Customizable

Validated Architecture Design Review (VADR) Training Pilot

Format
Other
Location type
Virtual/Online
Related topics:
Organizations and Cyber Safety, Industrial Control Systems, Industrial Control System Vulnerabilities

Description

 

Limited Deployment: 

VADR Training is currently under limited deployment for Federal Civilian Executive Branch (FCEB), Government Agencies; State, Local, Tribal, and Territorial Government (SLTT) participants. 

The Assessment Evaluation Standardization (AES) Validated Architecture Design Review (VADR) Training provides the foundational knowledge, instruction, and tools needed to conduct a VADR assessment according to CISA’s methodology, process, and procedures. 

This course aims to build a foundational understanding of the VADR methodology. 

Completion of this course does NOT authorize participants to perform VADR assessments on behalf of CISA.

System Requirements:  

AES VADR Training is a web-based and self-paced training. Speakers or headphones are recommended to use for videos throughout the course (closed captioning provided). High-speed internet is required to support videos and lab exercises. 

VADR Registration: 

To register, join the AES Roster and indicate interest in the VADR Course. Once you are enrolled in the limited deployment, you will be sent a confirmation email with the course link. 

Assessment Validated Architecture Design Review (VADR)
Purpose

The VADR is an expert-based Operational Technology (OT) engagement that relies on Subject Matter Experts (SME) and utilizes federal and industry standards, guidelines, and best practices to perform the analysis. 

The VADR assessment team examines network architecture and design, reviews system configuration and log files, and analyzes network traffic.
Objectives
  • There are three main components to an onsite VADR engagement:
    • Design Architecture Review: VADR assessors validate the system’s process, components, boundaries, and communication paths.
    • Network Architecture Verification and Validation: VADR assessors review PCAP data with Asset-Owners to validate network diagrams and to identify anomalies or abnormal traffic.
    • Cybersecurity Spot Check: VADR assessors identify gaps between implementation and best practices in cybersecurity topics such as:
      • Network architecture and boundaries
      • Physical security
      • Configuration management
      • Account management
      • Recovery
      • Incident response
      • Detection and monitoring
      • Media
      • Staffing, HR, and contracts
      • Policies and plans
  • VADR assessors use best practices, including the Purdue model, NIST 800-53, and the CISA Recommended Secure Architecture.
  • The VADR is not intended to be a comprehensive audit; instead, VADR assessors identify the most significant weaknesses and make mitigation recommendations to improve an organization’s overall cybersecurity posture.
Role Assessment Lead (AL), Sector Subject Matter Expert (S-SME), Technical Lead (TL)
Course Length 20 hours
Course Mode Virtual/Online
Course Agenda

Learning Objective (LO)

Session 1 

  • LO1: Describe the VADR Process
  • LO2: Define ICS Terminology and Types 

Session 2

  • LO3: Describe the Pre-Execution Methodology
  • LO4: Conduct a Kickoff Call
  • LO5: Perform Open-Source Intelligence
  • LO6: Analyze Previously Captured Network Traffic

Session 3

  • LO7: Describe the Methodology of the Execution Phase
  • LO8: Discuss Basic Interviewing Techniques
  • LO9: Conduct VADR Interviews
  • LO10: Describe the Outbrief Process

Session 4

  • LO11: Describe Post-Execution Activities

Contact

If you have questions or require assistance, contact aestraining@mail.cisa.dhs.gov

Tags

Audience: Federal Government, State, Local, Tribal, and Territorial Government
Topics: Critical Infrastructure Security and Resilience, Industrial Control System Vulnerabilities, Industrial Control Systems, Organizations and Cyber Safety, Securing Networks

Related Training