(ISC)² CAP® Training Boot Camp
Areas of Study
Course Type
Overview
| Duration: 3 Days
The (ISC)² CAP® teaches you the best practices, policies, and procedures used to authorize and maintain information systems. You will learn how to use the Risk Management Framework (RMF) to support your organization’s operations while complying with legal and regulatory requirements.
The CAP certification is sought after by civilian, state, and local governments, as well as system integrators supporting these organizations. Additionally, you will learn about the purpose of information systems security authorization, describing and deciding when systems authorization is employed, and defining systems authorization, roles, and responsibilities.
Upon boot camp completion, you will have a firm understanding of the legal and regulatory requirements for Assessment and Authorization (A&A), maintaining systems documentation, and much more. You will leave with the knowledge and skills necessary to earn your (ISC)² CAP® certification, which verifies your ability to set up the formal processes used to assess risk and establish security requirements.
The exam cost for the (ISC)² CAP® certification exam is included with your enrollment.
Our Certification Success Program, paired with our provided prep materials, boot camp sessions, and post-work, is designed to ease any concerns you may have when taking the certification exam. If your first attempt is unsuccessful, this program provides peace of mind that you may be eligible to take the certification exam a second time (if needed) at no additional fee.
*To qualify for a second certification exam voucher, students must:
- Attend at least 85% of each day of class
- Score a 90% or higher on their final practice exam
- Take the first exam within 90 days of class completion
- Upload your exam failure notice from your first exam attempt
Key Concepts
What you will learn
- Initiating the authorization process
- Establishing authorization boundaries
- Determining security categorization
- Performing initial risk assessment
- Selecting and refining security controls
- Documenting security control
- Performing certification phase
- Assessing security control
- Documenting results
- Conducting final risk assessments
- Generating and presenting an authorization report
- Performing continuous monitoring
- Monitoring security controls
- Monitoring and assessing changes that affect the information system
- Performing security impact assessment as needed
- Documenting and monitoring results of impact assessments
How you will benefit
- Learn how to use the RMF to support your organization’s operations while complying with legal and regulatory requirements
- Focus on preparing for the CAP certification exam through drill sessions, review of the entire CAP Body of Knowledge, and practical question and answer scenarios—all following a high-energy seminar approach
- The CAP is the only certification under the DoD8570 mandate that aligns with each RMF step
- Show employers you have the advanced technical skills and knowledge to authorize and maintain information systems within the RMF using best practices, policies, and procedures
- The CAP certification is sought after by civilian, state, and local governments, as well as system integrators supporting these organizations.
- Leave with the knowledge and skills necessary to earn your (ISC)² CAP® certification, which verifies your ability to set up the formal processes used to assess risk and establish security requirements
Curriculum
- Day 1
- Risk Management Framework
- Understanding the Risk Management Framework
- Categorization of information system
- Selection of security controls
- Security control implementation
- Security control assessment
- Information system authorization
- Monitoring of security controls
- Risk Management Framework Processes
- Risk Management Framework
- Day 2
- Categorize Information Systems
- Information system
- System security plan
- Categorize a system
- National security system
- Privacy activities
- System boundaries
- Register system
- Select Security Controls
- Establish the security control baseline
- Common controls and security controls inheritance
- Risk assessment as part of the Risk Management Framework (RMF)
- Categorize Information Systems
- Day 3
- Implement Security Controls
- Implement selected security controls
- Tailoring of security controls
- Document security control implementation
- Assess Security Controls
- Prepare for security control assessment
- Establish security control assessment plan (SAP)
- Determine security control effectiveness and perform testing
- Develop initial security assessment report (SAR)
- Perform initial remediation actions
- Develop final security assessment report and addendum
- Authorize Information Systems
- Develop plan of action and milestones (POAM)
- Assemble security authorization package
- Determine risk
- Determine the acceptability of risk
- Obtain security authorization decision
- Monitor Security State
- Determine security impact of changes to system and environment
- Perform ongoing security control assessments
- Conduct ongoing remediation actions
- Update key documentation
- Perform periodic security status reporting
- Perform ongoing risk determination and acceptance
- Decommission and remove system
- Implement Security Controls
Frequently Asked Questions
What is CAP?
The Certified Authorization Professional, or CAP certification, is designed to help you demonstrate to employers that you have the skills to advocate for the security risk management of the organization in accordance with legal and regulatory requirements. This allows you to pursue information security authorization as an information security practitioner.
What salary can I expect as a Certified Authorization Professional?
According to Burning Glass Technologies, an analytics software company that provides real-time data on job growth, skills in demand, and labor market trends, a Certified Authorization Professional salary varies based on location and experience level. However, once you have completed the CAP program, on average, you can expect to earn an annual salary of $88,450.
Does this course prepare you for a certification?
Yes, you will be prepared for the (ISC)² CAP – Certified Authorization Professional exam. To sit for the exam, you will need to meet the following requirements:
- At least two years of paid work experience in at least one of the seven domains listed in the (ISC)² CAP Common Body of Knowledge (CBK)
- However, you can become an Associate of (ISC)² by passing the exam without the required work experience.
When can I start this course?
You can register for the boot camp whenever you are ready. Our team will help you select the session that will best fit you.
Can I register for courses if I am an international student?
Yes, ed2go courses are completely online. However, keep in mind that not all certifying bodies or industry-specific certifications are recognized internationally. Please review your country’s regulations prior to enrolling in courses that prepare for certification.
How long does it take to complete this course?
The boot camp is 3 days in length. You will have 3 months from the completion of the boot camp to access all boot camp materials.
What kind of support will I receive?
The boot camp instructor will be available during the session to answer any questions. You will also have access to the Infosec Skills platform, where you will be able to create support requests as needed.
What happens when I complete the course?
Upon successful completion of your boot camp session, you will be awarded a certificate of completion from Infosec and the school or organization that you registered through.
Am I guaranteed a job?
ed2go courses will help you gain the skills and knowledge you need to take the next step in your career and stand out to potential employers. However, you should always research the job market in your area before enrolling.
Can I get financial assistance?
ed2go courses are noncredit, so they do not qualify for federal aid, FAFSA, and Pell Grant. In some states, vocational rehab or workforce development boards may provide funding to take our courses. Additionally, you may qualify for financial assistance if you meet certain requirements. Learn more about financial assistance.
How can I get more information about this course?
If you have questions that are not answered on our website, representatives are available via LIVE chat. You can also call us at 1-877-221-5151 during regular business hours to have your questions promptly answered. If you are visiting us during non-business hours, please send us a question using the “Contact Us.”
Moodle & Zoom
Before enrolling, please review the following links and ensure that your computer meets these requirements.
Course Requirements
Hardware Requirements: Software Requirements: Other: Instructional Material Requirements: The student materials required for this course are included in enrollment and will be available online.
Course Prerequisites
This course is intended for information system security officers, senior system managers, system administrators, and IT and information security professionals who use the RMF. Certification Requirements: In order to meet the CAP certification requirements, you must have at least two years of paid work experience in at least one of the seven domains listed in the (ISC)² CAP Common Body of Knowledge (CBK). However, you can become an Associate of (ISC)² by passing the exam without the required work experience.
Boot camps are led by instructors that have years of industry experience and are recognized as subject matter experts.
