This course was created by DAU and is hosted on CDSE's learning management system STEPP.
Description: This course emphasizes the principles and policies of system security engineering. Program protection planning requires each acquisition’s integrated product team to prevent, detect, and respond to program protection challenges. This course provides training on threats, vulnerabilities, risks, cost-benefit risk tradeoffs, and required mitigations for DOD systems. It also addresses supply chain management and the need for acquisition program protection documents such as the Program Protection Plan, Cybersecurity Strategy, and security plans. There are 11 modules to this course and an exam after each module.
Course Resources: N/A
Learning Objectives: At the end of this course, students should be able to:
- Recognize system security threats and consequences to acquisition programs and that the system security solution approach inludes risk-based prevention, detection, and response to system security threat
- Define Critical Program Information (CPI), CPI policy, CPI threat definition, and associated attacks
- Identify trusted system and network threat definitions, associated attacks, and policy.
- Given DoDI 5000.02, recognize the requirement of the Program Protection Plan (PPP) within the Acquisition Life Cycle and how program protection is incorporated into the Request for Proposal (RFP)
- In accordance with DoDI 5000.02, define the roles and responsibilities of the program manager (PM), systems engineer (SE), system security engineer (SSE), system security engineering specialists, security specialists, chief developmental tester, and the contractor with respect to system security
- In accordance with DoDI 5000.02, recognize how program protection integrates system security engineering specialties and security specialties through a high level overview of each specialty's activities and outputs
- Recognize elements of information analysis for security implementation
- Recognize the elements of Critical Protection Information (CPI) analysis for security implementation
- Recognize elements of trusted systems and networks (TSN) analysis for security implementation
- Recognize the purpose and characteristics of trade-off analysis and how program protection requirements are incorporated into the Request for Proposal
- Recognize the role of test and evaluation for verification and validation of program protection measures
- Given DoDI 5200.39 and 5200.44, recognize the impact of SSE analyses on the technical baselines and systems engineering technical reviews
- Given contracting scenarios, relate the protection measure and mitigation steps to specific acquisition solicitations scenarios
Delivery Method: eLearning
Length: 17 hours
Target Audience: This course will benefit all DOD professionals, across all Services and DOD agencies, as well as any industry partner, who wants to learn more about the subject.
Number of Student per Course: N/A
- Clearance Requirements: N/A
- Attendance Requirements: N/A
- Exam Requirements: A student must receive a passing score of 80% on each exam that follows each of the eleven modules in this course to print a certificate of successful completion for the course.
- ACE Credit Recommendation: (What's this?) N/A
- Professional Development Units per SPēD: N/A
System Requirements: Check if your system is configured appropriately to use STEPP.