|
|
|
|
 |
|
|
Description
This course concentrates on how to validate DoD IA Controls. It includes an overview of the DIACAP process, various system types, application scanning, security readiness reviews and vulnerability scanning. The course provides an in-depth explanation of each control identified in DoD 8500.2 to include what method should be used to test, what evidence should be gathered, and how to more efficiently and effectively test DoD systems and infrastructure. The curriculum will prepare the ACA or Validator to test any of the DoD IA controls using manual and automated tests to ensure all controls are tested properly.
Topics Covered:
Day 1:
C&A Overview and DoD IA Policy
DoD’s Current IA Policy Framework
An Overview of the DIACAP
DIACAP Activity Cycle
Day 2:
DIACAP and the Army’s Processes
Security Design and Configuration
Identification and Authentication
Day 3:
Enclave and Computing Environment
Enclave Boundary Defense
Day 4:
Physical and Environmental
Personnel
Continuity
Vulnerability and Incident Management
Day 5:
UNIX SRR
Gold Disk
Validator Scenario
Laws, Directives, Instructions, Standards, and Publications Covered:
DoD Directive 8500.1, Information Assurance
DoD Instruction 8500.2, Information Assurance Implementation
DoD Instruction 8510.01, DoD Information Assurance Certification and Accreditation Process (DIACAP)
DoD 5200.2-R, DoD Personnel Security Program
DoD Security Technical Implementation Guides (STIGs)
NSTISSP No. 11, National Information Assurance Protection (NIAP)
DoD 8570.01M, DoD Information Assurance Workforce Improvement Program
Federal Information Processing Standard (FIPS) 200
FIPS 140-2
DISA Security Readiness Review Scripts (SRR)
NIST SP 800-53A Guide for Assessing the Security Controls in Federal Information Systems
Federal Information Security Management Act (FISMA)
Office of Management and Budget (OMB) A-130
OMB 04-04 E-Authentication Guidance for Federal Agencies
System Identification Profile (SIP)
DIACAP Implementation Plan (DIP)
DIACAP Scorecard
Plan of Actions and Milestones (POA&M)
|
|
|
|
