Course Description:
Learn about Phishing - Did you know? Phishing scams can be hiding in plain sight.
Course Objectives:
Learners should demonstrate the ability to identify a phishing attack.
Category |
OVERSEE |
OPERATE |
INVESTIGATE |
COLLECT |
ANALYZE |
SECURELY |
PROTECT |
Role ID |
711, 712, 722, 723, 731, 732, 751, 752, 804 |
411, 421, 422, 431, 441, 451, 461 |
211, 212, 221 |
311, 312, 321, 331, 332, 333 |
111, 112, 131,132, 133, 141, 151 |
611, 612, 631, 632, 641, 651, 652, 666, 671 |
511, 521, 531, 541 |
test description
Course Description:
One of the greatest cybersecurity risks to CMS are “phishing” attacks. The term phishing describes email that appears to be trustworthy but is fraudulent, designed to compromise CMS information and systems. To reduce this critical risk, OIT/ISPG is providing
specialized training. Focused on strengthening CMS cybersecurity, the training will cover phishing risks, techniques to detect phishing emails, and methods to avoid and/or report suspicious emails.
Course Objectives:
The goal is to understand phishing and its threats, causes, etc. Learners should know the techniques to detect phishing emails and ways to avoid or report suspicious emails without compromising important data
Category |
OVERSEE |
OPERATE |
INVESTIGATE |
COLLECT |
ANALYZE |
SECURELY |
PROTECT |
Role ID |
711, 712, 722, 723, 731, 732, 751, 752, 801, 802, 803, 804, 805, 901 |
|
|
|
|
|
511, 521, 531, 541 |
Note: The Role IDs listed above are helpful guides; the course may cover additional roles.
Course Description:
Watch this fun video and learn about the foundations of risk management, including threat, impact, likelihood and vulnerabilities. Approximately 5 minutes.
Course Objectives:
Students should understand the basics of risk management such as threats, areas of vulnerability, etc.
Category |
OVERSEE |
OPERATE |
INVESTIGATE |
COLLECT |
ANALYZE |
SECURELY |
PROTECT |
Role ID |
722, 723 |
421, 422, 431, 441, 451, 461 |
332 |
121 |
611, 651, 652 |
511, 521, 531, 541 |
722, 723 |
Note: The Role IDs listed above are helpful guides; the course may cover additional roles.
Target Audience:
Need to Know audiences vary by training topic. The target audience is identified with each Need to Know training offering. The Need to Know training series provides just-in-time training on a variety of current topics when it is needed. Need to Know training is relevant learning customized for busy CMS personnel that is easy to understand and delivered in an online quick-read format.
Course Description:
DevSecOps is the integration of information system security into development and operations. It provides continuous visibility into a system’s security posture to prevent vulnerable applications from reaching production and delivers streamlined operations
with simplified security reviews. This Spotlight introduces this methodology and enables participants to assess their system's readiness for DevSecOps
Course Objectives:
Learners should be able to know the components of DevSecOps, understand the benefits available, and evaluate whether or not your system is a suitable candidate for DevSecOps through the specialized check list
Category |
OVERSEE |
OPERATE |
INVESTIGATE |
COLLECT |
ANALYZE |
SECURELY |
PROTECT |
Role ID |
722, 723, 731, 901 |
422, 441, 451, 461 |
212 |
311, 312, 331, 332, 333 |
111, 141 |
611, 612, 622, 632, 651, 661 |
531 |
Note: The Role IDs listed above are helpful guides; the course may cover additional roles.
Course Description:
How Hackers Hack and How to Protect Yourself.
Approximately 13 minutes.
Course Objectives:
Learners should understand social engineering and be able to identify and comprehend other cyber attacks that target personnel, as well as to find the best methods to safeguard beneficiary data
Category |
OVERSEE |
OPERATE |
INVESTIGATE |
COLLECT |
ANALYZE |
SECURELY |
PROTECT |
Role ID |
711, 712, 722, 723, 731, 732 |
411, 421, 422, 441 |
212 |
321 |
511, 521, 531, 541 |
711, 712, 722, 723, 731, 732 |
411, 421, 422, 441 |
Note: The Role IDs listed above are helpful guides; the course may cover additional roles.
Course Description:
This training is an introductory course on contingency planning focusing on Continuity of Operations Plans (COOP), Business Impact Analysis (BIA), Disaster Recovery Plans (DRP), and Information System Contingency Plans (ISCP).
Course Objectives:
Learners should be able to understand the functionalities of COOP, BIA, DRP, and ISCP successfully.
Category |
OVERSEE |
OPERATE |
INVESTIGATE |
COLLECT |
ANALYZE |
SECURELY |
PROTECT |
Role ID |
711, 712, 722, 723, 731, 732, 751, 752, 801, 802, 803, 804, 805, 901 |
|
|
|
|
|
511, 521, 531, 541 |
Note: The Role IDs listed above are helpful guides; the course may cover additional roles.
Course Description:
This is a two-day course designed to train new users on the NIST RISK Management Framework (RMF) and how the CMS FISMA Continuous Tracking System (CFACTS) maps to the RMF steps. The CFACTS tool stores and organizes information essential to your system’s secure operation. Common tasks covered in class include:
• RMF Steps
• Roles and responsibilities
• Security assessment remediation Plan of Action Milestones
• Privacy Impact Assessments (PIA)
• Information Security Risk Assessment (ISRA)
• Authorization to Operate (ATO) packages to request for certification of the FISMA system.
Course Objectives:
Key course lessons require the understanding of the navigation tool of CFACTS; what, where, and when to enter your system’s information; and tips for completing common security and privacy documentation.
Category |
OVERSEE |
OPERATE |
INVESTIGATE |
COLLECT |
ANALYZE |
SECURELY |
PROTECT |
Role ID |
711, 712, 722, 723, 731, 732, 751, 752, 804 |
411, 421, 422, 431, 441, 451, 461 |
211, 212, 221 |
311, 312, 321, 331, 332, 333 |
111, 121, 112, 131, 132, 141, 151 |
611, 612, 631, 632, 641, 651, 652, 666, 671 |
511, 521, 531, 541 |
Note: The Role IDs listed above are helpful guides; the course may cover additional roles.