Module 1: FITSP-Operator
Objectives, Expectations, and Introductions
Security Certifications Exams
FITSP-Operator Courseware Logistics
Module 2: Government Laws and Regulations
Acts of Congress
Office of Management and Budget (OMB)
Department of Homeland Security (DHS) Presidential Directives
Executive Orders
Federal Audit Standards
Module 3: Risk Management Framework
SP 800-37R1: Guide for Applying the Risk Management Framework to Federal Information Systems
Risk Management Framework (RMF)
Roles and Responsibilities
Steps in the RMF Process
Module 4: NIST Special Publications
IT Security Topic Areas Special Publications
Role-Based Special Publications (per operate role identified in NIST SP 800-16R1)
Additional Special Publications
Module 5: Federal Information Processing Standards (FIPS)
NIST Federal Information Processing Standards (FIPS) Overview
FIPS Standards Defined
Check/Review
Module 6.1: NIST Control Families—Management
Security Architectures
Planning Family and Family Plans (PL)
Media Protection (MP)
Program Management (PM)
Risk Assessment (RA)
System and Services Acquisition (SA)
Physical and Environmental Protection
Security
Personnel Security
Module 6.2: Security Control Families—Operational
Awareness and Training (AT)
Configuration Management (CM)
Contingency Planning (CP)
Incident Response (IR)
System Maintenance (MA)
Media Protection (MP)
Personnel Security (PS)
Physical and Environmental Protection (PE)
Systems Integrity (SI)
Module 6.3: Security Control Families—Technical
Access Control (AC)
Audit and Accountability (AU)
Identification and Authentication (IA)
System and Communications Protection (SC)
Module 7: NIST Interagency and Internal Reports
NIST Interagency Reports
The purpose of the FITSI certification program is to validate the skills of IT security professionals against NIST standards and documentation. The FITSP-Operator certification is intended for Federal workforce personnel, both Federal employees and contractors, whose role is primarily focused on the implementation and operations of systems owned by, or operated on behalf of, the Federal government of the United States.
To request the PowerPoints for this course, please e-mail sales@30bird.com.