SEC440: OnDemand

Provided by

Enquire about this course

What You Will Learn

Introduction to Critical Security Controls

Cybersecurity attacks are increasing and evolving so rapidly that it is more difficult than ever to prevent and defend against them. Does your organization have an effective method in place to detect, thwart, and monitor external and internal threats to prevent security breaches? Does your organization need an on-ramp to implementing a prioritized list of technical protections?

In February of 2016, then California Attorney General, Vice President Kamala Harris recommended that "The 20 controls in the Center for Internet Security's Critical Security Controls identify a minimum level of information security that all organizations that collect or maintain personal information should meet. The failure to implement all the Controls that apply to an organization's environment constitutes a lack of reasonable security."

SANS has designed SEC440 as an introduction to the CIS Critical Controls, in order to provide students with an understanding of the underpinnings of a prioritized, risk-based approach to security. The technical and procedural controls explained in the CIS Controls were proposed, debated and consolidated by various private and public sector experts from around the world. Previous versions of the CIS Controls were prioritized with the first six CIS Critical Controls labeled as "cyber hygiene" and now the CIS Controls are now organized into Implementation Groups for prioritization purposes.

The Controls are an effective security framework because they are based on actual attacks launched regularly against networks. Priority is given to Controls that (1) mitigate known attacks (2) address a wide variety of attacks, and (3) identify and stop attackers early in the compromise cycle.

The course introduces security and compliance professionals to approaches for implementing the controls in an existing network through cost-effective automation. For auditors, CIOs, and risk officers, the course is the best way to understand how you will measure whether the Controls are effectively implemented.

This Course Will Prepare You to:
  • Understand a security framework and its controls based on recent and evolving threats facing organizations
  • Prepare you to interpret a security framework based on data from publicly known attacks, breach reports, and large scare data analytics from the Verizon Data Breach Investigation Report (DBIR), along with data from the Multi-State Information Sharing and Analysis Center (R) (MS-ISAC(R)).
  • Understand the importance of each control, how it is compromised if ignored, and explain the defensive goals accomplished with each control
  • Identify tools that implement controls through automation
  • Learn how to create a scoring tool for measuring the effectiveness of each controls the effectiveness of each control
  • Identify specific metrics to establish a baseline and measure the effectiveness of security controls
  • The CIS released version 8 of the Controls in May 2021. This course content is updated to reflect the changes in the CIS Critical Controls.
  • Please note SEC440 does not contain any labs. Students looking for hands-on labs involving the Critical Controls should take SEC566: Implementing and Auditing CIS Critical Controls.
  • The CIS Controls are listed below. You will find the full document describing them in detail posted at the Center for Internet Security.
  • Take your learning beyond the classroom. Explore the SANS Cybersecurity Leadership curriculum site for additional resources related to this course's subject matter.
  • CIS Control #1: Inventory and Control of Enterprise Assets
  • CIS Control #2: Inventory and Control of Software Assets
  • CIS Control #3: Data Protection
  • CIS Control #4: Secure Configuration of Enterprise Assets and Software
  • CIS Control #5: Account Management
  • CIS Control #6: Access Control Management
  • CIS Control #7: Continuous Vulnerability Management
  • CIS Control #8: Audit Log Management
  • CIS Control #9: Email and Web Browser Protections
  • CIS Control #10: Malware Defenses
  • CIS Control #11: Data Recovery
  • CIS Control #12: Network Infrastructure Management
  • CIS Control #13: Network Monitoring and Defense
  • CIS Control #14: Security Awareness and Skills Training
  • CIS Control #15: Service Provider Management
  • CIS Control #16: Application Software Security
  • CIS Control #17: Incident Response Management
  • CIS Control #18: Penetration Testing
  • MP3 audio files of the complete course lecture
  • Printed and Electronic Courseware
  • SEC566: Implementing and Auditing the CIS Critical Controls
  • MGT516: Managing Security Vulnerabilities: Enterprise and Cloud
  • MGT551: Building and Leading Security Operations Centers


Start date Location / delivery
No fixed date Virtual Book now

Related article

At GIAC, we believe that hands-on testing is the future of cybersecurity certification. With five certification exams featuring CyberLive , and thr...