Free Course

NIST 800-171 Controlled Unclassified Information Course

time1.5 Hours
ceu2 CEU/CPE
Kelly Handerhans profile image
PMP, CISSP, CASP, CEH - Professional Trainer, Top 100 Trainers World-Wide

NIST 800-171 Controlled Unclassified Information Course
Course Intro
The Cybrary NIST 800-171 course covers the 14 domains of safeguarding controlled unclassified information in non-federal agencies. Basic and derived requirements are presented for each security domain as defined in the NIST 800-171 special publication.
Module 1 - Intro
Module 2 - The Requirements
Module 3 - Access Control
Module 4 - Awareness & Training
Module 5 - Audit & Accountability
Module 6 - Configuration Management
Module 7 - Identification & Authentication
Module 8 - Incident Response
Module 9 - Maintenance
Module 10 - Media Protection
Module 11 - Personnel Protection
Module 12 - Physical Protection
Module 13 - Risk Assessment
Module 14 - Security Assessment
Module 15 Systems & Communications Protection
Module 16 - Systems & Information Integrity
Module 17 - Review & Conclusion
Course Description

In this course, Cybrary’s Kelly Handerhan takes us through the fourteen families of classifications for controlled, unclassified information as defined in the NIST 800-171 standard. This standard, issued by the National Institute of Standards and Technology (NIST), governs the handling of unclassified yet sensitive information on systems in non-federal agencies. It is part of an initiative to reduce the number of unclassified information categories such as “For Official Use Only” (FOUO) and “Sensitive But Unclassified” (SBU). It’s important to keep in mind that just because certain information is unclassified doesn’t mean that it should be freely available to anyone wishing access. It’s still vital that security controls are in place to safeguard such information when it is outside federal infrastructure.

The audience for standard NIST 800-171 is developers involved in the Software Development Life Cycle (SDLC), project managers, those that procure and outsource equipment and services, risk management personnel, and anyone else in an organization that handles controlled, unclassified information (CUI). The fourteen families of classification, also known as “domains” cover the essential security controls governing the safeguarding of CUI. These controls are the very same ones that you’d encounter in other security-focused certification courses such as Security+.

Each domain has a set of requirements known as the “Basic” set. This basic set defines the ultimate goals of the domain. The other set of requirements is known as the “Derived” set and consists of the means to implement the goals set forth in the basic set. As an example, the basic set of requirements for the “Awareness and Training” domain specifies that all users of CUI systems are made aware of the risks and policies regarding the protection of CUI.

The implementation of the goals set forth in the basic requirements is specified in the derived requirements. In the case of “Awareness and Training” the derived requirements specify the need for security awareness training for users along with surveillance to monitor any security breaches directed against CUI. Kelly points out that though all domains have a basic set of requirements, two of them don’t have a corresponding set of derived requirements. Each module in this course discusses a specific domain and its corresponding requirements, both basic and derived, as set forth in the NIST 800-171 publication.

Complete this course and earn a NIST 800-171 Controlled Unclassified Information Course Certificate of Completion
Complete this course and add the NIST 800-171 Controlled Unclassified Information Course course badge to your profile

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play

Support Cybrary

Donate Here to Get This Month's Donor Badge

Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?