Objective
The Defense Industrial Base(DIB) sector consists of companies that contribute to research, engineering,production, delivery, operations, installation, and support services. The cyberactors continue to target the DIB sector and the Department of Defense (DoD)supply chain for intellectual property and unclassified information. The DoDhas released the Cybersecurity Maturity Model Certification (CMMC) to ensureappropriate levels of cybersecurity controls, and processes are adequate and inplace to protect Controlled Unclassified Information (CUI) on DoD contractorsystems.
The course starts with thedetails about the CMMC model structure (domains, capabilities, practices, andprocesses), how the model works, five process maturity levels, and fivetechnical practices. The course includes deep dive to learn about the Audit andAccounting Controls, Configuration Management controls, Identification &Authentication controls, Maintenance controls, and Media Protection Controls.
This interactive trainingcourse will ensure professionals and practitioners at all levels understandtheir roles and responsibilities, new developments, resources, and hallmarks ofan effective compliance program. In this course, you will be asked to readthrough lessons, participate in learning activities, and partake in knowledgechecks designed to reinforce learning, followed by the end of the course finalassessment.
What you will learn:
• Understand the CMMC Model and controls
• Interpret the NIST SP 800-171Controls and apply the control guidance in gap analysis, remediation, and implementing controls
• Understand the specific domains:
• Audit & Accounting - Define audit requirements, perform auditing, Identify and protect audit information, Review and manage audit logs
• Configuration Management -Establish configuration baselines, Perform configuration and change management
• Identification and Authentication - Grant access to authenticated entities, Incident Response -Plan incident response, Detect and report events, Develop and implement a response to a declared incident, Perform post-incident reviews, Test incident response
• Maintenance - Manage maintenance
• Media Protection - Identify and mark media, Protect and control media, Sanitize media, Protect media during transport
Related Courses
Cloud Security Awareness
CS00102
Breach Notification Part I - Awareness
What you will learn:
- What is the importance of a breach notification?
- What is a data breach?
- In what circumstances would notification of a data breach be required and to whom?
- When and how should notification of a data breach be provided?
- Framework for Effective Data Breach Notification Legislation
- Timing of Notification to Affected Individuals
- Post Data Breach Immediate Action Items
- Breach Notification to Authorities
Breach Notification Part II - Advanced
What you will learn:
- Breach Management
- Effective Breach Response
- Data Breach Checklist
- Breach Notification Notice Content
- Notification Timelines
- Lifecycle of a Data Breach
- Public Relations Strategy
Business Continuity & Disaster Recovery (BCP / DR) Part I - Awareness
What you will learn:
- Disaster
- Business Continuity and Disaster Recovery
- Use Cases
- Risks Covered by DR
- Driving Factors
- Challenges in Developing DR Plan
- Technical Challenges
- Key Factors in DR Plan
Business Continuity & Disaster Recovery (BCP / DR) Part II - Awareness
What you will learn:
- Business Continuity Plan (BCP) vs Disaster Recovery (DR)
- Disaster Recovery Architecture
- Drivers for DR Architecture
- Architectural Elements
- Disaster Recovery Plan
- Backup Strategy
- Disaster Recovery Emergency Procedures
Business Continuity & Disaster Recovery (BCP / DR) Part III
What you will learn:
- BCP DR Frameworks and Standards
- What is the Framework?
- What are the different BCP frameworks?
- Frameworks Explained
- ISO 22301
- National Fire Protection Association (NFPA) 1600
- FFIEC Business Continuity
- NIST 800-34
- ISO 27301
- BCP
- Good Practice Guidelines (GPG)
- Ready Gov
- COBIT
Business Continuity & Disaster Recovery (BCP / DR) Part IV
What you will learn:
- Learn about what is a backup and recovery strategy
- Understand and learn to apply best practices for backup
- Learn eight different backup methods and backup hardware
- Understand what recovery is and learn about methods of recovery
- Learn about the challenges with recovery process and prioritization
Business Continuity & Disaster Recovery (BCP / DR) Part V
What you will learn:
· What is cloud-based disaster recovery andits key features?
· The “Recover from the Cloud“ vs “RecoverRight in the Cloud”
· The different cloud-based recovery options:
· Bare Metal Recovery (BMR)
· Physical-to-virtual (P2V) Recovery
· Virtual-to-virtual (V2V) Recovery
· The benefits of cloud-based recovery
· To build a cloud disaster recovery plan
Cloud Security Awareness
What you will learn:
- Cloud Security
- Cloud Basics - Cloud Concepts, Architecture and Design
- Cloud Service Models
- Cloud Risk Landscape
- Cloud Security Domains
- Cloud Data Security
- Cloud and AWS
- Cloud and Azure
- Cloud Application Security Basics
Cybersecurity Maturity Model Certification (CMMC) - Part I
What you will learn:
Understand the need for Cybersecurity Maturity Model Certification
Why the third-party contractors are the weakest cyber link?
Interpret the NIST SP 800-171 Controls
Understand Federal Acquisition Regulation (FAR) Clause 52.204.21 for protecting Federal Contract Information (FCI)
Understand Defense Federal Acquisition Regulation Supplement (DFARS) Clause 252.204-7012 for protecting Controlled Unclassified Information (CUI)
Understand NIST SP 800-171 Protecting Controlled Unclassified Information in Non-Federal Systems and Organizations
Learn about the essential differences between CMMC vs. NIST 800-171
Learn how CMMC Model Works: Domains, Capabilities, Practices, and Processes
Cybersecurity Maturity Model Certification (CMMC) - Part II
What you will learn:
Learn how CMMC Model Works: Domains, Capabilities, Practices, and Processes
Understand the CMMC five Process Maturity levels and five Technical Practices levels
Understand Federal Acquisition Regulation (FAR) Clause 52.204.21 for protecting Federal Contract Information (FCI)
Learn about the control compliance and certification requirements for level 1 to level 5
Learn about the CMMC capabilities
Understand the 14 points of NIST 800-171 and create security protocols for 14 key areas.
Learn about the CMMC Levels 2 and 3 Practices Beyond NIST 800-171
Learn about the implementation challenges
Learn about becoming a CMMC Certified Supplier
Understand the CMMC Scoring methodology
Knowledge Check