CyberFirst Academy

Intro

Who is an ISSO?

Job Environment

Qualifications

Things you should know

Responsibilities and daily tasks prt1

Responsibilities and daily tasks prt2

Responsibilities and daily tasks prt3

RMF Rev. 2

RMF Continued: Prepare

RMF Analogy (Building a House)

Prepare

Categorize

Select

Implement

Assess

Authorize

Monitor

Summary

RMF (Driver's License Analogy)

Resume Update

Module One Quiz

What is Cybersecurity?

The CIA Triad: The 3 Pillars of Security

Integrity

Availability

Separation of Duties

Job Rotation and Mandatory Leave

Risk Management Framework (RMF)

Common Roles and Responsibilities

Top Down Approach

Control Frameworks

Control Frameworks

Due Care and Due Diligence

Compliance

Privacy

Privacy Continued

European Union Privacy Laws

GDPR

Computer Crime

MOM

How Data Breaches Occur

Threats: Virus, Trojan, Logic bomb, Worm, Bot, Rootkit, Spyware, Spam

BIA

Business Continuity Plan (BCP)

Disaster Recovery Sites

Threat Modeling

OWASP

DoS and DDoS Attacks

Man-in-the Middle Attacks

Social Engineering

Types of Social Engineering

Types of security controls

RAT and Backdoor

Adware

Keylogger

Data Protection

Wireless Security

Ports

OS Hardening

Multifactor Authentication

Identifying Authentication Factors

Mobile Security

Social Media

What is Networking?

Networking

Quiz

Attending Meetings

Types of Meetings

Conducting PTAs and PIA

Lab: Completing a PTA

Incident Response

Scenario_Incident Response

Questions to ask

Responding Back

Data Calls

Change Management

Developing ISAs

ISA Walk-through

Developing MOU/MOA (MEMORANDUM OF UNDERSTANDING or AGREEMENT)

Reviewing and Developing Contingency Plan Documentation

Contingency Plan (ISCP) Intro

SIA (Security Impact Analysis)

SIA Walkthrough

Security Controls

NIST 800-53 Rev 5

Site for viewing Security Controls

AC Controls

AC-3

NIST Control Families

Developing an SSP part 1

Developing an SSP part 2

RMF

RMF Rev2 Part1

Prepare (New Phase)

RMF Analogy (Building a House)

Prepare Analogy

Categorize Analogy

Select Analogy

Implement Analogy

Assess Analogy

Authorize Analogy

Monitor Analogy

RMF House Analogy House Summary

Driver's License Analogy

Main Roles and their Objectives

RMF Phases and Roles in Real World

Prepare Phase

Categorize Phase

How to categorize an information system

Kickoff

Case Study Kickoff Meeting

Kickoff Walkthrough

SDLC

Class Project Categorize LCM

Class Project Categorize LCM Walkthrough

Entering System Categorization in SSP

SAP (Security Assessment Plan)

Selecting Controls Class Project LCM

Selecting Common Controls

Selecting Common controls continued (Hybrid Controls)

Implementing Security Controls

Upload Artifacts and Contact Assessor

Assess Security Controls

Evidence Review Tips

Reviewing Security Controls Artifacts

2 Main Roles and thier Objectives.

System Information XYZ system

ISSO and SCA Duties in a Nutshell

A to Z break down Prepare to Implementation

A to Z break down Assessment to Monitor

Quiz (Categorize Information System)

Select Phase Tasks

Selecting security Controls: What is a Security Control?

Select Phase Types of Controls Management Technical and Operational

Select Phase Common control System Specific Control and Hybrid Control

Select Phase: NIST 800-53 and FIPS 200

Select Phase NIST Website and SSP Templates

Select Phase: NIST Control Families

Select Phase: Low, Moderate, High and Enhancements

Select Phase Tailoring

Baseline and Benchmark

Implement 1

Implement Documenting Implementation Statements

Assess Tasks

Assess SAP 2

Assess Evidence Review Tips

Conducting the assessment

Assessment Using the SAP worksheet

Assess Phase: Entering Assessment Observations

Assess SAP 1

Assess Phase: SAR

Assess Phase: Documenting the Findings in the SAR

Assess Phase: Remediation Actions

Assess Phase: POA&M Report

Assess Phase: Documenting Plan of Action and Milestones POA&Ms

Authorize Phase

Monitor Phase

Monitor Phase Part 2

NIST 800-37 Rev 2 (Free)

Mastering Security Controls Quiz

Finding a Job

Finding a Job with no Experience

Job Search Sites

Job Search Sites Indeed

Job Search Sites Glassdoor

Job Market

Background Investigation

Tips on finding a Job

The Interview

Things to do before you go for an Interview

Interview process

Interview Tips 1st Call

Interview Questions PDF

Interview Questions

ISSO Salary Indeed

Interview Tips 2nd Call

Interview Tips: In-person interview

Interview Tips: Skype interview

Negotiating your Salary.

Researching your Salary

Company Reviews, Salaries on Glassdoor.

Things You Should do in Your First Week

7 Step Playbook to Get Hired in Cybersecurity

7 Step Playbook to Get Hired in Cybersecurity

NIST.SP.800-53r5

NIST.SP.800-18r1

Templates

NIST.FIPS.199

nistspecialpublication800-137

nistspecialpublication800-64r2

nist.sp.800-53ar4

POA&M Template

Resume Template

Security Controls Assessor Resume Template

nist.sp.800-37r1

ATO Letter Template

Cybersecurity Links to free online Resources

FAQ Monitor Phase

FAQ Categorize Phase

FAQ Select Phase

Career Advice Pocket Guide

ISSO Tips

Exam requirements

CAP Exam Prep

CAP Exam Outline-Post Oct 15

Exam Prep Questions

Developing Your Resume.

Developing Your Resume part 2

Resume Template

Ask a Question

Asking a question Guidelines Part 1

Asking a question Guidelines Part 2

FAQ (Frequently Asked Questions)

Outro

Zoom Q&A Session