Home 0P3N Blog CIS Top 20 Security Controls Course Review
Ready to Start Your Career?
Create Free Account
Hugh Shepherds profile image
By: Hugh Shepherd
June 8, 2020

CIS Top 20 Security Controls Course Review

By: Hugh Shepherd
June 8, 2020
Hugh Shepherds profile image
By: Hugh Shepherd
June 8, 2020

Cybrary’s course on the CIS Top 20 Critical Security Controls is an exceptional training experience. This course provides an overview of the CIS Top 20 Critical Security Controls v7.1. These controls can be used in conjunction with other frameworks, such as NIST’s Cybersecurity Framework and Risk Management Framework, to help provide defense-in-depth best practices.

Developed by the Center for Internet Security, the CIS Top 20 controls are a set of security best practices designed to provide IT security leaders straightforward and easily understood protections to implement to block or mitigate known attacks at their organizations. Per the CIS website, the 20 controls are listed below and prioritized into their respective categories:

Basic CIS Controls:

  1. Inventory and Control of Hardware Assets
  2. Inventory and Control of Software Assets
  3. Continuous Vulnerability Managemen
  4. Controlled Use of Administrative Privileges
  5. Secure Configuration for Hardware and Software on Mobile Devices, Laptops, Workstations, and Servers
  6. Maintenance, Monitoring, and Analysis of Audit Logs

Foundational CIS Controls:

  1. Email and Web Browser Protections
  2. Malware Defenses
  3. Limitation and Control of Network Ports, Protocols and Services
  4. Data Recovery Capabilities
  5. Secure Configuration for Network Devices, such as Firewalls, Routers, and Switches
  6. Boundary Defense
  7. Data Protection
  8. Controlled Access Based on the Need to Know
  9. Wireless Access Contro
  10. Account Monitoring and Control

Organizational CIS Controls:

  1. Implement a Security Awareness and Training Program
  2. Application Software Security
  3. Incident Response and Management
  4. Penetration Tests and Red Team Exercises

 
Begin The "CIS Top 20 Critical Security Controls" Course Today >>

 

The lectures provide an overview of each CIS control and related sub-controls. Additionally, each CIS control is mapped to the NIST Cybersecurity Framework. Practice labs are also included to give students the opportunity to gain hands-on experience and help reinforce certain concepts. Plus, the key concerns related to applying the CIS controls in small and medium-sized enterprises were discussed. Also included in the course are several study resources, such as a study guide, glossary, step by step lab guides, and quiz questions to help reinforce learning.

This course was very informative and interesting. Learners will gain a more in-depth understanding of the controls and how they can be applied in the real world. This is extremely beneficial because it teaches actionable knowledge for application in real situations.

Cybrary offers numerous other learning resources related to security frameworks and controls.

You can explore and sign-up for more security control and security framework learning resources provided by Cybrary.

Listed below are just a few resources available on the Cybrary website:

50 CISO Security Controls Executive RMF NIST 800-53: Introduction to Security and Privacy Controls

This course may help you prepare for certification by:

  • Learning common security controls used in infosec
  • Learning best practices for applying security controls to small and medium enterprises
  • Learning a framework for a consistent and standard approach to securing an organization




Schedule Demo

Build your Cybersecurity or IT Career

Accelerate in your role, earn new certifications, and develop cutting-edge skills using the fastest growing catalog in the industry