Maxtrain.com - [email protected] - 513-322-8888 - 866-595-6863
IS20 controls are the Top Twenty Most Critical Security Controls in Information Technology. This 4 day training course covers proven tools and methodologies needed to execute and analyze the Top Twenty Most Critical Security Controls. Nearly all organizations that maintain sensitive information are adopting these Security Controls.
These controls were chosen by leading government and private organizations who are experts on how attacks work and what can be done to prevent them from happening. The controls were selected as the best way to block known attacks as well as help search for and alleviate any damage from the attacks that are successful. This course allows the security professional to see how to implement controls in an existing network through highly effective and economical automation. For management, this training is the best way to distinguish how you will assess whether these security controls are effectively being administered.
Upon completion, the IS20 Security Controls candidate will be able to not only competently take the 1S20 Controls exam but will also have an understanding of how to implement the top 20 most critical controls in the workplace.
The IS20 Controls exam is taken online through Mile2’s Learning Management System and is accessible on you Mile2.com account. The exam will take approximately 2 hours and consist of 100 multiple choice questions.
A minimum grade of 70% is required for certification.
Mile2 is Accredited by the NSA-CNSS, Approved on Homelands Security NICCS Framework, and is on the FBI’s Tier 1-3 Certification Training Chart.
Inventory of Authorized and Unauthorized Devices
Inventory of Authorized and Unauthorized Software
Secure Configurations for Hardware and Software on Laptops, Workstations, and Servers
Secure Configurations for Network Devices such as Firewalls, Routers, and Switches
Maintenance, Monitoring, and Analysis of Audit Logs
Application Software Security
Controlled Use of Administrative Privileges
Controlled Access Based on Need to Know
Continuous Vulnerability Assessment and Remediation
Account Monitoring and Control
Limitation and Control of Network Ports, Protocols, and Services
Wireless Device Control
Data Loss Prevention
Secure Network Engineering
Penetration Tests and Red Team Exercises
Incident Response Capability
Data Recovery Capability
Security Skills Assessment and Appropriate Training to Fill Gaps
A basic understanding of networking and security technologies