This course does not contain the final exam. Students must register for the exam (IS310.06) separately in STEPP and will receive credit for the course upon receiving a passing score.

Description: This course is the last in a series of three courses examining the C&A process. This course focuses on more technical aspects of the C&A process and guides students on navigating through the system using the Baseline Technical Security Configuration Guide. It provides the opportunity for students to learn how technical security standards are implemented on an Information System through the use of a virtual environment and demonstrations. In addition, this course covers DSS procedures for access, maintenance, and analysis of Audit Logs, Trusted download procedures, Data Spills, Network Security Plans (NSP), and Memorandum of Understanding (MOU) requirements.

Course Resources: N/A

Learning Outcomes:
This course is designed to enable students to:

  • Demonstrate comprehension of the requirements and procedures for system configuration
  • Demonstrate comprehension of the procedures for use and analysis of the Event and Audit logs
  • Demonstrate comprehension of the trusted download procedures for the transfer of files from a secure system
  • Demonstrate comprehension of the procedures to clean-up classified data spills
  • Demonstrate comprehension of the requirements and approval process for Network Security Plans (NSPs)

Delivery: eLearning

Length: 2-4 hours

Target Audience: Department of Defense (DoD) information system users and other U.S. Government personnel and contractors within the National Industrial Security Program who have responsibility for evaluating information systems and certifying to the Government that information systems meet security requirements

Number of Students per Course: N/A


  • Clearance Requirement: N/A
  • Attendance Requirement: N/A
  • Exam Requirements: Students must earn a 75 percent grade average on IS310.06 course exam and successfully complete the Technical Implementation of C&A - Virtual Environment (CS311.16, CS312.16, or CS313.16) for their relevant operating system.

Prerequisites: Introduction to NISP Certification and Accreditation Process course (IS100.16) and NISP C&P Process: A Walk-Through course IS200.16.

Credits Recommended/Earned

  • ACE Credit Recommendation: (What's this?) N/A
  • Continuing Education Units per IACET: N/A
  • Professional Development Units per SPeD: 4.5

Additional System Requirements: Check if your system is configured appropriately to use STEPP.

CDSE courses are intended for use by Department of Defense and other U.S. Government personnel and contractors within the National Industrial Security Program.