CAP Certification Training | Certified Authorization Professional Training

CAP Certification Training | Certified Authorization Professional Training

Introduction:

CAP Certification Training | Certified Authorization Professional Course Description

ENO’s CAP Certification Training | Certified Authorization Professional focuses on preparing students for the updated CAP certification through extensive mentoring and drill sessions, thorough review of all 7 CAP Domains of Knowledge (recently increased from 4), and practical question and answer scenarios, all through a high-energy seminar approach. This CAP Certification Training | Certified Authorization Professional Training class is the product of a wide range of leading industry experts and authors, and our training materials are widely considered the best option available for CAP preparation.

Gain the knowledge and skills needed to accurately and effectively apply cost-effective and appropriate security controls based on risk and best practices.

Achieving Certified Authorization Professional (CAP) certification validates your qualifications, skills, and experience in applying, assessing, and maintaining information system security using the new National Institute of Standards and Technology (NIST) Risk Management Framework (RMF). On the path to CAP certification, you will gain the knowledge and skills needed to accurately and effectively apply cost-effective and appropriate security controls based on risk and best practices. The CAP certification is accepted by private and government sectors, and in some organizations, it is required for specific jobs (i.e., DoD Directive 8570).

In this CAP Certification Training | Certified Authorization Professional Training course, you will gain an understanding of the new authorization process and prepare for the CAP certification exam, based on the new SP 800-37 process and the new (ISC)2 Common Body of Knowledge (CBK).

CAP Certification Training | Certified Authorization Professional TrainingRelated Courses:

Duration:5 days

Skills Gained:

• New processes and concepts, including:
• Authorization process (NIST SP 800-37, revision 1)
• Risk assessment process (NIST SP 800-30)
• Risk Management Framework (NIST SP 800-39)
• Incident response and contingency planning (NIST SP 800-65 and SP 800-34)
• Information System Continuous Monitoring(NIST SP 800-53A SP 800-137)
• Individual and organization (Office of Management and Budget, Department of Homeland Security, NIST, and National Security Agency) roles, responsibilities, requirements, and reports
• CAP certification exam preparation
• Common, system-specific, hybrid, and compensating controls
• CyberScope and CyberStat
• Security Content Automation Protocol (SCAP) and methods for media sanitization
• Effective strategies for process implementation and test-taking

Customize It:

With onsite Training, courses can be scheduled on a date that is convenient for you, and because they can be scheduled at your location, you don’t incur travel costs and students won’t be away from home. Onsite classes can also be tailored to meet your needs. You might shorten a 5-day class into a 3-day class, or combine portions of several related courses into a single course, or have the instructor vary the emphasis of topics depending on your staff’s and site’s requirements.

Course Content:

Security Authorization

Security Processes and Concepts
Personally Identifiable Information
Supply Chain Security
Trust Relationships
System Development Life Cycle (SDLC)
Risk Management
Certification and Accreditation (C&A) or Authorization
Roles and Responsibilities
Authorization Evolution
Key Documents
Authorization 2010 and Beyond (SP 800-37 and CNSSI-1253)
RMF (SP 800-37 and SP 800-39)
Assessment vs. Authorization
Compliance vs. Governance
Players, Regulations, and Documents
OMB Circulars and Memos

Categorize Information and Information System

Adequate Security
Risk-Based Cost-Effective System Security Plan
Categorization
Capital Planning and Investment Control Process
Federal Enterprise Architecture (FEA)
Accreditation Boundaries
Interconnecting Information Systems

Select Security Controls

Specific, Common, and Hybrid Controls
Selecting Security Controls
Tailoring Controls
E-Authentication Assurance Levels

Implement Security Controls

Security Control Implementation
Tailoring and Compensating Controls
Firewalls
Computer Security Log Management
Approved Configurations, Tests, and Checklists
Malware Incident Prevention and Handling
Incident Response
Contingency Plans
Awareness, Training, and Education

Assess Security Controls

Security Test and Assessment
Vulnerability Tools and Techniques
Security Assessment Plan (SAP)
Security Assessment Report (SAR)

Authorize Information System

Plan of Actions and Milestones (POAM)
Security Authorization Package
Authorization
Authority tOperate (ATO)
Interim Authorization tTest (IATT)
Interim AT(IATO)
Denial of Approval tOperate (DATO)

Monitor Security Controls

Continuous Monitoring
Information Security Continuous Monitoring (ISCM)
Configuration Management
Patch and Vulnerability Management
Security Content Automation Protocol (SCAP)
Performance Measurement
Program Review for Information Security Management Activities (PRISMA)
Disposal and Media Sanitization

Whether you are looking for general information or have a specific question, we want to help

Request More Information

Time Frame: 0-3 Months4-12 Months

No Comments Yet.

Leave a comment