NIST // CISSP | CEH | PKI | SECURITY + // NCSF-P

NCSF-P: NIST Cybersecurity Framework Training – Practitioner

home > training > NCSF-P: NIST Cybersecurity Framework Training – Practitioner

NCSF-P: NIST Cybersecurity Framework Training – Practitioner

$3,295.00

  • 3 Days
  • 24 PDU Credits with this class
Partner DeliveryThis live class is delivered by a partner at another location. Students attend online from their home or office.
Live
Online
 
Dec 18 - Dec 20
7:30AM - 3:30PM (PHX)
GTRThis class date is Guaranteed to Run and will not change.
Live Online
Jan 29 - Jan 31
7:30AM - 3:30PM (PHX)
GTRThis class date is Guaranteed to Run and will not change.
Live Online
Feb 20 - Feb 22
7:30AM - 3:30PM (PHX)
GTRThis class date is Guaranteed to Run and will not change.
Live Online
Mar 19 - Mar 21
6:30AM - 2:30PM (PHX)
GTRThis class date is Guaranteed to Run and will not change.
Live Online
x
Course:

Course Description

This ACQUIROS accredited training program is targeted at IT and Cybersecurity professionals looking to become certified on how to operationalize the NIST Cybersecurity Framework (NCSF) across an enterprise and its supply chain. The NCSF Practitioner program teaches the knowledge to prepare for the NSCF Practitioner exam plus the skills and abilities to design, build, test, manage and improve a cybersecurity program based on the NCSF.

The optional certification exam is through ACQUIROS. Student must pass a 180 minute, 100 question closed book multiple choice, examination with a passing score of 70% in order to receive this certification.

Credits Earned
• 24 PDU Credits

Outline

Module 1: Course Overview

Reviews at a high level each Module of the course

Module 2: Framing the Problem

Establishes the context and rationale for the adoption and adaptation of the NIST-CSF using the Controls Factory Model.

Module 3: The Controls Factory Model

Introduces the concept of a Controls factory model and the three areas of focus, the Engineering Center, the Technology Center, and the Business Center.

Module 4: The Threats and Vulnerabilities

Provides an overview of cyberattacks (using the Cyber Attack Chain Model), discusses the top 15 attacks of 2015 and 2016, and the most common technical and business vulnerabilities.

Module 5: Digital Assets, Identities and Business Impact

Provides a detailed discussion of asset families, key architecture diagrams, an analysis of business and technical roles, and a discussion of governance and risk assessment.

Module 6: The NIST Cybersecurity Framework

Provides a practitioner level analysis of the controls framework based on the NIST Cybersecurity Framework.

Module 7: Technology Program Design and Build

Provides a detailed analysis of the technical controls based on the Center for Internet Security 20 Critical Security Controls©. Includes the controls objective, controls design, controls details, and a diagram for each control.

Module 8: The Security Operations Center (SOC)

Provides a detailed analysis of Information Security Continuous Monitoring (ISCM) purpose and capabilities. Includes an analysis of people, process, technology, and services provided by a Security Operations Center.

Module 9: Technology Program Testing and Assurance

Provides a high-level analysis of technology testing capabilities based on the PCI Data Security Standard (DSS). The testing capabilities include all 12 Requirements of the standard.

Module 10: Business Program Design and Build

Provides a high-level analysis of the business controls based on the ISO 27002:2013 Code of Practice. Includes the controls clauses, objective, and implementation overview. The business controls are in support of ISO 27001 Information Security Management System (ISMS).

Module 11: Cyber Workforce Skills Development

Provides a review of cybersecurity workforce demands and workforce standards based on the NICE Cybersecurity Workforce Framework (NCWF).

Module 12: Cyber-Risk Management Program

Provides a review of the AICPA Proposed Description Criteria for Cybersecurity Risk Management. Covers the 9 Description Criteria Categories and the 31 Description Criteria.

Module 13: Cybersecurity Program Assessment

Provides a detailed review of the key steps organizations can use for conducting a Cybersecurity Program Assessment. Assessment results include a technical scorecard (based on the 20 critical controls), an executive report, a gap analysis and an implementation roadmap.

Module 14: Cyber Risk Program Assessment

Provides a review of the Cyber Risk Management Program based on the five Core Functions of the NIST Cybersecurity Framework.

 

Audience

This class is designed for IT and Business professionals who will play an active role in the design and management of an NCSF program.

Prerequisites

Individuals should hold a valid NIST Cybersecurity Foundation Certification or have equivalent knowledge.

What You Will Learn

After completing this course, students will understand:

  • Framing the Problem
  • The Controls Factory Model
  • The Threats and Vulnerabilities
  • Digital Assets, Identities and Business Impact
  • The NIST Cybersecurity Framework
  • Technology Program Design and Build
  • The Security Operations Center (SOC)
  • Technology Program Testing and Assurance
  • Business Program Design and Build
  • Cyber Workforce Skills Development
  • Cyber-Risk Management Program
  • Cybersecurity Program Assessment
  • Cyber Risk Program Assessment