Registrations are closed
Registration has ended. Please check http://us-cert.cisa.gov/ics/calendar for additional courses.
401V ICS Analysis and Evaluation
The 401V course provides training on analyzing and evaluating an Industrial Control Systems (ICS) network.
Date and time
Location
About this event
This course provides training on analyzing and evaluating an Industrial Control Systems (ICS) network to determine its defense status and what changes need to be made.
The purpose of the course is to provide hands-on training analyzing, evaluating, and documenting the cybersecurity posture of an ICS system for internal and/or external recommended changes. Specifically, this course will utilize a repeatable process within a simulated ICS environment to analyze cybersecurity weaknesses and threats, evaluate and map findings, and document potential mitigations. Trainees will leave with a template that can be used for evaluations at their workplace.
The online course consists of pre-recorded videos and hands-on activities compiled into sessions by our instructional staff:
• Section 1: ICS components (ICS evaluation components)
• Section 2: Network mapping and evaluation (network architecture evaluation)
• Section 3: Evaluate ICS security posture
• Section 4: ICS mapping of controls (CBOK / evaluation template example, reporting and planning examples)
• Final Evaluation
Plan on dedicating around 15-20 hours over the two week period to complete the course. Hands-on activities may be additional time. Participants can go through the sessions at their own pace during the week, but the sessions must be completed in order. In other words, each session must be completed before the next session will be available for viewing. All videos must be completed by the closing date.
Participants will have the opportunity to participate in a hotwash at the end of the course.
A certificate of completion and CEUs will be offered to those who complete all sessions of the course within the week.
Completion of the 301 or 301V course is a prerequisite. Please see https://us-cert.cisa.gov/ics/Calendar to sign up for the 301V.
Who Should attend:
Individuals who are responsible for evaluating or influencing the cyber security posture of critical infrastructure. This could include any of a number of specific roles and responsibilities such as cyber security management, risk management personnel, IT and control system (OT) security personnel, network engineers, OT engineers and managers. This class is geared towards smaller companies with no OT risk management personnel but personnel from large business are welcome also.