifikace

Široká nabídka technických
a soft skills kurzů

Skvělý zákaznický
servis

Přizpůsobení kurzů
přesně na míru

Termíny kurzu

Počáteční datum: 11.07.2022

Forma: Virtuální

Délka kurzu: 5 dnů

Jazyk: en

Cena bez DPH: 42 900 Kč

Registrovat

Počáteční datum: 05.09.2022

Forma: Virtuální

Délka kurzu: 5 dnů

Jazyk: en

Cena bez DPH: 42 900 Kč

Registrovat

Počáteční datum: 07.11.2022

Forma: Virtuální

Délka kurzu: 5 dnů

Jazyk: en

Cena bez DPH: 42 900 Kč

Registrovat

Počáteční datum: Individuální

Forma: Individuální

Délka kurzu: 5 dnů

Jazyk: en

Cena bez DPH: 42 900 Kč

Registrovat

Počáteční
datum
Místo
konání
Forma Délka
kurzu
Jazyk Cena bez DPH
11.07.2022 Virtuální 5 dnů en 42 900 Kč Registrovat
05.09.2022 Virtuální 5 dnů en 42 900 Kč Registrovat
07.11.2022 Virtuální 5 dnů en 42 900 Kč Registrovat
Individuální Individuální 5 dnů en 42 900 Kč Registrovat
G Garantovaný kurz

Nenašli jste vhodný termín?

Napište nám o vypsání alternativního termínu na míru.

Kontakt

Popis kurzu

Tato část není lokalizována

This course is designed for IT, information security and information assurance practitioners and contractors who use the RMF in federal government, military, civilian roles, local governments and private sector organizations. Led by an (ISC) Authorized Instructor, this training seminar provides a comprehensive review of information systems security concepts and industry best practices, covering the seven domains of the CAP Common Body of Knowledge (CBK®)

Cílová skupina

Tato část není lokalizována

This course is for individuals planning to pursue the CAP certification. The CAP is ideal for IT, information security and information assurance practitioners and contractors who use the RMF in federal government, military, civilian roles, local governments and private sector organizations. Roles include:

  • ISSOs, ISSMs and other infosec/information assurance practitioners who are focused on security assessment and authorization (traditional C&A) and continuous monitoring issues.
  • Executives who must „sign off“ on Authority to Operate (ATO).
  • Inspector generals (IGs) and auditors who perform independent reviews.
  • Program managers who develop or maintain IT systems.
  • IT professionals interested in improving cybersecurity and learning more about the importance of lifecycle cybersecurity risk management.

Struktura kurzu

Tato část není lokalizována

Chapter 1: Prepare (10 Modules)

Learning Objectives:

After completing this chapter, the participant will be able to:

  • • Explain the purpose and value of preparation.
  • • Identify references associated with the Prepare step.
  • • Identify other risk management frameworks and their relationship to RMF tasks.
  • • Identify relevant security and privacy regulations.
  • • List the references, processes and outcomes that define:
    • • RMF Task P-1: Risk Management Roles
    • • RMF Task P-2: Risk Management Strategy
    • • RMF Task P-3: Risk Assessment – Organization
    • • RMF Task P-14: Risk Assessment – System
    • • RMF Task P-4: Organizationally Tailored Control Baselines and Cybersecurity Framework Profiles
    • • RMF Task P-5: Common Control Identification
    • • RMF Task P-6: Impact-Level Prioritization
    • • RMF Task P-7: Continuous Monitoring Strategy – Organization
    • • RMF Task P-8: Mission or Business Focus
    • • RMF Task P-9: System Stakeholders
    • • RMF Task P-10: Asset Identification
    • • RMF Task P-11: Authorization Boundary
    • • RMF Task P-12: Information Types
    • • RMF Task P-13: Information Life Cycle
    • • RMF Task P-15: Requirements Definition
    • • RMF Task P-16: Enterprise Architecture
    • • RMF Task P-17: Requirements Allocation
    • • RMF Task P-18: System Registration
  • • Complete selected Prepare Tasks for the example system.

Chapter 2: Categorize (5 Modules)

Learning Objectives:

After completing this chapter, the participant will be able to:

  • • Explain the purpose and value of categorization.
  • • Identify references associated with the Categorize step.
  • • List the references, processes, and outcomes that define Risk Management Framework (RMF) Task C-1: System Description.
  • • Describe a system’s architecture.
  • • Describe an information system’s purpose and functionality.
  • • Describe and document a system’s characteristics.
  • • List the references, processes and outcomes that define RMF Task C-2: Security Categorization.
  • • Categorize an information system.
  • • List the references, processes and outcomes that define RMF Task C-3: Security Categorization Review and Approval.
  • • Describe the review and approval process for security categorization.
  • • Categorize the example systems.

Chapter 3: Select (7 Modules)

Learning Objectives:

After completing this chapter, the participant will be able to:

  • • Explain the purpose and value of control selection and allocation.
  • • Identify references associated with the Select step.
  • • Relate the ISO 27001 Statement of Applicability to the NIST RMF.
  • • List the references, processes and outcomes that define RMF Task S-1: Control Selection.
  • • List the references, processes and outcomes that define RMF Task S-2: Control Tailoring.
  • • Select appropriate security control baselines based on organizational guidance.
  • • Tailor controls for a system within a specified operational environment.
  • • List the references, processes and outcomes that define RMF Task S-3: Control Allocation.
  • • List the references, processes and outcomes that define RMF Task S-4: Documentation of Planned Control Implementations.
  • • Allocate security and privacy controls to the system and to the environment of operation.
  • • Document the controls for the system and environment of operation in security and privacy plans.
  • • List the references, processes and outcomes that define RMF Task S-5: Continuous Monitoring Strategy – System.
  • • Develop and implement a system-level strategy for monitoring control effectiveness that is consistent with and supplements the organizational continuous monitoring strategy.
  • • List the references, processes and outcomes that define RMF Task S-6: Plan Review and Approval.
  • • Review and approve the security and privacy plans for the system and the environment of operation.
  • • Allocate security controls for the example system.
  • • Tailor security controls for the example system.
  • • Draft a continuous monitoring plan for the example system.

Chapter 4: Implement (5 Modules)

Learning Objectives

After completing this chapter, the participant will be able to:

  • • Explain the purpose and value of implementation.
  • • Identify references associated with the Implement step.
  • • List the references, processes and outcomes that define RMF Task I-1: Control Implementation.
  • • Identify appropriate implementation guidance for control frameworks.
  • • Integrate privacy requirements with system implementation.
  • • List the references, processes and outcomes that define RMF Task I-2: Update Control Implementation Information.
  • • Update a continuous monitoring strategy.
  • • Update a control implementation plan.

Chapter 5: Assess (6 Modules)

Learning Objectives

After completing this chapter, the participant will be able to:

  • • Explain the purpose and value of assessment.
  • • Identify references associated with the Assess step.
  • • Understand and identify common elements of the NIST process that are included in other frameworks and processes.
  • • List the references, processes and outcomes that define RMF Task A-1: Assessor Selection.
  • • List the references, processes and outcomes that define RMF Task A-2: Assessment Plan.
  • • List the references, processes and outcomes that define RMF Task A-3: Control Assessment.
  • • List the references, processes and outcomes that define RMF Task A-4: Assessment Reports.
  • • List the references, processes and outcomes that define RMF Task A-5: Remediation Actions.
  • • List the references, processes and outcomes that define RMF Task A-6: Plan of Action and Milestones.
  • • Develop an assessment plan for identified controls in the example system.
  • • Develop a remediation plan for unsatisfied controls in the example system.

Chapter 6: Authorize (6 Modules)

Learning Objectives

  • • Explain the purpose and value of authorization.
  • • Identify references associated with the Authorize step.
  • • Relate system approvals under organizational processes to the concepts applied in the NIST RMF.
  • • List the references, processes and outcomes that define RMF Task R-1: Authorization Package.
  • • List the references, processes and outcomes that define RMF Task R-2: Risk Analysis and Determination.
  • • List the references, processes and outcomes that define RMF Task R-3: Risk Response.
  • • List the references, processes and outcomes that define RMF Task R-4: Authorization Decision.
  • • List the references, processes and outcomes that define RMF Task R-5: Authorization Reporting.
  • • Develop a risk determination for the example system on the system risk level.
  • • Authorize the system for operation.
  • • Determine appropriate elements for the Authorization decision document for the example system.

Chapter 7: Monitor (8 Modules)

Learning Objectives

After completing this Chapter, the participant will be able to:

  • • Explain the purpose and value of monitoring.
  • • Identify references associated with the Monitor step.
  • • List the references, processes and outcomes that define RMF Task M-1: System and Environment Changes.
  • • (Coordinate) Integrate cybersecurity risk management with organizational change management.
  • • List the references, processes and outcomes that define RMF Task M-2: Ongoing Assessments.
  • • Monitor risks associated with supply chain.
  • • List the references, processes and outcomes that define RMF Task M-3: Ongoing Risk Response.
  • • Understand elements for communication surrounding a cyber event.
  • • List the references, processes and outcomes that define RMF Task M-4: Authorization Package Updates.
  • • List the references, processes and outcomes that define RMF Task M-5: Security and Privacy Reporting.
  • • List the references, processes and outcomes that define RMF Task M-6: Ongoing Authorization.
  • • List the references, processes and outcomes that define RMF Task M-7: System Disposal.
  • • Discuss Monitor step activities in the example system.

Chapter 8: CAP Certification Information

This chapter covers important information about the experience requirements for the Certified Authorization Professional (CAP) certification and (ISC)2 exam policies and procedures.

Navazující kurzy

Official (ISC) CBK Online Training Seminars for the SSCP en

Dodavatel: ISC2

Oblast: IT bezpečnost

Cena od:

28 600 Kč bez DPH

Official (ISC) CBK Online Training Seminars for the HCISPP en

Dodavatel: ISC2

Oblast: IT bezpečnost

Cena od:

28 600 Kč bez DPH

Platební brána ComGate Logo MasterCard Logo Visa