Appendix A. Syllabus. NIST Cybersecurity Foundation. Syllabus. Status: First Draft

Size: px

Start display at page:

Download "Appendix A. Syllabus. NIST Cybersecurity Foundation. Syllabus. Status: First Draft"

Katrina Lane
5 years ago
Views:

1 Appendix A Syllabus NIST Cybersecurity Foundation Syllabus Status: First Draft Version Status Sign off Date / Names V1.0.0 First Draft Content Group Lead Author: Mark E.S. Bernard Copyright 2018 Secure Knowledge Management Inc. All rights reserved. 71

2 NIST Cybersecurity Foundation CONTENTS Scope and Purpose of this Document 3 NIST CyberSecurity Foundation Qualification Scheme 3 Foundation Qualification 3 Level of Difficulty 3 Qualification Objectives 3 Format of the Examination 4 Syllabus Areas NIST CyberSecurity Foundation 4 1. Introduction 4 2. Preliminary Cybersecurity Framework Identify Business Environment (BE) Risk Management Strategy (RM) Governance (GV) Risk Assessment (RA) Asset Management (AM) 5 3. Preliminary CyberSecurity Framework Project Data Security (PR.DS) Protective Technology (PR.PT) Information Protection Processes and Procedures (PR.IP) Access Control (PR.AC) Awareness and Training (PR.AT) Maintenance (PR.MA) 6 4. Preliminary CyberSecurity Framework Detect Anomalies and Events (AE) Security Continuous Monitoring (CM) Detection Processes (DP) 7 5. Preliminary CyberSecurity Framework Respond Response Planning (RP) Communications (CO) Analysis (AN) Mitigation (MI) Improvements (IM) 7 6. Preliminary CyberSecurity Framework Recover Recovery Planning (RP) Improvements (IM) Communications (CO) 8 References 8 Criteria of Training Competence 9 72 Copyright 2018 Secure Knowledge Management Inc. All rights reserved..

Course Book Syllabus SCOPE AND PURPOSE OF THIS DOCUMENT Synopsis The purpose of this document is to inform all parties interested in the NIST CyberSecurity Foundation course, of the areas covered in

3 Course Book Syllabus SCOPE AND PURPOSE OF THIS DOCUMENT Synopsis The purpose of this document is to inform all parties interested in the NIST CyberSecurity Foundation course, of the areas covered in the NIST CyberSecurity Foundation course. The target audience for this document is: (Potential) Examination candidates. (Aspiring) Instructors. Accredited Training Organizations. NIST CYBERSECURIITY FOUNDATION QUALIFICATION SCHEME FOUNDATION QUALIFICATION LEVEL OF DIFFICULTY Bloom Level 1 and 2: Knowledge and Comprehension Qualification objectives Define the business environment, strategize governance and risk management, identify assets and plan a risk assessment. Apply access control techniques. Apply data security techniques. Copyright 2018 Secure Knowledge Management Inc. All rights reserved. 73

4 NIST Cybersecurity Foundation Integrate information protection processes. Initiate sustainable maintenance practices. Tell about different protective technologies. Explain why we must actively monitor various types of CyberSecurity anomalies and events. Execute a response plan including analysis, mitigation, communications and continuous improvement. Design and execute a recovery plan. Explain how to develop communication plans. Explain the strategies of continuous improvement. Format of the examination Exam Format: Closed-book format. Paper based Questions: 40 multiple choice questions Passing Score: 65% Exam Duration: 60 minutes. An additional 15 minutes is available to non-native English speakers Proctoring: Live SYLLABUS AREAS NIST CYBERSECURIITY FOUNDATION 1. INTRODUCTION 1.1 Overview S Course Learning Objectives S Course Agenda S Case Study or Caselets S Module End Questions and Exam S Activities S Module End Questions and Exam S Course Book S Module Summary S Copyright 2018 Secure Knowledge Management Inc. All rights reserved..

5 Course Book Syllabus 2. PRELIMINARY CYBERSECURITY FRAMEWORK IDENTIFY 2.1 Business Environment (BE) Objectives of Business Environment (BE) S Risk Management Strategy (RM) Objectives of Risk Management Strategy (RM) S Governance (GV) Objectives of Governance (GV) S Risk Assessment (RA) Objectives of Risk Assessment (RA) S Asset Management (AM) Objectives of Asset Management (AM) S PRELIMINARY CYBERSECURITY FRAMEWORK PROTECT 3.1 Data Security (PR.DS) Objectives of Data Security (PR.DS) S 7 14 Copyright 2018 Secure Knowledge Management Inc. All rights reserved. 75

6 NIST Cybersecurity Foundation 3.2 Protective Technology (PR.PT) Objectives of Protective Technology (PR.PT) S Information Protection Processes and Procedures (PR.IP) Objectives of Information Protection Processes and Procedures (PR.IP) S ACCESS CONTROL (PR.AC) Objectives of Access Control (PR.AC) S AWARENESS AND TRAINING (PR.AT) Objectives of Awareness and Training (PR.AT) S MAINTENANCE (PR.MA) Objectives of Maintenance (PR.MA) S Copyright 2018 Secure Knowledge Management Inc. All rights reserved..

7 Course Book Syllabus 4. PRELIMINARY CYBERSECURITY FRAMEWORK DETECT 4.1 Anomalies and Events (AE) Objectives of Anomalies and Events (AE) S Security Continuous Monitoring (CM) Objectives of Security Continuous Monitoring (CM) S Detection Processes (DP) Objectives of Detection Processes (DP) S PRELIMINARY CYBERSECURITY FRAMEWORK RESPOND 5.1 Response Planning (RP) Objectives of Response Planning (RP) S Communications (Co) Objectives of Communications (CO) S Copyright 2018 Secure Knowledge Management Inc. All rights reserved. 77

8 NIST Cybersecurity Foundation 5.3 Analysis (An) Objectives of Analysis (AN) S Mitigation (MI) Objectives of Mitigation (MI) S Improvements (IM) Objectives of Improvements (IM) S PRELIMINARY CYBERSECURITY FRAMEWORK RECOVER 6.1 Recovery Planning (RP) Objectives of Recovery Planning (RP) S Improvements (IM) Objectives of Improvements (IM) S Communications (Co) Objectives of Communications (CO) S Copyright 2018 Secure Knowledge Management Inc. All rights reserved..

9 Course Book Syllabus REFERENCES NIST CyberSecurity Framework Presidential Policy Directive 21 (PPD-21): Critical Infrastructure Security and Resilience ISO Information Security Management System ITIL Service Management ISO 9001 Quality Management Systems RCMP HTRA Harmonized Threat Risk Assessment COSO Enterprise Risk Management Integrated Framework Carnegie Mellon CSIRT (Computer Security Incident Response Team) COBIT5 Control Objectives for Information and Related Technology ISO Risk Management Principles and Guidelines ISO Information Technology Service Management Concepts and Terminology ISO Governance Corporate Governance of Information Technology ISO Environmental Management Systems ISO Occupational Health and Safety ISO Requirements for a Food Safety Management System ISO Asset Management and Supply Chain ISO Supply Chain Security Management Standard Carnegie Mellon Defense-in-Depth: Foundations for Secure and Resilient IT Enterprises Carnegie Mellon Software Development Life Cycle BS Business Continuity CRITERIA OF TRAINING COMPETENCE Any provider/instructor delivering the course based on this syllabus must hold the following qualifications to be eligible to provide the course: Minimum 2 years experience as an instructor. Minimum 3 years experience as practitioner or consultant in the field of the subject. He or she must have successfully delivered training programs in the past (minimum 2 years). Copyright 2018 Secure Knowledge Management Inc. All rights reserved. 79

10 NIST Cybersecurity Foundation APPROVED DELIVERY STRUCTURES The course can be delivered in any format, as long as it is covering minimum of 14 hours of learning. Recommended delivery structures are: Classroom Virtual Classroom elearning Blended 80 Copyright 2018 Secure Knowledge Management Inc. All rights reserved..

* THIS DOCUMENT IS CLASSIFIED FOR PUBLIC ACCESS *

Introduction and Bio CyberSecurity Defined CyberSecurity Risks NIST CyberSecurity Framework References *** THIS DOCUMENT IS CLASSIFIED FOR PUBLIC ACCESS *** Chapter 3. Framework Implementation Relationship