1-800-THE-TREE (1-800-843-8733)
 

NSA INFOSEC Evaluation Methodology (IEM)

Identifying and Correcting Your Security Weaknesses

 
Course: u151     Type: Hands-On Training     Duration: 2 Days

Quick Enroll    

You Will Learn How To
  • Implement the National Security Agency's INFOSEC Evaluation Methodology
  • Establish the NSA model of Pre-Evaluation, On-Site and Post-Evaluation phases as a standardized baseline for your organization
  • Create a Technical Evaluation Plan (TEP) in coordination with stakeholders
  • Conduct port scanning, enumeration and vulnerability scanning in accordance with your TEP
  • Develop recommendations for the remediation and mitigation of security weaknesses
  • Present a final report that guides post evaluation activities

Course Benefits
Building on the knowledge gained in the NSA IAM course, you will evaluate the security of computer networks using recognized security tools. This course gives you the technical skills to conduct comprehensive evaluations of information systems in compliance with common legal and regulatory requirements. You will learn how to create a System Criticality Vulnerability Matrix (SCVM) and establish reusable metrics to measure changes in your organization's security posture. After successfully passing the course exam, attendees will receive the NSA IEM Certification.

Who Should Attend
Consultants, system administrators, developers, technicians, and service providers who are involved in federal, state and local government, non-profit, commercial and private sector information security. Formal comprehension of the NSA IAM is helpful to understand how the IAM and IEM work in concert to provide a complete security assessment.

Hands-On Training
You apply industry-standard best practices and gain experience using standard security tools against an ongoing case study. Exercises include:
  • Completing a scoping questionnaire to define rules of engagement
  • Building a complete Technical Evaluation Plan
  • Performing enumeration and port scanning of a live network
  • Conducting vulnerability scans of workstations and servers
  • Presenting conclusions and recommendations that incorporate the content of an SCVM

Course U151 Content
Applying Technical Vulnerability Analysis to the IAM
Purpose and overview of IEM
  • Meeting legislative and regulatory requirements
  • Improving network security
  • Providing an independent review to validate internal reviews
  • Identifying the three phases of the IEM analysis
  • Explaining the need for INFOSEC and good security management
Developing Pre-Evaluation Activities
Understanding the Pre-Evaluation Process
  • Determining the Rules of Engagement
  • Gaining management and technical staff endorsement
Coordinating the technical evaluation
  • Gather concerns and constraints
  • Setting the scope of the evaluation
  • Identifying deliverables
  • Understanding the size of the network
  • Considering third-party network connections
  • Completing evaluation questionnaires
  • Defining boundaries and limits
  • Overcoming limitations
  • Validating information obtained during evaluation
  • Working with the legal department
  • Receiving the Letter of Authorization
Developing a Technical Evaluation Plan (TEP)
  • Customer agreement and support for the TEP
  • Working with the ten steps of the TEP
Conducting the On-Site Phase
Verifying the technical implementation
  • Locating security weaknesses
  • Assessing weaknesses from internal and external perspective
  • Obtaining entry using authorized and unauthorized users
  • Common Vulnerabilities and Exposures (CVE)
Hunting for weaknesses and information exposure
  • Identifying baseline tools
  • Port scanning
  • SNMP scanning
  • Wireless enumeration
  • Enumeration and banner grubbing
  • Vulnerability scanning
  • Network device analysis
  • Host evaluations
  • Password compliance testing
  • Application specific scanning
  • Network sniffing
  • Developing the initial out briefing
Performing Post-Evaluation Analysis
Evaluating Raw Data
  • Handling false positives
  • Requesting assistance from subject matter experts
Additional vulnerability research
  • Organizing and categorizing discovered vulnerabilities
Developing recommendations
  • Alternative solutions
  • Layered security
Vulnerability Criticality Matrices
Creating the Criticality Matrix
  • Prioritizing INFOSEC vulnerabilities
  • System Vulnerability Criticality Matrix (SVCM)
  • Organizational Vulnerability Criticality Matrix (OVCM)
  • Weighting vulnerability findings
  • Trending vulnerability and countermeasures
Four aspects of Computer Network Defense (CND)
  • Securing components and systems
  • Identifying anomalous activity
  • Reporting and reacting to anomalous activity
  • Maintaining proper security level through mature process
  • INFOSEC posture rating
Evaluation Reporting
Final Report
  • Providing recommendations and options
  • Following the Recommended format
  
 
Request More Info

Salutation

First Name

Last Name

Company

Zip Code

Country
   Codes
Work Phone

Extension

E-mail

A representative will contact you to follow up your request.
Privacy Statement

Save Up to 40% per course on the Training Passport!

NSA INFOSEC Evaluation Methodology (IEM)
Upcoming Dates

NSA INFOSEC Evaluation Methodology (IEM)
Bring Learning Tree On-Site

Course Tuition
$ 1,800 Standard Tuition
Tuition with a Savings Plan
$ 900 10-Day Pass
$ 1,670 Training Passport
$ 1,700 Premium-Pass
$ 2,200 Voucher 10-Pack
$ 1,620 Alumni Gold Discount
$ 1,414 Government Discount
 

 

NSA INFOSEC Evaluation Methodology (IEM)


IEM logo
Customer Service or Enroll: 1-800-843-8733