NIST Cybersecurity Framework Practitioner: Course Contents | ALC Training News

  • No comments

1. NIST Cybersecurity Framework Overview

  • Framework Overview
  • Informative References Overview
  • Core Functions & Categories
  • Implementation Tiers
  • Framework Profile
  • Establishing or improving a cybersecurity program

Introduction to the Case Study

2. Identify Function

  • Asset Management
  • Business Environment
  • Governance
  • Risk Assessment
  • Risk Management Strategy
  • Supply Chain Risk Management

Case Study Exercise 1 – Apply the concepts learnt in the Identify Function


3. Protect Function

  • Identity Management, Authentication and Access Control
  • Awareness and Training
  • Data Security
  • Information Protection Processes and Procedures
  • Maintenance
  • Protective Technology

Case Study Exercise 2 – Apply the concepts learnt in the Protect Function

4. Detect Function

  • Anomalies and Events
  • Security Continuous Monitoring
  • Detection Processes

Case Study Exercise 3 – Apply the concepts learnt in the Detect Function


5. Respond Function

  • Response Planning
  • Communications
  • Analysis
  • Mitigation
  • Improvements

Case Study Exercise 4 – Apply the concepts learnt in the Respond Function

6. Recover Function
  • Recovery Planning
  • Improvements
  • Communications

Case Study Exercise 5 – Apply the concepts learnt in the Recover Function


7. Case Study

  • Practical Workshop
    • As a group, select an appropriate workshop
    • Systematically work through the steps in the framework
    • Select informative references from ISO27002, PCI DSS, ISM or other resources
  • Last hour of the day
    • Each group to present their respective report
    • Issue mock exam for delegates to practice overnight
Day Five

8. Review and Exam

  • Mock exam – instructor will go through the mock exam with delegates and explain each question and answer
  • This will be followed by a review and summary session
  • Final Exam (2 hours)

Jes Irving