Top 20 Information Security System Controls
This course covers proven tools and methodologies needed to execute and analyze the Top Twenty Most Critical Security Controls.
This course allows the security professionals to see how to implement controls in your existing networks through highly effective and economical automation.
For management, this training is the best way distinguish how you will assess whether this security controls are effectively being administered.
Who Should Attend?
Information Assurance Managers/Auditors, System Implementers/Administrators, Network Security Engineers, IT Administrators Auditors/Auditees, DoD Personnel/Contractors, IT Professors, Federal Agencies/Clients
DETAILED MODULE DESCRIPTION
- I. Course Introduction
- II. Critical Control 1: Inventory of Authorized and Unauthorized Devices
- III. Critical Control 2: Inventory of Authorized and Unauthorized Software
- IV. Critical Control 3: Secure Configurations for Hardware and Software on Laptops, Workstations, and Servers
- V. Critical Control 4: Secure Configurations for Network Devices such as Firewalls, Routers, and Switches
- VI. Critical Control 5: Boundary Defense
- VII. Critical Control 6: Maintenance, Monitoring, and Analysis of Audit Logs
- VIII. Critical Control 7: Application Software Security
- IX. Critical Control 8: Controlled Use of Administrative Privileges
- X. Critical Control 9: Controlled Access Based on Need to Know
- XI. Critical Control 10: Continuous Vulnerability Assessment and Remediation
- XII. Critical Control 11: Account Monitoring and Control
- XIII. Critical Control 12: Malware Defenses
- XIV. Critical Control 13: Limitation and Control of Network Ports, Protocols, and Services
- XV. Critical Control 14: Wireless Device Control
- XVI. Critical Control 15: Data Loss Prevention
- XVII. Critical Control 16: Secure Network Engineering
- XVIII. Critical Control 17: Penetration Tests and Red Team Exercises
- XIX. Critical Control 18: Incident Response Capability
- XX. Critical Control 19: Data Recovery Capability
- XXI. Critical Control 20: Security Skills Assessment and Appropriate Training to Fill Gaps