CIS Critical Security Control 2: Inventory and Control of Software Assets
Welcome to our course series on CIS Top 18 Critical Security Controls v8. In this course covering control 2: Inventory and Control of Software Assets, you'll demonstrate how to collect software inventory across the network. Plus, get hands-on training as you allowlist authorized software and scripts.
Already have an account? Sign In »

2.2Utilize Automated Software Inventory Tools
2.3Allowlist Authorized Software
2.4GPO Policy Software Management
These security controls can be combined with frameworks, like NIST SP 800-37 (The NIST Risk Management Framework-RMF) to provide organizations with defense-in-depth best practices.
This course will help prepare students for industry certifications around the CIS Security Controls. You will see an overview of each control, map the controls to the NIST Cybersecurity Framework, and gain hands-on practice in secure, scenario-based lab environments.
Prerequisites
This course is designed for IT security professionals who want to expand their knowledge and skills in the area of development and implementation of security controls. Prerequisites include an existing knowledge of networking and knowledge of their organization’s security requirements.
Course Goals
By the end of this course, students should be able to:
- Explain the concept of security controls
- Enumerate the eighteen (18) areas of critical security controls
- Implement technical security controls related to these areas



Complete this entire course to earn a CIS Critical Security Control 2: Inventory and Control of Software Assets Certificate of Completion
Competency Areas