Actions Panel
Registrations are closed
Registration has ended. Please check http://us-cert.cisa.gov/ics/Calendar for additional courses.
401V ICS Analysis and Evaluation - May 3, 2021
The 401V course provides training on analyzing and evaluating an Industrial Control Systems (ICS) network.
Date and time
Location
About this event
Completion of 301/301V is NOT a prerequisite for this course.
The purpose of the course is to provide hands-on training analyzing, evaluating, and documenting the cybersecurity posture of an ICS system for internal and/or external recommended changes. Specifically, this course will utilize a repeatable process within a simulated ICS environment to analyze cybersecurity weaknesses and threats, evaluate and map findings, and document potential mitigations. Trainees will leave with a template that can be used for evaluations at their workplace.
The online course consists of pre-recorded videos and hands-on activities compiled into sessions by our instructional staff:
- Analysis and Evaluation Overview
- Step 1 – Analyze Business Purpose
- Step 2 – Identify Assets
- Step 3 – Determine ICS Connectivity
- Step 4 – Determine ICS Dependencies
- Step 5 – Assess Risk to Business
- Step 6 – Determine Critical Risk
- Step 7 – Recommend Actions
- Step 8 – Monitor and Reassess
- Optional: Final Evaluation
- Optional: CSET
Plan on dedicating around 15-20 hours over the two-week period to complete the online course. Hands-on activities may be additional time. Participants can go through the sessions at their own pace during the week, but the sessions must be completed in order. In other words, each session must be completed before the next session will be available for viewing. Hands-on activities using NetLab can be completed at any time. All videos and hands-on activities must be completed by the closing date. If you do not or cannot complete the course in the allotted time frame, you may register for the next available 401 course to finish the videos and hands-on labs.
A certificate of completion and CEUs will be offered to those who complete all sessions of the course within the week.
If at any time you have questions or input for the course, please email icstraining@inl.gov.
Who Should attend:
Individuals who are responsible for evaluating or influencing the cyber security posture of critical infrastructure. This could include any of a number of specific roles and responsibilities such as cyber security management, risk management personnel, IT and control system (OT) security personnel, network engineers, OT engineers and managers. This class is geared towards small to medium sized companies with no OT risk management personnel but personnel from large business are welcome also.