401V ICS Analysis and Evaluation - Jan 10, 2022

Actions Panel

Registrations are closed

Registration has ended. Please check http://us-cert.cisa.gov/ics/Calendar for additional courses.

401V ICS Analysis and Evaluation - Jan 10, 2022

The 401V course provides training on analyzing and evaluating an Industrial Control Systems (ICS) network.

When and where

Date and time


To be announced

About this event

Completion of 301/301V is NOT a prerequisite for this course.

The purpose of the course is to provide hands-on training analyzing, evaluating, and documenting the cybersecurity posture of an ICS system for internal and/or external recommended changes. Specifically, this course will utilize a repeatable process within a simulated ICS environment to analyze cybersecurity weaknesses and threats, evaluate and map findings, and document potential mitigations. Trainees will leave with a template that can be used for evaluations at their workplace.

The online course consists of pre-recorded videos and hands-on activities compiled into sessions by our instructional staff:

  • Analysis and Evaluation Overview
  • Step 1 – Analyze Business Purpose
  • Step 2 – Identify Assets
  • Step 3 – Determine ICS Connectivity
  • Step 4 – Determine ICS Dependencies
  • Step 5 – Assess Risk to Business
  • Step 6 – Determine Critical Risk
  • Step 7 – Recommend Actions
  • Step 8 – Monitor and Reassess
  • Required: Final Evaluation
  • Optional: CSET

Plan on dedicating around 15-25 hours over the three-week period to complete the online course. Hands-on activities may be additional time. Participants can go through the sessions at their own pace during the week, but the sessions must be completed in order. In other words, each session must be completed before the next session will be available for viewing. Hands-on activities using NetLab will be completed as you progress through the course. All videos and hands-on activities must be completed by the closing date. If you do not or cannot complete the course in the allotted time frame, you may register for the next available 401 course to finish the videos and hands-on labs.

A certificate of completion and CEUs will be offered to those who complete all sessions and hands-on activities of the course within the three week period.

If at any time you have questions or input for the course, please email icstraining@inl.gov.

Who Should attend:

Individuals who are responsible for evaluating or influencing the cyber security posture of critical infrastructure. This could include any of a number of specific roles and responsibilities such as cyber security management, risk management personnel, IT and control system (OT) security personnel, network engineers, OT engineers and managers. This class is geared towards small to medium sized companies with no OT risk management personnel but personnel from large business are welcome also.