Support

Elevate Your Expertise: Learn More, Save More, and Achieve More with Our Exclusive Training Deals!

Course Summary

The CIS Controls (formerly known as Critical Security Controls) are a recommended set of prioritized cyber defense best practices. They provide specific and actionable ways to protect against today’s most pervasive and dangerous attacks. provides CIS Controls v8 training, research, and certification. Version 8, released in May 2021, is a Change to the Entire Controls Ecosystem and provides backwards compatibility with previous versions and a migration path for users of prior versions to move to v8. Whether you use the CIS Controls or another control framework to guide your security improvement program, it is critical to understand that a controls list is simply a starting point. With the release of version 8, CIS added new tools and guides to the CIS controls ecosystem to help organizations:

Implement, track, measure, and assess controls.
Prioritize controls based on evolving threats.
Justify investment in CIS Controls implementation.
Implement CIS Controls best practices for mobile devices and applications.
Apply CIS Controls best practices to cloud environments.
Comply with multiple frameworks by providing a map of regulatory frameworks

v8 Access Control Management
The candidate will be familiar with processes and tools used create, assign, manage, and revoke access credentials and privileges for user, administrator, and service accounts for enterprise assets and software.
v8 Account Management
The candidate will be familiar with processes and tools used to assign and manage authorization to credentials for accounts to enterprise assets and software.
v8 Application Software Security
The candidate will be familiar with the processes and tools to manage the security life cycle of in-house developed, hosted, or acquired software to prevent, detect, and remediate security weaknesses before they can impact the enterprise.
v8 Audit Log Management
The candidate will be familiar with the processes and tools used to collect, alert, review, and retain audit logs to help detect, understand, and recover from an attack.
v8 Background on CIS Controls, Standards, and Governance
The candidate will be familiar with the background, history, and purpose of the CIS Controls, notable Security Standards, and Security Program Governance. The GIAC Critical Controls Certification exam is aligned with the current release, CIS Controls V8.0.
v8 Continuous Vulnerability Management
The candidate will be familiar with the processes and tools used to continuously assess, track vulnerabilities on all enterprise assets, and remediate them, and to monitor sources for new threat and vulnerability information.
v8 Data Protection
The candidate will be familiar with the processes and technical controls to identify, classify, securely handle, retain, and dispose of data.
v8 Data Recovery
The candidate will be familiar with processes and tools used to establish and maintain data recovery practices to restore in-scope enterprise assets to a pre-incident and trusted state.
v8 Email and Web Browser Protections
The candidate will be familiar with the processes and tools used to defend email and web based internet traffic from threats intending to manipulate human behavior through direct engagement.
v8 Incident Response Management
The candidate will be familiar with process and tools to establish a program to develop and maintain an incident response capability to prepare, detect, and quickly respond to an attack.
v8 Inventory and Control of Enterprise Assets
The candidate will be familiar with the processes and tools used to actively account for and manage the inventory of enterprise assets and all associated data throughout their life cycles.
v8 Inventory and Control of Software Assets
The candidate will be familiar with the processes and tools used to actively manage all software on the network so that only authorized software is installed and can execute, and that unauthorized and unmanaged software is found and prevented from installation or execution.
v8 Malware Defenses
The candidate will be familiar with the processes and tools used to prevent or control the installation, spread, and execution of malicious applications on enterprise assets.
v8 Network Infrastructure Management
The candidate will be familiar with processes and tools used to establish, implement, and actively manage network devices, in order to prevent attackers from exploiting vulnerable network services and access points.
v8 Network Monitoring and Defense
The candidate will be familiar with the processes and tools that establish and maintain comprehensive network monitoring and defense against security threats across the enterprise’s network infrastructure and user base.
v8 Penetration Testing
The candidate will be familiar with process and tools used to test the effectiveness and resiliency of enterprise assets through identifying and exploiting weaknesses in controls, and simulating the objectives and actions of an attacker.
v8 Secure Configuration of Enterprise Assets and Software
The candidate will be familiar with the processes and tools to establish and maintain the secure configuration of enterprise assets and software.
v8 Security Awareness and Skills Training
The candidate will be familiar with processes to establish and maintain a security awareness program to increase the workforce’s security consciousness and skills in order to reduce cybersecurity risks to the enterprise.
v8 Service Provider Management
The candidate will be familiar with processes to evaluate service providers who hold sensitive data, or are responsible for an enterprise’s critical IT platforms or processes, to ensure these providers are protecting those platforms and data appropriately.

There are currently no prerequisites for this course. However SEC275: Foundations - Computers, Technology and Security or SEC301: Introduction to Cyber Security would be the recommended starting point.

proctored exam 75 questions 2 hours Minimum passing score of 71%

Following your booking, a confirmation message will be sent to all participants, ensuring you're well-informed of your successful enrollment. Calendar placeholders will also be dispatched to assist you in scheduling your commitments around the course. Rest assured, all course materials and access to necessary labs or platforms will be provided no later than one week before the course begins, allowing you ample time to prepare and engage fully with the learning experience ahead.

Our comprehensive training package includes all the necessary materials and resources to facilitate a full learning experience. Enrollees will be provided with detailed course content, encompassing a wide array of topics to ensure a thorough understanding of the subject matter. Additionally, participants will receive a certificate of completion to recognize their dedication and hard work. It's important to note that while the course fee covers all training materials and experiences, the examination fee for certification is not included but can be purchased separately.
Send as a Prefilled Cart
Request Custom Delivery

Questions About This Course?







    Other Popular Courses

    Next Generation Mindfulness
    • Duration: 1 Days
    • Language: English
    • Level: Foundation
    • Exam: NGM
    Select options This product has multiple variants. The options may be chosen on the product page
    See Price
    Dates & Details
    Nutanix Multicloud Infrastructure Design (NMC...
    • Duration: 1 Days
    • Language: English
    • Level: Advanced
    • Exam: Nutanix Certifi
    Select options This product has multiple variants. The options may be chosen on the product page
    See Price
    Dates & Details
    CertNexus: CyberSec First Responder (CFR)
    • Duration: 5 Days
    • Language: English
    • Level: Advanced
    • Exam: CFR-410
    Select options This product has multiple variants. The options may be chosen on the product page
    See Price
    Dates & Details