• Classroom
  • Online, Instructor-Led
  • Online, Self-Paced
Course Description

This course provides a practical overview of the transition to the RMF for DOD IT process for system authorization. Although primarily oriented toward the DoD audience, the strategies, methodologies, and technical security countermeasures presented in this course are equally applicable to any commercial organization endeavoring to enhance their overall cybersecurity posture through effective validation testing of security countermeasures.

Learning Objectives

  • Introduction
  • Review administrative requirements
  • Participate in instructor and candidate's introductions

Module 1:

  • Overview of the Transformation & Transition
  • Describe the goals of the transformation process
  • Recognize how the process will align with NIST and the Federal government

Module 2:

  • Laws and Policies
  • Identify key Federal laws, NIST publications and DOD Policies

Module 3:

  • Key Definitions
  • Recall key terminology and definitions

Module 4

  • RMF for DOD IT
  • Understand the key concepts of the RMF
  • Discuss the six steps of the RMF
  • Apply of the RMF to DOD information systems

Module 5:

  • DOD Knowledge Service and eMASS
  • Identify the purpose and uses of the Knowledge Service
  • Use eMASS for system registration and authorization

Module 6:

  • New Responsibilities for DoD Contractors
  • Know the definition of DoD information
  • Understand the situation and applicability to external parties
  • Know the protection requirements for unclassified and classified information

Module 7:

  • Certification Testing Tools
  • Demonstrate basic operations of various tools used for certification testing

Framework Connections