This course focuses on the security planning and administrative security procedures for systems that process sensitive, classified and national intelligence data. Lesson topics define individual roles, responsibilities and obligations and outline special requirements consistent with maintaining a secure network centric environment.
Special emphasis is placed in the following areas:
- Individual responsibilities and special obligations associated with cybersecurity and secure network operations; including specific responsibilities; the requirement to maintain and enhance information system security within a controlled environment; the significance of facility planning and management; and the construction and implementation of user focused policies, processes, procedures and protocols.
- The need to establish effective cybersecurity program planning including; describing and defining user based policies and procedures; establishing and enforcing system contingency, continuity and emergency plans; implementing, monitoring, analyzing and reporting unusual system activities.
- Implementation and enforcement of user based access controls including; password maintenance, management and administration; Rule and Role based access controls; and the integration of administrative security measures including preparatory actions, implementation responsibilities and reporting requirements.
Lesson Topics Include:
- Information System Security Planning and Organization;
- Implementation and Enforcement of Cybersecurity Policies, Processes and Procedures;
- Data Encryption Methods;
- Physical, System and Data Controls;
- Malicious Logic/MALWEAR - Prevention, Detection, Response, Recovery and Reporting;
- Configuration Management, Disaster Planning and Disaster Recovery;
- Threat and Vulnerability Analysis;
- Risk Response and Recovery;
- Network Security Analysis and Assessment;
- System/Network Assessment and Authorization (Risk Management Framework (RMF)).
Student comprehension is measured by administering a cumulative progress check at the end of the last day of training. Topical reviews are conducted at the beginning and end of each training day to help to reinforce key learning objectives, reiterate essential subject areas and respond to individual student questions. Satisfactory completion and remedial requirements will be consistent with each customer training standards.