Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

Cybrary

CIS Top 20 Critical Security Controls

via Cybrary

Overview

These security controls can be combined with frameworks, like NIST SP 800-37 (The NIST Risk Management Framework-RMF) to provide organizations with defense-in-depth best practices.

This course may help prepare students for industry certifications around the CIS Security Controls.The course will cover an overview of each control, map the controls to the NIST Cybersecurity Framework, and students will gain hands-on practice through labs in this course.

Prerequisites

Students should be familiar with common IT and cybersecurity terminology. It is recommended that students have 1-2 years of experience working in the cybersecurity industry.

Course Goals

By the end of this course, students should be able to:

  • Understand what the 20 CIS security controls are
  • Understand how each control maps to the NIST Cybersecurity Framework

Syllabus

  • Introduction
    • Introduction
    • Introduction to the CIS Top 20 Critical Security Controls
  • Control 1: Inventory and Control of Hardware Assets
    • Overview of Control 1
    • Control 1 Mapping to the NIST Cybersecurity Framework
    • Run a Network Scan Using Nmap Lab Part 1
    • Run a Network Scan Using Nmap Lab Part 2
    • Run a Network Scan Using Nmap
  • Control 2: Inventory and Control of Software Assets
    • Overview of Control 2
    • Control 2 Mapping to the NIST Cybersecurity Framework
  • Control 3: Continuous Vulnerability Management
    • Overview of Control 3
    • Control 3 Mapping to the Cybersecurity Framework
  • Control 4: Controlled Use of Administrative Privileges
    • Overview of Control 4
    • Control 4 Mapping to the NIST Cybersecurity Framework
  • Control 5: Secure Configuration for Hardware and Software on Mobile Devices, Laptops, Workstations, and Servers
    • Overview of Control 5
    • Control 5 Mapping to the NIST Cybersecurity Framework
  • Control 6: Maintenance, Monitoring, and Analysis of Audit Logs
    • Overview of Control 6
    • Control 6 Mapping to the NIST Cybersecurity Framework
  • Control 7: Email and Web Browser Protections
    • Overview of Control 7
    • Control 7 Mapping to the NIST Cybersecurity Framework
  • Control 8: Malware Defenses
    • Overview of Control 8
    • Control 8 Mapping to the NIST CSF
    • Analyze and Classify Malware Lab
    • Analyze and Classify Malware
  • Control 9: Limitation and Control of Network Ports, Protocols, and Services
    • Overview of Control 9
    • Control 9 Mapping to the NIST Cybersecurity Framework
  • Control 10: Data Recovery Capabilities
    • Overview of Control 10
    • Control 10 Mapping to the NIST Cybersecurity Framework
    • Data Backup and Recovery Lab
    • Data Backup and Recovery
  • Control 11: Secure Configuration for Network Devices, Such as Firewalls, Routers, and Switches
    • Overview of Control 11
    • Control 11 Mapping to the Cybersecurity Framework
    • Firewall Setup and Configuration Lab
    • Firewall Setup and Configuration
  • Control 12: Boundary Defense
    • Overview of Control 12
    • Control 12 Mapping to the NIST Cybersecurity Framework
  • Control 13: Data Protection
    • Overview of Control 13
    • Control 13 Mapping to the NIST Cybersecurity Framework
  • Control 14: Controlled Access Based on the Need to Know
    • Overview of Control 14
    • Control 14 Mapping to the NIST Cybersecurity Framework
  • Control 15: Wireless Access Control
    • Overview of Control 15
    • Control 15 Mapping to the NIST Cybersecurity Framework
  • Control 16: Account Monitoring and Control
    • Overview of Control 16
    • Control 16 Mapping to the NIST Cybersecurity Framework
  • Control 17: Implement a Security Awareness and Training Program
    • Overview of Control 17
    • Control 17 Mapping to the NIST Cybersecurity Framework
  • Control 18: Application Software Security
    • Overview of Control 18
    • Control 18 Mapping to the NIST Cybersecurity Framework
  • Control 19: Incident Response and Management
    • Overview of Control 19
    • Control 19 Mapping to the NIST Cybersecurity Framework
    • Performing an Initial Attack Analysis Lab
    • Performing an Initial Attack Analysis
    • Performing Incident Response in a Windows Environment Lab
    • Performing Incident Response in a Windows Environment
  • Control 20: Penetration Tests and Red Team Exercises
    • Overview of Control 20
    • Control 20 Mapping to the NIST Cybersecurity Framework
  • What Small and Medium Enterprises (SME) Need to Know about the CIS Controls
    • What SME's Need to Know About CIS
  • Conclusion
    • Conclusion
  • Course Assessment
    • Course Assessment - CIS Top 20 Critical Security Controls

Taught by

Ken Underhill

Reviews

Start your review of CIS Top 20 Critical Security Controls

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.