• Online, Instructor-Led
Course Description

In this virtual practicum/internship, students develop the capability to support and document a security assessment and authorization project by applying the NIST RMF(Steps1-3)/FedRAMP (Step 1) to produce on-premise and cloud security assessment and authorization deliverables. In addition, they learn to edit (existing) security controls and write (new) security controls.


Learning Objectives

Analyze and develop an initial System Security Plan (SSP)|Complete system registration process|Develop a security controls traceability matrix (SCTM)|Analyze information types and determine system categorization|Compare and contrast the relationship between Certified Authorization Professional (CAP) domains and the NIST RMF|Apply secondary research to cybersecurity challenges|Apply knowledge of the role of security assessment and the Security Control Assessor in the information security continuous monitoring (ISCM) process


Framework Connections

The materials within this course focus on the Knowledge Skills and Abilities (KSAs) identified within the Specialty Areas listed below. Click to view Specialty Area details within the interactive National Cybersecurity Workforce Framework.