• Classroom
  • Online, Instructor-Led
Course Description

Information Security Continuous Monitoring (three days) covers roles and responsibilities, establishment and implementation of the ISCM strategy, analysis and reporting of findings, and program review in accordance with NIST Special Publication (SP) 800-137. Practical guidance on ISCM automation and support tools is provided. Student exercises, collaboration and case studies are used to reinforce the concepts taught in the class. The course content of Information Security Continuous Monitoring is geared to meet the needs of a diverse audience covering the spectrum of management, operational and technical roles. Students will gain thorough knowledge of the theory and policy background underlying continuous monitoring as will as the practical knowledge needed for effective implementation.

Learning Objectives

  • Organization-wide view of ISCM
  • Ongoing System Authorizations
  • Role of Automation
  • ISCM Roles and Responsibilities
  • ISCM Process ? NIST SP 800-137
  • Step 1 ? Define Strategy
  • Step 2 ? Establish ISCM program
  • Step 3 ? Implement
  • Step 4 ? Analyze and Report
  • Step 5 ? Respond to Findings
  • Step 6 ? Review and Update
  • Supporting Technologies
  • Security Automation Domains
  • Security Information and Event Management (SIEM)
  • Security Content Automation Protocol (SCAP)
  • Reference Data Sources
  • National Vulnerability Database
  • Security Configuration Checklists
  • ISCM Reference Model
  • Exercises and Case Studies

Framework Connections

The materials within this course focus on the Knowledge Skills and Abilities (KSAs) identified within the Specialty Areas listed below. Click to view Specialty Area details within the interactive National Cybersecurity Workforce Framework.