Home TrainingCourse Descriptions

Course Descriptions

DIACAP Overview 1 Day

DIACAP In-Depth 3 Day

This course is designed for students who want to gain an improved understanding of the DIACAP. The course provides an overview of DIACAP requirements, documentation, and associated processes. This course provides an in-depth look into the DIACAP processes, and includes a series of hands-on exercises in developing the DIACAP Systems Identification Profile (SIP), DIACAP Implementation Plan (DIP), and Plan of Actions and Milestones (POA&M). The DIACAP training is introduced from a Department perspective, but can be tailored as required to include any Component/Service or system-specific nuances relative to the implementation of the DIACAP. Instruction modules include the DIACAP Activity Cycle, the Knowledge Service, DIACAP Governance Structure, roles and responsibilities, and much more. Visit www.diacaptraining.com for more information.

DIACAP Intensity 4 Day

This course is designed for students who want to gain an improved understanding of the DIACAP. The course provides an overview of DIACAP requirements, documentation, and associated processes. The 4-day intensity course provides an in-depth look into the DIACAP processes, and includes a series of hands-on exercises in developing the DIACAP Systems Identification Profile (SIP), DIACAP Implementation Plan (DIP), and Plan of Actions and Milestones (POA&M). The DIACAP training is introduced from a Department perspective, but can be tailored as required to include Component/Service and system-specific nuances relative to the implementation of the DIACAP. Instruction modules include the DIACAP Activity Cycle, the Knowledge Service, DIACAP Governance Structure, roles and responsibilities, and many more. The fourth day of the DIACAP Intensity course provides each student with an introduction to using the DoD approved automated scanning tools, including the DISA SRRs, Gold Disk, and other DoD automated tools. Visit www.diacaptraining.com for more information.

DIACAP 5 Day Validator

This course concentrates on methods used to validate DoD IA Controls as contained in DoDI 8500.2. Discussion areas include an overview of the DIACAP, the DoD-defined information system types and the associated security concerns, vulnerability scanning, DoD-approved automated scanning tools, and many more. The course provides an in-depth explanation of each control identified in DoDI 8500.2 to include the appropriate testing method, associated supporting evidence (known as artifacts), and how to more efficiently and effectively test and validate DoD systems and infrastructure. The curriculum will prepare the ACA or Validator to test against the DoD IA controls using manual and automated procedures in accordance with the standards set forth by the Department. Visit www.diacaptraining.com for more information.

FISMA/NIST In-Depth 3 Day

Lunarline's Federal Information Security Management Act (FISMA) training provides students with a fundamental knowledge of the requirements for meeting FISMA requirements, as well as an in-depth look of the Federal system authorization process and Risk Management Framework (RMF). This training equips the students with an in-depth indoctrination into the RMF and they will learn the requirements for managing risk, and ensuring that the confidentiality, availability and integrity of federal information and information systems is protected at a level commensurate with the security requirements of the information and the information system. Students will participate in a series of scenario-based hands-on exercises to enhance understanding of the processes used for system authorization, including all of the elements of the Risk Management Framework. These exercises will include the development of Systems Security Plans (SSPs), Security Assessment Reports (SARs), and Plans Of Action and Milestones (POA&Ms) for Federal Information Systems. This training is a CNSS approved course that deals with the new C&A transformation. Please note – this course has been aligned with NIST SP 800-37 Revision 1 and is the new process under the C&A transformation. The FISMA In-Depth Course covers the requirements and the use of FIPS 199, NIST SP 800-60, NIST SP 800-37 Revision 1, NIST SP 800-39, NIST SP 800-30, NIST SP 800-34, NIST SP 800-53 Revision 3, and NIST SP 80053A. Visit www.fismatraining.com for more information.

FISMA/NIST 5 Day Validator Training

This course provides an in-depth look at testing the controls using NIST SP 800-53A and ensuring the use of the Risk Management Framework (RMF) for Federal Security Systems.. The focus of the course is an in-depth explanation of each NIST SP 800-53 Revision 3 controls to include what method should be used to test and validate each security control in accordance with NIST SP 800-53A and NIST SP 800-115, what evidence should be gathered, and how to more efficiently and effectively test Federal systems and infrastructure. The curriculum will introduce the independent tester or Validator to test the process for any of the Federal IA controls using manual and automated tests to ensure all controls are tested properly. Visit www.fismatraining.com for more information.

The FISMA Validator Course will cover NIST SP 800-53A, NIST SP 800-115, NIST SP 800-37, NIST SP 800-39 and the development of the Security Assessment Report (SAR), and Plan Of Action and Milestones (POA&M). The student will have a hands-on experience using scenario-based hands-on exercises in executing the validation tests with the approved tools. These exercises will include the development of the Security Assessment Report (SAR). Visit www.fismatraining.com for more information.

CNSS/NIST In-Depth 3 Day

This course equips the student with an overview of the system authorization process (also known as C&A) and the Risk Management Framework (RMF) for National Security Systems (NSS). In addition to the classroom instruction, the student will also participate in several scenario-based hands-on exercises in the implementation of the RMF to provide a clear knowledge bridge to the revised system authorization processes for those currently working with C&A for National Security Systems or for those who have limited or no C&A experience. These exercises will include the development of Systems Security Plans (SSPs), Security Assessment Reports (SARs), and Plans Of Action and Milestones (POA&Ms) for a NSS. This course meets the requirements of National Security Directive 42 (NSD-42), which outlines the roles and responsibilities for securing NSSs. The CNSS In-Depth Course will address the Federal and Intelligence Community requirements, including NIST SP 800-37, NIST SP 800-39, CNSS 1199 (DRAFT), and CNSS 1253 (DRAFT). Visit www.cnsstraining.com

CNSS/NIST Validator 5 Day

This course provides an in-depth look at testing the controls using NIST SP 800-53A, CNSS 1253A, and ensuring the use of the Risk Management Framework (RMF) for National Security Systems. The focus of the course is an in-depth explanation of each NIST SP 800-53 Revision 3 controls and includes unclassified policies and procedures related to NSS to include what method should be used to test and validate each security control in accordance with NIST SP 800-53A and NIST SP 800-115, what evidence should be gathered, and how to more efficiently and effectively test Federal systems and infrastructure. The curriculum will introduce the independent tester or Validator to test the process for any of the NSS IA controls using manual and automated tests to ensure all controls are tested properly. Visit www.cnsstraining.com

The CNSS/NIST Validator Course will cover NIST SP 800-53A, NIST SP 800-53 Revision 3, NIST SP 800-115, NIST SP 800-37, NIST SP 800-39 and the development of the Security Assessment Report (SAR), and Plan Of Action and Milestones (POA&M). The student will have a hands-on experience using scenario-based hands-on exercises in executing the validation tests with the approved tools. These exercises will include the development of the Security Assessment Report (SAR). Visit www.cnsstraining.com

Recovery Planning 5 Day Practitioner Course

This course is designed to provide an operational basis for all facets of recovery planning through information delivery and practical exercises. As a result of this course, students will be able to conduct risk analysis, business impact analysis, recovery strategy analysis and develop viable emergency response plans and recovery plans through the information obtained as a result of these assessments. Impart an ability to conduct Business Impact Analysis so that executive management will have a prioritized list of all functions performed, a determination of when the loss of a given function becomes unacceptable to the organization, and the resources necessary to enable the recovery of each function.

Provide students with insights into conducting Recovery Strategy Analysis, understanding the different strategies that are currently available and their applicability based on their strengths and weaknesses. This course will expose the students to emergency response techniques from the development of checklists to crafting concise communications releases. Upon completion of the study of recovery planning foundations, this course will give the students a thorough knowledge of how to develop viable, easy-to-use recovery plans that address all hazards and all contingencies. Finally, this course is designed to provide the elements of an ongoing viable recovery capability through training and exercising programs that meet the needs of all audiences for all organizations.This course includes the following takeaway items: A printed training manual, a CD with a comprehensive set of National Institute of Standards and Technology (NIST) - approved templates, as well as copies of the guidelines, instructions, standards, and presentations discussed during the training. Visit http://www.diacaptraining.com/ for more information.

Cybersecurity Fundamentals 4 Day

This hands-on 4-day course provides participants with a high-level overview of various aspects of Cybersecurity in the context of a modern and Internet-connected environment. Through lecture, hands-on exercises, and group discussion, you will gain a foundational perspective on the challenges of designing a cybersecurity program, implementing secure systems, and other factors needed for a comprehensive cybersecurity solution. Upon completion of this course, each participant will be able to define cybersecurity terminology, compliance requirements, review sample attacks, and gain an understanding of the impact of current threat trends on cybersecurity implementation. This course is one of the core courses of Lunarline's Certificate Program in Cybersecurity. Visit http://www.diacaptraining.com/ for more information.

Cyber Tools and Analysis Hands-on Workshop 4 Day

Do you want to better understand how to use cyber tools in securing networks? Would you like to be better prepared to answer fairly technical security questions about Microsoft Active Directory, Unix, Linux, databases, firewall, intrusion detection systems and major network services like the Domain Name Service? Would you like a combination of professional instruction and well structured hands-on experiences securing these operating systems, applications and infrastructure?

This course concentrates on cyber security tools, operating systems, applications, network architectures and best practices in government and industry network security. The course uses a fifty percent hands-on approach (25 lab experiences) to focus not only on tool deployment and operation system configuration, but cyber security network defense and analysis techniques. Students will configure multiple operating systems, practice network defense techniques, and understand attack prevention methods in a state of the art security lab. No experience is required; however an understanding of technical security controls or some previous experience with system administration will enhance learning.

Every student participating in the Cyber Tools and Analysis Hands-On Workshop will receive a certificate for successful participation in this course, which will allow you to claim 32 hours of Continuous Professional Experience for your existing certifications. Our Continuing Education Credits are accepted by ISC2, CompTIA and ISACA.

Software Assurance (SwA) Best Practices 3 Day

This 3-day course provides participants with a high-level overview of various aspects of Software Assurance in the context of a modern and Internet-connected environment. Through lecture, hands-on exercises, and group discussion, you will gain a foundational perspective on the challenges of security software design and procurement, program, implementing secure software, and other factors needed for a comprehensive software assurance solution. Upon completion of this course, each participant will be able to define software assurance terminology, compliance requirements, review software assurance principles, and gain an understanding of the impact of current threat trends on security software implementation. This course is one of the core courses of Lunarline's Certificate Program in Cybersecurity.

Secure assurance refers to the ability to ensure security personnel, software implementers, purchasers, and users that they can have a level of confidence that software will consistently operate in accordance with its intended goals. It includes software security, which is the process by which the software can operate effectively and security even when it comes under attack. Ideally, assured software will not contain faults or weaknesses that can be exploited either by human attackers or by the insertion (intentional or unintentional) of malicious or poor code. Visit http://www.diacaptraining.com/ for more information.

Introduction to the SAP/SCI C&A Transition Course 3 Day

Lunarline's SAP/SCI C&A Transition training provides students with a fundamental knowledge of the requirements for transitioning from the DIACAP/JAFAN/DCID C&A process to the NIST/CNSS requirements, as well as an in-depth look at the Risk Management Framework (RMF). This training equips the students with an in-depth indoctrination into the RMF and will provide them the requirements for managing risk, and ensuring that the confidentiality, availability and integrity of federal information and information systems is protected at a level commensurate with the security requirements of the information and the information system. Students will participate in a scenario-based hands-on exercise throughout the course to enhance understanding of the processes used for system authorization, including all of the elements of the Risk Management Framework.

The SAP/SCI C&A Transition Course crosswalks the current requirements of the DIACAP, JAFAN 6/3, and DCID 6/3 processes to the use of FIPS 199, NIST SP 800-60, NIST SP 800-37 Revision 1, NIST SP 800-39, NIST SP 800-30, NIST SP 800-34, NIST SP 800-53 Revision 3, NIST SP 80053A, and CNSS 1253. All of our instructors have hands-on, real world experience – ensuring that you get more than just classroom instruction, but also receive the benefits of actual expertise in executing these processes. Visit http://www.diacaptraining.com/ for more information.

CompTIA Security+ Certification 5 Day

Lunarline, a CompTIA Authorized Partner, offers an intense 5 Day Security+ course consisting of nine lessons addressing each of the six Security+ domains in depth. All Lunarline training materials and books are CompTIA approved and have the most up to date information required to successfully understand the various security domains. Students receive a CompTIA Security+ Deluxe Study Guide (which includes a CD), as well as CompTIA-approved course material that is composed of independent study assignments designed to help students prepare to successfully complete the Security+ exam.

The course was designed for students who are familiar with basic computer functionality, networking concepts and text-based interfaces and is taught exclusively by CTT+ and Security+ Certified Instructors with extensive real hands- on information security experience. Visit http://www.diacaptraining.com/ for more information.