TRAINING CATEGORIES
(Click Category to List Courses)

42 - IT-S Information Technology - Security and Audit


IT-S 410 - NIST Cyber Security Professional (NCSP) 800-53

Code Start Date Duration Venue
IT-S 410 07 October 2024 5 Days Istanbul Registration Form Link
IT-S 410 04 November 2024 5 Days Istanbul Registration Form Link
IT-S 410 30 December 2024 5 Days Istanbul Registration Form Link
Please contact us for fees

 

Course Description

Business goals may include organizing the company to make it more efficient and profitable, or to redefine our target market to three major areas. One of our key business goals must be to reduce the risk of a data breach, the loss of intellectual property, the compromise of valuable research data, or the protection of employee and customer information. To be successful, we require a business focused cyber-risk management program that includes a complete understanding of business activities and the potential risk to the organization if a bad actor compromises one or more of these activities.

 

The Security Technical Implementation Guides (STIGs) are the configuration standards created by the Defense Information Systems Agency (DISA) for Department of Defence systems. The STIGs contain technical guidance to lock down information, systems, and software, which might otherwise be vulnerable to a malicious computer attack by limiting account access to a system.

This is a course preparation for certification exam/procedure. The fee doesn't include exam fee. The exam date and application should be done by participant(s) themselves. Please contact us for details and further clarification.

 

Course Objectives

  • Understand and describe how an organization can approach the adoption and adaptation of the NIST-CSF
  • Understand and describe how to implement cybersecurity controls using an incremental improvement approach, using the NIST 800-53 Standard as an informative reference
  • Understand and describe how to create, protect, and deliver digital business value
  • Understand of Security technical implementation guide (STIG)

Who Should Attend?

  • IT professionals 
  • Network Administrators 
  • Secuiry Analysts 

Course Details/Schedule

Day 1

  • Understanding Cyber Risks
  • Overview of NIST Cyber Security Professional (NCSP) 800-53
  • Core Functions, Categories & Subcategories
  • The NIST Cybersecurity Framework Fundamentals
  • Risk Management and Security Controls
  • Risk Identification and Analysis 

Day 2

  • Security Operations and Incident Response
  • Security Control Selection and Implementation
  • Security Control Monitoring and Maintenance
  • Security Automation and Orchestration

Day 3

  • Automating Security Incident Response
  • Automating Security Monitoring and Logging
  • Automating Security Vulnerability Management
  • Profiles and their use of Current
  • Implementation Tiers
  • Security Governance and Compliance
  • Developing Framework Profiles

Day 4

  • Understanding of Security technical implementation guide (STIG)
  • STIG control profiles selection
  • STIG Severity assignment on controls 
  • Role of security attributes (CIA) controls 
  • STIG profile control addition and removal
  • Control mapping to org policy and implementation on technology 
  • Control Correlation Identifier (CCI).
  • Common Configuration Enumeration (CCE)
  • Common weakness enumeration (CWE)
  • Extensible Configuration Checklist Description Format (XCCDF)
  • Open Checklist Interactive Language (OCIL)
  • Open Vulnerability Assessment Language (OVAL) 

Day 5

  • Role of Control Correlation identifier (CCI) for implementation of Cyber Security policy 
  • Control implementation and automation.
  • Compliance assessment, automation and scoring. 
  • Correlation between Controls and vulnerability.
  • Correlation between vulnerabilities and compliance.
  • Correlation between risk management framework (RMF) and STIG
  • Open Source tools for automation/implementation of 800-53
  • Open Source tools for automation/implementation of  STIGs
  • SITG demonstration on Open source tool(Open SCAP and ANISABLE)

 

ETABS and SAFE. Training 24 CCE 210 5 SAP 2000. Training 25 CCE 305 5 Quality Assurance in Pavement Construction 26 CCE 401 5 Construction Project Management 27 CCE 402 10 Construction Project Management (10 Days) 28 CCE 403 5 Construction Project Management-Intensive 29 CCE 405 5 Principles of Construction Project Management 30 CCE 406 10 Principles of Construction Project Management (10 Days) 31 CCE 410 10 Construction Project and Risk Management (10 days) 32 CCE 411 5 Project & Contract Management for Marine Construction 33 CCE 412 5 Application of GIS in Construction Management 34 CCE 415 4 Sustainable Water Management Techniques, Innovation and Solution (4 Days) 35 CCE 419 5 Construction Management of Hydraulic Projects 36 CCE 420 5 Water Project Management 37 CCE 421 10 Modern Technologies in the Supervision and Quality Control of Irrigation Projects and Dealing with Contractors (10 Days) 38 CCE 422 5 Rapid Earthquake Hazard Evaluation of Buildings 39 CCE 425 10 Practical Application of Computers in Structural Engineering (10 Days) 40 CCE 428 5 Survey & Profile Using Total Station 41 CCE 430 5 Bridge Construction and Maintenance 42 CCE 435 5 Bridge Inspection and Maintenance 43 CCE-A 410 10 إدارة المشاريع الهندسية -10 أيام
21 - TTC - Transportation and Traffic Control
22 - ADV - Architectural Design and Visualization
23 - SRM - Safety and Occupational Health
24 - CSM - Public Relations, Communication Skills & Office Management
25 - TEM - Training and Education Management
26 - CMR - Customer Relations