Module 1: FITSP-Manager
Objectives, Expectations, and Introductions
Security Certifications Exams
FITSP-Manager Courseware Logistics
Module 2: Government Laws and Regulations
Statutory and Regulatory Requirements
Office of Management and Budget (OMB)
Department of Homeland Security (DHS)
NIST – National Institute of Standards and Technologies
Module 3: Risk Management Framework
SP 800-37R1: Guide for Applying the Risk Management Framework to Federal Information Systems
Risk Management Framework (RMF)
Roles and Responsibilities
Steps in the RMF Process
Module 4: Information System Continuous Monitoring (ISCM)
RMF Step 6: Monitor Security Controls
CM Guidelines
Automation
CM Implementation
Module 5: Federal Information Processing Standards (FIPS)
NIST Federal Information Processing Standards (FIPS) Overview
FIPS Standards Defined
FIPS 140-2: Security Requirements for Cryptographic Modules
FIPS 180-4: Secure Hash Standard
FIPS 181: Automated Password Generator
FIPS 186-2: Digital Signature Standard
FIPS 190: Guideline for the Use of Advanced Authentication Technology Alternatives
FIPS 191: Guideline for the Analysis of Local Area Network Security
FIPS 198-1: The Key-Hash Message Authentication Code
FIPS 197: Advanced Encryption Standard
FIPS 199: Standards for Security Categorization of Federal Information and Information Systems
FIPS 200: Minimum Security Requirements for Federal Information and Information Systems
FIPS 201: Personal Identity Verification (PIV) of Federal Employees and Contractors
Module 6.1: NIST Control Families—Management
Security Architectures
Planning Family and Family Plans (PL)
Media Protection (MP)
Program Management (PM)
Risk Assessment (RA)
System and Services Acquisition (SA)
Physical and Environmental Protection
Security
Personnel Security
Module 6.2: Security Control Families—Operational
Awareness and Training (AT)
Configuration Management (CM)
Contingency Planning (CP)
Incident Response (IR)
System Maintenance (MA)
Media Protection (MP)
Personnel Security (PS)
Physical and Environmental Protection (PE)
Systems Integrity (SI)
Module 6.3: Security Control Families—Technical
Access Control (AC)
Audit and Accountability (AU)
Identification and Authentication (IA)
System and Communications Protection (SC)
Module 7: NIST Interagency Reports
NIST Interagency Reports
IR 7206 – Smart Cards and Mobile Device Authentication: An Overview and Implementation
FULLY UPDATED!
The purpose of the FITSI certification program is to validate the skills of IT security professionals against NIST standards and documentation. The certification allows the individual to demonstrate their knowledge of IT standards set by NIST publications and thus making a minimum of competency easily identifiable to those in the industry. The FITSP-Manager certification is intended for Federal workforce personnel, both Federal employees and contractors, whose role is primarily focused on the management and oversight of systems owned by, or operated on behalf of, the Federal government of the United States.