Actions Panel
Registrations are closed
Registration has ended. Please check http://us-cert.cisa.gov/ics/calendar for additional courses.
401V ICS Analysis and Evaluation - February 22, 2021
The 401V course provides training on analyzing and evaluating an Industrial Control Systems (ICS) network.
Date and time
Location
About this event
This course provides training on analyzing and evaluating an Industrial Control Systems (ICS) network to determine its defense status and what changes need to be made.
The purpose of the course is to provide hands-on training analyzing, evaluating, and documenting the cybersecurity posture of an ICS system for internal and/or external recommended changes. Specifically, this course will utilize a repeatable process within a simulated ICS environment to analyze cybersecurity weaknesses and threats, evaluate and map findings, and document potential mitigations. Trainees will leave with a template that can be used for evaluations at their workplace.
The online course consists of pre-recorded videos and hands-on activities compiled into sessions by our instructional staff:
- Section 1: ICS components (ICS evaluation components)
- Section 2: Network mapping and evaluation (network architecture evaluation)
- Section 3: Evaluate ICS security posture
- Section 4: ICS mapping of controls (CBOK / evaluation template example, reporting and planning examples)
- Optional: Final Evaluation
- Optional: CSET
Plan on dedicating around 15-20 hours over the two week period to complete the course. Hands-on activities may be additional time. Participants can go through the sessions at their own pace during the week, but the sessions must be completed in order. In other words, each session must be completed before the next session will be available for viewing. Hands-on activities using NetLab can be completed at anytime. All videos and hands-on activities must be completed by the closing date.
Participants will have the opportunity to participate in a hotwash/Q&A at the end of the course.
A certificate of completion and CEUs will be offered to those who complete all sessions of the course within the week.
Who Should attend:
Individuals who are responsible for evaluating or influencing the cyber security posture of critical infrastructure. This could include any of a number of specific roles and responsibilities such as cyber security management, risk management personnel, IT and control system (OT) security personnel, network engineers, OT engineers and managers. This class is geared towards smaller companies with no OT risk management personnel but personnel from large business are welcome also.
Completion of 301/301V is NOT a prerequisite for this course.