Transcription
Contact rgsoc@msisac.org518.266.3460In an effort to assist State, Local, Tribal & Territorial (SLTT)governments in advancing their cybersecurity practices,the Multi-State Information Sharing & Analysis Center(MS‑ISAC) has mapped the following services and resourcesto the NIST Cybersecurity Framework (NIST CSF): MS‑ISACServices, CIS Services, FedVTE Training, SANS Policy Templates,and additional open source documents. Some servicesand resources are free to MS-ISAC members (MS‑ISACmembership is always free to all SLTTs) and others areaffordable for-fee services for SLTTs available through CISServices and CIS CyberMarket.MS‑ISAC is offering this guide to the SLTT community, as aresource to assist with the application and advancementof establishing best practices, implementing cybersecuritypolicies, and increasing overall cybersecurity maturity.
Functions KeyIdentify FunctionThe activities under this functional area are key for an organization’s understanding of their current internal culture, infrastructure,and risk tolerance. This functional area tends to be one of the lowest-rated functions for many organizations. Immature capabilitiesin the Identify Function may hinder an organization’s ability to effectively apply risk management principles for cybersecurity. Byincorporating sound risk management principles into cybersecurity programs, organizations will be able to continuously align theirefforts towards protecting their most valuable assets against the most relevant risks.Protect FunctionThe activities under the Protect Function pertain to different methods and activities that reduce the likelihood of cybersecurityevents from happening and ensure that the appropriate controls are in place to deliver critical services. These controls are focusedon preventing cybersecurity events from occurring through common attack vectors, including attacks targeting users and attacksleveraging inherent weakness in applications and network communication.Detect FunctionThe quicker an organization is able to detect a cybersecurity incident, the better positioned it is to be able to remediate the problemand reduce the consequences of the event. Activities found within the Detect Function pertain to an organization’s ability to identifyincidents. These controls are becoming more important as the quantity of logs and events occurring within an environment canbe overwhelming to handle and can make it difficult to identify the key concerns. This function continues to represent the largestmaturity gap between state and local governments.Respond FunctionAn organization’s ability to quickly and appropriately respond to an incident plays a large role in reducing the incident’s consequences.As such, the activities within the Respond Function examine how an organization plans, analyzes, communicates, mitigates, andimproves its response capabilities. For many organizations, integration and cooperation with other entities is key. Many organizationsdo not have the internal resources to handle all components of incident response. One example is the ability to conduct forensicsafter an incident, which helps organizations identify and remediate the original attack vector. This gap can be addressed throughresource sharing within the SLTT community and leveraging organizations such as MS-ISAC and DHS’s National Cybersecurity andCommunications Integration Center (NCCIC), which have dedicated resources to provide incident response at no cost to the victim.Recover FunctionActivities within the Recover Function pertain to an organization’s ability to return to its baseline after an incident has occurred. Suchcontrols are focused not only on activities to recover from the incident, but also on many of the components dedicated to managingresponse plans throughout their lifecycle.Resource Guide www.cisecurity.org/ms-isacPage 2 of 2
CATEGORYSUBCATEGORYMS-ISACSERVICE(NO COST)CIS SERVICE(NO COST)CIS OR MS‑ISACSERVICE(FEE-BASED)OPEN SOURCEFEDVTEPOLICY TEMPLATEFunction: IdentifyID.AM-1Physical devices and systemswithin the organization areinventoried Nmap OpenVAS SnipeIT Cyber Risk Management for Managers;CMaaS Overview;CMaaS Technical Overview Course;CMaaS Transition Classroom Sessions;ISACA Certified Information Security Manager (CISM) Prep;(ISC)2 (TM) CAP Certification Prep Self Study 2014;(ISC)2 (TM) CISSP (R) Certification Prep 2018;(ISC)2(TM) Systems Security Certified Practitioner; Acceptable Use of Information TechnologyResource Policy Access Control Policy Account Management/Access Control Standard Identification and Authentication Policy Information Security Policy Security Assessment and Authorization Policy Security Awareness and Training PolicyID.AM-2Software platforms andapplications within theorganization are inventoried SnipeIT Cyber Risk Management for Managers;CMaaS Overview;CMaaS Technical Overview Course;CMaaS Transition Classroom Sessions;D B Evaluations using AppDetectivePro & dbProtect;Dynamic Testing using HPE WebInspect;Static Code Analysis using HPE Fortify;Static Code Analysis using Synopsis Coverity;ISACA Certified Information Security Manager (CISM) Prep;(ISC)2 (TM) CAP Certification Prep Self Study 2014;CDM Module 3: Software Asset Management;(ISC)2 (TM) CISSP (R) Certification Prep 2018;(ISC)2(TM) Systems Security Certified Practitioner; Acceptable Use of Information TechnologyResource Policy Access Control Policy Account Management/Access Control Standard Identification and Authentication Policy Information Security Policy Security Assessment and Authorization Policy Security Awareness and Training PolicyID.AM-3Organizational communication anddata flows are mapped Draw.io Cyber Risk Management for Managers;CompTIA Advanced Security Practitioner;Cisco CCENT Self-Study Prep;(ISC)2 (TM) CISSP (R) Certification Prep 2018;(ISC)2 (TM) CISSP Concentration: ISSEP Prep;ID.AM-4External information systems arecatalogued Cyber Risk Management for Managers; ISACA Certified Information Security Manager (CISM) Prep; (ISC)2(TM) Systems Security Certified Practitioner; System and Communications Protection PolicyID.AM-5Resources (e.g., hardware, devices,data, and software) are prioritizedbased on their classification,criticality, and business value Cyber Risk Management for Managers;ISACA Certified Information Security Manager (CISM) Prep;(ISC)2 (TM) CAP Certification Prep Self Study 2014;CDM Module 2: Hardware Asset;CDM Module 3: Software Asset Management;(ISC)2 (TM) CISSP (R) Certification Prep 2018;(ISC)2 (TM) CISSP Concentration: ISSEP Prep; SANS: Acquisition Assessment Information Classification Standard Information Security PolicyID.AM-6Cybersecurity roles andresponsibilities for the entireworkforce and third-partystakeholders (e.g., suppliers,customers, partners) areestablished The Election Official as IT Manager;ISACA Certified Information Security Manager (CISM) Prep;(ISC)2 (TM) CAP Certification Prep Self Study 2014;Cybersecurity Overview for Managers;(ISC)2 (TM) CISSP (R) Certification Prep 2018;(ISC)2 (TM) CISSP Concentration: ISSEP Prep;(ISC)2 (TM) CISSP: ISSMP Prep 2018; Acceptable Use of Information TechnologyResource Policy Information Security Policy Security Awareness and Training PolicyID.BE-1The organization’s role in thesupply chain is identified andcommunicated ISACA Certified Information Security Manager (CISM) Prep;Resource Guide www.cisecurity.org/ms-isacPage 3 of 8
CATEGORYSUBCATEGORYMS-ISACSERVICE(NO COST)CIS SERVICE(NO COST)CIS OR MS‑ISACSERVICE(FEE-BASED)OPEN SOURCEFEDVTEID.BE-2The organization’s place incritical infrastructure and itsindustry sector is identified andcommunicated 101–Critical Infrastructure Protection;ID.BE-3Priorities for organizationalmission, objectives, and activitiesare established and communicated Cyber Risk Management for Managers;ISACA Certified Information Security Manager (CISM) Prep;101–Critical Infrastructure Protection;Cybersecurity Overview for Managers;(ISC)2 (TM) CISSP (R) Certification Prep 2018;(ISC)2 (TM) CISSP Concentration: ISSEP Prep;(ISC)2 (TM) CISSP: ISSMP Prep 2018;ID.BE-4Dependencies and critical functionsfor delivery of critical services areestablished Cyber Risk Management for Managers;ISACA Certified Information Security Manager (CISM) Prep;(ISC)2 (TM) CAP Certification Prep Self Study 2014;101–Critical Infrastructure Protection;CompTIA Security ;(ISC)2 (TM) CISSP Concentration: ISSEP Prep;ID.BE-5Resilience requirements to supportdelivery of critical services areestablished 101–Critical Infrastructure Protection; CompTIA Security ; (ISC)2 (TM) CISSP Concentration: ISSEP Prep;ID.GV-1Organizational informationsecurity policy is established ISACA Certified Information Security Manager (CISM) Prep;(ISC)2 (TM) CAP Certification Prep Self Study 2014;Cybersecurity Overview for Managers;Emerging Cybersecurity Threats;(ISC)2 (TM) CISSP (R) Certification Prep 2018;(ISC)2 (TM) CISSP Concentration: ISSEP Prep;(ISC)2 (TM) CISSP: ISSMP Prep 2018;ID.GV-2Information security roles &responsibilities are coordinatedand aligned with internal roles andexternal partners Eramba GRC Cyber Risk Management for Managers;ISACA Certified Information Security Manager (CISM) Prep;(ISC)2 (TM) CAP Certification Prep Self Study 2014;101–Critical Infrastructure Protection;Cybersecurity Overview for Managers;(ISC)2 (TM) CISSP (R) Certification Prep 2018;(ISC)2 (TM) CISSP Concentration: ISSEP Prep;(ISC)2 (TM) CISSP: ISSMP Prep 2018;ID.GV-3Legal and regulatory requirementsregarding cybersecurity, includingprivacy and civil libertiesobligations, are understood andmanaged Eramba GRC EC-Council Certified Ethical Hacker (CEHv9) Self-Study Prep;ISACA Certified Information Security Manager (CISM) Prep;(ISC)2 (TM) CAP Certification Prep Self Study 2014;Cybersecurity Overview for Managers;Emerging Cybersecurity Threats;101 Reverse Engineering;(ISC)2 (TM) CISSP Concentration: ISSEP Prep;(ISC)2 (TM) CISSP: ISSMP Prep 2018;Resource Guide www.cisecurity.org/ms-isacPOLICY TEMPLATEPage 4 of 8
CATEGORYSUBCATEGORYID.GV-4Governace and risk managementprocesses address cybersecurityrisksID.RA-1Asset vulnerabilities are identifiedand documentedID.RA-2Threat and vulnerabilityinformation is received frominformation sharing forums andsourcesMS-ISACSERVICE(NO COST)CIS SERVICE(NO COST) CIS-CAT Pro MS-ISACResource Guide www.cisecurity.org/ms-isacCIS OR MS‑ISACSERVICE(FEE-BASED) NetworkPenetrationTestOPEN SOURCEFEDVTE Eramba GRC Cyber Risk Management for Technicians;Cyber Risk Management for Managers;ISACA Certified Information Security Manager (CISM) Prep;(ISC)2 (TM) CAP Certification Prep Self Study 2014;Cybersecurity Overview for Managers;CompTIA Advanced Security Practitioner;(ISC)2 (TM) CISSP (R) Certification Prep 2018;(ISC)2 (TM) CISSP Concentration: ISSEP Prep;(ISC)2 (TM) CISSP: ISSMP Prep 2018;(ISC)2 (TM) Systems Security Certified Practitioner; Nmap OpenVAS Cyber Risk Management for Technicians;Cyber Risk Management for Managers;EC-Council Certified Ethical Hacker (CEHv9) Self-Study Prep;CMaaS Overview;CMaaS Technical Overview Course;CMaaS Transition Classroom Sessions;DB Evaluations using AppDetectivePro & dbProtect;Dynamic Testing using HPE WebInspect;Introduction to Threat Hunting Teams;Static Code Analysis using HPE Fortify;Static Code Analysis using Synopsis Coverity;ISACA Certified Information Security Manager (CISM) Prep;(ISC)2 (TM) CAP Certification Prep Self Study 2014;CDM Module 5: Vulnerability Management;CompTIA Advanced Security Practitioner;CompTIA Cybersecurity Analyst (CySA ) Prep;Radio Frequency Identification (RFID) Security;(ISC)2 (TM) CISSP (R) Certification Prep 2018;(ISC)2 (TM) CISSP: ISSMP Prep 2018; Nmap OpenVAS Foundations of Incident Management;Introduction to Threat Hunting Teams;101–Critical Infrastructure Protection;CompTIA Cybersecurity Analyst (CySA ) Prep;CDM Module 5: Vulnerability Management;(ISC)2 (TM) CISSP (R) Certification Prep 2018;(ISC)2 (TM) CISSP: ISSMP Prep 2018;POLICY TEMPLATEPage 5 of 8
CATEGORYSUBCATEGORYMS-ISACSERVICE(NO COST)ID.RA-3Threats, both internal and external, MS-ISACare identified and documentedID.RA-4Potential business impacts andlikelihoods are identified MS-ISACCIS SERVICE(NO COST) CIS-RAMCIS OR MS‑ISACSERVICE(FEE-BASED)OPEN SOURCEFEDVTE NetworkPenetrationTest NetworkPenetrationTest Cyber Risk Management for Technicians;Cyber Risk Management for Managers;EC-Council Certified Ethical Hacker; (CEHv9) Self-Study Prep;CMaaS Overview;CMaaS Technical Overview Course;CMaaS Transition Classroom Sessions;Foundations of Incident Management;Introduction to Threat Hunting Teams;ISACA Certified Information Security Manager (CISM) Prep;(ISC)2 (TM) CAP Certification Prep Self Study 2014;CompTIA Cybersecurity Analyst (CySA ) Prep;Cisco CCENT Self-Study Prep;Cisco CCNA Security Self-Study Prep;Cyber Awareness Challenge 2019; Cybersecurity Overview forManagers; Emerging Cybersecurity Threats; (ISC)2 (TM) CISSP (R) Certification Prep 2018; (ISC)2 (TM) CISSP: ISSMP Prep 2018; The Election Official as IT Manager;Cyber Risk Management for Managers;ISACA Certified Information Security Manager (CISM) Prep;(ISC)2 (TM) CAP Certification Prep Self Study 2014;101–Critical Infrastructure Protection; CompTIA Advanced SecurityPractitioner;Cloud Computing Security;CompTIA Security ;Cybersecurity Overview for Managers; (ISC)2 (TM) CISSP (R)Certification Prep 2018;(ISC)2 (TM) CISSP: ISSMP Prep 2018;ID.RA-5Threats, vulnerabilities, likelihoods, MS-ISACand impacts are used to determinerisk CIS-CAT Pro Network CISPenetrationBenchmarksTest ID.RA-6Risk responses are identified andprioritized CIS-RAM The Election Official as IT Manager; Cyber Risk Management forManagers; ISACA Certified Information Security Manager (CISM)Prep; (ISC)2 (TM) CAP Certification Prep Self Study 2014; CompTIA Advanced Security Practitioner; CompTIA Cybersecurity Analyst (CySA ) Prep; (ISC)2 (TM) CISSP (R) Certification Prep 2018; (ISC)2 (TM) CISSP: ISSMP Prep 2018;Resource Guide www.cisecurity.org/ms-isacPOLICY TEMPLATEThe Election Official as IT Manager;Cyber Risk Management for Managers;ISACA Certified Information Security Manager (CISM) Prep;(ISC)2 (TM) CAP Certification Prep Self Study 2014;Cloud Computing Security;CompTIA Security ;Cybersecurity Overview for Managers; Emerging CybersecurityThreats; 101–Critical Infrastructure Protection; CompTIA Advanced SecurityPractitioner; CompTIA Cybersecurity Analyst (CySA ) Prep; (ISC)2 (TM) CISSP (R) Certification Prep 2018;Page 6 of 8
CATEGORYSUBCATEGORYMS-ISACSERVICE(NO COST)CIS SERVICE(NO COST)CIS OR MS‑ISACSERVICE(FEE-BASED)OPEN SOURCEFEDVTEPOLICY TEMPLATEID.RM-1Risk management processes areestablished, managed, and agreedto by organizational stakeholders The Election Official as IT Manager; Cyber Risk Management for Information Security PolicyManagers; ISACA Certified Information Security Manager (CISM) Information Security Risk Management StandardPrep; Risk Assessment Policy (ISC)2 (TM) CAP Certification Prep Self Study 2014; Cybersecurity Overview for Managers; CompTIA Advanced SecurityPractitioner; (ISC)2 (TM) CISSP (R) Certification Prep 2018; (ISC)2 (TM) CISSP Concentration: ISSEP Prep; (ISC)2 (TM) CISSP: ISSMP Prep 2018;ID.RM-2Organizational risk tolerance isdetermined and clearly expressed The Election Official as IT Manager; Cyber Risk Management forManagers; ISACA Certified Information Security Manager (CISM)Prep; (ISC)2 (TM) CAP Certification Prep Self Study 2014; Cybersecurity Overview for Managers; CompTIA Advanced SecurityPractitioner; (ISC)2 (TM) CISSP (R) Certification Prep 2018; (ISC)2 (TM) CISSP Concentration: ISSEP Prep; (ISC)2 (TM) CISSP: ISSMP Prep 2018;ID.RM-3The organization's determinationof risk tolderance is informed byits role in critical infrastructure andsector specific risk analysis The Election Official as IT Manager; Cyber Risk Management forManagers; ISACA Certified Information Security Manager (CISM)Prep; 101–Critical Infrastructure Protection; CompTIA Advanced SecurityPractitioner; (ISC)2 (TM) CISSP (R) Certification Prep 2018; (ISC)2 (TM) CISSP Concentration: ISSEP Prep;ID.SC-1Cyber supply chain riskmanagement processes areidentified, established, assessed,managed, and agreed to byorganizational stakeholders The Election Official as IT Manager; Cyber Risk Management forManagers; ISACA Certified Information Security Manager (CISM)Prep; (ISC)2 (TM) CAP Certification Prep Self Study 2014; CompTIA Advanced Security Practitioner; Cyber Supply Chain Risk Management; (ISC)2 (TM) CISSPConcentration: ISSEP Prep;ID.SC-2Suppliers and third partypartners of information systems,components, and services areidentified, prioritized, andassessed using a cyber supplychain risk assessment process CompTIA Advanced Security Practitioner; Cyber Supply Chain Risk Management; (ISC)2 (TM) CISSPConcentration: ISSEP Prep;ID.SC-3Contracts with suppliers andthird-party partners are used toimplement appropriate measuresdesigned to meet the objectivesof an organization’s cybersecurityprogram and Cyber Supply ChainRisk Management Plan. Cyber Supply Chain Risk Management; (ISC)2 (TM) CISSPConcentration: ISSEP Prep; (ISC)2 (TM) CISSP: ISSMP Prep 2018;Resource Guide www.cisecurity.org/ms-isac SANS: Acquisition Assessment Identification and Authentication Policy Security Assessment and Authorization Policy Systems and Services Acquisition PolicyPage 7 of 8
CATEGORYSUBCATEGORYMS-ISACSERVICE(NO COST)CIS SERVICE(NO COST)CIS OR MS‑ISACSERVICE(FEE-BASED)OPEN SOURCEFEDVTEPOLICY TEMPLATEID.SC-4Suppliers and third-party partnersare routinely assessed usingaudits, test results, or other formsof evaluations to confirm theyare meeting their contractualobligations. EC-Council Certified Ethical Hacker (CEHv9) Self-Study Prep; Cyber Supply Chain Risk Management; CompTIA AdvancedSecurity Practitioner; Supply Chain Assurance using Sonatype Nexus; SANS: Acquisition Assessment Identification and Authentication Policy Security Assessment and Authorization Policy Systems and Services Acquisition PolicyID.SC-5Response and recovery planningand testing are conducted withsuppliers and third-party providers Foundations of Incident Management; CompTIA AdvancedSecurity Practitioner; Cyber Supply Chain Risk Management; (ISC)2 (TM) CISSPConcentration: ISSEP Prep; SANS: Security Response Plan Computer Security Threat Response Policy Cyber Incident Response Standard Incident Response Policy Systems and Services Acquisition PolicyResource Guide www.cisecurity.org/ms-isacPage 8 of 8
CATEGORYSUBCATEGORYMS-ISACSERVICE(NO COST)CIS SERVICE(NO COST)CIS OR MS‑ISACSERVICE(FEE-BASED)OPEN SOURCEFEDVTEPOLICY TEMPLATEFunction: ProtectPR.AC-1Identities and credentials aremanaged for authorized devicesand users PR.AC-2Physical access to assets ismanaged and protected PR.AC-3Remote access is managed OpenVPN Resource Guide www.cisecurity.org/ms-isacCyber Risk Management for Managers;ISACA Certified Information Security Manager (CISM) Prep;(ISC)2 (TM) CAP Certification Prep Self Study 2014;CompTIA Advanced Security Practitioner; Securing InfrastructureDevices; Cisco CCNA Security Self-Study Prep;CompTIA Security ;Windows Operating System Security;(ISC)2 (TM) CISSP (R) Certification Prep 2018; (ISC)2 (TM) SystemsSecurity Certified Practitioner;(ISC)2(TM) Systems Security Certified Practitioner;Linux Operating System Security; Access Control Policy Account Management/Access Control Policy Authentication Tokens Standard Configuration Management Policy Identification and Authentication Policy Sanitization Secure Disposal Standard Secure Configuration Standard Secure System Development Life Cycle StandardCyber Risk Management for Managers;ISACA Certified Information Security Manager (CISM) Prep;(ISC)2 (TM) CAP Certification Prep Self Study 2014;CompTIA Advanced Security Practitioner; CompTIA A 220-902Certification Prep;CDM Module 2: Hardware Asset;Securing Infrastructure Devices;CompTIA Security ;(ISC)2 (TM) CISSP (R) Certification Prep 2018; (ISC)2 (TM) SystemsSecurity Certified Practitioner;(ISC)2(TM) Systems Security Certified Practitioner;Mobile and Device Security;CMaaS Technical Overview Course;Cyber Risk Management for Managers;ISACA Certified Information Security Manager (CISM) Prep;(ISC)2 (TM) CAP Certification Prep Self Study 2014;CompTIA Advanced Security Practitioner; CompTIA Network N10-007;Cisco CCNA Security Self-Study Prep;CompTIA Security ;Cybersecurity Overview for Managers; Emerging CybersecurityThreats;Windows Operating System Security;(ISC)2 (TM) CISSP (R) Certification Prep 2018; (ISC)2 (TM) SystemsSecurity Certified Practitioner;(ISC)2(TM) Systems Security Certified Practitioner;Mobile and Device Security; SANS: Remote Access Access Control Policy Account Management/Access Control Policy Authentication Tokens Standard Configuration Management Policy Identification and Authentication Policy Sanitization Secure Disposal Standard Secure Configuration Standard Secure System Development Life Cycle StandardPage 9 of 22
CATEGORYSUBCATEGORYMS-ISACSERVICE(NO COST)CIS SERVICE(NO COST)CIS OR MS‑ISACSERVICE(FEE-BASED)OPEN SOURCEFEDVTEPOLICY TEMPLATEPR.AC-4Access permissions are managed,incorporating the principles ofleast privilege and separation ofduties OpenNAC Cyber Risk Management for Managers; PacketFence ISACA Certified Information Security Manager (CISM) Prep; (ISC)2 (TM) CAP Certification Prep Self Study 2014; CompTIA Advanced Security Practitioner; CompTIA Network N10-007; Securing Infrastructure Devices; Cisco CCNA Security Self-Study Prep; CompTIA Security ; Cybersecurity Overview for Managers; Windows Operating SystemSecurity; (ISC)2 (TM) CISSP (R) Certification Prep 2018; (ISC)2 (TM) SystemsSecurity Certified Practitioner; (ISC)2(TM) Systems Security Certified Practitioner; Linux Operating System Security; Mobile and Device Security; Access Control Policy Account Management/Access Control Standard Configuration Management Policy Identification and Authentication Policy Sanitization Secure Disposal Standard Secure Configuration Standard Secure System Development Life Cycle StandardPR.AC-5Network integrity is protected,incorporating network segregationwhere appropriate pfSense CMaaS Technical Overview Course, CMaaS Overview; Snort CMaaS Technical Overview Course; Suricata CMaaS Transition Classroom Sessions; Demilitarized Zone (DMZ) OpenNACwith IDS/IPS; DNSSEC Training Workshop; IPv6 Security Essentials PacketFenceCourse; ISACA Certified Information Security Manager (CISM) Prep; Cyber Risk Management for Managers; (ISC)2 (TM) CAP Certification Prep Self Study 2014; CompTIA Security ; Cybersecurity Overview for Managers; Emerging CybersecurityThreats; Advanced PCAP Analysis and Signature Development (APA); CompTIA Advanced Security Practitioner; Securing the NetworkPerimeter; (ISC)2 (TM) CISSP (R) Certification Prep 2018; LAN Security UsingSwitch Features; SANS: Lab Security SANS: Router and Switch Security 802.11 Wireless Network Security Standard Mobile Device Security System and Information Integrity PolicyPR.AC-6Identities are proofed and boundto credentials and asserted ininteractions PR.AC-7Users, devices, and other assets areauthenticated (e.g., single-factor,multi-factor) commensurate withthe risk of the transaction (e.g.,individuals’ security and privacyrisks and other organizationalrisks) Resource Guide www.cisecurity.org/ms-isacISACA Certified Information Security Manager (CISM) Prep;(ISC)2 (TM) CAP Certification Prep Self Study 2014;Windows Operating System Security;CompTIA Advanced Security Practitioner; (ISC)2 (TM) CISSP (R)Certification Prep 2018; (ISC)2 (TM) Systems Security CertifiedPractitioner; (ISC)2(TM) Systems Security Certified Practitioner; Linux Operating System Security;ISACA Certified Information Security Manager (CISM) Prep;Cyber Risk Management for Managers;(ISC)2 (TM) CAP Certification Prep Self Study 2014;CompTIA Security ;Cybersecurity Overview for Managers; Emerging CybersecurityThreats; CDM Module 2: Hardware Asset; CompTIA A 220-902 Certification Prep; CompTIA AdvancedSecurity Practitioner; (ISC)2 (TM) CISSP (R) Certification Prep 2018;(ISC)2 (TM) Systems Security Certified Practitioner;Page 10 of 22
CATEGORYSUBCATEGORYMS-ISACSERVICE(NO COST)CIS SERVICE(NO COST)CIS OR MS‑ISACSERVICE(FEE-BASED)OPEN SOURCEFEDVTEPR.AT-1All users are informed and trainedPR.AT-2Privileged users understand roles &responsibilitiesPR.AT-3Third-party stakeholders (e.g.,suppliers, customers, partners)understand roles & responsibilitiesPR.AT-4Senior executives understand roles& responsibilities Eramba GRC The Election Official as IT Manager;Cyber Risk Management for Managers;ISACA Certified Information Security Manager (CISM) Prep;Cybersecurity Overview for Managers;(ISC)2 (TM) CISSP (R) Certification Prep 2018; (ISC)2 (TM) CISSPConcentration: ISSEP Prep; (ISC)2 (TM) CISSP: ISSMP Prep 2018;PR.AT-5Physical and information securitypersonnel understand roles &responsibilities Eramba GRC The Election Official as IT Manager;Cyber Risk Management for Managers;ISACA Certified Information Security Manager (CISM) Prep;(ISC)2 (TM) CAP Certification Prep Self Study 2014;Cybersecurity Overview for Managers;(ISC)2 (TM) CISSP (R) Certification Prep 2018; (ISC)2 (TM) CISSPConcentration: ISSEP Prep; (ISC)2 (TM) CISSP: ISSMP Prep 2018;PR.DS-1Data-at-rest is protected DB Evaluations using AppDetectivePro & dbProtect;ISACA Certified Information Security Manager (CISM) Prep;(ISC)2 (TM) CAP Certification Prep Self Study 2014;CompTIA Advanced Security Practitioner; CompTIA Security ;Windows Operating System Security;(ISC)2 (TM) CISSP (R) Certification Prep 2018; (ISC)2 (TM) SystemsSecurity Certified Practitioner;PR.DS-2Data-in-transit is protected IPv6 Security Essentials Course;ISACA Certified Information Security Manager (CISM) Prep;(ISC)2 (TM) CAP Certification Prep Self Study 2014;Advanced PCAP Analysis and Signature Development (APA);Analysis Pipeline;CompTIA Advanced Security Practitioner; CompTIA Network N10-007;Cloud Computing Security;CompTIA Security ;Emerging Cybersecurity Threats;Windows Operating System Security;(ISC)2 (TM) CISSP (R) Certification Prep 2018; (ISC)2 (TM) SystemsSecurity Certified Practitioner;LAN Security Using Switch Features; MS-ISAC Acceptable Use of Information TechnologyResources Policy Information Security Policy Personnel Security Policy Physical and Environmental Protection Policy Security Awareness and Training Policy Eramba GRC ISACA Certified Information Security Manager (CISM) Prep; Cybersecurity Overview for Managers; (ISC)2 (TM) CISSP (R) Certification Prep 2018; (ISC)2 (TM) CISSPConcentration: ISSEP Prep; (ISC)2 (TM) CISSP: ISSMP Prep 2018; ISACA Certified Information Security Manager (CISM) Prep; Cybersecurity Overview for Managers; (ISC)2 (TM) CISSP Concentration: ISSEP Prep; Resource Guide www.cisecurity.org/ms-isacFoundations of Incident Management;ISACA Certified Information Security Manager (CISM) Prep;(ISC)2 (TM) CAP Certification Prep Self Study 2014;Cyber Awareness Challenge 2019;(ISC)2 (TM) CISSP (R) Certification Prep 2018; (ISC)2 (TM) CISSP:ISSMP Prep 2018;POLICY TEMPLATE SANS: Router and Switch Security Computer Security Threat Response Policy Cyber Incident Response Standard Encryption Standard Incident Response Policy Information Security Policy Maintenance Policy Media Protection Policy Mobile Device Security Patch Management StandardPage 11 of 22
CATEGORYSUBCATEGORYMS-ISACSERVICE(NO COST)CIS SERVICE(NO COST)CIS OR MS‑ISACSERVICE(FEE-BASED)OPEN SOURCEFEDVTEPOLICY TEMPLATEPR.DS-3Assets are formally managedthroughout removal, transfers, anddisposition PR.DS-4Adequate capacity to ensureavailability is maintained (ISC)2 (TM) CISSP (R) Certification Prep 2018; (ISC)2 (TM) CISSPConcentration: ISSEP Prep;PR.DS-5Protections against data leaks areimplemented OpenDLP PR.DS-6Integrity checking mechanisms areused to verify software, firmware,and information integrity Tripwire AIDE DNSSEC Training Workshop; Static Code Analysis using HPE Fortify; Static Code Analysis using Synopsis Coverity; ISACA CertifiedInformation Security Manager (CISM) Prep; Advanced Windows Scripting; (ISC)2(TM) Systems Security Certified Practitioner;PR.DS-7The development and testingenvironment(s) are separate fromthe production environment Agnito W3AF Wapiti DB Evaluations using AppDetectivePro & dbProtect;Dynamic Testing using HPE WebInspect;Static Code Analysis using HPE Fortify;Static Code Analysis using Synopsis Coverity; Supply ChainAssurance using Sonatype Nexus; (ISC)2 (TM) CISSP (R) Certification Prep 2018; (ISC)2 (TM) CISSP:ISSMP Prep 2018; Software Assurance Executive Course (SAE); SANS: Lab Security SANS: Router and Switch SecurityPR.DS-8Integrity checking mechanisms areused to verify hardware integrity (ISC)2(TM) Systems Security Certified Practitioner; SANS: Acquisition Assessment System and Information Integrity PolicyPR.IP-1A baseline configuration ofinformation technology/industrialcontrol systems is created andmaintained CMaaS Overview; CMaaS Technical Overview Course; CMaaS Transition Classroom Sessions; Advanced WindowsScripting; CompTIA A 220-901 Certification Prep; CompTIA A 220-902Certification Prep; CompTIA Advanced Security Practitioner; CDM Module 4: Configuration Settings Mgt; Access Control Policy Account Management/Access Control Standard Authentication Tokens Standard Configuration Management Policy Identification and Authentication Policy Sanitization Secure Disposal Standard Secure Configuration Standard Secure System Development Life Cycle StandardCMaaS Overview;CMaaS Technical Overview Course;CMaaS Transition Classroom Sessions;ISACA Cert
(ISC)2 (TM) CISSP (R) Certification Prep 2018; (ISC)2 (TM) CISSP Concentration: ISSEP Prep; (ISC)2 (TM) CISSP: ISSMP Prep 2018; Acceptable Use of Information Technology Resource Policy Information Security Policy Security Awareness and Training Policy ID.BE-1 The orga
