Course Description
The Cybersecuring DoD Control Systems Workshop is geared to help architects, engineers, contractors, owners, facility managers, maintenance engineers, physical security specialists, information assurance professionals—essentially anyone involved with implementing cybersecurity in the facility life cycle—to learn the best practice techniques to better protect DoD facilities. The Cybersecuring DoD Control Systems Workshop includes hands-on classroom exercises and labs to footprint a CS as a hacker would do; use the Cyber Security Evaluation Tool (CSET) to establish a risk baseline and create a System Security Plan; use the enterprise Mission Assurance Support System (eMASS) to load projects using the new DoDI 8510.01 RMF process; review the Joint Mission Assurance Vulnerability Benchmarks; and review the J-BASICS Advanced Industrial Control System Tactics, Techniques, and Procedures.
Learning Objectives
- Learn DoD facility (buildings and linear structures) Control System (CS) Design;
- Learn CS communication protocols;
- Learn ho to attack and exploit CS using Metasploit and SamuariSTFU;
- Complete the 6 steps of the DoD Risk Management Framework process;
- Use the DHS ICS-CERT CSET tool to create DoD CS network architecture diagrams and System Security Plan;
- Load projects into the DoD CIO eMASS portal;
- Understand how to use JMA Vulnerability Benchmarks and the J-BASIC AICS TTP's.
Framework Connections
The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):