Вы находитесь на странице: 1из 18

Critical Infrastructure Protection (CIP)

NERC Training
https://www.tonex.com/training-courses/critical-infrastructure-protection-cip-nerc-training/
Critical Infrastructure Protection (CIP) NERC Training

Critical Infrastructure Protection (CIP) NERC training course


will show you the CIP models created by Federal Energy
Regulatory Commission (FERC) and North American Electric
Reliability Corporation (NERC) and will help you to
comprehend the prerequisites for staff and training, physical
security of Bulk Electric Systems (BES) cybersecurity and data
protection.

JOIN TONEX EVENT

https://www.tonex.com/training-courses/critical-infrastructure-protection-cip-nerc-training/
Critical Infrastructure Protection (CIP) NERC Training

NERC is resolved to secure the BES against cybersecurity


bargains prompting insecurity. Another change started in
2014 so as to move from CIP adaptation 3 benchmarks to CIP
variant 5. The objective is to enhance the specialized security
prerequisites for BES and desires for consistence and
requirement.

In this way, TONEX as a pioneer in showing industry with over


15 years of involvement in giving classes, workshops and
hands on training and in addition exhaustive training courses
is satisfied to offer an itemized training for Critical
Infrastructure Protection (CIP) training in light of NERC
standard.

This training depends on protection of transient electronic


gadgets utilized at low-affect mass electric framework digital
frameworks, protection of correspondence organize
segments between control focuses and low-affect outer
routable network benchmarks.
JOIN TONEX EVENT

https://www.tonex.com/training-courses/critical-infrastructure-protection-cip-nerc-training/
Critical Infrastructure Protection (CIP) NERC Training

Educators at TONEX will show you the CIP remote access


control appraisal, chance distinguishing proof identified with
remote access related dangers, defenselessness evaluation
and relief control for vulnerabilities through critical
infrastructure protection (CIP) NERC training.

Find out about basic changes and usage gets ready for
adjusted configuration of CIP, resource ID, digital resource
classes, brilliant line criteria, affect level assurance and
resource arrangement.

Find out about correspondence related prerequisites,


electronic security borders, intuitive remote access, physical
protection of specialized gadgets, organize components and
transient gadgets.

Critical Infrastructure Protection (CIP) NERC likewise covers


the principle necessities for design change administration
and helplessness appraisal to guarantee the compelling
change control besides, episode reaction and debacle JOIN TONEX EVENT
recuperation design will be acquainted with distinguish,
order, convey and deal with the parts and duties on the off
chance that occurrence happens.

https://www.tonex.com/training-courses/critical-infrastructure-protection-cip-nerc-training/
Critical Infrastructure Protection (CIP) NERC Training

This course also offers a set of real-world case studies, hands


on experiments and class discussions in order to give you a
clear idea about CIP, and makes you prepared for challenges in
your organization.

Audience

•Critical Infrastructure Protection (CIP) NERC training is a 2-


day course designed for:
•IT and ICS cybersecurity personnel
•Field support personnel and security operators
•Auditors, vendors and team leaders
•All individuals who need to understand the Critical
Infrastructure Protection (CIP) NERC concepts
•Electric utility engineers working in electric industry security
•System personnel worried about NERC standard for system
security
•System operators and individuals in electric utility
organizations
•Independent system operator personnel working with utility JOIN TONEX EVENT
companies
•Electric utility personnel who recently started career involved
with Critical Infrastructure Protection (CIP) NERC standards.

https://www.tonex.com/training-courses/critical-infrastructure-protection-cip-nerc-training/
Critical Infrastructure Protection (CIP) NERC Training

Training Objectives

•Upon completion of Critical Infrastructure Protection (CIP)


NERC training course, the attendees are able to:
•Understand the new terms and revised definitions of CIP
NERC standard
•Learn about Cyber asset categories
•Apply gap analysis with new standards applications
•Recognize the role FERC and NERC on CIP
•Determine the requirements to implement strategies for
CIP
•Apply CIP requirements to balance cybersecurity benefits
and regulatory compliances
•Understand how the electric sector regulatory structure fit
into the reliability standards
•Explore BES cyber asset identification to protect grids
•Learn about common physical controls and monitoring
schemes in CIP
•Understand the system security management
requirements and compliance challenges JOIN TONEX EVENT
•Apply vulnerability assessment for ensuring the stable
operation of system

https://www.tonex.com/training-courses/critical-infrastructure-protection-cip-nerc-training/
Critical Infrastructure Protection (CIP) NERC Training

Training Outline

Critical Infrastructure Protection (CIP) NERC training course


consists of the following lessons, which can be revised and
tailored to the client’s need:

Introduction to CIP

•Scope of Critical Infrastructure (CI) and Critical Infrastructure


Protection (CIP)
•CIP Concepts and Principles
•CI Information and Information Sharing
•CI Stakeholders and Sectors
•CIP Risk Management Model
•CIP Challenges
•CIP and Business Continuity Planning
•CIP in Asset Protection Organization

JOIN TONEX EVENT

https://www.tonex.com/training-courses/critical-infrastructure-protection-cip-nerc-training/
Critical Infrastructure Protection (CIP) NERC Training

Threat Assessment and Vulnerability Assessment

•Hazards Approach to CIP


•Threat Assessment Methodologies
•Threat Sources
•Threat Level and CI Design
•Threat, Vulnerability and Risk
•Vulnerability Assessment Introduction
•Attributes of Vulnerability
•Vulnerability Assessment Methodologies

Review of NERC CIP Program

•History and Background of NERC


•Reliability Standards of NERC
•CIP Background
•CIP-001
•CIP-002: Identification and Documentation of Critical Cyber
Assets
•CIP-003: Security Management Control JOIN TONEX EVENT
•CIP-004: Personnel Risk Assessment and Security Awareness
Training
•CIP-005: Electronic Security Perimeters

https://www.tonex.com/training-courses/critical-infrastructure-protection-cip-nerc-training/
Critical Infrastructure Protection (CIP) NERC Training

Bulk Electric System (BES) Cyber System Categorization

•CIP-002 Version 5
•Criteria for Determining Impact Ratings
•Generating Units at a Single Plant Location
•BES Reactive Resources
•Transmission Facilities
•Interconnection Reliability Operating Limit (IROL)
•Control Centers and Backup Control Centers
•Low Impact Category for Control Centers and Transmission
Stations
•Low Impact Category for Distribution Providers
•Low Impact Category of Special Protection Systems
•Impact Category Control: CIP-011-1

JOIN TONEX EVENT

https://www.tonex.com/training-courses/critical-infrastructure-protection-cip-nerc-training/
Critical Infrastructure Protection (CIP) NERC Training

Security Management Control

•Review of CIP-003 Version 5


•Personnel and Training
•Electronic Security Perimeters: CIP-005-Version 5
•Interactive Remote Access
•System Security Management
•Incident Reporting and Response Planning
•Physical Security of BES Cyber Systems: CIP-006 Version 5
•Physical Security of Transmission Stations and Substations:
CIP-014
•Recovery Plans for BES Cyber Systems
•Configuration Change Management
•Vulnerability Assessment
•Information Protection
•Responding to CIP Exceptional Circumstances
•Physical Access Control Systems (PACS)

JOIN TONEX EVENT

https://www.tonex.com/training-courses/critical-infrastructure-protection-cip-nerc-training/
Critical Infrastructure Protection (CIP) NERC Training

Cybersecurity Awareness

•CIP-004 Version 5: Cybersecurity- Personnel and Training


•Security Awareness
•Cybersecurity Training
•Personnel Risk Assessment
•Access Management Program
•Access Revocation Program
•Interactive Remote Access: CIP-005 Version 5

JOIN TONEX EVENT

https://www.tonex.com/training-courses/critical-infrastructure-protection-cip-nerc-training/
Critical Infrastructure Protection (CIP) NERC Training

Asset Identification

•Asset Classifications
•Bright Line Criteria
•Impact Level Determination
•High/Medium/Low Impact Systems
•NERC Functional Mode
•NERC Reliability Standards
•CIP History
•CIP-002: Cyber System Categorization
•CIP-003: Security Management Controls

JOIN TONEX EVENT

https://www.tonex.com/training-courses/critical-infrastructure-protection-cip-nerc-training/
Critical Infrastructure Protection (CIP) NERC Training

Access Control and Monitoring

•CIP-005: Electronic Security Perimeters


•Interactive Remote Access
•External Routable Communication and Electronic Access
Points
•Physical Access Control System (PACS) Maintenance and
Testing
•Visitor Control
•Unauthorized Access Monitoring

JOIN TONEX EVENT

https://www.tonex.com/training-courses/critical-infrastructure-protection-cip-nerc-training/
Critical Infrastructure Protection (CIP) NERC Training

System Security Management

•CIP-007 Version 5: System Security Management


•Ports and Services
•Security Patch Management
•Malicious Code prevention
•Account Management
•Security Event Monitoring
•CIP-010: Configuration Change Management and
Vulnerability Assessment
•System Access Control

JOIN TONEX EVENT

https://www.tonex.com/training-courses/critical-infrastructure-protection-cip-nerc-training/
Critical Infrastructure Protection (CIP) NERC Training

Incident Response

•CIP-008 Version 5: Incident Reporting and Response Planning


•Identify/Classify/Respond to Cybersecurity Incidents
•Reportable Cybersecurity Incident
•Roles and Responsibility of Incident Response Group
•Incident Handling Procedure
•Testing Cyber Security Incident Response Plan
•CIP-009 Version 5, Recovery Plans for BES Cyber Systems
•CIP-011-1 Information Protection
•System Backup
•Phases of Response and Recovery

JOIN TONEX EVENT

https://www.tonex.com/training-courses/critical-infrastructure-protection-cip-nerc-training/
Critical Infrastructure Protection (CIP) NERC Training

CIP Audit and Compliance Program

•CIP Processes of Maintaining Compliance


•Audits
•Accountability
•Transparency
•Consistency
•Sustainability
•Audit Etiquette
•Compliance Framework
•Reliability Assurance Initiative
•Culture of Compliance
•Annual Assessment
•Gap Analysis
•TFE and Self Reporting
•Audit Tools

JOIN TONEX EVENT

https://www.tonex.com/training-courses/critical-infrastructure-protection-cip-nerc-training/
Critical Infrastructure Protection (CIP) NERC Training

Hands On, Workshops, and Group Activities

•Labs
•Workshops
•Group Activities

Sample Workshops and Labs for Critical Infrastructure


Protection (CIP) NERC Training

•Types of Documentation in Scope of CIP Security Example


•Nmap Software For Vulnerability Assessment Case Study
•Assessment of Low/Medium/High Impact BES Cyber Systems
•PACS and Monitoring (EACMS) Assets
•Baseline Definition for Two Computers/Servers/Devices with
Items in Common
•Security Patches and Functionality Patches Example
•Monitoring Requirements for new Field Devices such as PLCs,
Relays, or Monitoring Devices
•Protection of Devices in Substations such as Transformer
Monitoring Devices, Distribution Relays and PLCs. JOIN TONEX EVENT
•Physical Security Tests on Firewalls, IDS, and Proxies
•How to Preserve Incident Data, Integrity of Distributed Files
•Cybersecurity Capability Maturity Model (C2M2) Tutorial

https://www.tonex.com/training-courses/critical-infrastructure-protection-cip-nerc-training/
Critical Infrastructure Protection (CIP) NERC Training

Price: $1,699.00 Length: 2 Days

https://www.tonex.com/training-courses/critical-infrastructure-protection-cip-nerc-training/

Вам также может понравиться