Course Outline
Lessons
- Cybersecurity Policy Regulations and Framework
- RMF Roles and Responsibilities
- Risk Analysis Process
- Step 1: Categorize
- Step 2: Select
- Step 3: Implement
- Step 4: Assess
- Step 5: Authorize
- Step 6: Monitor
Introduction
- Introductions
- About the CAP exam
- Table of Contents
- RMF overview
- Key concepts including assurance, assessment, authorization
- Security controls
- Security laws, policy, and regulations
- Documents for cyber security guidance
- Assessment and Authorization transformation goals
- Tasks and responsibilities for RMF roles
- Four-step risk management process
- Impact level
- Level of risk
- Effective risk management options
- Step 1 key references
- Sample SSP
- Task 1-1: Security Categorization
- Task 1-2: Information System Description
- Task 1-3: Information System Registration
- Lab Step 1: Categorize
- Step 2 key references
- Task 2-1: Common Control Identification
- Task 2-2: Select Security Controls
- Task 2-3: Monitoring Strategy
- Task 2-4: Security Plan Approval
- Lab Step 2: Select Security Controls
- Step 3 key references
- Task 3-1: Security Control Implementation
- Task 3.2: Security Control Documentation
- Lab Step 3: Implement Security Controls
- Step 4 key references
- Task 4-1: Assessment Preparation
- Task 4-2: Security Control Assessment
- Task 4-3: Security Assessment Report
- Task 4-4: Remediation Actions
- Lab Step 4: Assessment Preparation
- Step 5 key references
- Task 5-1: Plan of Action and Milestones
- Task 5-2: Security Authorization Package
- Task 5-3: Risk Determination
- Task 5-4: Risk Acceptance
- Lab Step 5: Authorizing Information Systems
- Step 6 key references
- Task 6-1: Information System and Environment Changes
- Task 6-2: Ongoing Security Control Assessments
- Task 6-3: Ongoing Remediation Actions
- Task 6-4: Key Updates
- Task 6-5: Security Status Reporting
- Task 6-6: Ongoing Risk Determination and Acceptance
- Task 6-7: Information System Removal and Decommissioning
- Continuous Monitoring
- Security Automation Domains
- Lab Step 6: Monitoring Security Controls
Those interested in Federal Risk Management (RMF) Implementation. Those interested in obtaining the ISC2 Certified Authorization Professional (CAP) certification.
Cancellation Policy
We require 16 calendar days notice to reschedule or cancel any registration. Failure to provide the required notification will result in 100% charge of the course. If a student does not attend a scheduled course without prior notification it will result in full forfeiture of the funds and no reschedule will be allowed. Within the required notification period, only student substitutions will be permitted. Reschedules are permitted at anytime with 16 or more calendar days notice. Enrollments must be rescheduled within six months of the cancel date or funds on account will be forfeited.
Training Location
Online Classroom
your office
your city,
your province
your country
I would never take another course that starts at 11AM and goes to 9PM again. The way the course was laid out really took away from the capturing of what was presented as it was 5-6 hours of watching a screen before getting to the actual labs. There has to be a better way to lay out this particular course. In my previous course, the lectures were broken up by labs which worked out fantastic and kept you engaged in the course. There were days when in order to actually complete the labs, would go over the 9PM day end time frame. Was able to get the primary labs done, but if you want to get all the content completed, you cannot complete it in the window of this course, you will need to come back on your own time.