IS20 security controls | Mile2® - Cyber Security Certifications
Shopping cart
There are no products in your cart.
Log in




IS20 Security Controls

IS20 Security Controls

Mile2®’s vendor-neutral IS20 Controls certification course covers proven general controls and methodologies that are used to execute and analyze the Top Twenty Most Critical Security Controls. This course allows the security professional to see how to implement controls in their existing network(s) through highly effective and economical automation. For management, this training is the best way to distinguish how you’ll assess whether these security controls are effectively being administered or if they are falling short of industry standards. Nearly all organizations containing sensitive information are adopting and implementing the most critical security controls as the highest priority list. 

IS20Controls large


Online Self-Study

Asset 36Online, self-paced training 


Electronic Book

ccso3Ebook course material you can access on a computer, mobile or tablet


Exam Information

examthumbSuccessfully pass the exam to earn your certification.


The IS20 Controls certification exam is taken online through Mile2’s Assessment and Certification System (“MACS”), which is accessible on your account. The exam will take 2 hours and consist of 100 multiple-choice questions. The cost is $500 USD and must be purchased by clicking the button below.

Request Information when this class will run
(*) Required Fields
Please let us know your name.
Please let us know your email address.
Invalid Phone
Invalid Input
Invalid Input

Key Data 

Course Title:

Top 20 Information Systems Security Controls (Maps to SANS Top 20 Controls) 

Duration: 3 Days

Language: English 

Class Format Options:

  • Instructor-led classroom
  • Instructor-led Online Training

Abasic understanding of networking and security technologies

Student Materials:

  • Student Workbook 
  • Student Prep Exam Guide

Certification Exam:
IS20 Controls 

CEUs: 24



Course Outline

0.Course Introduction

I.Critical Control 1: Inventory of Authorized and Unauthorized Devices

II. Critical Control 2: Inventory of Authorized and Unauthorized Software

III. Critical Control 3: Secure Configurations for Hardware and Software on

IV. Critical Control 4: Secure Configurations for Network Devices such as Firewalls, Routers, and Switches

V. Critical Control 5: Boundary Defense

VI. Critical Control 6: Maintenance, Monitoring, and Analysis of Audit Logs Network Ports, Protocols, and Services

VII. Critical Control 7: Application Software Security

VII. Critical Control 8: Controlled Use of Administrative Privileges

IX. Critical Control 9: Controlled Access Based on Need to KNow

X. Critical Control 10: Continuous Vulnerability Assessment and Remediation

XI. Critical Control 11: Account Monitoring and Control

XII. Critical Control 12: Malware Defenses

XIII. Critical Control 13: Limitation and Control of

XIV. Critical Control 14: Wireless Device Control

XV. Critical Control 15: Data Loss Prevention

XVI. Critical Control 16: Secure Network Engineering

XVII. Critical Control 17: Penetration Tests and Red Team Exercises

XVIII. Critical Control 18: Incident Response Capability

XIX. Critical Control 19: Data Recovery Capability

XX. Critical Control 20: Security Skills Assesment and Appropriate Training to Fill Gaps

Who Should Attend?

  • Information assurance managers/auditors
  • System implementers/administrators
  • Network security engineers
  • IT administrators
  • Auditors/auditees
  • DoD personnel/contractors
  • Federal agencies/clients
  • Security vendors and consulting groups looking to stay current with frameworks for information assurance

Upon Completion

Upon completion, the IS20 Security Controls candidate will be able to not only competently take the IS20 Controls exam but will also have an understanding of how to implement the top 20 most critical controls in the workplace.

Accreditations & Acknowledgements


Accreditation And CertificationsMile2 is: 

  • ACCREDITED by the NSA CNSS 4011-4016
  • MAPPED to NIST / Homeland Security NICCS's Cyber Security Workforce Framework
  • APPROVED on the FBI Cyber Security Certification Requirement list (Tier 1-3)
We will never spam you.




What Our Clients Say

Some Of Our Customers