DoD 8570

www.giac.org

•  
• Overview
  • Mission Statement
  • FAQ
  • Code of Ethics
  • GIAC Ethics Council
  • Code of Ethics - Violation Submission
  • EEOC Policy
  • Proctor Policy
  • Brief (PDF)
  • Contact
• Why GIAC
  Certification Matters
• Certifications
  and Certificates
  • Roadmap
  • Steps To
  • Security Admin
    • GAWN
    • GCFA
    • GCFW
    • GCIA
    • GCIH
    • GCUX
    • GCWN
    • GGSC-0100 - Retired
    • GGSC-0200 - Retired
    • GGSC-0400 - Retired
    • GHTQ - Retired
    • GIPS - Retired
    • GISF
    • GISO - Retired
    • GNET
    • GREM
    • GSEC
    • GSIP - Retired
    • GSOC
    • GWAS - Retired
    • SSP-CNSA - Retired
    • SSP-DRAP - Retired
    • SSP-GHD - Retired
    • SSP-MPA - Retired
    • GPEN
  • Management
    • GCIP - Retired
    • GCSC - Retired
    • GEIT - Retired
    • GEWF - Retired
    • GFSP - Retired
    • GHSC - Retired
    • GISP
    • GSLC
    • GSPA
    • GLDR
    • GCPM
    • GCIM
  • Operations
    • GOEC - Retired
  • Audit
    • G7799
    • GAWN-C - Retired
    • GPCI - Retired
    • GSAE
    • GSNA
  • Legal
    • GBLC - Retired
    • GCDS - Retired
    • GLFR - Retired
    • GLIT - Retired
    • GLEG
  • Software Security
    • GSSP-C
    • GSSP-JAVA
  • GSE
  • GSE-Malware
  • GSE-Compliance
  • DoD 8570
• Certified
  Professionals
  • Listings
    • G7799
    • GAWN
    • GAWN-C - Retired
    • GBLC - Retired
    • GCDS - Retired
    • GCFA
    • GCFW
    • GCIA
    • GCIH
    • GCIP - Retired
    • GCSC - Retired
    • GCUX
    • GCWN
    • GEIT - Retired
    • GEWF - Retired
    • GFSP - Retired
    • GGSC-0100 - Retired
    • GGSC-0200 - Retired
    • GGSC-0400 - Retired
    • GHSC - Retired
    • GHTQ - Retired
    • GIPS - Retired
    • GISF
    • GISO - Retired
    • GISP
    • GLFR - Retired
    • GLIT - Retired
    • GNET
    • GOEC - Retired
    • GPCI - Retired
    • GREM
    • GSAE
    • GSEC
    • GSIP - Retired
    • GSLC
    • GSNA
    • GSOC
    • GSPA
    • GWAS - Retired
    • SSP-CNSA - Retired
    • SSP-DRAP - Retired
    • SSP-GHD - Retired
    • SSP-MPA - Retired
    • GLDR
    • GPEN
    • GCPM
    • GLEG
    • GCIM
    • GSSP-C
    • GSSP-JAVA
  • Profiles From The
    Front Lines
  • Does Certification Really Matter?
  • GIAC Hero
  • Business Card Logos
• GIAC Gold
• GIAC Platinum
  • GSE
  • GSE-Malware
  • GSE-Compliance
• Skills Test and Report (STAR)
• GIAC Help and Information – NEW
• Challenge Info
• Registration Info
  • GIAC Pricing
  • Venues
  • Challenge Certification
• Exams
  • Practice Tests
  • Deadlines
  • Exam Creation
  • Exam Technical Issues
• Proctor Program – NEW
  • Program Details
  • FAQ
  • KRYTERION Sites
  • Proctor Policy
  • Proctor Forms
  • Computer Requirements
• Retakes & Extensions
• Recertification
• Exam Feedback Procedure
• Grievance Procedure
• Resources
  • Overview
  • Interview with
    Dr. Cole
  • Student Comments
  • D1: Access
  • D2: Network
  • D3: Management
  • D4: Application
  • D5: Cryptography
  • D6: Architecture
  • D7: Operations
  • D8: Planning
  • D9: Law
  • D10: Physical
• ADA Accomodation Policy
• Job Listings
• SANS Portal
• SANS Home
• SANS Software Security Institute
• SANS Reading Room
• Direct Links G7799 GSAE GPCI GSNA GAWN-C GCDS GLFR GLIT GBLC GLEG GFSP GEWF GEIT GHSC GCIP GLDR GCPM GISP GSLC GSPA GCIM GCSC GOEC GISO GISF SSP-CNSA SSP-DRAP SSP-MPA GSEC GPEN GGSC-0100 GGSC-0200 GGSC-0400 GCFW GCIA SSP-GHD GCFA GWAS GCIH GSOC GIPS GCUX GCWN GHTQ GAWN GNET GREM GSIP GSSP-C GSSP-JAVA
•  

• Overview
• Is it Really Working?
• Contact Us
• SANS Training Courses
• GIAC Proctor Program

Note that all DoD 8570 participants are required to take proctored GIAC exams.

For more information on the GIAC proctor program, visit: www.giac.org/overview/proctor_policy.php

View a PDF version of this webpage

---

SANS is my preferred training to meet DOD 8570. Training offered by SANS pertains to best practice so rubber hits the road. – Michael Emmons, USMC

Overview

• What is DoD 8570?
• What agencies are affected by 8570?
• Who is affected by 8570?
• When is 8570 effective?
• Where can I find more information from the DoD on the requirements?
• Where can I find the 8570 manual?
• What is SANS doing to help address 8570?
• Why choose SANS training vs. cheaper options?
• Where can I get SANS training for certification?
• Course Descriptions for SANS Courses Supporting 8570
• Why SANS is the best source for InfoSec training & certification?
• Why is GIAC the best certification for 8570?
• More Information on GIAC Certification
• How do I assess my knowledge before taking an exam?
• How do I purchase SANS Assessment, Training and Certification?
• What can I do to make SANS 8570 related courses better or more useful to the warfighter?

What is DoD 8570?

8570 provides guidance and procedures for the training, certification, and management of the DoD workforce conducting Information Assurance functions in assigned duty positions. It also provides guidance on reporting metrics.

What agencies are affected by 8570?

• Office of the Secretary of Defense
• Military Departments
• Chairman of the Joint Chiefs of Staff
• Combatant Commands
• Office of the Inspector General of the DoD
• Defense Agencies
• DoD Field Activities
• all other organizational entities in the DoD

Who is affected by 8570?

Any full- or part-time military service member, contractor, or local nationals with privileged access to a DoD information system performing information assurance (security)functions -- regardless of job or occupational series.

The manual, 8570.01M, specifies that the Department of Defense requires approximately 110,000 identified Information Assurance professionals to be certified within a five year time period. The Defense Information Assurance Program office has divided its Information Assurance workforce into six defined categories (see chart below). The manual also specifies the types of commercial information assurance credentials that qualify for each of the defined categories.

When is 8570 effective?

8570 is effective immediately and is mandatory for use by all the DoD Components.

Where Can I Find More Information from the Department of Defense on the requirements?

Visit the DoD IASE website at: http://iase.disa.mil/eta/index.html#8570training (.mil or .gov only). If you cannot access the DoD website call the Defense Information Assurance Program Office at 703-604-1480x112 for additional information.

Where can I find the 8570 Manual?

• Click on this link: 8570.01M OR
  Copy and paste: http://www.dtic.mil/whs/directives/corres/html/857001m.htm
• Contact 8570@sans.org

What are the DoD Approved Certifications?

Per Table AP3.T1, here are the "DoD Approved Baseline Certifications:"

IAT Level I	IAT Level II	IAT Level III
A+ Network+ SSCP	GSEC Security+ SCNP SSCP	CISA CISSP® GSE SCNA
IAM Level I	IAM Level II	IAM Level III
GISF GSLC Security+	GSLC CISM CISSP®	GSLC CISM CISSP®

Which SANS Courses align with "DoD Approved Certifications"?

Technical Level	Certification Name	SANS Course #
IAT Level II	Security+	SEC334 (CompTIA Approved)
IAT Level II	GSEC - GIAC Security Essentials Certification	SEC401
IAT Level III	CISSP® - Certified Info. Systems Security Professional	MGT414
IAT Level III	CISA - Certified Information Systems Auditor	AUD423
IAT Level III	GSE - GIAC Security Expert	SEC401 (GSEC), SEC503 (GCIA) & SEC504 (GCIH)
Management Level	Certification Name	SANS Course #
IAM Level I	Security+	SEC334 (CompTIA Approved)
IAM Level I	GSLC - GIAC Security Leadership Certificate	MGT512
IAM Level I	GISF - GIAC Information Security Fundamentals	SEC301
IAM Level II	GSLC - GIAC Security Leadership Certificate	MGT512
IAM Level II	CISSP® - Certified Info. Systems Security Professional	MGT414
IAM Level III	GSLC - GIAC Security Leadership Certificate	MGT512
IAM Level III	CISSP® - Certified Info. Systems Security Professional	MGT414

Why choose SANS training vs. cheaper options?

• If your goal is actually improving security, SANS is the most trusted source. If your goals are simply compliance, there are cheaper and faster options.
• SANS can deliver this training to DoD globally.
• SANS has a reputation for great community contributions and support for national security efforts, not just training and certification.
• SANS provides training for five (5) of six IA Levels on Table AP3.T1 above.
• SANS provides a complete solution that can help you throughout a career life cycle.
• SANS provides Flexibility to work with other Certifications (CompTIA, (ISC)²® & ISACA).
• The SANS Promise is that you will be able to apply your knowledge the day you get back to the office.
• SANS not only teaches you theory but the practical knowledge in everyday situations.
• SANS course material is continuously updated to make sure our students get the most effective and up-to-date knowledge.
• SANS can create solutions that are actually less expensive than other vendors (ask about Camp Lejuene)

Where can I get SANS training for certification?

1. SANS Event:

Visit www.sans.org for the nearest event location and course offerings.

2. SANS OnSite

Contact 8570@sans.org today or visit www.sans.org/OnSite to find out how you can bring SANS to your location for a private class.

3. SANS On Demand

Online, self-paced training.

Contact 8570@sans.org today or visit www.sans.org/OnDemand to learn more and get started.

4. Custom DoD "Blended Solution" Events

SANS can create a custom blended solutions for mid- to large-size classes. Such a solution would blend online, self-paced training with live, interactive classes. We can even include a test pass guarantee and deliver this training at a price you will like. Ask about our solutions for USMC, Navy & NGA.

Contact 8570@sans.org today or call Daryl Gilbertson at 678-714-5712

5. Other Options

• SANS Mentor Program (local, evening and smaller classes: www.sans.org/mentor)
• SANS @Home (live classes via webcast: www.sans.org/athome)

Course Descriptions for SANS Courses supporting 8570

SEC301: Intro to Information Security (GISF)

This entry-level course starts with terminology and concepts and then blasts straight into applications and security management problem solving. SANS is the MIT of Information Security and this introduction certification track is the fastest possible way to get up to speed on the terminology and concepts of information security. This course prepares you for GISF certification and fulfills the needs of IAM Level I.

SEC334: SANS Training for the CompTIA Security+ Certification (Security +)

Prepare for the CompTIA Security+ Certification exam with SANS unparalleled training. In this course you will learn the language and underlying theory of communication security, infrastructure security, cryptography, operational security, and general security concepts. This course is only taught by the best security instructors in the industry and provides up-to-the-minute knowledge you can immediately put into practice. In case you are also interested in SANS GSEC (SEC401) class, note that the first half of SANS Security 401 also prepares one for the Security+ certification.

SEC401: SANS Security Essentials Bootcamp Style (GSEC, Security+ & GSE)

In this course you will learn the language and underlying theory of computer security. At the same time you will learn the essential, up-to-the-minute knowledge and skills required for effective performance if you are given the responsibility for securing systems and/or organizations. This program prepares you for GSEC certification and fulfills the needs of IAT Level II. Additionally, the first half of our GSEC class prepares one for the Security+ certification.

SEC503: Intrusion Detection In-Depth (GCIA & GSE)

This advanced, hands-on immersion program teaches you how to identify and decipher the signatures of network-based attacks. After reviewing TCP/IP, you move quickly to analyzing network traffic using great tools and then have two days of IDS signatures and analysis. This course prepares you for GCIA certification.

SEC504: Hacker Techniques, Exploits & Incident Handling (GCIH & GSE)

Learn to detect malicious code and respond on the fly. You'll learn how your networks appear to hackers, how they gain access with special emphasis on the newer attack vectors, and what they do when they get in - especially in manipulating the system to hide their work. Master the proven six-step process of incident handling so you are prepared to be the technical leader of the incident handling team. This course prepares you for GCIH certification.

MGT414: SANS® +S™ Training Program for the CISSP® Certification Exam (CISSP)

SANS' CISSP® review course not only teaches you what you need for success on the CISSP® exam but adds to it the practical, current, immediately-useful extra security skills information that makes the material valuable for you and your employer. The +S in its name means it translates much of the theoretical information tested in the CISSP® exam into practical guidance you can put to work the day you return to your office. This program fulfills the needs of IAT Level III, IAM Level II, and IAM Level III.

MGT 512: SANS Security Leadership Essentials for Managers (GSLC)

This is the perfect course for managers who want to master the technical, financial, and programmatic skills to be a leader in the security business. Topics range from defense-in-depth through security technologies to a management practicum that pulls it all together. This course prepares you for GSLC certification and IAM Level I, II, and Level III.

AUT423: Certified Information Security Auditor (CISA)

The SANS® +S™ Training for the CISA Certification Exam course has been specifically written to help you prepare for and pass the CISA® exam, while ensuring that the information presented is practical and applicable in daily life. The focus of this course is on the six content areas (domains) that are outlined each year by ISACA®. Students will have the opportunity to interact with a SANS instructor who is personally certified as a CISA®. And, while many training programs focus on simply presenting the information to students, SANS instructors are also committed to mentoring the students. This ensures that students understand the information, can apply it to their professional careers, and can use that information to pass the CISA® exam.

Why SANS is the best source for InfoSec training & certification?

Thought Leader

SANS is the leading organization in computer security training. SANS provides intensive, immersion training designed to help you and your staff master the practical steps necessary for defending systems and networks against the most dangerous threats - the ones being actively exploited. The courses are full of important and immediately useful techniques that students can put to work as soon as they return to their offices. SANS courses were developed through a consensus process involving hundreds of administrators, security managers, and information security professionals. Our courses address both security fundamentals and the in-depth technical aspects of the most crucial areas of information security. SANS has more than 52,000 alumni and each year, SANS educates more than 8,000 to 10,000 people in the US and internationally.

Best Instructors

SANS courses are taught in a classroom setting and by "SANS Certified Instructors." The selection, training and certification process to become a SANS faculty is time tested. Last year more than 90 people tried out for the SANS faculty, but only five new people were selected.

Significant Community Contributor

SANS develops, maintains, and makes available at no cost the largest collection of research documents about various aspects of information security. Additionally, SANS operates the Internet's early warning system - the Internet Storm Center. At the heart of SANS are the many security practitioners in government agencies, corporations, and universities around the world who invest hundreds of hours each year in research and teaching to help the entire information security community. All this research and development activity helps to assure that SANS delivers the latest and greatest courseware, and produces the best instructors, available in market today.

SANS courses are the best for information security training is because:

• SANS training is full of important and immediately useful techniques that you can put to work as soon as you return to your office. That is the SANS Promise!
• SANS courses are developed through a consensus process involving hundreds of administrators, security managers, and information security professionals. Our courses address both security fundamentals and the in-depth technical aspects of the most crucial areas of information security.
• SANS features the best instructors and authors in the industry! To find the best faculty in the world SANS runs a continuous competition for instructors. Last year more than 90 people tried out for the SANS faculty, but only five new instructors were selected.
• SANS can deliver training to the DoD globally. We can deliver this training in one of many ways (global events, OnSites and web-based (@Home & On Demand).
• SANS training supports a variety of 3rd party certifications, including those from CompTIA, CISA & ISACA.
• SANS training courses prepare you for the Global Information Assurance Certification (GIAC) which has over 12,000 security professionals who have already proven their skills and knowledge to meet our challenging standards. GIAC is unique in the field of information security certifications because it not only tests a candidate's knowledge but also the candidate's ability to put that knowledge into practice in the real world.

Why is GIAC the best certification for 8570?

In 1999, SANS founded GIAC, the Global Information Assurance Certification. Today there are more than 12,000 security professionals. GIAC is unique in the field of information security certifications. It not only tests a candidate's knowledge, but also tests a candidate's ability to put that knowledge into practice in the real world.

A certification is proof an individual meets a minimum standard. The mission of GIAC is to provide assurance to employers that their people and prospective hires can actually do the job. A study released by the Gartner Group predicted that "security certification will be required of 40 percent of personnel having day-to-day technical operations responsibility" and that "the GIAC certification will likely become the preferred credential."

To accomplish this mission, GIAC goes beyond theory and terminology and tests the pragmatics of audit, security, operations and management tasks.

Benefits to Individuals

• For system and network administrators and security professionals, the program offers added confidence that you know what tasks need to be done to protect systems and networks and that you possess the skills needed to carry out those tasks.
• SANS courses use a "first-things-first" approach, ensuring that dangerous threats - those that are actively being exploited - are addressed early and thoroughly.
• GIAC certification ensures that certified professionals can keep their skills and knowledge current through periodic recertification and access to the latest, most up-to-date information.
• Many large private companies and government agencies now request or require GIAC certification for new job candidates.

Benefits to Employers

• Confidence that GIAC certified individuals who are securing your systems and networks actually know how to do the job.
• SANS training provides system and network administrators with the technical skills needed to meet their security responsibilities and pass the GIAC exams.
• Many organizations, including the US government, are asking contractors and consultants to have folks certified before winning new contracts.

In addition to personal benefit, GIAC certification is a manager's tool in two ways. To begin with, it is a way to verify the time and money you have invested in an employee's education is not wasted because your employee has something tangible to show for it. Secondly, it is a way for a new manager to know that an employee is capable because they have the credentials to show they know what they are talking about.

For more information on GIAC Certification:

• Visit www.GIAC.org.
• Download our GIAC Objective and Curriculum guide.
• Read Profile from the Front Lines & Does Certification Really Matter

How do I assess my knowledge before taking an exam?

SANS courses provide direct and comprehensive training to prepare you to achieve a GIAC Certification. SANS and GIAC now offers an assessment tool that will accurately determine if you are prepared to take a GIAC exam. People have different training needs because of various levels of experience in the field, so we recommend that you use the assessment tool to test if you have adequate knowledge needed to pass the GIAC exams. If you do have gaps in your knowledge that need to be filled, the assessment will pinpoint which areas you will need training to successfully pass the GIAC exams.

For more information regarding the assessment tool, please contact 8570@sans.org

How do I purchase SANS Assessment, Training and Certification?

Contract Payment Options and Vehicles

SANS accepts Government Purchase Cards, Credit Cards, Purchase Orders and Checks. We can also help you to purchase through SANS GSA Schedule or other contract vehicles, please contact 8570@sans.org.

SANS Voucher Credits

SANS Voucher Credits are a great solution for flexibility, cost savings and value. It is perfect when you know that you will have a variety of IT Security training needs in the next 12 months, but have not decided who gets to go, what delivery format to use, or when to go. Voucher Credits are also perfect when you have discretionary training funds to spend for long-term professional development.

For more information, please contact vouchers@sans.org. Visit our website at www.sans.org/vouchers.

Can a GIAC certified professional proctor a GIAC exam?

Yes, but only if the GIAC certified professional proctor, who wants to proctor the exam, is on the GIAC Advisory Board or holds a job position that is a qualified "proctor role" (i.e. HR rep, training/info assurance representative).

For more information, please contact proctor@giac.org or visit our website at www.giac.org/proctor.

What can I do to make SANS 8570 related courses better or more useful to the warfighter?

We would love to hear your input, write us: 8570@sans.org, we have a DoD team reviewing the courses and are trying to adjust when practical to meet the needs of the warfighter. If you take the time to write us and let us know what you feel people need to know, we will take this to our advisory board. Then we need to adjust the Job Task Analysis if approved and we can then work to improve or adjust the course.

• Overview
• Is it Really Working?
• Contact Us
• SANS Training Courses
• GIAC Proctor Program

© 2000-2008 The SANS Institute

SANS Web Privacy Policy: www.giac.org/privacy.php - Web Contact: webmaster@giac.org

Phone: 301-654-7267 | Mon-Fri 9am-8pm EST/EDT

(ISC)² and CISSP are registered marks of the International Information Systems Security Certification Consortium, Inc.