Course Content

Module 1: Introduction

2m
Introduction
5m
Introduction to the CIS Top 20 Critical Security Controls

Module 2: Control 1: Inventory and Control of Hardware Assets

4m
2.1Overview of Control 1
3m
2.2Control 1 Mapping to the NIST Cybersecurity Framework
8m
2.3Run a Network Scan Using Nmap Lab Part 1
1m
2.4Run a Network Scan Using Nmap Lab Part 2
45m
2.5Run a Network Scan Using Nmap
Learn On Demand Pro Series

Module 3: Control 2: Inventory and Control of Software Assets

5m
3.1Overview of Control 2
3m
3.2Control 2 Mapping to the NIST Cybersecurity Framework

Module 4: Control 3: Continuous Vulnerability Management

5m
4.1Overview of Control 3
3m
4.2Control 3 Mapping to the Cybersecurity Framework

Module 5: Control 4: Controlled Use of Administrative Privileges

6m
5.1Overview of Control 4
4m
5.2Control 4 Mapping to the NIST Cybersecurity Framework

Module 6: Control 5: Secure Configuration for Hardware and Software on Mobile Devices, Laptops, Workstations, and Servers

4m
6.1Overview of Control 5
2m
6.2Control 5 Mapping to the NIST Cybersecurity Framework

Module 7: Control 6: Maintenance, Monitoring, and Analysis of Audit Logs

4m
7.1Overview of Control 6
4m
7.2Control 6 Mapping to the NIST Cybersecurity Framework

Module 8: Control 7: Email and Web Browser Protections

6m
8.1Overview of Control 7
4m
8.2Control 7 Mapping to the NIST Cybersecurity Framework

Module 9: Control 8: Malware Defenses

5m
9.1Overview of Control 8
4m
9.2Control 8 Mapping to the NIST CSF
8m
9.3Analyze and Classify Malware Lab
1h
9.4Analyze and Classify Malware
Virtual Lab

Module 10: Control 9: Limitation and Control of Network Ports, Protocols, and Services

4m
10.1Overview of Control 9
1m
10.2Control 9 Mapping to the NIST Cybersecurity Framework

Module 11: Control 10: Data Recovery Capabilities

4m
11.1Overview of Control 10
2m
11.2Control 10 Mapping to the NIST Cybersecurity Framework
4m
11.3Data Backup and Recovery Lab
1h
11.4Data Backup and Recovery
Virtual Lab

Module 12: Control 11: Secure Configuration for Network Devices, Such as Firewalls, Routers, and Switches

6m
12.1Overview of Control 11
2m
12.2Control 11 Mapping to the Cybersecurity Framework
1m
12.3Firewall Setup and Configuration Lab
1h
12.4Firewall Setup and Configuration
Virtual Lab

Module 13: Control 12: Boundary Defense

6m
13.1Overview of Control 12
4m
13.2Control 12 Mapping to the NIST Cybersecurity Framework

Module 14: Control 13: Data Protection

5m
14.1Overview of Control 13
4m
14.2Control 13 Mapping to the NIST Cybersecurity Framework

Module 15: Control 14: Controlled Access Based on the Need to Know

5m
15.1Overview of Control 14
3m
15.2Control 14 Mapping to the NIST Cybersecurity Framework

Module 16: Control 15: Wireless Access Control

5m
16.1Overview of Control 15
3m
16.2Control 15 Mapping to the NIST Cybersecurity Framework

Module 17: Control 16: Account Monitoring and Control

7m
17.1Overview of Control 16
6m
17.2Control 16 Mapping to the NIST Cybersecurity Framework

Module 18: Control 17: Implement a Security Awareness and Training Program

4m
18.1Overview of Control 17
7m
18.2Control 17 Mapping to the NIST Cybersecurity Framework

Module 19: Control 18: Application Software Security

6m
19.1Overview of Control 18
3m
19.2Control 18 Mapping to the NIST Cybersecurity Framework

Module 20: Control 19: Incident Response and Management

5m
20.1Overview of Control 19
3m
20.2Control 19 Mapping to the NIST Cybersecurity Framework
2m
20.3Performing an Initial Attack Analysis Lab
1h
20.4Performing an Initial Attack Analysis
Virtual Lab
1m
20.5Performing Incident Response in a Windows Environment Lab
45m
20.6Performing Incident Response in a Windows Environment
Virtual Lab

Module 21: Control 20: Penetration Tests and Red Team Exercises

5m
21.1Overview of Control 20
3m
21.2Control 20 Mapping to the NIST Cybersecurity Framework

Module 22: What Small and Medium Enterprises (SME) Need to Know about the CIS Controls

7m
22.1What SME's Need to Know About CIS

Module 23: Conclusion

1 minute
23.1Conclusion

Module 24: Course Assessment

30m
24.1CIS Top 20 Critical Security Controls Course Assessment
Assessment

Course Description

These security controls can be combined with frameworks, like NIST SP 800-37 (The NIST Risk Management Framework-RMF) to provide organizations with defense-in-depth best practices.

This course may help prepare students for industry certifications around the CIS Security Controls.The course will cover an overview of each control, map the controls to the NIST Cybersecurity Framework, and students will gain hands-on practice through labs in this course.

Prerequisites

Students should be familiar with common IT and cybersecurity terminology. It is recommended that students have 1-2 years of experience working in the cybersecurity industry.

Course Goals

By the end of this course, students should be able to:

  • Understand what the 20 CIS security controls are
  • Understand how each control maps to the NIST Cybersecurity Framework

Instructed By

Instructor Profile Image
Ken Underhill
Master Instructor at Cybrary
Master Instructor

Provided By

Cybrary

Course Components

On Demand Videos to learn from industry leaders
Virtual Labs to gain hands on experience and apply what you learned
Assessments to gauge understanding and comprehension

Certificate of Completion

Certificate Of Completion

Complete this entire course to earn a CIS Top 20 Critical Security Controls Certificate of Completion