• Classroom
  • Online, Instructor-Led
Course Description

The course is based on the National Security Agency’s (NSA) Information Security (INFOSEC) Evaluation Methodology (IEM), which is NSA’s recommended methodology for evaluating an organization’s technical security. The course will examine the process of coordinating with the customer, setting the scope of the project, obtaining legal authorization, conducting the ten baseline activities of the evaluation, and compiling a meaningful and understandable final product for the customer. Students registering for this course will be required to participate in an actual IEM based evaluation as a course project. The documentation created during this course can be added to the student’s portfolio.

Learning Objectives

1. Enumerate the required steps and processes for conducting the NSA IAM and IEM. 2. Demonstrate the ability to help a customer define and prioritize Critical Information. 3. Define the Critical Path within an organization based on defined Critical Information. 4. Conduct technical evaluation activities against organizational technical resources. 5. Identify the basic components required for a quality Final Report. 6. Interface and interview mission critical personnel within an organization in a professional manner.

Framework Connections

The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):

Specialty Areas

  • Customer Service and Technical Support
  • Cyber Defense Infrastructure Support
  • Cyber Operational Planning
  • Cyber Operations
  • Cybersecurity Management