Home Company Information Consulting Course Catalog Contact Us Request a Quote Government Corporate
 

FEDERAL C&A

 
   
Course Name: Federal C&A In Depth Training
   
Deployment Options: Onsite - Instructor-Led Training
   
Course Duration: 3-4 days depending on audience background and options
   
Related Courses
 
Introduction:
 
Federal Certification and Accreditation (C&A) In Depth. This course provides detailed information on the NIST-FISMA C&A process, the C&A documentation package, and NIST 800-53 security controls..
 
Audience:
 
System owners, administrators, developers, integrators, and Information Assurance staff who eed a detailed working knowledge of the NIST-FISMA process, and the NIST baseline security controls..
 
Prerequisites:
 
Completion of Federal C&A Essentials ourse
 
Customize it:
 
This 3-4-day Federal Certification and Accreditation (C&A) Indepth course will be customized to your needs and specifications. Eno.com will assist you in identifying those needs and specifications. A word to the wise, there are many vendors of IT security training. They will typically have a broad and general course, one size fits all, already developed and just put your organization?s name on the title slide. This minimizes their effort and time investment. At Eno.com, every course is made to your exact and exacting specifications. We help you ensure what you are getting is what you really need even if at the beginning you weren?t too sure of what that was. We fit the class to your needs. We never fit you into our ?standard?, one size fits all, class. Please call or e-mail to schedule a no-obligation conference call to help us understand your audience background and training objectives.
 
Objectives:
 
 
Course Outline
 

Topics covered in this course include:

Day 1 - Morning

  • Introduction and Logistics
  • Course Scope
  • Exercise - "Build A System"
  • Quick review of IA concepts
  • C&A Concepts and History
  • Key policies: OMB A-130, FISMA
  • Federal Information Processing Standards (FIPS)
  • NIST Special Publications

Day 1 - Afternoon

  • NIST C&A Process Overview
  • Roles and Responsibilities
  • C&A Prerequisites
  • Accreditation Boundary
  • System Categorization
  • Security Controls Selection (incl. Common Controls)
  • System Security Plan
  • Initial Risk Assessment
  • Initiation Phase Activities
  • Certification Phase Activities
  • Accreditation Phase Activities
  • Continuous Monitoring Phase Activities

Day 2 – Morning

  • C&A Documentation Package
  • System Security Plan (SSP)
  • Risk Assessment Report
  • Security Assessment (ST&E) Report
  • Plan of Action and Milestones (POA&M) and FISMA reporting
  • Transmittal and Decision Letters
  • Other Documents
  • Supporting Documentation

Day 2 – Afternoon

  • Introduction to Security Controls
  • Security Controls (NIST SP 800-53)

Day 3 – Morning

  • Assessment Methods (NIST SP 800-53a)
  • Security Testing Tools
  • Exercise – Security Control Implementation & Validation
  • Exercise – Security Testing Tools
  • Resources – CSRC website and others
  • "Automated C&A” Tools

Day 3 – Afternoon

  • Exercise – C&A Application
  • Course Summary
  • Exercise – C&A “Jeopardy”
  • Course Evaluation / Q&A
 
Other Expertise:
 
 

For organizational purchases, please send us a message at salesinfo@eno.com or complete and submit this form .