The Premier IA & Cyber Security Training Specialist

Transcription

1 The Premier IA & Cyber Security Training Specialist ISO 9001: 2008 Certified Maturity Level 2 of CMMI Top 2% D&B Rating VA Certified Service Disabled Veteran Owned Small Business SDVOSB DCAA Approved Accounting System Approved Earned Value Management (EVM) System

2 Lunarline Overview Lunarline is a leading and award winning provider of Cyber Security Solutions, Specialized IA Services, and Certified Security Training to all US Federal Government (Civilian, DoD, and IC), as well as to customers in selected commercial markets. All Lunarline Cyber Security Solutions, Specialized IA Services, and Certified Security Training are backed by our unwavering commitment to our customer s satisfaction, being a leader in cyber security innovation, while maintaining the highest quality training, products, and services. Lunarline is a VA Certified Service Disabled Veteran Owned Small Business (SDVOSB) that has been appraised at CMMI Level 2, certified in ISO 9001: 2008, has a DCAA approved accounting system, ranks in the top 2% of D&B Rating, and has an approved Earned Value Management (EVM) system. Lunarline offers certificate programs with NSA/CNSS (NSTISSI No. 4011, 4012 and 4015) certified C&A training courseware. Lunarline is a recipient of the DOT Cyber Security Excellence Award, the Cyber Security Forum Initiative 5-Star Training Award, and was named as one of America s Fastest-Growing Private Companies in the Inc It is our passion to provide the highest qualified personnel and solutions to our customers. We believe in continuously improving our customer s ability to monitor and improve the confidentiality, integrity, and availability of their systems and applications. All of our Information Assurance, Information Security, Training and other IT related services and products are ISO 9001:2008 certified. Lunarline Inc. has a successful and award winning track record of providing risk-based/information Security and training services (FISMA, IG, NIST, DIACAP, and CNSS) to our customers. From risk assessments to providing support for an entire Federal Agency s Information Security Program, Lunarline, Inc. has ensured our customers systems and programs exceed Federal, DoD, and IC security requirements. Lunarline is designated as a DIACAP Fully Qualified Navy Certification Agent/Validator. This Corporate Navy designation is not easily obtained, in that many qualifications and certifications must be formally presented to the Navy CA (SPAWAR) and ODAA (NNWC) for approval. This designation provides a valuable benefit to Lunarline s Navy customers as the designation validates Lunarline s qualifications in implementing the DIACAP per Navy requirements and instructions.

3 Table of Contents Training Courses... Training Course Schedule... 2 DIACAP Hands-On Overview 1 Day... 3 DIACAP Hands-On In-Depth 3 Day... 3 DIACAP Hands-On Intensity 4 Day... 3 DIACAP Validator 5 Day... 4 DIARMF Hands-On In-Depth 3 Day... 4 DIARMF Hands-On Intensity 4 Day... 4 Applying the FISMA/NIST Risk Management Framework Overview 1 Day... 5 Applying the FISMA/NIST Risk Management Framework In-Depth 3 Day... 5 Applying the FISMA/NIST Risk Management Framework Intensity 4 Day... 5 Applying the FISMA/NIST Risk Management Framework / Security Controls Validator 5 Day... 6 Applying the CNSS/NIST Risk Management Framework Overview 1 Day... 6 Applying the CNSS/NIST Risk Management Framework In-Depth 3 Day... 6 Applying the CNSS/NIST Risk Management Framework Intensity 4 Day... 7 Applying the CNSS/NIST Risk Management Framework / Security Controls Validator 5 Day Compliance CompTIA Security+ Certification 5 Day... 7 Cybersecurity Fundamentals Workshop 4 Day... 8 Fundamentals of Software Assurance 3 Day... 8 Recovery Planning Practitioner 5 Day... 8 Special Access Programs C&A Transition 3 Day... 9 Cyber Tools Workshop 4 Day... 9 Lunarline Mobile Courses Meet the Instructors Waylon Krush, CISSP, CISA, CAP Keith Mortier, CISSP, CISA Dr. Julie E. Mehan, PhD, CISSP Charles A. Russell, Sr., PMP, CISSP, CAP, CTT Rebecca Henry Onuskanich, CISSP, CAP, CTT Jason Merkel, CISSP, ISSP, CISM Robert Cohen, CCM, CBRM, CBCP, Security+ Certified Matt Xenakis, CISSP, CAP Jennifer Hawks, CISSP Lori DeLooze, CISSP, PMP More About Us Our Customers Class Rates Need more information? Want to reserve your seat in our training? Contact Melissa Dawson Today! (571) Or her at: melissa.dawson@lunarline.com

4 we offer training courses DIACAP Hands-On Overview 1 Day February 13, 2012 July 2, 2012 November 19, 2012 DIACAP Hands-On In-Depth 3 Day February 14-16, 2012 May 1-3, 2012 July 17-19, 2012 September 11-13, 2012 November 6-8, 2012 DIACAP Hands-On Intensity 4 Day February 14-17, 2012 May 1-4, 2012 July 17-20, 2012 September 11-14, 2012 November 6-9, 2012 DIACAP Validator Workshop 5 Day March 5-9, 2012 May 7-11, 2012 July 23-27, 2012 October 15-19, 2012 DIARMF Overview 1 Day June 4, 2012 November 20, 2012 DIARMF Hands-On In-Depth 3 Day April 10-12, 2012 June 5-7, 2012 August 28-30, 2012 October 10-12, 2012 DIARMF Hands-On Intensity 4 Day April 10-13, 2012 June 5-8, 2012 August 28-31, 2012 October 10-13, 2012 Applying the FISMA/NIST RMF Overview 1 Day February 6, 2012 April 16, 2012 June 25, 2012 October 1, 2012 Applying the FISMA/NIST RMF In-Depth 3 Day February 7-9, 2012 April 17-19, 2012 June 26-28, 2012 October 2-4, 2012 Applying the FISMA/NIST RMF Intensity 4 Day February 7-10, 2012 April 17-20, 2012 June 26-29, 2012 October 2-5, 2012 * All courses are held at the Lunarline Training Facility in Arlington, VA Applying the FISMA/NIST Risk Management Framework / Security Controls Validator 5 Day February 27-March 2, 2012 April 23-27, 2012 August 6-10, 2012 October 29-November 2, 2012 Applying the CNSS/NIST RMF Overivew 1 Day March 26, 2012 May 14, 2012 August 27, 2012 November 26, 2012 Applying the CNSS/NIST RMF In-Depth 3 Day March 27-29, 2012 May 15-17, 2012 September 4-6, 2012 November 27-29, 2012 Applying the CNSS/NIST RMF Intensity 4 Day March 27-30, 2012 May 15-18, 2012 September 4-7, 2012 November 27-30, 2012 CNSS/NIST Risk Management Framework / Security Controls Validator 5 Day January 23-27, 2012 June 11-15, 2012 September 17-21, Compliance CompTIA Security+ 5 Day March 19-23, 2012 May 21-25, 2012 August 20-24, 2012 October 22-26, 2012 Cyber Security Fundamentals Workshop 4 Day April 10-13, 2012 July 10-13, 2012 September 25-28, 2012 December 4-7, 2012 Fundamentals of Software Assurance 3 Day February 22-24, 2012 May 30-June 1, 2012 December 11-13, 2012 Recovery Planning Practitioner 5 Day March 12-16, 2012 June 18-22, 2012 August 13-17, 2012 December 17-21, 2012 Special Access Programs C&A Transition 3 Day April 3-5, 2012 July 31-August 2, 2012 November 14-16, 2012 Cyber Tools Workshop 4 Day March 13-16, 2012 June 19-22, 2012 August 14-17, 2012 October 23-26,

5 DIACAP Hands-On Overview 1 Day DoD Information Assurance Certification and Accreditation Process February 13, 2012 July 2, 2012 November 19, 2012 Our Price: $ This course is designed for students who want to gain an improved understanding of the DIACAP. The course provides an overview of DIACAP requirements, documentation, and associated processes. Lunarline s DIACAP Training Classes include the following takeaway items: A printed training manual, a CD with a comprehensive set of National Institute of Standards and Technology (NIST) DoD approved templates, as well as copies of the guidelines, instructions, standards, and presentations discussed during the training. You will also receive a copy of the book, The Definitive Guide to the C&A Transformation co-authored by Lunarline s VP of Cybersecurity and CEO. DIACAP Hands-On In-Depth 3 Day DoD Information Assurance Certification and Accreditation Process Our Price: $1, February 14-16, 2012 May 1-3, 2012 July 17-19, 2012 September 11-13, 2012 November 6-8, Critical Definitions & Laws 2. DoD s Current IA Policy Framework 3. An Overview of the DIACAP 4. DIACAP Activity Cycle- Activity 1: Initiate & Plan 5. DIACAP Activity Cycle- Activity 2: Implement & Validate 6. DIACAP Activity Cycle- Activity 3: Certification Determination & Accreditation Decision 7. DIACAP Activity Cycle- Activity 4: Maintain ATO & Conduct Annual Reviews 8. DIACAP Activity Cycle- Activity 5: Decommission 9. DIACAP & the System Life Cycle 10. DIACAP Supporting Tools 11. The Future of C&A in DoD This course is designed for students who want to gain an improved understanding of the DIACAP. The course provides an overview of DIACAP requirements, documentation, and associated processes. This course provides an in-depth look into the DIACAP processes, and includes a series of hands-on exercises in developing the DIACAP Systems Identification Profile (SIP), DIACAP Implementation Plan (DIP), and Plan of Actions and Milestones (POA&M). The DIACAP training is introduced from a Department perspective, but can be tailored as required to include any Component/Service or system-specific nuances relative to the implementation of the DIACAP. Instruction modules include the DIACAP Activity Cycle, the Knowledge Service, DIACAP Governance Structure, roles and responsibilities, and much more. Lunarline s DIACAP Training Classes include the following takeaway items: A printed training manual, a CD with a comprehensive set of National Institute of Standards and Technology (NIST) DoD approved templates, as well as copies of the guidelines, instructions, standards, and presentations discussed during the training. You will also receive a copy of the book, The Definitive Guide to the C&A Transformation co-authored by Lunarline s VP of Cybersecurity and CEO. Every student participating in Lunarline s DIACAP Hands-On In-Depth 3 Day course will receive a National Security Agency (NSA) and Committee on National Security Systems (CNSS) NSTISSI 4011 and CNSSI 4012 Certificate for successful participation in the course, which will allow you to add the (CNSS) NSTISSI 4011 and CNSSI 4012 designation to your resumes. DIACAP Hands-On Intensity 4 Day DoD Information Assurance Certification and Accreditation Process Our Price: $2, February 14-17, 2012 May 1-4, 2012 July 17-20, 2012 September 11-14, 2012 November 6-9, 2012 This course is designed for students who want to gain an improved understanding of the DIACAP. The course provides an overview of DIACAP requirements, documentation, and associated processes. The 4-day intensity course provides an in-depth look into the DIACAP processes, and includes a series of hands-on exercises in developing the DIACAP Systems Identification Profile (SIP), DIACAP Implementation Plan (DIP), and Plan of Actions and Milestones (POA&M). The DIACAP training is introduced from a Department perspective, but can be tailored as required to include Component/Service and system-specific nuances relative to the implementation of the DIACAP. Instruction modules include the DIACAP Activity Cycle, the Knowledge Service, DIACAP Governance Structure, roles and responsibilities, and many more. The fourth day of the DIACAP Intensity course provides each student with an introduction to using the DoD approved automated scanning tools, including the DISA SRRs, Gold Disk, and other DoD automated tools. 1. Critical Definitions & Laws 2. DoD s Current IA Policy Framework 3. An Overview of the DIACAP 4. DIACAP Activity Cycle- Activity 1: Initiate & Plan 5. DIACAP Activity Cycle- Activity 2: Implement & Validate 6. DIACAP Activity Cycle- Activity 3: Certification Determination & Accreditation Decision 7. DIACAP Activity Cycle- Activity 4: Maintain ATO & Conduct Annual Reviews 8. DIACAP Activity Cycle- Activity 5: Decommission 9. DIACAP & the System Life Cycle 10. DIACAP Supporting Tools 11. The Future of C&A in DoD 12. Certification Testing Tools 13. Capstone Lunarline s DIACAP Training Classes include the following takeaway items: A printed training manual, a CD with a comprehensive set of National Institute of Standards and Technology (NIST) DoD approved templates, as well as copies of the guidelines, instructions, standards, and presentations discussed during the training. You will also receive a copy of the book, The Definitive Guide to the C&A Transformation co-authored by Lunarline s VP of Cybersecurity and CEO. Every student participating in Lunarline s DIACAP Hands-On Intensity 4 Day course will receive a National Security Agency (NSA) and Committee on National Security Systems (CNSS) NSTISSI 4011 and CNSSI 4012 Certificate for successful participation in the course, which will allow you to add the (CNSS) NSTISSI 4011 and CNSSI 4012 designation to your resumes. 3

6 DIACAP Validator Workshop 5 Day DoD Information Assurance Certification and Accreditation Process Our Price: $2, March 5-9, 2012 May 7-11, 2012 July 23-27, 2012 October 15-19, 2012 This course concentrates on methods used to validate DoD IA Controls as contained in DoDI Discussion areas include an overview of the DIACAP, the DoD-defined information system types and the associated security concerns, vulnerability scanning, DoD-approved automated scanning tools, and many more. The course provides an in-depth explanation of each control identified in DoDI to include the appropriate testing method, associated supporting evidence (known as artifacts), and how to more efficiently and effectively test and validate DoD systems and infrastructure. The curriculum will prepare the ACA or Validator to test against the DoD IA controls using manual and automated procedures in accordance with the standards set forth by the Department. 1. Critical Definitions and Laws 2. DoD s Current IA Policy Framework 3. An Overview of the DIACAP 4. DIACAP Activity Cycle 5. DIACAP Validation Tests 6. Validator Toolkit 7. The Future of C&A in DoD 8. Capstone Lunarline s DIACAP Training Classes include the following takeaway items: A printed training manual, a CD with a comprehensive set of National Institute of Standards and Technology (NIST) DoD approved templates, as well as copies of the guidelines, instructions, standards, and presentations discussed during the training. You will also receive a copy of the book, The Definitive Guide to the C&A Transformation co-authored by Lunarline s VP of Cybersecurity and CEO. Every student participating in Lunarline s DIACAP Validator Workshop 5 Day course will receive a National Security Agency (NSA) and Committee on National Security Systems (CNSS) NSTISSI 4011 and CNSSI 4012 Certificate for successful participation in the course, which will allow you to add the (CNSS) NSTISSI 4011 and CNSSI 4012 designation to your resumes. DIARMF Hands-On In-Depth 3 Day Our Price: $1, April 10-12, 2012 June 5-7, 2012 August 28-30, 2012 October 10-12, 2012 Lunarline offers the most comprehensive and detailed hands-on training for students who want to gain an understanding of the pending transition from DIACAP to DIARMF. Our training is based upon participation of our subject matter experts in transition working groups and direct experience with other Federal, DoD and commercial clients. In compliance with the Federal Information Security Management Act (FISMA), Federal agencies and the Intelligence Community have already transitioned to the use of the NIST Risk Management Framework (RMF) as the foundation for their assessment and authorization (A&A) processes, formerly known as certification and accreditation (C&A). DoD is now in the process of establishing the regulatory foundation for their transition to the use of the NIST RMF. This training will enable your organization to understand the proposed changes and to position yourself early to make the transition as seamless and efficient as possible. The class will include the following: - Introduction to the Risk Management Framework and supporting laws, standards, and regulations - The New Lexicon - New Requirements under FISMA RMF Roles and Responsibilities - Steps in the RMF Process - Preparing and submitting the authorization package - Understanding and executing continuous monitoring Students will engage in a series of hands-on activities that will provide active learning of the new processes, preparation of the documentation, and execution of the required security control assessments. The class also includes the opportunity to and the use of DoD and federally-approved tools. Upon completion, students will be able to immediately apply the concepts and ensure that their organization can experience a smooth transition. All of Lunarline s DIARMF classes include the following takeaway items: A printed training manual, a CD with a comprehensive set of NIST and Director of National Intelligence (DNI) - approved templates, as well as copies of the guidelines, instructions, standards, and presentations discussed during the training. You will also receive a copy of the book, The Definitive Guide to the C&A Transformation co-authored by Lunarline s VP of Cybersecurity and CEO. Every student participating in Lunarline s DIARMF In-Depth 3 Day course will receive a National Security Agency (NSA) and Committee on National Security Systems (CNSS) NSTISSI 4011 and CNSSI 4012 Certificate for successful participation in the course, which will allow you to add the (CNSS) NSTISSI 4011 and CNSSI 4012 designation to your resumes. DIARMF Hands-On Intensity 4 Day Our Price: $2, April 10-13, 2012 June 5-8, 2012, 2012 August 28-31, 2012 October 10-13, 2012 Lunarline offers the most comprehensive and detailed hands-on training for students who want to gain an understanding of the pending transition from DIACAP to DIARMF. Our training is based upon participation of our subject matter experts in transition working groups and direct experience with other Federal, DoD and commercial clients. In compliance with the Federal Information Security Management Act (FISMA), Federal agencies and the Intelligence Community have already transitioned to the use of the NIST Risk Management Framework (RMF) as the foundation for their assessment and authorization (A&A) processes, formerly known as certification and accreditation (C&A). DoD is now in the process of establishing the regulatory foundation for their transition to the use of the NIST RMF. This hands-on training will enable your organization to understand the proposed changes and to position yourself early to make the transition as seamless and efficient as possible. 4 Lunarline s 4-day class will include the following: - Introduction to the Risk Management Framework and supporting laws, standards, and regulations - The New Lexicon - New Requirements under FISMA RMF Roles and Responsibilities - Steps in the RMF Process - Preparing and submitting the authorization package - Understanding and executing continuous monitoring - Practice in the Use of Federally-approved Security Tools This course is focused on a series of hands-on activities that will provide active learning of the new processes, preparation of the documentation, and execution of the required security control assessments. This class includes extensive hands on training on Federally-approved vulnerability assessment tools, such as Nessus, and other useful security tools. Upon completion, students will be able to immediately apply the concepts and ensure that their organization can experience a smooth transition. Lunarline s DIARMF classes include the following takeaway items: A printed training manual, a CD with a comprehensive set of NIST and Director of National Intelligence (DNI) - approved templates, as well as copies of the guidelines, instructions, standards, and presentations discussed during the training. You will also receive a copy of the book, The Definitive Guide to the C&A Transformation co-authored by Lunarline s VP of Cybersecurity and CEO. Every student participating in Lunarline s DIARMF Intensity 4 Day course will receive a National Security Agency (NSA) and Committee on National Security Systems (CNSS) NSTISSI 4011 and CNSSI 4012 Certificate for successful participation in the course, which will allow you to add the (CNSS) NSTISSI 4011 and CNSSI 4012 designation to your resumes.

7 Applying the FISMA/NIST Risk Management Framework Overview 1 Day Federal Information Security Management Act Our Price: $ February 6, 2012 April 16, 2012 June 25, 2012 October 1, 2012 Lunarline s Federal Information Security Management Act (FISMA)/NIST Risk Management Framework training provides students a practical high-level overview of the NIST approach to system authorization, an introduction to the requirements for meeting FISMA requirements, as well as an in-depth look of the Federal system authorization process and Risk Management Framework (RMF). This course has been aligned with NIST SP Revision 1 and the new processes introduced under the Federal transformation of assessment and authorization (formerly certification and accreditation). Applying the FISMA/NIST Risk Management Framework In-Depth 3 Day Federal Information Security Management Act MODULES 1. Critical Definitions & Policies 2. Roles & Responsibilities 3. Authorization Boundary 4. System Categorization 5. Select Security Controls 6. Implement, Document & Assess Security Controls 7. Authorize Information System 8. Monitor Information System This course includes the following takeaway items: A printed training manual, a CD with a comprehensive set of NIST and Director of National Intelligence (DNI) - approved templates, as well as copies of the guidelines, instructions, standards, and presentations discussed during the training. You will also receive a copy of the book, The Definitive Guide to the C&A Transformation co-authored by Lunarline s VP of Cybersecurity and CEO. Our Price: $1, February 7-9, 2012 April 17-19, 2012 June 26-28, 2012 October 2-4, 2012 Lunarline s Federal Information Security Management Act (FISMA) training provides students with a fundamental knowledge of the requirements for meeting FISMA requirements, as well as an in-depth look of the Federal system authorization process and Risk Management Framework (RMF). This training equips the students with an in-depth indoctrination into the RMF and they will learn the requirements for managing risk, and ensuring that the confidentiality, availability and integrity of federal information and information systems is protected at a level commensurate with the security requirements of the information and the information system. Students will participate in a series of scenario-based hands-on exercises to enhance understanding of the processes used for system authorization, including all of the elements of the Risk Management Framework. These exercises will include the development of Systems Security Plans (SSPs), Security Assessment Reports (SARs), and Plans Of Action and Milestones (POA&Ms) for Federal Information Systems. This training is a CNSS approved course that deals with the new C&A transformation. Please note this course has been aligned with NIST SP Revision 1 and is the new process under the C&A transformation. Applying the FISMA/NIST Risk Management Framework Intensity 4 Day Federal Information Security Management Act The FISMA In-Depth Course covers the requirements and the use of FIPS 199, NIST SP , NIST SP Revision 1, NIST SP , NIST SP , NIST SP , NIST SP Revision 3, and NIST SP 80053A. 1. Critical Definitions and Policies 2. C&A Transformation/Transition Overview 3. The IC and the Transformation 4. Roles and Responsibilities 5. Accreditation Boundary 6. System Categorization 7. Select Security Controls 8. Implement, Document & Assess Security Controls 9. Authorize Information System 10. Monitor Information System 11. Reciprocity Lunarline s FISMA/NIST classes include the following takeaway items: A printed training manual, a CD with a comprehensive set of NIST and Director of National Intelligence (DNI) - approved templates, as well as copies of the guidelines, instructions, standards, and presentations discussed during the training. You will also receive a copy of the book, The Definitive Guide to the C&A Transformation co-authored by Lunarline s VP of Cybersecurity and CEO. Every student participating in Lunarline s Applying the FISMA/NIST Risk Management Framework In- Depth 3 Day course will receive a National Security Agency (NSA) and Committee on National Security Systems (CNSS) NSTISSI 4011 and CNSSI 4012 Certificate for successful participation in the course, which will allow you to add the (CNSS) NSTISSI 4011 and CNSSI 4012 designation to your resumes. Our Price: $2, February 7-10, 2012 April 17-20, 2012 June 26-29, 2012 October 2-5, 2012 Lunarline s Federal Information Security Management Act (FISMA)/NIST training provides students with a fundamental knowledge of the requirements for meeting FISMA requirements, as well as an in-depth look of the Federal system authorization process and Risk Management Framework (RMF). This hands-on training equips the students with an in-depth indoctrination into the RMF and they will learn the requirements for managing risk, and ensuring that the confidentiality, availability and integrity of federal information and information systems is protected at a level commensurate with the security requirements of the information and the information system. Students will participate in a series of scenario-based hands-on exercises to enhance understanding of the processes used for system authorization, including all of the elements of the Risk Management Framework. These exercises will include the development of Systems Security Plans (SSPs), Security Assessment Reports (SARs), and Plans Of Action and Milestones (POA&Ms) for Federal Information Systems. The fourth day of the FISMA/NIST RMF Intensity course provides each student with a hands on experience in using automated vulnerability assessment and other tools used to support the Federal authorization process.. The FISMA In-Depth Course covers the requirements and the use of FIPS 199, NIST SP , NIST SP Revision 1, NIST SP , NIST SP , NIST SP , NIST SP Revision 3, and NIST SP 80053A. 1. Critical Definitions and Policies 2. C&A Transformation/Transition Overview 3. The IC and the Transformation 4. Roles and Responsibilities 5. Accreditation Boundary 6. System Categorization 7. Select Security Controls 8. Implement, Document & Assess Security Controls 9. Authorize Information System 10. Monitor Information System 11. Reciprocity 12. Supporting Tools 13. Certification Testing Lunarline s FISMA/NIST classes include the following takeaway items: A printed training manual, a CD with a comprehensive set of NIST and Director of National Intelligence (DNI) - approved templates, as well as copies of the guidelines, instructions, standards, and presentations discussed during the training. You will also receive a copy of the book, The Definitive Guide to the C&A Transformation co-authored by Lunarline s VP of Cybersecurity and CEO. Every student participating in Lunarline s FISMA/NIST RMF Intensity 4 Day course will receive a National Security Agency (NSA) and Committee on National Security Systems (CNSS) NSTISSI 4011 and CNSSI 4012 Certificate for successful participation in the course, which will allow you to add the (CNSS) NSTISSI 4011 and CNSSI 4012 designation to your resumes. 5

8 Applying the FISMA/NIST Risk Management Framework / Security Controls Validator 5 Day Federal Information Security Management Act Our Price: $2, February 7-9, 2012 April 17-19, 2012 June 26-28, 2012 October 2-4, 2012 The FISMA Validator Course will cover NIST SP A, NIST SP , NIST SP , NIST SP and the development of the Security Assessment Report (SAR), and Plan Of Action and Milestones (POA&M). The student will have a hands-on experience using scenario-based hands-on exercises in executing the validation tests with the approved tools. These exercises will include the development of the Security Assessment Report (SAR). Lunarline s courseware has been evaluated and is the only industry training certified by the NSA/ CNSS to meet NSTISSI No and 4015 requirements. All of our instructors have hands-on, real world experience you get more than just classroom instruction, you receive the benefits of actual expertise in executing these processes. Overview This course provides an in-depth look at testing the controls using NIST SP A and ensuring the use of the Risk Management Framework (RMF) for Federal Security Systems. The focus of the course is an in-depth explanation of each NIST SP Revision 3 controls to include what method should be used to test and validate each security control in accordance with NIST SP A and NIST SP , what evidence should be gathered, and how to more efficiently and effectively test Federal systems and infrastructure. The curriculum will introduce the independent tester or Validator to test the process for any of the Federal IA controls using manual and automated tests to ensure all controls are tested properly. Lunarline s FISMA/NIST classes includes the following takeaway items: A printed training manual, a CD with a comprehensive set of NIST and Director of National Intelligence (DNI) - approved templates, as well as copies of the guidelines, instructions, standards, and presentations discussed during the training. You will also receive a copy of the book, The Definitive Guide to the C&A Transformation co-authored by Lunarline s VP of Cybersecurity and CEO. Every student participating in Lunarline s Applying the FISMA/NIST Risk Management Framework / Security Controls Validator 5 Day course will receive a National Security Agency (NSA) and Committee on National Security Systems (CNSS) NSTISSI 4011 and CNSSI 4012 Certificate for successful participation in the course, which will allow you to add the (CNSS) NSTISSI 4011 and CNSSI 4012 designation to your resumes. Applying the CNSS/NIST Risk Management Framework Overview 1 Day Certified Committee on National Security Systems Our Price: $ March 26, 2012 May 14, 2012 August 27, 2012 November 26, 2012 This course equips the student with an overview of the system assessment and authorization process (formerly known as C&A) and the Risk Management Framework (RMF) for National Security Systems (NSS). The CNSS Course will address the Federal and Intelligence Community requirements, including NIST SP , NIST SP , and CNSS Critical Definitions & Policies 2. C&A Transformation /Transition Overview 3. The IC and Transformation 4. Roles & Responsibilities 5. Authorization Boundary 6. System Categorization 7. Select Security Controls 8. Implement, Document & Assess Security Controls 9. Authorize Information System 10. Monitor Information System 11. Reciprocity This course includes the following takeaway items: A printed training manual, a CD with a comprehensive set of NIST and Director of National Intelligence (DNI) - approved templates, as well as copies of the guidelines, instructions, standards, and presentations discussed during the training. You will also receive a copy of the book, The Definitive Guide to the C&A Transformation co-authored by Lunarline s VP of Cybersecurity and CEO. Applying the CNSS/NIST Risk Management Framework In-Depth 3 Day Certified Committee on National Security Systems Our Price: $1, March 27-29, 2012 May 15-17, 2012 August 28-30, 2012 November 27-29, 2012 This course equips the student with an overview of the system authorization process (also known as C&A) and the Risk Management Framework (RMF) for National Security Systems (NSS). In addition to the classroom instruction, the student will also participate in several scenario-based hands-on exercises in the implementation of the RMF to provide a clear knowledge bridge to the revised system authorization processes for those currently working with C&A for National Security Systems or for those who have limited or no C&A experience. These exercises will include the development of Systems Security Plans (SSPs), Security Assessment Reports (SARs), and Plans Of Action and Milestones (POA&Ms) for a NSS. This course meets the requirements of National Security Directive 42 (NSD-42), which outlines the roles and responsibilities for securing NSSs. The CNSS In-Depth Course will address the Federal and Intelligence Community requirements, including NIST SP , NIST SP , FIPS 199, and CNSS Critical Definitions and Policies 2. C&A Transformation/Transition Overview 3. The IC and the Transformation 4. Roles and Responsibilities 5. Accreditation Boundary 6. System Categorization 7. Select Security Controls 8. Implement, Document & Assess Security Controls 9. Authorize Information System 10. Monitor Information System 11. Reciprocity Lunarline s CNSS/NIST classes include the following takeaway items: A printed training manual, a CD with a comprehensive set of NIST and Director of National Intelligence (DNI) - approved templates, as well as copies of the guidelines, instructions, standards, and presentations discussed during the training. You will also receive a copy of the book, The Definitive Guide to the C&A Transformation co-authored by Lunarline s VP of Cybersecurity and CEO. Every student participating in Lunarline s Applying the CNSS/NIST Risk Management Framework In- Depth 3 Day course will receive a National Security Agency (NSA) and Committee on National Security Systems (CNSS) NSTISSI 4011 and CNSSI 4012 Certificate for successful participation in the course, which will allow you to add the (CNSS) NSTISSI 4011 and CNSSI 4012 designation to your resumes. 6

9 Applying the CNSS/NIST Risk Management Framework Intensity 4 Day Certified Committee on National Security Systems Our Price: $2, March 27-30, 2012 May 15-18, 2012 August 28-31, 2012 November 27-30, 2012 This course equips the student with an overview of the system authorization process (also known as C&A) and the Risk Management Framework (RMF) for National Security Systems (NSS). In addition to the classroom instruction, the student will also participate in several scenario-based hands-on exercises in the implementation of the RMF using the CNSS and IC requirements to provide a clear knowledge bridge to the revised system authorization processes for those currently working with C&A for National Security Systems or for those who have limited or no C&A experience. These exercises will include the development of Systems Security Plans (SSPs), Security Assessment Reports (SARs), and Plans Of Action and Milestones (POA&Ms) for a NSS. This course meets the requirements of National Security Directive 42 (NSD-42), which outlines the roles and responsibilities for securing NSSs. The CNSS In-Depth Course will address the Federal and Intelligence Community requirements, including NIST SP , NIST SP , and CNSS The fourth day of the CNSS/NIST RMF Intensity course provides each student with a hands on experience in using automated vulnerability assessment and other tools used to support the Federal and CNSS system authorization process.. 1. Critical Definitions and Policies 2. C&A Transformation/Transition Overview 3. The IC and the Transformation 4. Roles and Responsibilities 5. Accreditation Boundary 6. System Categorization 7. Select Security Controls 8. Implement, Document & Assess Security Controls 9. Authorize Information System 10. Monitor Information System 11. Reciprocity 12. Supporting Tools and Testing 13. Certification Testing Lunarline s CNSS/NIST classes include the following takeaway items: A printed training manual, a CD with a comprehensive set of NIST and Director of National Intelligence (DNI) - approved templates, as well as copies of the guidelines, instructions, standards, and presentations discussed during the training. You will also receive a copy of the book, The Definitive Guide to the C&A Transformation co-authored by Lunarline s VP of Cybersecurity and CEO. Every student participating in Lunarline s CNSS/NIST RMF Intensity 4 Day course will receive a National Security Agency (NSA) and Committee on National Security Systems (CNSS) NSTISSI 4011 and CNSSI 4012 Certificate for successful participation in the course, which will allow you to add the (CNSS) NSTISSI 4011 and CNSSI 4012 designation to your resumes. Applying the CNSS/NIST Risk Management Framework / Security Controls Validator 5 Day Certified Committee on National Security Systems Our Price: $2, January 23-27, 2012 June 11-15, 2012 September 17-21, 2012 This course provides an in-depth look at testing the controls using NIST SP A, CNSS 1253A, and ensuring the use of the Risk Management Framework (RMF) for National Security Systems. The focus of the course is an in-depth explanation of each NIST SP Revision 3 controls and includes unclassified policies and procedures related to NSS to include what method should be used to test and validate each security control in accordance with NIST SP A and NIST SP , what evidence should be gathered, and how to more efficiently and effectively test Federal systems and infrastructure. The curriculum will introduce the independent tester or Validator to test the process for any of the NSS IA controls using manual and automated tests to ensure all controls are tested properly. The CNSS/NIST Validator Course will cover NIST SP A, NIST SP Revision 3, NIST SP , NIST SP , NIST SP and the development of the Security Assessment Report (SAR), and Plan Of Action and Milestones (POA&M). The student will have a hands- on experience using scenario-based hands-on exercises in executing the validation tests with the approved tools. These exercises will include the development of the Security Assessment Report (SAR). Lunarline s courseware has been evaluated and is the only industry training certified by the NSA/ CNSS to meet NSTISSI No and 4015 requirements. All of our instructors have hands-on, real world experience you get more than just classroom instruction, you receive the benefits of actual expertise in executing these processes. This course includes the following takeaway items: A printed training manual, a CD with a comprehensive set of NIST and Director of National Intelligence (DNI) - approved templates, as well as copies of the guidelines, instructions, standards, and presentations discussed during the training. You will also receive a copy of the book, The Definitive Guide to the C&A Transformation co-authored by Lunarline s VP of Cybersecurity and CEO. Every student participating in Lunarline s Applying the CNSS/NIST Risk Management Framework / Security Controls Validator 5 Day course will receive a National Security Agency (NSA) and Committee on National Security Systems (CNSS) NSTISSI 4011 and CNSSI 4012 Certificate for successful participation in the course, which will allow you to add the (CNSS) NSTISSI 4011 and CNSSI 4012 designation to your resumes Compliance CompTIA Security+ Certification 5 Day Our Price: $2, March 19-23, 2012 May 21-25, 2012 August 20-24, 2012 October 22-26, 2012 Lunarline, a CompTIA Authorized Partner, offers an intense 5 Day Security+ course consisting of nine lessons addressing each of the six Security+ domains in depth. All Lunarline training materials and books are CompTIA approved and have the most up to date information required to successfully understand the various security domains. Students receive a CompTIA Security+ Deluxe Study Guide (which includes a CD), as well as CompTIA-approved course material that is composed of independent study assignments designed to help students prepare to successfully complete the Security+ exam. The course was designed for students who are familiar with basic computer functionality, networking concepts and text-based interfaces and is taught exclusively by CTT+ and Security+ Certified Instructors with extensive real hands- on information security experience. The primary objective of this 5 day course is to increase operator knowledge of physical, network and system security and prepare the student for the Security+ examination. Upon course completion, students should have an understanding of the Six security domains addressed by the Security+ certification. These domains include: Systems Security, Network Infrastructure, Access Control, Assessments and Audits, Cryptography, Organizational Security. FEATURES: The Six Domains of Security+ - Systems Security - Network Infrastructure - Access Control - Assessments and Audits - Cryptography - Organizational Security Every student participating in Lunarline s Security+ 5-Day training will receive a test voucher for your Security+ Certification test. This course will prepare students to meet the certification compliance mandates required by DOD Directive for DOD information assurance technicians and managers. 7

10 Cyber Security Fundamentals Workshop 4 Day Our Price: $2, April 10-13, 2012 July 10-13, 2012 September 25-28, 2012 December 4-7, 2012 This hands-on 4-day course provides participants with a high-level overview of various aspects of Cybersecurity in the context of a modern and Internet-connected environment. Through lecture, hands-on exercises, and group discussion, you will gain a foundational perspective on the challenges of designing a cybersecurity program, implementing secure systems, and other factors needed for a comprehensive cybersecurity solution. Upon completion of this course, each participant will be able to define cybersecurity terminology, compliance requirements, review sample attacks, and gain an understanding of the impact of current threat trends on cybersecurity implementation. This course is one of the core courses of Lunarline s Certificate Program in Cybersecurity. Cybersecurity is one of the hottest issues for today s Federal and DOD Agencies and commercial organizations. Developed and developing nations, governments, defense departments and industries, and organizations in critical infrastructure verticals are being increasingly targeted by never-ending surges of cyber attacks from criminals and nation-states seeking information, economic or military advantage. The rapidity of the attacks is now so large and their level of sophistication so great, that many organizations are finding it difficult to identify which threats and vulnerabilities pose the greatest risk. They are faced with decisions on how resources should be allocated to ensure that the most likely and potentially damaging attacks are dealt with first. Exacerbating the problem is that most organizations do not have complete understanding of cybersecurity or an organizational approach to dealing with the challenges. Every student participating in Lunarline s Cybersecurity Foundations course will receive a Certificate for successful participation in the course, which will allow you to claim 32 hours of Continuous Professional Experience for your existing certifications. 1. Introduction to Cybersecurity 2. Cybersecurity Laws, Regulations and Standards 3. Designing with Cybersecurity in Mind 4. Structures for Managing Cybersecurity 5. Special Cybersecurity Topics 6. Final Practical Exam/CAPSTONE Exercise Lunarline s Cybersecurity Fundamentals class includes the following takeaway items: A printed training manual, a CD with a comprehensive set of National Institute of Standards and Technology (NIST) - approved templates, as well as copies of the guidelines, instructions, standards, and presentations discussed during the training. You will also receive a copy of the book, The Definitive Guide to the C&A Transformation co-authored by Lunarline s VP of Cybersecurity and CEO. Fundamentals of Software Assurance 3 Day Our Price: $1, February 22-24, 2012 May 30-June 1, 2012 October 10-12, 2012 December 11-13, 2012 This 3-day course provides participants with a high-level overview of various aspects of Software Assurance in the context of a modern and Internet-connected environment. Through lecture, hands-on exercises, and group discussion, you will gain a foundational perspective on the challenges of security software design and procurement, program, implementing secure software, and other factors needed for a comprehensive software assurance solution. Upon completion of this course, each participant will be able to define software assurance terminology, compliance requirements, review software assurance principles, and gain an understanding of the impact of current threat trends on security software implementation. This course is one of the core courses of Lunarline s Certificate Program in Cybersecurity. Secure assurance refers to the ability to ensure security personnel, software implementers, purchasers, and users that they can have a level of confidence that software will consistently operate in accordance with its intended goals. It includes software security, which is the process by which the software can operate effectively and security even when it comes under attack. Ideally, assured software will not contain faults or weaknesses that can be exploited either by human attackers or by the insertion (intentional or unintentional) of malicious or poor code. 1. Introduction to Software Assurance 2. Why is Software at Risk 3. Requirements for Secure Software 4. SwA Initiatives, Activities, and Organizations 5. Final Practical Exam/CAPSTONE Exercise Every student participating in Lunarline s Software Assurance course will receive a Certificate for successful participation in the course, which will allow you to claim 24 hours of Continuous Professional Experience for your existing certifications. Lunarline s Software Assurance(SwA) Best Practices class includes the following takeaway items: A printed training manual, a CD with a comprehensive set of National Institute of Standards and Technology (NIST) - approved templates, as well as copies of the guidelines, instructions, standards, and presentations discussed during the training. You will also receive a copy of the book, The Definitive Guide to the C&A Transformation co-authored by Lunarline s VP of Cybersecurity and CEO. Recovery Planning Practitioner 5 Day Our Price: $2, March 12-16, 2012 June 18-22, 2012 August 13-17, 2012 December 17-21, 2012 and weaknesses. This course will expose the students to emergency response techniques from the development of checklists to crafting concise communications releases. Upon completion of the study of recovery planning foundations, this course will give the students a thorough knowledge of how to develop viable, easy-to-use recovery plans that address all hazards and all contingencies. Finally, this course is designed to provide the elements of an ongoing viable recovery capability through training and exercising programs that meet the needs of all audiences for all organizations. This course is designed to provide an operational basis for all facets of recovery planning through information delivery and practical exercises. As a result of this course, students will be able to conduct risk analysis, business impact analysis, recovery strategy analysis and develop viable emergency response plans and recovery plans through the information obtained as a result of these assessments. Impart an ability to conduct Business Impact Analysis so that executive management will have a prioritized list of all functions performed, a determination of when the loss of a given function becomes unacceptable to the organization, and the resources necessary to enable the recovery of each function. Provide students with insights into conducting Recovery Strategy Analysis, understanding the different strategies that are currently available and their applicability based on their strengths 1. Introduction 2. Risk Analysis 3. Business Impact Analysis 4. Recovery Strategy Analysis 5. Emergency Response Planning 6. Plan Development 7. Training Programs 8. Plan Exercise This course includes the following takeaway items: A printed training manual, a CD with a comprehensive set of National Institute of Standards and Technology (NIST) - approved templates, as well as copies of the guidelines, instructions, standards, and presentations discussed during the training. CERTIFICATION: In partnership with the National Institute for Business Continuity Management (NIBCM) Lunarline students may opt to sit the Certified Continuity Manager (CCM) certification examination. When registering for the course and exam, students can choose either the public sector (COOP) or the private sector (Business Continuity Planning) specialty. 8

11 Special Access Programs C&A Transition 3 Day Special Access Programs/Sensitive Compartmented Information Our Price: $1, January 23-27, 2012 June 11-15, 2012 September 17-21, 2012 Lunarline s SAP/SCI C&A Transition training provides students with a fundamental knowledge of the requirements for transitioning from the DIACAP/JAFAN/DCID C&A process to the NIST/ CNSS requirements, as well as an in-depth look at the Risk Management Framework (RMF). This training equips the students with an in-depth indoctrination into the RMF and will provide them the requirements for managing risk, and ensuring that the confidentiality, availability and integrity of federal information and information systems is protected at a level commensurate with the security requirements of the information and the information system. Students will participate in a scenario-based hands-on exercise throughout the course to enhance understanding of the processes used for system authorization, including all of the elements of the Risk Management Framework. The SAP/SCI C&A Transition Course crosswalks the current requirements of the DIACAP, JAFAN 6/3, and DCID 6/3 processes to the use of FIPS 199, NIST SP , NIST SP Revision 1, NIST SP , NIST SP , NIST SP , NIST SP Revision 3, NIST SP 80053A, and CNSS All of our instructors have hands-on, real world experience ensuring that you get more than just classroom instruction, but also receive the benefits of actual expertise in executing these processes. Every student participating in Lunarline s SAP/SCI C&A Transition course will receive a Certificate for successful participation in the course, which will allow you to claim 24 hours of Continuous Professional Experience credits for your existing certifications. Lunarline s SAP/SCI C&A Transition class includes the following takeaway items: A printed training manual, a CD with a comprehensive set of National Institute of Standards and Technology (NIST) - approved templates, as well as copies of the guidelines, instructions, standards, and presentations discussed during the training. You will also receive a copy of the book, The Definitive Guide to the C&A Transformation co-authored by Lunarline s VP of Cybersecurity and CEO. Cyber Tools Workshop 4 Day Our Price: $2, March 13-16, 2012 June 19-22, 2012 August 14-17, 2012 October 23-26, 2012 Do you want to better understand how to use cyber tools in securing networks? Would you like to be better prepared to answer fairly technical security questions about Microsoft Active Directory, Unix, Linux, databases, firewall, intrusion detection systems and major network services like the Domain Name Service? Would you like a combination of professional instruction and well structured hands-on experiences securing these operating systems, applications and infrastructure? This course concentrates on cyber security tools, operating systems, applications, network architectures and best practices in government and industry network security. The course uses a fifty percent hands-on approach (25 lab experiences) to focus not only on tool deployment and operation system configuration, but cyber security network defense and analysis techniques. Students will configure multiple operating systems, practice network defense techniques, and understand attack prevention methods in a state of the art security lab. No experience is required; however an understanding of technical security controls or some previous experience with system administration will enhance learning. Every student participating in the Cyber Tools and Analysis Hands-On Workshop will receive a certificate for successful participation in this course, which will allow you to claim 32 hours of Continuous Professional Experience for your existing certifications. Our Continuing Education Credits are accepted by ISC2, CompTIA and ISACA. For more information about our classes, visit 9

12 our mobile courses Need your team trained? No time for travel? No Problem... We can come to you! Lunarline is a SDVOSB that is ISO 9001: 2008 certified and appraised at Maturity Level 2 of CMMI. Lunarline, Inc. courseware meets all of the elements of the Committee on National Security Systems (CNSS) National Training Standard for Information Systems Security (INFOSEC) Professionals, NSTISSI No and Our Mobile courses are one of Lunarline s most popular offerings. With instruction delivered through- out the world, Lunarline provides the flexibility to train virtually anywhere. We understand that our customers support real time, mission critical operations and are not necessarily available to travel no problem, we ll bring the training to you. Our mobile courses are highly specialized and can be tailored to your environment Service, system and situation specific needs will be considered. In fact, many of our Mobile courses culminate into a C&A strategy development for your system. We have tailored DIACAP, FISMA, and CNSS courses for DISA, Army CIO G6, Air Force, Army (CENTCOM, SOCOM, LIA, NETCOM), Navy (SPAWAR), JSF and PM-JAIT, DOL OIG, Aetna Healthcare, Philips Electronics, SRI International, Lockheed Martin, Northrop Grumman, and more. What students think of our mobile courses... It was a great training course! The instructor showed great professionalism and expertise on the whole C&A process. If we ever get more contracts that require DIACAP, I would be happy to bring Lunarline back to provide additional training or better yet, hire Lunarline as a consultant. DoD Contractor, SRI Go to for more customer testimonials. 10

13 Custom Solutions We will tailor our Information Assurance and Cyber Security Training Modules to your specific IA, Component, and Cyber Security requirements. Mobile Solutions We have the flexibility to train virtually anywhere. Our mobile courses are highly specialized and can be tailored to your environment. Your service, system and situation specific needs will be our driver anytime and anywhere in the world. (CONUS/OCONUS) Support Solutions All courses include a printed manual and a CD/DVD containing useful documents, templates, re- sources, and a definitive guide to the C&A transformation. Our expert instructors are available to assist and guide you even AFTER the courses have ended. 11

14 meet the instructors Waylon Krush, CISSP, CISA, CAP Co-Founder and CEO, Lunarline, Inc. Waylon Krush is the CEO of Lunarline, Inc. and manages Lunarline s overall business strategy. Mr. Krush has over ten years of experience in Critical Infrastructure Protection (CIP), Information Operations (IO), Signals Intelligence, System and Telecommunication exploitation, and certification and accreditation (C&A). Prior to becoming the CEO of Lunarline, Inc., Waylon was a senior InfoSec engineer in AT&T s Advanced Systems Division, and Chief of the Information Assurance (IA) group for GRC-TSC. Mr. Krush proudly served seven years in the United States Army in various intelligence/security related technical and leadership roles throughout the world. Waylon holds a BS in Computer Information Science from University of Maryland University College, and is a Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA) and a Certification and Accreditation Professional (CAP). He is also a recipient of the Knowlton Award, United States Marine Corp Scholastic Leadership Award, Air Force Advanced Signals Award, 718th Soldier of the Year, NSA Professional of the Quarter, Voice of America Award, and American Legion Award (2 Years). Mr. Krush is the co-author of The Definitive Guide to the C&A Transformation, published in 2009 with Lunarline s VP of Cybersecurity, Dr. Julie Mehan. Keith Mortier, CISSP, CISA President and COO, Lunarline, Inc. Keith Mortier is the President and COO of Lunarline, Inc. and is the senior executive and consultant. Mr. Mortier has more than seventeen years of experience in Information Security, Organizational Leadership, and Strategic Planning-serving clients in multiple industries. Keith is an expert at directing IT projects and leading IT transformations to quickly align resources with company strategy to generate immediate returns. Prior to Lunarline, he worked as a part of the Cyber Security Team with AT&T Government Solutions and as the Staff Vice-President for the National Association of Home Builders. Mr. Mortier has also served as Regional Director, ISP Professional Services for Timebridge Technologies (later acquired by Dimension Data). Keith holds a BS in Computer Information Systems, the Certified Information Systems Security Professional (CISSP) and the Certified Information Systems Auditor (CISA) designations and is the author of the CISA Exam Cram 2 exam preparation guide published by Que. Dr. Julie E. Mehan, PhD, CISSP Vice President of Cybersecurity, Lunarline, Inc. Dr. Julie Mehan has been a career Government Service employee, a strategic consultant, and an entrepreneur. She has led business operations, as well as the information technology governance and information assurance-related services, including certification and accreditation (C&A), systems security engineering process improvement, and information assurance strategic planning and program management. During her career, Dr. Mehan has delivered innovative information assurance, information technology governance, and security-related privacy services to senior department of defense, federal government, and commercial clients working in Italy, Australia, Canada, Belgium, and the United States. She served on the President s Partnership for Critical Infrastructure Security, Task Force on Interdependency and Vulnerability Assessments. Dr. Mehan is on the SANS Advisory Board, a voting board member for the International Systems Security Professional Certification Scheme (ISSPCS), and chair of the Systems Certification Working Group of the International Systems Security Engineers Association. She also serves as an Associate Professor at the University of Maryland University College, specializing in courses in Information Technology and Organizational Structure, Cyberterror, and Ethics in Information Technology. Dr. Mehan holds a PhD in Organization and Management, a Master of Arts with Honors in International Relations and Law from Boston University, and a Bachelor of Science degree in History and Languages from the University of New York. Dr. Mehan was honored with the 2003 Woman of Distinction by the Women of Greater Washington title, and is a member of AFCEA, ISACA, IEEE, and the Information Systems Security Association (ISSA). She was awarded the Meritorious Civilian Service Award for her actions supporting the deployment in Bosnia and the Commander s Award for Civilian Service for her initiatives in establishing the Army s first Red and Blue Team capability. Her most recent book, The Definitive Guide to the C&A Transformation, co-authored with Lunarline s CEO, Waylon Krush, was published in In 2008, Dr. Mehan authored and published CyberWar, CyberTerror, CyberCrime: A Guide to the Role of Standards in an Environment of Change and Danger through IT Governance Publishing. She has written and published numerous articles including Framework for Reasoning About Security: A Comparison of the Concepts of Immunology and Security; System Dynamics, Criminal Behavior Theory and Computer-Enabled Crime; The Value of Information-Based Warfare To Affect Adversary Decision Cycles; and Information Operations in Kosovo: Mistakes, Misteps, and Missed Opportunities, released in Cyberwar 4.0. Dr. Mehan has native fluency in German and conversational French and Italian. 12

15 Charles A. Russell, Sr., PMP, CISSP, CAP, CTT+ Senior Instructor, Lunarline, Inc. Mr. Russell is a Senior Instructor for Lunarline. He brings more than 20 years of experience in information assurance, including skills derived from supporting Fortune 100 corporations like GTE Directories, Brown & Williamson Tobacco, Texas Instruments, First USA and Unisys Corporation. Charles has served in a variety of roles as both an independent consultant and a member of various technology teams to develop software, secure complex network environments and build organizational structures for the success of the U.S. Air Force, in addition to serving as a Special Agent with the Air Force s Office of Special Investigation. Mr. Russell holds the Project Management Professional (PMP) designation and is a participating member of the Richmond Chapter of PMI. He is a Certified Information Systems Security Professional, (CISSP), a Certification & Accreditation Professional (CAP) and a Certified Technical Trainer (CTT+). Charles holds an MS degree from Frostburg State University, a BA degree from the Virginia Military Institute and is a graduate of the Industrial College of the Armed Forces. He was awarded the Bronze Star medal while serving the Air Force in Southeast Asia. Rebecca Henry Onuskanich, CISSP, CAP, CTT+ Senior IA Program Manager, Lunarline, Inc. Rebecca is a Senior IA Program Manager with Lunarline, Inc. She is currently working at CENTCOM and also teaches many of Lunarline s DIACAP courses. Rebecca spent 8 years in the Air Force before working with Lunarline. Mrs. Onuskanich has over 10 years of experience in information assurance, specifically in certification and accreditation and IA engineering at the COCOMs, with 3 years federal C&A experience. Rebecca has her Certified Information Systems Security Professional (CISSP) and Certification & Accreditation Professional (CAP) certifications and is a Certified Technical Trainer (CTT+). Mrs. Onuskanich holds her MBA and BA in Psychology from St. Leo University. Jason Merkel, CISSP, ISSP, CISM Enterprise IA Programs Manager, Lunarline, Inc. Mr. Merkel has over 12 years of experience in the information technology industry. He supports multiple DoD and Commercial clients as an IA consultant with emphasis on DIACAP, IA engineering and testing of networks, communication systems, and SATCOM systems. He is a well-rounded professional fully proficient in implementing and planning best practices, policy and governance, network architectures, and testing of IA controls, resulting in secure architectures and regulatory compliance. He works effectively with all levels of client, management, and employee bases and leads Lunarline s Security Testing Team. Prior to joining Lunarline, Mr. Merkel spent nine years with Booz Allen Hamilton supporting IA initiatives for numerous, large Navy and Joint Programs. He has been CISSP-certified since 2002, ISSEP-certified since 2004, and CISM-certified since 2007 and holds a BS degree in Electrical Engineering from the University of Delaware. Robert Cohen, CCM, CBRM, CBCP, Security+ Certified Senior Continuity Specialist, Lunarline, Inc. Mr. Cohen is a self-motivated, certified business continuity planner offering 16 years experience in Business Continuity Planning and 25 years in information assurance, Security Management and Project Management. With 15 years of experience in developing Disaster Recovery and Business Resumption Plans and13 years experience in conducting Vulnerability Assessment and Risk Assessment Surveys, Robert has conducted comprehensive Business Impact Analyzes for the Department of Homeland Security Human Capital Office. He has identified and prioritized approximately 120 functions, determined necessary recovery staffing, and operational IT requirements. Mr. Cohen is a published author of the Disaster Recovery Chapter and Data Backup Appendix for the HIPAA Implementation Guide published by URAC and in the HIP Alert Newsletter September 2001 Vol. 5 as a Business Continuity Expert. Robert is a Certified Case Manager (CCM), Certified Business Resilience Manager (CBRM), Certified Business Continuity Professional (CBCP), and Security+ certified. 13

16 Matt Xenakis, CISSP, CAP Deputy IA Program Manager, Lunarline, Inc. Matt Xenakis is a Senior Information Assurance Engineer at Lunarline, Inc. He is the Deputy Program Manager of Lunarline s west coast Information Assurance testing and engineering team. He is also responsible for managing Lunarline s overall business strategy for growth into penetration and web application testing (red and blue team testing). Mr. Xenakis has over 7 years experience in providing technical, programmatic, and consulting support to both commercial organizations and government agencies. He has supported several clients, including the United States Navy, the United States Air Force, the United States Army, the National Aeronautics and Space Administration, the National Security Agency, multi-national banking institutions, and major investment management companies by providing expertise in Information Security, Information Assurance, Mission Assurance, Security Engineering, security auditing, and penetration testing. Matt Xenakis holds a Bachelor s in Science, Electrical Engineering degree from Arizona State University. He is a Certified Information Systems Security Professional (CISSP) and a Certification and Accreditation Professional (CAP). Mr. Xenakis also is an Offensive Security Wireless Professional (OWSP) and holds a Business Continuity Planner (BCP) qualification from the DRI Institute. Jennifer Hawks, CISSP Vice President of Business Development, Lunarline, Inc. Ms. Hawks has over 9 years in the Information Assurance field, specializing in Department of Defense (DoD) Certification and Accreditation (C&A). Ms. Hawks has lead many teams performing various aspects of IA/IT security to include vulnerability/risk assessments, system testing and lockdown, security documentation development, and much more. Currently engaged with multiple clients spanning Navy, Army, Marine Corps, DISA, Air Force, and other DoD Components, Ms. Hawks is ensuring the certifiability of many vendor-systems for DoD implementation. Ms. Hawks s expertise are focused in deploying/fielding medical systems. As a DIACAP instructor for Lunarline, Ms. Hawks brings a wealth of knowledge to the classroom. Heavily leveraging her experience allows Ms. Hawks to tailor the course materials to the student s individual systems as well as situations. Ms. Hawks is adept at explaining security related concepts to various audiences, e.g., system developers as well as Program Managers. Ms. Hawks holds a BS in Decision Science, is CISSP-certified, and has multiple awards from the Navy for exemplary IA support. Dr. Lori DeLooze, CISSP, PMP Senior Instructor, Lunarline, Inc. Dr. DeLooze holds Masters Degrees in Management, Computer Science and Education and a PhD in Computer Science. She is a Certified Information Systems Security Professional (CISSP), Project Management Professional (PMP) and a DoD Certified Chief Information Officer (CIO). Dr. DeLooze provides subject matter expertise in security architecture, cyber education, cyber analysis processes and the DoD Certification and Accreditation process. She has numerous publications, most of which focus on applying artificial intelligence and machine learning techniques to solve problems related to computer security. She retired from the United States Navy after 20 years of service as an Information Professional and Space System Engineer. She is the recipient of the Navy Achievement Medal, Navy Commendation Medal, Joint Services Commendation Medal and the Defense Meritorious Service Medal. 14

17 more about us Training Success Stories Plutus Technologies Jeffrey Taylor Course was extremely informative and thought out. Instructor was pleasant. I would absolutely recommend this to my friends and colleagues. MIL Corporation Daniel Wilson I am confident in the skills and knowledge taught to me by the Lunarline team. I would absolutely recommend Lunarline training to my peers, and am looking forward to engaging the company in customized onsite instruction. ITT Corporation Christina Schelich This training is awesome! I will recommend to all co-workers! The training provided excellent resources and also provided great background information for DIACAP. Dr. Mehan and Mr. Krush are the best instructors. Army Paul Horner, SFC By far the best, most enjoyable training I have ever attended. Above-exceptionally knowledgeable instructor (can I give a 10 ). Julie s army background is/was pivotal to the need and application to our current real world DIACAP learning! ITT Systems Suzanne Mclaughlin The Instructor was extremely knowledgeable and made the learning experience fun and enjoyable. Redport Information Assurance Steven Reinkemer Mr. Russell is a dynamic speaker who has the uncanning ability to make sleep inducing material interesting every day. The DIACAP course filled with humor, positive energy, and thought provoking discussions. I highly recommend this course to anyone in the IA arena. US DOL OIG OITA Paul Vaclavik This was the most useful training course I have taken in years. I will be able to immediately use the knowledge I was given. The Instructor was great!! US Navy ODAA Vickie Mims-Harris Mrs. Onuskanich was fantastic!! Her in-depth knowledge of IA brought a huge bonus to the DIACAP learning process! Robert Y. Shaw I enjoyed the course very much, it was very informative and will be useful to me. Mr. Merkel was a great teacher and very helpful Thanks! Parata Systems Rick Rectenwald Ms. Hawks was extremely knowledgeable on the subject, and presented Days 2 & 3 well. I learned the process and path well enough to speak at both an executive and fairly detailed level. Need more information? Want to reserve your seat in our training? Contact Melissa Dawson Today! (571) Or her at: melissa.dawson@lunarline.com 15

18 Customers LUNARLINE OFFERS THE CNSS/NSA (NSTISSI 4015) CERTIFICATION. Lunarline provides a unique opportunity for students to meet the requirements for Systems Certifier quickly. Most approved 4015 training providers are universities and colleges that require students to take semester long courses to achieve certification. With Lunarline, students can gain certification through attending only two of our short courses; DIACAP Validator Workshop 5 Day and their choice of one of the Applying the FISMA/NIST Risk Management Framework In-Depth 3 Day OR Applying the CNSS/NIST Risk Management Framework In-Depth 3 Day. 16

19 class rates Lunarline and the School of Cybersecurity Announce the launch of the new CLASSPASS! Unlock the power of cyber security training with a CLASSPASS. It is a cost-effective way to bring professional training to your staff. The CLASSPASS offers a host of learning related benefits including exclusive access to learning resources, discounts on training and services, as well as access to vouchers for the required certification exams. When you take our Lunarline training courses in our Arlington, VA training facility you can take advantage of our discount offers: INDIVIDUAL: - If you register and pay for two or more classes, you will receive 15% off each class price. GROUP: - If you and a co-worker register and pay for a class, you will each receive 10% off the class price. - If you register and pay for 3-5 participants in a class, you will each receive 15% off the class price. - If you register and pay for 6+ participants in a class, you will each receive 20% off the class price. When you come to Lunarline s training facility you receive A light breakfast, such as fruit, bagels and donuts and for lunch, we offer sandwiches, chips, salads, pizza and cookies. With coffee, tea, sodas and water all through the day. 17

20 Connect With Us 3300 N Fairfax Drive, Suite #308 Arlington, VA Phone: (571) Fax: (202) CMMI is registered in the U.S. Patent and Trademark Office by Carnegie Mellon University.