Implementing the NIST Cybersecurity Framework 2.0

Course Overview

This course covers the NIST Cybersecurity Framework 2.0 and shows how it can be used to promote security in a company's infrastructure. At the completion of this course, students will understand details of the framework and gain insight to underlying process and practices used to integrate NIST principles and begin improving their organization's Cybersecurity Resiliency.

Course Objectives

Upon successful completion of this course, participants should be able to:

• Explain the components of NIST CSF 2.0 .
• Describe the GOVERN, IDENTIFY, PROTECT, DETECT, RESPOND,  RECOVER functions. 
• Apply the NIST CSF Profiles and Tiers in practical scenarios.
• Assess cybersecurity risk communication and integration.
• Identify and manage the risks associated with emerging technologies.

Who Should Attend

• Server Administrators
• Support Engineers
• Infrastructure or IT Operations professionals
• Skill LevelIntermediate

Prerequisites

• Familiarity with server concepts and hardware basics
• Completion of “Dell PowerEdge Server Concepts” recommended

Certification Alignment

• Recommended training for Dell PowerEdge Operate 2023 Certification (exam not included)

Next Recommended Course

PowerEdge Advanced Configuration & Optimization

Course Outline

The content of this course is designed to support the course objectives.

1.NIST CSF 2.0 Introduction

• Identify the increasing data security threats to IT systems and data.
• Define the reasons why an effective cybersecurity stance is important.
• Explain the purpose and key changes of the NIST CSF 2.0 framework.
• Describe the NIST CSF 2.0 components.

2.Introduction to NIST CSF 2.0 Core

• Identify the six CSF 2.0 Core Functions.
• Define the Core Function categories, subcategories, and implementation examples.

3.Govern Function

• Explain GOVERN Function categories and subcategories.
• List implementation examples.

4.Identify Function

• Explain IDENTIFY Function categories and subcategories.
• List implementation examples.

5.Protect Function

• Explain the categories of the PROTECT Function.
• Learn about the processes and controls involved in identity management, authentication, and access control.
• Understand the need for awareness and training.
• Learn about the processes and controls involved in data and platform security.
• Understand the processes and controls involved in technology infrastructure resilience.

6.Detect Function

• Explain the categories and subcategories of the DETECT Function.
• Discuss the significance of continuous monitoring and associated security controls in the DETECT function.
• Discuss the significance of adverse event analysis and associated security controls in the DETECT function.
• Elaborate the tools and techniques that can be employed for  achieving continuous monitoring and adverse event analysis.

7.Respond Function

• Understand the basic concepts and categories of the RESPOND Function.
• Learn about the processes involved in managing incidents.
• Gain knowledge on analyzing incidents with a focus on controls.
• Comprehend the reporting and communication aspects of incident response.
• Understand strategies and techniques to minimize the impact of an incident.

8.Recover Function

• Explain the categories and subcategories of the RECOVER  Function.
• Discuss the significance of incident recovery plan execution and  associated security controls in the RECOVER function.
• Discuss the significance of incident recovery communication  and associated security controls in the RECOVER function.
• Elaborate the tools and techniques that can be employed for  incident recovery plan execution.

9.Analyze NIST CSF Profiles

• Understand the concept of NIST CSF Organizational Profiles.
• Explore different Organizational Profiles.
• Discover how to develop and apply Organizational Profiles.
• Understand the application of NIST CSF Profiles in practical scenarios.

10.Applying NIST CSF Tiers

• Grasp core concepts and structure of Cybersecurity Framework (CSF) tiers.
• Choose appropriate tiers for risk governance and management.
• Apply the NIST CSF tiers in practical scenarios.

11.Assess Cybersecurity Risk Communication and Integration

• Explain cybersecurity risks and their impact on organizations.
• Utilize effective communication strategies to convey cybersecurity risks.
• Integrate cybersecurity risk management into enterprise risk management programs.
• Explain the importance of Supply Chain Risk Management (SCRM) in cybersecurity.
• Identify and manage the risks associated with emerging technologies.