Course

Risk and Vulnerability Assessment (RVA) Training

Format
Document
Delivery
Live
Location type
Virtual/Online
Related topics:
Cybersecurity Best Practices

Description

Assessment

Risk and Vulnerability Assessment (RVA)

Purpose

Collect data through on-site assessments, then combine with national threat and vulnerability information to provide an organization with actionable remediation recommendations prioritized by risk

 

Course Overview
  • Part of a U.S. Cybersecurity and Infrastructure Security Agency (CISA) initiative intended to lead the National effort to understand and manage cyber and physical risk to our critical infrastructure
  • Assesses organizations’ alignment with information security laws, regulations, policies, and standards by conducting collaborative and independent operational testing and assessments
  • Provides customer organizations with an understanding of their operational cybersecurity risk and posture, and provides DHS with vital situational awareness
  • Delivers the RVA Assessment Final Report

Role

Operator

Course Length

5 Days

Course Mode

Instructor Led, Virtual

Course Agenda
  • Day 1 – Background, RVA roles, methodology (planning, execution)
  • Day 2 – Methodology (post-assessment)
  • Day 3 – Team capstone exercise introduction
  • Day 4 – Team capstone exercise
  • Day 5 – Capstone out brief presentation and final report

 

Prerequisites

Operator Candidates should be mid to senior level penetration testers. This course does not teach basic penetration testing and students should come to the class with experience testing applications, networks, and cloud environments. At least one industry recognized penetration testing certification is recommended.

Contact

If you encounter any issues you may contact AESTraining@hq.dhs.gov for assistance.

Tags

Audience: Federal Government, Industry, Small and Medium Businesses, State, Local, Tribal, and Territorial Government
Topics: Cybersecurity Best Practices

Related Training