CIS Top 20 Critical Security Controls

Name: CIS Top 20 Critical Security Controls
Rating: 3.5 (2 reviews)

Cybrary

Course

Now offers labs

CIS Controls are a prioritized set of actions that protect your organization and data from known cyber-attack vectors. Our CIS Top 20 Critical Security Controls Course aligns to CIS v7.1. Learn about each control, why it’s important to your organization, and how you can help your team implement these best practices.

Time

9 hours 54 minutes

Difficulty

Intermediate

CEU/CPE

3.5

NEED TO TRAIN YOUR TEAM? LEARN MORE

Join over 3 million cybersecurity professionals advancing their career

Required fields are marked with an *

View all SSO options

Already have an account? Sign In »

Course Content

Module 1: Introduction

Introduction

Introduction to the CIS Top 20 Critical Security Controls

Module 2: Control 1: Inventory and Control of Hardware Assets

2.1Overview of Control 1

2.2Control 1 Mapping to the NIST Cybersecurity Framework

2.3Run a Network Scan Using Nmap Lab Part 1

2.4Run a Network Scan Using Nmap Lab Part 2

2.5Run a Network Scan Using Nmap

Learn On Demand Pro Series

45m

Module 3: Control 2: Inventory and Control of Software Assets

3.1Overview of Control 2

3.2Control 2 Mapping to the NIST Cybersecurity Framework

Module 4: Control 3: Continuous Vulnerability Management

4.1Overview of Control 3

4.2Control 3 Mapping to the Cybersecurity Framework

Module 5: Control 4: Controlled Use of Administrative Privileges

5.1Overview of Control 4

5.2Control 4 Mapping to the NIST Cybersecurity Framework

Module 6: Control 5: Secure Configuration for Hardware and Software on Mobile Devices, Laptops, Workstations, and Servers

6.1Overview of Control 5

6.2Control 5 Mapping to the NIST Cybersecurity Framework

Module 7: Control 6: Maintenance, Monitoring, and Analysis of Audit Logs

7.1Overview of Control 6

7.2Control 6 Mapping to the NIST Cybersecurity Framework

Module 8: Control 7: Email and Web Browser Protections

8.1Overview of Control 7

8.2Control 7 Mapping to the NIST Cybersecurity Framework

Module 9: Control 8: Malware Defenses

9.1Overview of Control 8

9.2Control 8 Mapping to the NIST CSF

9.3Analyze and Classify Malware Lab

9.4Analyze and Classify Malware

Virtual Lab

Module 10: Control 9: Limitation and Control of Network Ports, Protocols, and Services

10.1Overview of Control 9

10.2Control 9 Mapping to the NIST Cybersecurity Framework

Module 11: Control 10: Data Recovery Capabilities

11.1Overview of Control 10

11.2Control 10 Mapping to the NIST Cybersecurity Framework

11.3Data Backup and Recovery Lab

11.4Data Backup and Recovery

Virtual Lab

Module 12: Control 11: Secure Configuration for Network Devices, Such as Firewalls, Routers, and Switches

12.1Overview of Control 11

12.2Control 11 Mapping to the Cybersecurity Framework

12.3Firewall Setup and Configuration Lab

12.4Firewall Setup and Configuration

Virtual Lab

Module 13: Control 12: Boundary Defense

13.1Overview of Control 12

13.2Control 12 Mapping to the NIST Cybersecurity Framework

Module 14: Control 13: Data Protection

14.1Overview of Control 13

14.2Control 13 Mapping to the NIST Cybersecurity Framework

Module 15: Control 14: Controlled Access Based on the Need to Know

15.1Overview of Control 14

15.2Control 14 Mapping to the NIST Cybersecurity Framework

Module 16: Control 15: Wireless Access Control

16.1Overview of Control 15

16.2Control 15 Mapping to the NIST Cybersecurity Framework

Module 17: Control 16: Account Monitoring and Control

17.1Overview of Control 16

17.2Control 16 Mapping to the NIST Cybersecurity Framework

Module 18: Control 17: Implement a Security Awareness and Training Program

18.1Overview of Control 17

18.2Control 17 Mapping to the NIST Cybersecurity Framework

Module 19: Control 18: Application Software Security

19.1Overview of Control 18

19.2Control 18 Mapping to the NIST Cybersecurity Framework

Module 20: Control 19: Incident Response and Management

20.1Overview of Control 19

20.2Control 19 Mapping to the NIST Cybersecurity Framework

20.3Performing an Initial Attack Analysis Lab

20.4Performing an Initial Attack Analysis

Virtual Lab

20.5Performing Incident Response in a Windows Environment Lab

20.6Performing Incident Response in a Windows Environment

Virtual Lab

45m

Module 21: Control 20: Penetration Tests and Red Team Exercises

21.1Overview of Control 20

21.2Control 20 Mapping to the NIST Cybersecurity Framework

Module 22: What Small and Medium Enterprises (SME) Need to Know about the CIS Controls

22.1What SME's Need to Know About CIS

Module 23: Conclusion

23.1Conclusion

1 minute

Module 24: Course Assessment

24.1CIS Top 20 Critical Security Controls Course Assessment

Assessment

30m

Course Description

These security controls can be combined with frameworks, like NIST SP 800-37 (The NIST Risk Management Framework-RMF) to provide organizations with defense-in-depth best practices.

This course may help prepare students for industry certifications around the CIS Security Controls.The course will cover an overview of each control, map the controls to the NIST Cybersecurity Framework, and students will gain hands-on practice through labs in this course.

Prerequisites

Students should be familiar with common IT and cybersecurity terminology. It is recommended that students have 1-2 years of experience working in the cybersecurity industry.