The NIST Cybersecurity Framework

The U.S. Department of Commerce’s National Institute of Standards and Technology (NIST) created the NIST Cybersecurity Framework in response to Presidential Executive Order (EO) 13636, Improving Critical Infrastructure Cybersecurity. The Framework, developed in collaboration with industry, provides guidance to organizations to better manage and reduce cybersecurity risk.

The NIST Cybersecurity Framework Core presents key cybersecurity outcomes identified by industry as helpful in managing cybersecurity risk. The Core comprises four elements: Functions, Categories, Subcategories, and Informative References. Want to learn more about the NIST Cybersecurity Framework? Watch this VIDEO.

New Horizons offers a specialized workforce training option for IT and Cybersecurity professionals looking to become certified on how to operationalize the NIST Cybersecurity Framework (NCSF) across an enterprise and its supply chain. For information on the NIST Cybersecurity Framework (NCSF) Training Program from New Horizons, click here.

New Horizons also offers industry cybersecurity certification training options to build your workforce’s knowledge, skills, and abilities, and that correspond to the NIST Cybersecurity Framework Core areas which are listed in the NIST Cybersecurity Framework Core function areas below.

Identify

The activities in the Identify Function are foundational for effective use of the Framework. Understanding the business context, the resources that support critical functions, and the related cybersecurity risks enables an organization to focus and prioritize its efforts, consistent with its risk management strategy and business needs.

Outcome Categories include:
Asset Management
Business Environment
Governance
Risk Assessment
Risk Management Strategy

View Courses  

EC-Council Certified
Ethical Hacker (CEH)
Who Should Attend
The Certified Ethical Hacking course will significantly benefit security officers, auditors, security professionals, site administrators, and anyone who is concerned about the integrity of the network infrastructure.

What Is This Course About?
In 18 comprehensive modules, the course covers 270 attack technologies, commonly used by hackers. Throughout the CEH course, you will be immersed in a hacker's mindset, evaluating not just logical, but physical security.
Learn More
CompTIA
Cybersecurity
Analyst
(CSA+)
Who Should Attend
IT professionals with (or seeking) job roles such as IT Security Analyst, Security Operations Center (SOC) Analyst, Vulnerability Analyst, Cybersecurity Specialist, Threat Intelligence Analyst, and Security Engineer.

What Is This Course About?
CompTIA’s Cybersecurity Analyst (CSA+) training from New Horizons teaches students to apply behavioral analytics to improve the overall state of IT security, providing critical knowledge and skills that are required to prevent, detect and combat cybersecurity threats.
Learn More
Certified Information
Systems Auditor (CISA)
Who Should Attend
The intended audience for this course is information systems security professionals, internal review auditors, and other individuals who have an interest in aspects of information systems audit, controls, and security.

What Is This Course About?
In this course, students will evaluate organizational policies, procedures, and processes to ensure that an organizations information systems align with its overall business goals and objectives.
Learn More
Certified Information
Security Manager (CISM)
Who Should Attend
The intended audience for this course is information systems security professionals, and other individuals who have an interest in aspects of information security management and oversight.

What Is This Course About?
In this course, students will establish processes to ensure that information security measures align with established business needs.
Learn More
Certified Information System
Security Professional (CISSP)
Who Should Attend
This course is intended for experienced IT security-related practitioners, auditors, consultants, investigators, or instructors, including network or security analysts and engineers, network administrators, information security specialists, and risk management professionals, who are pursuing CISSP training and certification to acquire the credibility and mobility to advance within their current computer security careers or to migrate to a related career. Through the study of all 10 CISSP CBK domains, students will validate their knowledge by meeting the necessary preparation requirements to qualify to sit for the CISSP certification exam. The CISSP exam is intentionally difficult and should not be taken lightly. Even students with years of security experience should assume that they will have additional study time after class. Because the domains are so varied, it is unlikely that any one student will have experience in all 10 domains.

What Is This Course About?
In this course, students will analyze a wide range of information systems security subjects that are organized into 10 domains for CISSP exam certification.
Learn More
COBIT 5 Foundation
Who Should Attend
This course is for business managers, chief executives, IT/IS auditors, internal auditors, information security and IT practitioners; consultants, IT/IS managers requiring an insight into the enterprise governance of IT and eventual certification as a COBIT implementer or assessor.

What Is This Course About?
This is course uses a combination of lecture, group discussions, quizzes and sample exams to provide the student with a foundational understanding of the essential aspects of COBIT 5.
Learn More
Protect

The Protect Function supports the ability to limit or contain the impact of a potential cybersecurity event.

Outcome Categories include:
Access Control
Awareness and Training
Data Security
Information Protection Processes and Procedures
Maintenance
Protective Technology
View Courses  

CompTIA Security+
Who Should Attend
This course is targeted toward the information technology (IT) professional who has networking and administrative skills in Windows®-based Transmission Control Protocol/Internet Protocol (TCP/IP) networks; familiarity with other operating systems, such as Mac OS X, Unix, or Linux; and who wants to further a career in IT by acquiring foundational knowledge of security topics; prepare for the CompTIA Security+ certification examination; or use Security+ as the foundation for advanced security certifications or career roles.

What Is This Course About?
In this course, students will implement, monitor, and troubleshoot infrastructure, application, information, and operational security. Students will prepare for the CompTIA Security+ certification examination (SY0-401).
Learn More
CompTIA Advanced Security
Practitioner (CASP)
Who Should Attend
This course is designed for IT professionals who want to acquire the technical knowledge and skills needed to conceptualize, engineer, integrate, and implement secure solutions across complex enterprise environments. The target student should aspire to apply critical thinking and judgment across a broad spectrum of security disciplines to propose and implement sustainable security solutions that map to organizational strategies; translate business needs into security requirements; analyze risk impact; and respond to security incidents. This course is also designed for students who are seeking the CompTIA Advanced Security Practitioner (CASP) certification and who want to prepare for Exam CAS-002. Students seeking CASP certification should have at least 10 years of experience in IT management, with at least 5 years of hands-on technical security experience.

What Is This Course About?
In this course, you will expand on your knowledge of information security to apply more advanced principles that will keep your organization safe from the many ways it can be threatened. This course prepares students for the CAS-002 exam.
Learn More
CompTIA
Cybersecurity
Analyst
(CSA+)
Who Should Attend
IT professionals with (or seeking) job roles such as IT Security Analyst, Security Operations Center (SOC) Analyst, Vulnerability Analyst, Cybersecurity Specialist, Threat Intelligence Analyst, and Security Engineer.

What Is This Course About?
CompTIA’s Cybersecurity Analyst (CSA+) training from New Horizons teaches students to apply behavioral analytics to improve the overall state of IT security, providing critical knowledge and skills that are required to prevent, detect and combat cybersecurity threats.
Learn More
Firewall Installation, Configuration,
and Management: Essentials I (PAN-201)
Who Should Attend
This course is suited for Security Engineers, Network Engineers, and support staff who want to install, configure, and manage the entire line of Palo Alto Networks Next-Generation firewalls.

What Is This Course About?
Students attending this introductory-level class will gain an in-depth knowledge of how to install, configure, and manage their firewall, as well as configuration steps for the security, networking, threat prevention, logging, and reporting features of the Palo Alto Networks Operating System.
Learn More
Firewall Installation, Configuration,
and Management: Essentials II (PAN-205)
Who Should Attend
This course is suited for Security Engineers, Network Engineers, and support staff who wish to expand on the concepts taught in Course PAN-201 and explore many new features and functions of Palo Alto Networks Next-Generation firewalls.

What Is This Course About?
Successful completion of this two-day, instructor-led course will enhance the student’s understanding of how to install, configure, manage, and perform basic troubleshooting on the entire line of Palo Alto Networks Next-Generation firewalls. Additionally, students will be instructed on the basics of implementing and managing GlobalProtect and Active/Active High Availability. Students will gain an in-depth knowledge of how to optimize their visibility and control over applications, users, and content.
Learn More
Panorama Essentials (PAN-221)
Who Should Attend
This course is intended for individuals who configure and manage the Panorama Management Server.

What Is This Course About?
Students will learn to configure and manage Palo Alto Panorama management server, servers role in securing the network and panorama reporting.
Learn More
Firewall: Advanced Threat
Management (PAN-231)
Who Should Attend
This course is suited for firewall administrators, network security administrators, and other technical professionals who have completed PAN-201 and have an understanding of network concepts, including routing, switching, and IP addressing. They also will need in-depth knowledge of port-based security and security technologies such as IPS, proxy, and content filtering.

What Is This Course About?
This two-day, instructor-led course teaches strategies in defense against cyberthreats. Successful completion of this course enables administrators to better understand the threat landscape. Students will learn the use of Palo Alto Networks next-generation firewalls, including the WildFire product.
Learn More
Advanced Firewall
Troubleshooting (PAN-311)
Who Should Attend
This course is intended for those who troubleshoot the full line of Palo Alto Next Generation Firewalls.

What Is This Course About?
Students will learn to troubleshoot the security, networking, threat prevention, logging and reporting features of the Palo Alto Networks operation system.
Learn More
Implementing Cisco IOS
Network Security (IINS)
Who Should Attend
This course is of benefit to network designers, network, systems, and security engineers, network and security managers, and tjhose looking to complete their CCNA Security certification.

What Is This Course About?
In this course, you will learn about the design, implementation, and monitoring of a comprehensive security policy using Cisco IOS security features and technologies as examples. You will also learn about security controls of Cisco IOS devices as well as a functional introduction to the Cisco Adaptive Security Appliance (ASA). This course enables you to perform basic tasks to secure a network using Cisco IOS security features, which are available through web-based GUIs on the Cisco ASA, and the command-line interface (CLI) on Cisco routers and switches.
Learn More
Implementing Cisco Edge Network
Security Solutions (SENSS)
Who Should Attend
Network security engineers looking for specific insight into Cisco product security and those working toward the CCNP Security certification. Holding the CCNA Security certification or possessing equivalent knowledge is assumed.

What Is This Course About?
The student will gain hands-on experience with configuring various perimeter security solutions for mitigating outside threats and securing network zones.
Learn More
Implementing Cisco Secure
Mobility Solutions (SIMOS)
Who Should Attend
Network security engineers looking for specific insight into Cisco product security and those working toward the CCNP Security certification. Holding the CCNA Security certification or possessing equivalent knowledge is assumed.

What Is This Course About?
Students of this course will gain hands-on experience with configuring and troubleshooting remote access and site-to-site VPN solutions, using Cisco ASA adaptive security appliances and Cisco IOS routers.
Learn More
Implementing Cisco Secure
Access Solutions (SISAS)
Who Should Attend
Network security engineers looking for specific insight into Cisco product security and those working toward the CCNP Security certification. Holding the CCNA Security certification or possessing equivalent knowledge is assumed.

What Is This Course About?
This course provides the student with foundational knowledge and the capabilities to implement and managed network access security by utilizing Cisco ISE appliance product solution.
Learn More
Implementing Cisco Threat
Control Solutions (SITCS1)
Who Should Attend
Network security engineers looking for specific insight into Cisco product security and those working toward the CCNP Security certification. Holding the CCNA Security certification or possessing equivalent knowledge is assumed.

What Is This Course About?
This course is designed to prepare security engineers with the knowledge and hands-on experience so that they can deploy Cisco's Next Generation Firewall (NGFW) as well as Web Security, Email Security and Cloud Web Security.
Learn More
Implementing Core Cisco
ASA Security (SASAC)
Who Should Attend
Network engineers supporting Cisco ASA 9.x implementations.

What Is This Course About?
This course provides update training on the key features of the post-8.4.1 release of the Cisco ASA adaptive security appliance, including 9.x features.
Learn More
Implementing Advanced
Cisco ASA Security (SASAA)
Who Should Attend
This course is intended for network engineers supporting Cisco ASA 9.x implementations. It is recommended that prior to enrollment, students have successfully completed FIREWALL or have equivalent knowledge of the Cisco ASA.

What Is This Course About?
This course provides an updated training with labs on the key features on the Cisco ASA (covering up to the ASA 9.2.2 release). The goal of the course is to implement the key features of the Cisco ASA.
Learn More
Implementing and Configuring
Cisco Identity Services Engine (SISE)
Who Should Attend
The primary audience for this course are Field Engineers and System Engineers.

What Is This Course About?
Implementing and Configuring Cisco Identity Services Engine (SISE) v1.3 is a 5-day ILT training program designed for ATP partner systems and field engineers, consulting systems engineers, technical solutions architects, and Cisco integrators who install and implement the Cisco Identity Service Engine version 1.3. The course covers the key components and procedures needed to install, configure, manage, and troubleshoot the Cisco Identity Services Engine version 1.3.
Learn More
EC-Council Certified
Security Analyst (ECSA)
Who Should Attend
Ethical Hackers, Penetration Testers, Network Server Administrators, Firewall Administrators, Security Testers, System Administrators and Risk Assessment Professionals.

What Is This Course About?
In this course will provide students will conduct a penetration test on a company that has various departments, subnets and servers, and multiple operating systems with defense mechanisms architecture that has both militarized and non-militarized zones.
Learn More
CyberSAFE (Securing Assets
for the End User)
Who Should Attend
This course is designed for non-technical end-users of computers, mobile devices, networks, and the Internet, to enable them to use technology more securely.

What Is This

Course About?

This course will help you to understand security compliance considerations, social engineering, malware, and various other data security-related concepts. In this course, you will explore the hazards and pitfalls and learn how to use technology safely.
Learn More
Detect

The Detect Function enables timely discovery of cybersecurity events.

Outcome Categories include:
Anomalies and Events
Security Continuous Monitoring
Detection Processes
View Courses  

CompTIA
Cybersecurity
Analyst
(CSA+)
Who Should Attend
IT professionals with (or seeking) job roles such as IT Security Analyst, Security Operations Center (SOC) Analyst, Vulnerability Analyst, Cybersecurity Specialist, Threat Intelligence Analyst, and Security Engineer.

What Is This Course About?
CompTIA’s Cybersecurity Analyst (CSA+) training from New Horizons teaches students to apply behavioral analytics to improve the overall state of IT security, providing critical knowledge and skills that are required to prevent, detect and combat cybersecurity threats.
Learn More
CSX Practitioner: Identification and Protection
Who Should Attend
The Identification and Protection course is ideal for individuals in the field of cyber security who are interested in gaining hands-on technical skills.

What Is This Course About?
The first course in the CSX Practitioner series focuses on key cyber security skills and includes foundational, real world instruction in the Identify and Protect domains. Topics range from preliminary network scanning to security control implementation. Through the completion of multiple lab-reinforced modules, students will learn how to apply industry-developed, experience-based methods to the identification of key networks and learn to develop appropriate protection mechanisms.
Learn More
CSX Practitioner: Detection
Who Should Attend
The Detection course is ideal for individuals in the field of cybersecurity who are interested in gaining hands-on technical skills.

What Is This Course About?
The second course in the CSX Practitioner series goes deeper into skills focused in the Detect domain. Students will learn the basic concepts, methods and tools used to leverage cybersecurity controls in order to identify system events and non-event level incidents. By completing multiple lab-reinforced modules, students will gain the skills necessary to detect potential network events and incidents. Topics range from incident packet analysis to Incident Response (IR) report drafting and generation.
Learn More
Implementing Core Cisco ASA Security (SASAC)
Who Should Attend
Network engineers supporting Cisco ASA 9.x implementations.

What Is This Course About?
This course provides update training on the key features of the post-8.4.1 release of the Cisco ASA adaptive security appliance, including 9.x features.
Learn More
Implementing Advanced Cisco ASA Security (SASAA)
Who Should Attend
This course is intended for network engineers supporting Cisco ASA 9.x implementations. It is recommended that prior to enrollment, students have successfully completed FIREWALL or have equivalent knowledge of the Cisco ASA.

What Is This Course About?
This course provides an updated training with labs on the key features on the Cisco ASA (covering up to the ASA 9.2.2 release). The goal of the course is to implement the key features of the Cisco ASA.
Learn More
Implementing and Configuring Cisco Identity Services Engine (SISE)
Who Should Attend
The primary audience for this course are Field Engineers and System Engineers.

What Is This Course About?
Implementing and Configuring Cisco Identity Services Engine (SISE) v1.3 is a 5-day ILT training program designed for ATP partner systems and field engineers, consulting systems engineers, technical solutions architects, and Cisco integrators who install and implement the Cisco Identity Service Engine version 1.3. The course covers the key components and procedures needed to install, configure, manage, and troubleshoot the Cisco Identity Services Engine version 1.3.
Learn More
Respond

he Respond Function supports the ability to contain the impact of a potential cybersecurity event.

Outcome Categories include:
Recovery Planning
Improvements
Communications
View Courses  

EC-Council Computer Hacking
Forensics Investigator (CHFI)
Who Should Attend
The CHFI course will benefit police and other laws enforcement personnel, defense and military personnel, e-Business security professionals, systems administrators, legal professionals, banking, insurance and other professionals, and those who work for or with government agencies.

What Is This Course About?
This course will provide participants the necessary skills to identify an intruders footprints and to properly gather the necessary evidence to prosecute in the court of law.
Learn More
CyberSec First Responder:
Threat Detection and Response
Who Should Attend
This course is designed for IT professionals who perform job functions related to the development, operation, management, and enforcement of security capabilities for systems and networks.

What Is This

Course About?

In this course, studentsl develop, operate, manage, and enforce security capabilities for systems and networks, including assessing information security risk in computing and network environments, designing and operating secure computing and network environments, and collecting cybersecurity intelligence information.
Learn More
Securing Cisco Networks with Threat Detection and Analysis (SCYBER)
Who Should Attend
This course is designed for technical and security professionals who need to know how to monitor, analyze, and respond to network security threats and attacks.

What Is This Course About?
This course is designed to teach students how a network security operations center (SOC) works and how to begin to monitor, analyze, and respond to security threats within the network.
Learn More
CSX Practitioner: Respond and Recover
Who Should Attend
The Respond and Recover course is ideal for individuals in the field of cybersecurity who are interested in gaining hands-on technical skills.

What Is This Course About?
The final course in the CSX Practitioner series provides hands-on instruction in the Respond and Recover domains. With course lecture backed up by lab sequences, students will learn how to apply professional methodology to respond and recover from network incidents or disasters. Students will discover how to contain an event and protect assets and infrastructure, and learn the components and procedures required for a comprehensive incident response plan.
The Respond domain shows students the basic concepts, methods and tools required to draft and execute comprehensive incident response plans, provide proper isolation response documentation, and how to document and maintain information related to Incident Response.
In the Recover domain, students will master the basic concepts, methods and tools required to recuperate a system or network, as well as learn how to implement continuity and contingency plans.
Learn More
Recover

The Recover Function supports timely recovery to normal operations to reduce the impact from a cybersecurity event.

Outcome Categories include:
Recovery Planning
Improvements
Communications
View Courses  

Certified Information
Security Manager (CISM)
Who Should Attend
The intended audience for this course is information systems security professionals, and other individuals who have an interest in aspects of information security management and oversight.

What Is This Course About?
In this course, students will establish processes to ensure that information security measures align with established business needs.
Learn More
Certified Information System
Security Professional (CISSP)
Who Should Attend
This course is intended for experienced IT security-related practitioners, auditors, consultants, investigators, or instructors, including network or security analysts and engineers, network administrators, information security specialists, and risk management professionals, who are pursuing CISSP training and certification to acquire the credibility and mobility to advance within their current computer security careers or to migrate to a related career. Through the study of all 10 CISSP CBK domains, students will validate their knowledge by meeting the necessary preparation requirements to qualify to sit for the CISSP certification exam. The CISSP exam is intentionally difficult and should not be taken lightly. Even students with years of security experience should assume that they will have additional study time after class. Because the domains are so varied, it is unlikely that any one student will have experience in all 10 domains.

What Is This

Course About?

In this course, students will analyze a wide range of information systems security subjects that are organized into 10 domains for CISSP exam certification.
Learn More
CompTIA Advanced Security
Practitioner (CASP)
Who Should Attend
This course is designed for IT professionals who want to acquire the technical knowledge and skills needed to conceptualize, engineer, integrate, and implement secure solutions across complex enterprise environments. The target student should aspire to apply critical thinking and judgment across a broad spectrum of security disciplines to propose and implement sustainable security solutions that map to organizational strategies; translate business needs into security requirements; analyze risk impact; and respond to security incidents. This course is also designed for students who are seeking the CompTIA Advanced Security Practitioner (CASP) certification and who want to prepare for Exam CAS-002. Students seeking CASP certification should have at least 10 years of experience in IT management, with at least 5 years of hands-on technical security experience.

What Is This Course About?
In this course, you will expand on your knowledge of information security to apply more advanced principles that will keep your organization safe from the many ways it can be threatened. This course prepares students for the CAS-002 exam.
Learn More
CSX Practitioner:
Respond and Recover
Who Should Attend
The Respond and Recover course is ideal for individuals in the field of cybersecurity who are interested in gaining hands-on technical skills.

What Is This Course About?
The final course in the CSX Practitioner series provides hands-on instruction in the Respond and Recover domains. With course lecture backed up by lab sequences, students will learn how to apply professional methodology to respond and recover from network incidents or disasters. Students will discover how to contain an event and protect assets and infrastructure, and learn the components and procedures required for a comprehensive incident response plan.
The Respond domain shows students the basic concepts, methods and tools required to draft and execute comprehensive incident response plans, provide proper isolation response documentation, and how to document and maintain information related to Incident Response.
In the Recover domain, students will master the basic concepts, methods and tools required to recuperate a system or network, as well as learn how to implement continuity and contingency plans.
Learn More