Duration:

1 Day

Audience:

Employees of federal, state and local governments; and businesses working with the government.

Course Overview:

The DISA Security Technical Implementation Guides (STIGs) serve as a comprehensive set of guidelines, offering security configurations and policies for diverse technologies and systems. This training program is meticulously crafted to furnish participants with a profound comprehension of the fundamental principles of DISA STIGs and effective implementation methods. Through a blend of hands-on experience in a virtual lab setting, along with lectures and discussions, participants gain practical insights. Leveraging BAI’s extensive expertise as a provider of RMF consulting services, the STIG 101 curriculum covers:

  • Understanding the significance of DISA STIGs in upholding system security
  • Implementing DISA STIGs efficiently across various system environments
  • Utilizing tools and methodologies for auditing and ensuring compliance with DISA STIGs
  • Familiarization with commonly used tools such as DISA STIG Viewer, SCAP Compliance Checker, and Evaluate-STIG.

STIG 101 offers a comprehensive one-day STIG Overview course, addressing various challenges and beyond. Topics covered include STIG Content, STIG Development, STIG Tools, and Best Practices. Through demonstrations of STIG Viewer, SCAP Compliance Checker (SCC), and STIG implementation, students gain a real-world understanding of the STIG process. Additionally, the course delves into the development process, shedding light on the origins of STIGs, their creators, and the publication process.

This course caters to individuals seeking insights into STIG content and processes, making it ideal for those with limited or no prior exposure to STIGs. Conducted via Online Personal Classroom™, it offers a fully interactive, instructor-led experience. The course commences with an introductory section covering concepts and best practices, followed by screen-sharing sessions for tool demonstrations, including SCC and STIG viewer, alongside an overview of best practices. Moreover, specific student concerns will be addressed within the course’s scope, enhancing its relevance.

A key takeaway from the class is gaining an efficient process for managing the often challenging task of ‘STIGing’ machines, from initial configuration to the quarterly STIG update process.

Course Outline:

  • Security Technical Implementation Guide (STIG) Overview
  • Best Practices
  • STIG Content
  • SCAP Compliance Checker (SCC)
  • STIG Viewer
  • How To STIG
  • SCAP/STIG Resources