May 25, 2016 | Category: Cyber Security, Training and Certification | Tags: , , , , Views: 3413

RMF vs eMASS: The Difference between Course Labs

Photo Credit: class via Roanokecollege cc

RMF and eMASS go together like peanut butter and jelly. These two courses work together seamlessly to combine areas of A&A knowledge and application. However, they are so closely related, that it’s hard to distinguish the real differences between Risk Management Framework and eMASS courses, especially in course labs.

Here is the purpose of each course’s lab exercises for RMF and eMASS training, according to Ben Tchoubineh. Ben made significant contributions to the development of both courses.

Risk Management Framework (RMF) Labs

Simply put, RMF labs are real world paper-based exercises. No computers are needed for the RMF course. Students discuss real world scenarios where in-depth concepts are used at each step of the RMF process. Students walk through specific steps and decision points while using Government policies and NIST guidance. The specific steps include the:

  • Effective categorization of a particular system
  • Selection of specific controls based on the selected category
  • Implementation of those controls
  • Assessment of controls
  • Authorization and monitoring of the system.

Who can attend RMF training?

Unlike eMASS training, RMF courses are available to the general public for enrollment. There are no requirements in terms of clearance status for students. The course is not restricted in terms of location.

eMASS Labs

In contrast to the theoretical discussions which monopolize RMF class, eMASS is predominantly application-based. The eMASS software is used to actually do the work that is planned out in RMF class.

Computers are a must and students will apply the concepts learned in the RMF class in accordance with the eMASS software to implement a system from scratch. This class does not focus on policy, but on hands-on practices within eMASS by using the learning version of the DoD eMASS software.

Who can attend eMASS training?

There is a drastic difference in requirements for attending an eMASS class compared to those for RMF. DoD clearance is required to attend this class, and students must specifically be cleared for the use of the eMASS software.

Training must occur in a location approved for deploying eMASS and has already completed that deployment (learn more about this requirement at post, “Why eMASS Training Takes Place at Your Facility“).



RMF and eMASS Bundle Training




Subscribe to the TechRoots Blog




 
 

Related Post

Password Cracking Basics 2.0