FITSP - Designer

Module 1: FITSP-Designer

   Objectives, Expectations, and Introductions

   Security Certifications Exams

   FITSP-Designer Courseware Logistics

Module 2: Government Laws and Regulations

   Statutory and Regulatory Requirements

   Office of Management and Budget (OMB)

   Department of Homeland Security (DHS)

   NIST – National Institute of Standards and Technologies

Module 3.1: Risk Management Framework

   Federal Systems Design

   SP 800-37R1: Guide for Applying the Risk Management Framework to Federal Information Systems

   Risk Management Framework (RMF)

   Roles and Responsibilities

   Steps in the RMF Process

   Security Categorization

   Categorizing Privacy Information

   Documentation

   Security Control Baseline

   SP 800-53 Fundamentals

   SP 800-53 Selecting Security Controls

   Implementing Controls

   Planning for Assessments

   Assessment Foundation

   Conducting and Reporting

   Authorization Tasks

   Authorization Elements

Module 3.2: Information System Continuous Monitoring (ISCM)

   RMF Step 6: Monitor Security Controls

   CM Guidelines

   Automation

   CM Implementation

Module 4: NIST Special Publications

   Special Publications

   SP 800-14: Generally Accepted Principles and Practices for Securing Information Technology Systems

   SP 800-18, Rev. 1: Guide for Developing Security Plans for Federal Information Systems

   SP 800-27, Rev. A: Engineering Principles for Information Technology Security

   SP 800-30, Rev. 1: Guide for Conducting Risk Assessments

   SP 800-34: Contingency Planning Guide for Federal Information Systems

   SP 800-37, Rev. 1: Guide for Applying the Risk Management Framework to Federal Information Systems

   SP 800-39: Managing Information Security Risk

   SP 800-40, Rev. 3: Guide to Enterprise Patch Management Technologies

   SP 800-41, Rev. 1: Guidelines on Firewalls and Firewall Policy

   SP 800-45, V. 2: Guidelines on Electronic Mail Security

   SP 800-47: Security Guide for Interconnecting Information Technology Systems

   SP 800-50: Building an Information Technology Security Awareness Training Program

   SP 800-53, Rev. 4:  Security and Privacy Controls for Federal Information Systems and Organizations

   SP 800-55, Rev. 1: Performance Measurement Guide for Information Security

   SP 800-59: Guideline for Identifying an Information System as a National Security System

   SP 800-60: Guide for Mapping Types of Information and Information Systems to Security Categories

   SP 800-61, Rev. 2: Computer Security Incident Handling Guide 

   SP 800-64, Rev. 2: Security Consideration in the System Development Life Cycle

   SP 800-65: Integrating IT Security into the Capital Planning and Investment Control Process

   SP 800-66, Rev. 1: An Introductory Resource Guide for Implementing Health Insurance Portability and Accountability Act (HIPAA) Security Rule

   SP 800-70, Rev. 2: National Checklist Program for IT Products: Guidelines for Checklist Users and Developers

   SP 800-83: Guide to Malware Incident Prevention and Handling for Desktops and Laptops

   SP 800 88, Rev. 1: Guidelines for Media Sanitization

   SP 800-92: Guide to Computer Security Log Management

   SP 800-94: Guide to Intrusion Detection and Prevention Systems (IDPS)

   SP 800-100: Information Security Handbook: A Guide for Managers

   SP 800-115: Technical Guide to Information Security Testing and Assessment

   SP 800-122: Guide to Protecting the Confidentiality of Personally Identifiable Information (PII)

   SP 800-128: Guide for Security-Focused Configuration Management of Information Systems

   SP 800-137: Information Security Continuous Monitoring for Federal Information Systems and Organizations

   SP 800-144: Guidelines on Security and Privacy in Public Cloud Computing

Module 5: Federal Information Processing Standards (FIPS)

   NIST Federal Information Processing Standards (FIPS) Overview

   FIPS Standards Defined

   FIPS 140-2: Security Requirements for Cryptographic Modules

   FIPS 180-4:  Secure Hash Standard

   FIPS 181: Automated Password Generator

   FIPS 186-2: Digital Signature Standard

   FIPS 190: Guideline for the Use of Advanced Authentication Technology Alternatives

   FIPS 191: Guideline for the Analysis of Local Area Network Security

   FIPS 198-1: The Key-Hash Message Authentication Code

   FIPS 197: Advanced Encryption Standard

   FIPS 199: Standards for Security Categorization of Federal Information and Information Systems

   FIPS 200: Minimum Security Requirements for Federal Information and Information Systems

   FIPS 201: Personal Identity Verification (PIV) of Federal Employees and Contractors

Module 6.1: NIST Control Families—Management

   Security Architectures

   Planning Family and Family Plans (PL)

   Media Protection (MP)

   Program Management (PM)

   Risk Assessment (RA)

   System and Services Acquisition (SA)

   Physical and Environmental Protection

   Security

   Personnel Security

Module 6.2: Security Control Families—Operational

   Awareness and Training (AT)

   Configuration Management (CM)

   Contingency Planning (CP)

   Incident Response (IR)

   System Maintenance (MA)

   Media Protection (MP)

   Personnel Security (PS)

   Physical and Environmental Protection (PE)

   Systems Integrity (SI)

Module 6.3: Security Control Families—Technical

   Access Control (AC)

   Audit and Accountability (AU)

   Identification and Authentication (IA)

   System and Communications Protection (SC)

Module 7: NIST Interagency Reports

   NIST Interagency Reports



The purpose of the FITSI certification program is to validate the skills of IT security professionals against NIST standards and documentation. The FITSP-Designer certification is designed to demonstrate that Federal workforce personnel, both Federal employees and contractors, whose role is primarily focused on the design and development of systems owned by, or operated on behalf of, the Federal government of the United States.

FITSP - Designer

  • Product Code: FDES-R10-
  • Availability: In Stock
  • $115.00

Build Your Solution

Tags: federal, government, designer, security, IT, FITSP, NIST, framework, developer, ISSE, engineer, information, system