1-800-THE-TREE (1-800-843-8733)
TRAINING YOU CAN TRUST
 
 

NSA INFOSEC Assessment Methodology (IAM)

Establishing an Assessment Process for Your Organization
 
Course: U150   Type: Course Workshop   Duration: 2 Days
 
 

You Will Learn How To

  • Implement the National Security Agency's INFOSEC Assessment Methodology
  • Establish the NSA model of Pre-Assessment, On-Site and Post-Assessment phases as a standardized baseline for your organization
  • Identify the steps and goals of an effective assessment
  • Determine baseline information categories necessary for analysis
  • Coordinate efforts with stakeholders and develop an assessment plan
  • Create a final report that guides post assessment activities

Course Benefits

In today's security landscape, assessing and securing computer networks is required in fields as diverse as government, healthcare and finance. This course gives you the skills needed to create and manage an assessment process that is compliant under Sarbanes-Oxley (SEC), FISMA (FIPS-199), FFIEC (banking), SCADA (utilities), HIPPA (healthcare) and others. You will learn a high-level, non-intrusive process ideal for identifying and correcting security weaknesses in your automated information systems. After successfully passing the course exam, attendee's will receive the NSA IAM Certification.

Who Should Attend

Auditors, consultants, managers and service providers who are involved in federal, state and local government, non-profit, commercial and private sector information security

Hands-On Training

Through a series of interactive small-group workshops and an evolving case study, you design and develop an INFOSEC assessment plan.
  • Determining the types of information processed by an organization
  • Creating an Information Criticality Matrix to rank the value and sensitivity of that information
  • Developing a detailed assessment plan that can be executed on site
  • Generating findings and recommendations for your case study
  • Preparing and presenting a final report suitable for stakeholders

  

Upcoming Dates


For complete schedule, please visit www.learningtree.com
 
http://www.learningtree.com/courses/U150pf.htm
 
 
1-800-THE-TREE (1-800-843-8733)
TRAINING YOU CAN TRUST
 
 

NSA INFOSEC Assessment Methodology (IAM)

Establishing an Assessment Process for Your Organization
 
Course: U150   Type: Course Workshop   Duration: 2 Days
 
 
Course U150 Content
 

INFOSEC Assessment Methodology (IAM) Overview

Introducing the Vulnerability Discovery Triad

  • Benefiting from a top-down approach
  • Level I Assessments
  • Level II Evaluations
  • Level II Red Team

Goals of the IAM

  • Understanding the purpose of an Assessment
  • Identifying an organization's critical information
  • Discovering systems that process critical information
  • Determining a proper INFOSEC posture
  • Uncovering potential vulnerabilities
  • Recommending solutions to mitigate or eliminate vulnerability

Conducting Pre-Assessment Activities

Planning the Pre-Assessment Site visit

  • Determining and managing the organization's expectations
  • Reviewing the organization's critical information
  • Discovering high-level system boundaries
  • Coordinating on-site activities with customer
  • Requesting documentation

Developing an Organizational INFOSEC Criticality Matrix (OICM)

  • Defining impact values
  • Assigning impact values to critical information
  • Defining high-level security goals

Writing an assessment plan

  • Establishing Points-of-Contact
  • Describing the Organization's mission
  • Revealing the OICM
  • Identifying hardware, software and communication connections
  • Developing a System Information Criticality Matrix
  • Addressing organizational constraints
  • Reviewing the organization's documentation
  • Establishing a timeline for the assessment

Performing the On-Site Phase

Conducting the Opening Meeting

  • Reviewing the assessment process
  • Emphasizing the hands-off approach
  • Finalizing the Assessment Plan

Interviewing site personnel

  • Assigning team members to interviews
  • Establishing interview durations
  • Validating information gathered during Pre-Assessment

Evaluating system demonstrations

  • Supplementing pre-assessment information
  • Resolving conflicting information

Reviewing INFOSEC documentation

  • Account management policies and procedures
  • Best practices for session controls
  • Best practices for auditing
  • Policies for malicious code protection
  • System maintenance policies
  • Security testing and evaluation
  • Policies for networking and connectivity
  • Transmitting classified information
  • Controls for storage media
  • Labeling and identifying information
  • Understanding the physical environment and security capabilities
  • Personnel security
  • User education and awareness training
  • Developing recommendations
  • Out-briefing: review assessment plan with customer

Completing Post-Assessment Activities

Developing the Final Report

  • Organizing the report structure
  • Conducting a final review of documentation
  • Presenting recommendations
  • Reviewing the report with stakeholders
  • Establishing next-steps

Leveraging IAM training

  • NSA's IATRP Program
  • IAM certification
 
http://www.learningtree.com/courses/U150pf.htm
 
 
1-800-THE-TREE (1-800-843-8733)
TRAINING YOU CAN TRUST
 
 

NSA INFOSEC Assessment Methodology (IAM) Tuition

Establishing an Assessment Process for Your Organization
 
Course: U150   Type: Course Workshop   Duration: 2 Days
 
 

Course Tuition
$ 1,800 Standard Tuition
Tuition with a Savings Plan
$ 900 10-Day Pass
$ 1,670 Training Passport
$ 1,700 Premium-Pass
$ 2,200 Voucher 10-Pack
$ 1,620 Alumni Gold Discount
$ 1,414 Government Discount
 

 

Your Course Tuition Entitles You To...

  • Class participation
  • Team workshops
  • Use of in-class hands-on equipment
  • Comprehensive course materials
  • Morning and afternoon refreshments
  • Course Completion Certificate awarding Continuing Education Units
  • FREE participation in Professional Certification
  • FREE participation in College Credit programs (including related exams)
  
 

Tuition Savings Plans

Training Passport
  • 3 courses in 12 months
  • As little as $1,670 per course
  • Savings as much as 40%
  • Only $5,000
Premium Pass
  • 4 courses in 24 months
  • As little as $1,700 per course
  • Save as much as 45%
10-Day Pass
  • A NEW way to save on training
  • 10 days of training for one person
  • Save as much as $990 per course
  • Only $4,500
Training Vouchers
  • Save as much as $990 per course
  • Fully transferable
  • As low as $2,200 per course
Alumni Gold Discount Attend your first course and you'll receive a personalized Alumni Gold Discount card, entitling you to save as much as $305 on each course you take within the following 12 months. Take just one course each year and you'll be entitled to ongoing discounts...year after year!

Your Guarantee of Satisfaction

Unless you feel 100% satisfied that Learning Tree delivered even more than you expected, there is no fee for your course attendance. Our Guarantee of Quality lets you experience the value of the course--and then pay only if you feel the course was well worth the tuition.

Enrolling is Easy and Flexible!

Enroll by phone or online. If your plans change, just let us know and, without a fee, you can transfer to another course or cancel your enrollment. Pay after you've taken the course, and then only if you are 100% satisfied.
 
http://www.learningtree.com/courses/U150pf.htm