COURSE OUTLINE-(5 DAY COURSE)

 

Chapter 1: Introduction
• RMF overview
• DoD- and IC- Specific Guidelines
• Key concepts including assurance, assessment, authorization
• Security controls

 

Chapter 2: Cybersecurity Policy Regulations & Framework
• Security laws, policy, and regulations
• DIACAP to RMF
• System Development Life Cycle (SLDC)
• Documents for cyber security guidance

 

Chapter 3: RMF Roles and Responsibilities
• Tasks and responsibilities for RMF roles

Chapter 4: Risk Analysis Process
• Overview of risk management
• Four-step risk management process
• Tasks breakdown
• Risk assessment reporting and options

 

Chapter 5: Step 1: Categorize
• Step key references and overview
• Sample SSP
• Task 1-1: Security Categorization
• Task 1-2: Information System Description
• Task 1-3: Information System Registration
• Lab: The Security Awareness Agency

 

Chapter 6: Step 2: Select
• Step key references and overview
• Task 2-1: Common Control Identification
• Task 2-2: Select Security Controls
• Task 2-3: Monitoring Strategy
• Task 2-4: Security Plan Approval
• Lab: Select Security Controls

 

Chapter 7: Step 3: Implement
• Step key references and overview
• Task 3-1: Security Control Implementation
• Task 3.2: Security Control Documentation
• Lab: Security Control Implementation

 

Chapter 8: Step 4: Assess
• Step key references and overview
• Task 4-1: Assessment Preparation
• Task 4-2: Security Control Assessment
• Task 4-3: Security Assessment Report
• Task 4-4: Remediation Actions
• Task 4-5: Final Assessment Report
• Lab: Assessment Preparation

 

Chapter 9: Step 5: Authorize
• Step key references and overview
• Task 5-1: Plan of Action and Milestones
• Task 5-2: Security Authorization Package
• Task 5-3: Risk Determination
• Task 5-4: Risk Acceptance
• DoD Considerations
• Lab Step 5: Authorize Information Systems

 

Chapter 10: Step 6: Monitor
• Step key references and overview
Task 6-1: Information System & Environment Changes
• Task 6-2: Ongoing Security Control Assessments
• Task 6-3: Ongoing Remediation Actions
• Task 6-4: Key Updates
• Task 6-5: Security Status Reporting
• Task 6-6: Ongoing Risk Determination & Acceptance
• Task 6-7: Information System Removal & Decommissioning
• Continuous Monitoring
• Security Automation Domains
• Lab: Info System & Environment Changes

 

 

Chapter 11: DoD/IC RMF Implementation
• eMASS
• RMF Knowledge Service
• DoD/IC Specific Documentation
• RMF within DoD and IC process review

 

Appendix A: Supplement Reference
Appendix B: Acronym Reference
Appendix C: RMF Process Checklists by Step
Appendix D: Answer Keys
Answers to Review Questions
Lab Exercise Answers

RISK MANAGEMENT FRAMEWORK (RMF) V2.0 FOR DOD/IC

$2,499.00Price
  • Student will receive a refund of paid registration fees only if G-MAN CYBER SECURITY Training Center receives a notice of cancellation at least 15 business days prior to the class start date for classes or the exam date for exams. After 15 days company credits for future training will be issues.