NIST 800-171

Infosec via Coursera

Go to Course: https://www.coursera.org/learn/nist-800-171

Introduction

### Course Review: NIST 800-171 on Coursera In recent years, the importance of cybersecurity has surged to the forefront of business priorities, particularly for organizations working with federal contracts. Among the various frameworks available, NIST SP 800-171 stands out as a crucial guide for protecting Controlled Unclassified Information (CUI). Coursera offers an in-depth course on NIST 800-171 that is valuable for anyone looking to ensure compliance and build a robust cybersecurity posture. #### Course Overview The NIST 800-171 course on Coursera provides a comprehensive learning path designed to help participants understand and implement the NIST cybersecurity framework. Comprising 110 controls organized into 14 families, this framework is essential for organizations that handle CUI. Throughout the course, learners are educated on how to comply with NIST 800-171 requirements and gain practical insights necessary for protecting sensitive information. #### Course Outline and Syllabus The syllabus is systematically structured, making it easy to follow and absorb the material. Here’s what you can expect to cover during the course: 1. **Review the DFARS Requirement that led to NIST 800-171** This foundational section introduces the Defense Federal Acquisition Regulation Supplement (DFARS) that sets the stage for the NIST 800-171 standards. Understanding this legal framework is essential for organizations aiming for compliance. 2. **Understanding the NIST 800-171 Controls** Here, participants delve into the 14 families of controls, learning their purpose and relevance. This segment is crucial for grasping how the controls apply to various aspects of information security. 3. **Understand and Create Policies and Plans** Effective cybersecurity relies on strong policies and plans. This part of the course teaches you how to develop these essential documents, ensuring that your organization is prepared to meet the requirements effectively. 4. **Create an SSP for Implemented Controls** The System Security Plan (SSP) is a vital document in demonstrating your organization’s compliance with NIST 800-171. This section guides you through creating an SSP that accurately reflects existing controls. 5. **Create a POAM for Unimplemented Controls** The Plan of Action and Milestones (POAM) is critical for managing unimplemented controls. This segment walks you through developing a POAM that outlines strategies for addressing any vulnerabilities. 6. **Review how NIST 800-171 compliance prepares an organization for CMMC Levels 1-3** With the emergence of the Cybersecurity Maturity Model Certification (CMMC), understanding the connection between NIST 800-171 and CMMC is imperative. This section prepares you for the next levels of cybersecurity certification. 7. **Putting it all together** To cap it all off, this module reviews the key concepts learned throughout the course, enabling you to understand how they fit together into a cohesive cybersecurity strategy. #### Review and Recommendations This course is meticulously crafted for anyone involved in cybersecurity management, compliance, or risk management. The material is presented in an engaging format, combining theoretical knowledge with practical applications. The instructors are seasoned experts in the field, providing valuable insights and real-world examples that enhance the learning experience. One of the standout features of this course is its proactive approach to compliance. Rather than merely providing a static checklist of requirements, it empowers learners to develop customized policies and strategic plans tailored to their unique organizational needs. The inclusion of POAMs and SSPs ensures that participants leave the course not only with theoretical knowledge but also with actionable takeaways that can be implemented immediately. Moreover, the course is well-structured for both individual learners and team-based training initiatives. Organizations looking to certify their compliance with federal regulations should consider enrolling multiple team members, as this not only fosters collective knowledge but also aligns the cybersecurity efforts across the organization. In conclusion, I highly recommend the NIST 800-171 course on Coursera for anyone involved in information security within the realm of federal contracts or those needing to secure Controlled Unclassified Information. The course’s comprehensive syllabus, the expertise of the instructors, and the practical applications provided make it a valuable investment in your cybersecurity education and preparedness. By completing this course, you’ll gain the knowledge and skills needed to navigate the complexities of NIST 800-171 compliance effectively.

Syllabus

Review the DFARS Requirement that led to NIST 800-171

Understanding the NIST 800-171 Controls

Understand and Create Policies and Plans

Create and SSP for Implemented Controls

Create a POAM for Unimplemented Controls

Review how NIST 800-171 compliance prepares an org for CMMC Levels 1-3

Putting it all together

Overview

NIST SP 800-171 is a cybersecurity framework of 110 controls in 14 families published by the National Institute of Standards and Technology (NIST). This learning path will teach you how to comply with the requirements of NIST 800-171. You will understand what CUI is and how to identify it; what a nonfederal information systems is; how to understand each of the 110 requirements in the framework and satisfy each of them if necessary; how to create a Body of Evidence (BOE) including Organizational

Skills

Reviews

Great overview, and challenging, there is a lot to remember!

Good content but some of the assessment questions in week 7 are using CMMC version 1.02 and not 2.0.

Very informative. A great first couple of steps to get this material down!

Amazing course , well put together !!! Great for beginner

There is A LOT of information to go over! It is laid out nicely, but sometimes it can be confusing and not communicated clearly. Overall, I enjoyed the course and learned something new.