LDR419: Performing A Cybersecurity Risk Assessment™

A basic understanding of information security and information security management topics is helpful for students attending this class. Understanding the cybersecurity topics included in courses such as SEC301, SEC401, or LDR512 by the SANS Institute will be helpful as a foundation for students. In the class, students will be taught a step-by-step approach to risk assessment, regardless of their technical information security or management background. However, students should understand that the focus of the course is on the process of cybersecurity risk assessment and that it does not cover any specific cybersecurity safeguards or technologies. The better a student understands the scope of their cybersecurity risk assessment, the more successful they will be in assessing that scope.

Important! Bring your own system configured according to these instructions.

A properly configured system is required to fully participate in this course. If you do not carefully read and follow these instructions, you will not be able to fully participate in hands-on exercises in your course. Therefore, please arrive with a system meeting all the specified requirements.

This is common sense, but back up your system before class. Better yet, use a system without any sensitive/critical data. SANS is not responsible for your system or data.

Mandatory LDR419 System Requirements

• Processor: CPU: 64-bit Intel i5/i7 (8th generation or newer), or AMD equivalent. A x64 bit, 2.0+ GHz or newer processor is mandatory for this class or Apple Mac systems using the M1/M2/M3 processor.
• Memory: 8GB of RAM or more is required.
• Free Disk Space: 20GB of free storage space or more is required.
• Wireless 802.11 capability: There is no wired Internet access in the classroom.
• USB-A read / write capability: This is recommended in case students need to exchange large files during class. At least one available USB 3.0 Type-A port. A Type-C to Type-A adapter may be necessary for newer laptops. Some endpoint protection software prevents the use of USB devices, so test your system with a USB drive before class.
• Host Operating System: Latest version of Windows 10, Windows 11, or macOS 10.15.x or newer. Fully patch your host operating system prior to the course to ensure you have the right drivers and patches installed.
• Local Administrator Rights: Local Administrator Access is required. (Yes, this is absolutely required. Don't let your IT team tell you otherwise.) If your company will not permit this access for the duration of the course, then you should make arrangements to bring a different laptop.
• Endpoint Protection Software: You should ensure that antivirus or endpoint protection software is disabled, fully removed, or that you have the administrative privileges to do so. Many of our courses require full administrative access to the operating system and these products can prevent you from accomplishing the labs.
• Operating System Updates: Fully update your host operating system prior to the class to ensure you have the right drivers and patches installed.
• Linux Workstations: Linux hosts are not supported in the classroom due to their numerous variations. If you choose to use Linux as your host, you are solely responsible for configuring it to work with the course materials.
• Microsoft Office: Microsoft Office (any currently supported version) installed on your host. Note that you can download Office Trial Software online (free for 30 days). Open Office is NOT supported for this course.
• Web Browser: A web browser you feel comfortable using during class. Microsoft Edge, Googler Chrome, or Mozilla Firefox will all be supported in class. If you choose to use a different browser on your host, you are solely responsible for configuring it to work with the course materials.

If you have additional questions about the laptop specifications, please contact customer service.

"Every organization needs to be performing risk assessments on a regular basis, no matter what kind of organization it is. We do risk assessments for two main reasons. First, we do risk assessments to figure out what defenses our organizations need to make sure our technology supports our business objectives. Second, we do risk assessments to identify where our organization is not doing the things, we should be doing to defend ourselves and ensure stakeholders understand those gaps.

I wrote this class to give students a practical understanding of how to perform risk assessments of all types. This course starts by teaching students the foundational context of risk and then quickly pivots to cover a specific, step-by-step approach for performing a cyber security risk assessment. Students will leave this class with the knowledge, tools, and templates they need to return to their offices and perform a risk assessment, communicate the results to business stakeholders, and productively respond to identified risks. I hope students will take what they learn and use it to make a difference in their organizations."

-James Tarala

“James is top notch. He brings so much expertise and is precise with clarifying when something doesn't make sense. By far my favorite SANs instructor!” – Caitlin Sawyer, John Deere