Price: $1,699.00
Length: 2 Days
Print Friendly, PDF & Email

Cybersecurity Test and Evaluation (T&E) Training

Cybersecurity Test and Evaluation (T&E) Training Course Description

Cybersecurity Test and Evaluation (T&E) training teaches you to implement iterative testing and evaluating processes in order to guarantee the ability of an information system in operational environment full of vulnerabilities.

Cybersecurity Test and Evaluation (T&E) Training

Information system is composed of hardware, software, user operators, maintainers and procedures that may exchange information in a network environment, or users. The main goal of testing and evaluation is to provide effective cybersecurity and cyber operations in order to defend networks, systems and information against cyber-attacks.

Cybersecurity Test and Evaluation (T&E) training by Tonex provides you a systematic approach in order to test the security of your organization network, system and information.

Tonex as a leader in security industry for more than 15 years is now announcing the Cybersecurity Test and Evaluation (T&E) training which helps you to develop cybersecurity T&E strategy, incorporate cyber-attack surface elements to test plans, understand system threats and vulnerabilities, execute cybersecurity adversarial events, and perform a full operational test and evaluation of the system’s defensive cyberspace performance in operational performance.

Learn about different phases of risk management framework which are a vital part of T&E, different phases of T&E by starting characterizing the cyber-attack surface, to vulnerability detection, and adversarial assessment.

Tonex as a leader in industry and academia with high quality conferences, seminars, workshops, and exclusively designed courses in cybersecurity area, is pleased to announce a complete training on Cybersecurity Test and Evaluation (T&E) which helps you to identify the cybersecurity requirements and ensures testability of cybersecurity requirements.

Learn about different roles and responsibilities of Department of Defense (DoD) for cybersecurity applications, different methods of information security testing such as vulnerability scanning, password cracking, penetration testing or social engineering.

Our instructors at Tonex will help you to understand the NIST special publications for wireless and server security and how to implement these instructions in your DoD IT.

This course covers a variety of topics in cybersecurity test and evaluation such as: Introduction to cybersecurity, cybercrime, information security, concept of test and evaluation, developmental, operational and interoperability cyber testing, software testing considerations, computer security and incident handling, wireless and server testing, information security testing and assessment, risk management framework (RMF), test and evaluation, and DoD 5000-02 standard for cybersecurity testing.

The Cybersecurity Test and Evaluation (T&E) course by Tonex is interactive course with a lot of class discussions and exercises aiming to provide you a useful resource for RMF implementation to your information technology system.

If you are an IT professional or federal agency personnel and need to risk management framework for your IT system or validate your RMF skills, you will benefit from the presentations, examples, case studies, discussions, and individual activities upon the completion of the Cybersecurity Test and Evaluation (T&E) training and will prepare yourself for your career.

Cybersecurity Test and Evaluation (T&E) training will introduce a set of labs, workshops and group activities of real world case studies in order to prepare you to tackle the entire related RMF challenges.

Audience

Cybersecurity Test and Evaluation (T&E) training is a 2-day course designed for:

  • Program and product managers
  • Requirements and DoD personnel
  • System Engineers
  • DoD IT personnel
  • IT professionals in the DoD organizations
  • Airforce and Military Personnel in charge of cybersecurity
  • DoD employees and contractors or service providers
  • All DoD personnel in charge of information assurance
  • Authorizing official representatives, chief information officers, senior information assurance officers, information system owners or certifying authorities
  • Employees of federal agencies and the intelligence community
  • Assessors, assessment team members, auditors, inspectors or program managers of information technology area
  • Any individual looking for information assurance implementation for a company based on recent DoD and NIST policies
  • Information system owners, information owners, business owners, and information system security managers

Training Objectives

Upon completion of the Cybersecurity Test and Evaluation (T&E) training course, the attendees are able to:

  • Understand the cybersecurity issues related to vulnerabilities, importance of data protection and approaches for cyber management.
  • Learn about the concept of Test and Evaluation (T&E) for cybersecurity systems
  • Explain T&E processes and be able to implement T&E for information systems
  • Differentiate the developmental, operational, and interoperability cyber testing approaches
  • Describe roles and responsibilities of T&E for cybersecurity
  • Explain testing considerations and challenges for DoD software or DoD IT
  • Understand computer security, computer incidents and approaches to manage incidents
  • Describe standards for wireless security and approaches to secure DoD servers from cybercrimes based on NIST standard
  • Apply different information security testing and assessment approach to DoD IT and resolve the issues related
  • Apply Risk Management Framework (RMF) to DoD information system based on NIST and DoDI publications
  • Remove the challenges of T&E for DoD IT
  • Classify and relate the DoDI 5000.2 instructions to DoD IT

Course Outline

Cybersecurity Test and Evaluation (T&E) training course consists of the following lessons, which can be revised and tailored to the client’s need:

Introduction to Cybersecurity

  • Information
  • ICT and Cybersecurity
  • Cyber Crime
  • Cyber Espionage
  • Cyber Warfare
  • National and Cybersecurity
  • Cyber Power and National Security
  • Governmental, National and International Cybersecurity
  • Mandates of National Cybersecurity
  • Data Protection
  • Military Cyber Operation
  • Counter Cyber Crime
  • Intelligence/Counter Intelligence
  • Cybersecurity Crisis Management and CIP
  • Internet Governance and Cyber Diplomacy
  • Cyber-Enabled Terrorism
  • Information Security

Test and Evaluation

  • Introduction to Test and Evaluation (T&E)
  • Defense Systems Acquisition Process
  • T&E and SE Processes
  • Scientific Test and Analysis Techniques (STAT)
  • Evaluation Process
  • Distinction between Issues and Criteria
  • MOEs
  • Evaluation Planning
  • Evaluating Developmental and Operational Tests

Overview of developmental, operational and interoperability cyber testing

  • Introduction to Developmental Test and Evaluation (DT&E)
  • DT&E and the System Acquisition Cycle
  • DT&E Responsibilities
  • Test Program Integration
  • DT&E Focus
  • System Design for Testing
  • DT&E of Limited Procurement Quantity Program
  • Introduction to Operation Test and Evaluation (OT&E)
  • Purpose and Scope of OT&E
  • Test Participants
  • OT&E and DT&E
  • Types of OT&E
  • Test Planning
  • Test Execution
  • Test Reporting
  • Interoperability Testing
  • Agile Development and T&E

Software and IT Testing Consideration

  • Role of Software Specification Overview
  • Software Development Process
  • Potential Power of Human-Based Testing
  • Black Box versus White Box Testing
  • Exhaustive Software Testing
  • Software Error Categorization
  • Software Measurement with T&E Application
  • Independent Verification and Validation (IV&V)
  • T&E Issues Associated with Spiral and Agile Development Approaches

Computer Security and Incident Handling

  • Events and Incidents
  • Incident Response Policy, Plans and Procedures
  • Incident Response Team Structure
  • Incident Handling
  • Detection and Analysis
  • Incident Analysis
  • Incident Prioritization
  • Incident Notification
  • Containment, Eradication and Recovery
  • Post Incident Activities
  • Coordination and Information Sharing
  • Information Sharing Techniques
  • Incident Response Life Cycle

Wireless and Server security

  • NIST SP 800-153
  • WLAN Security Configuration
  • WLAN Architecture
  • WLAN Security Monitoring
  • Attack Monitoring
  • Vulnerability Monitoring
  • Monitoring Tools
  • Continuous monitoring Recommendations
  • Periodic Assessment Recommendations
  • NIST SP 800-53 Security Controls and Publications
  • Server Vulnerabilities, Threats and Environments
  • Security Categorization of Information Systems
  • Server Security Planning
  • Security of Server Operating Systems
  • Securing the Server Software
  • Maintaining the Security of the Server

Information Security Testing and Assessment

  • Security Testing and Examination
  • Information Security Assessment Methodology
  • Technical Assessment Techniques
  • Document Review/ Log Review
  • System Configuration Review
  • Network Sniffing
  • File Integrity Checking
  • Target Identification and Analysis Techniques
  • Network Port and Service Identification
  • Vulnerability Scanning
  • Wireless Scanning
  • Active/Passive Wireless Scanning
  • Bluetooth Scanning
  • Password Cracking
  • Penetration Testing Phase and Logistics
  • Social Engineering
  • Security Assessment Policy Development
  • Assessment Logistics
  • Assessment Plan Development
  • Security Assessment Execution
  • Data Handling
  • Post Testing Activities

Cybersecurity Risk Management Framework

  • Cybersecurity Procedures Overview
  • DoDI 8500.01
  • RMF procedures Overview, DoDI 8510.01
  • RMF Phases
  • RMF Artifacts
  • RMF Phase 1: Categorizing the Information and Information Systems
  • RMF Phase 2: Selecting Security Control
  • RMF Phase 3: Implementing Security Control
  • RMF Phase 4: Assessing Security Control
  • RMF Phase 5: Authorizing the Information System
  • RMF Phase 6: Monitoring Security Controls

Cybersecurity Test and Evaluation

  • DoDI 5000.02
  • Cybersecurity T&E Phases
  • Understanding Cybersecurity Requirements
  • Characterizing the Cyber-Attack Surface
  • Cooperative Vulnerability Identification
  • Adversarial Cybersecurity DT&E
  • Cooperative Vulnerability and Penetration Assessment
  • Adversarial Assessment
  • Developmental Evaluation Framework
  • OT&E Cybersecurity Measures
  • PPP Analysis for T&E
  • Cyber Ranges

DoDI 5000.02

  • Defense Acquisition Executive (DAE)
  • MDA
  • Heads of DoD Components
  • Defense Acquisition Program Model and Phases
  • Phase1: Hardware Intensive Program
  • Defense Unique Software Intensive Program
  • Incrementally
  • Accelerated Acquisition Program
  • Process Decision Points and Phase Contents
  • Material Development Decision and Solution Analysis Phase
  • Production and Deployment (P&D) Phase
  • Operation and Support (O&S) Phase
  • Acquisition Program Categories and Compliance Requirements
  • Program Management
  • Program Management Responsibilities
  • International Acquisition and Exportability
  • Industrial Base Analysis and Considerations
  • Systems Engineering Plan
  • Development Planning
  • System Engineering Trade-off Analysis
  • Configuration Management
  • Modeling and Simulations
  • Manufacturing and Production
  • Software
  • Reliability and Maintainability (R&M)
  • Developmental Test and Evaluation (DT&E)
  • Operational and Live Fire Test and Evaluation (OT&E and LFT&E)
  • Life Cycle Sustainment
  • Human System Integration (HIS)
  • Affordability Analysis and Investment Considerations
  • Analysis of Alternatives (AOA)
  • Cost Estimation and Reports

Hands On, Workshops, and Group Activities

  • Labs
  • Workshops
  • Group Activities

Sample Workshops and Labs for Cybersecurity Test and Evaluation Training

  • Cooperative Vulnerability Identification Case Study
  • Developmental Test and Evaluation (DT&E) Case Study
  • Hands on Training for PPP Analysis of T&E
  • RMF Procedures Hands On based on NIST SP
  • Vulnerability Scanning for Wireless Systems
  • OT&E Case Study
  • Incident Response Experiment

Cybersecurity Test and Evaluation (T&E) Training

Request More Information

  • Please complete the following form and a Tonex Training Specialist will contact you as soon as is possible.

    * Indicates required fields

  • This field is for validation purposes and should be left unchanged.