Federal Risk Management Framework (RMF) Implementation 4.0 and CAP Exam Prep
8/3/2020 - 8/5/202010/5/2020 - 10/7/2020COURSE LENGTH:
9:00am - 4:30pm
Federal Risk Management Framework (RMF) Implementation 4.0 focuses on the Risk Management Framework prescribed by NIST Standards.
AUDIENCE AND PREREQUISITES
This courseware covers all objectives for the ISC2 Certified Authorization Professional (CAP) certification exam and can also be used to prepare students to take the exam. CAP exam topics are called out on the title page of each chapter.
The 4.0 edition of the course is current as of August 2017. This edition incorporates the revisions to NIST Special Publications (SP 800-160, 800-171, 800-53, etc.), the development and publication of the CNSSI-1253, change 2 and CNSSI-1254 for the IC, additional NIST Special Publications produced to support RMF steps and activities, and the passage of FISMA 2014, as well as practical experience as SCA and ISSE for over 10 ATO efforts under RMF over the past several years.
Course Cost doesn't include courseware cost $ 120. This cours is subject to a minimun enrollment to run. If the minimum enrollment is not met this couse may run as a virtual live instructor led course. For more information, please email: firstname.lastname@example.org or call 207-775-0244.
Introduction Introductions About the CAP exam Table of ContentsChapter 1: Introduction RMF overview Key concepts including assurance, assessment, authorization Security controlsChapter 2: Cybersecurity Policy Regulations and Framework Security laws, policy, and regulations Documents for cyber security guidance Assessment and Authorization transformation goalsChapter 4: Risk Analysis Process Four-step risk management process Impact level Level of risk Effective risk management optionsChapter 5: Step 1: Categorize Step 1 key references Sample SSP Task 1-1: Security Categorization Task 1-2: Information System Description Task 1-3: Information System Registration Lab Step 1: CategorizeChapter 6: Step 2: Select Step 2 key references Task 2-1: Common Control Identification Task 2-2: Select Security Controls Task 2-3: Monitoring Strategy Task 2-4: Security Plan Approval Lab Step 2: Select Security ControlsChapter 7: Step 3: Implement Step 3 key references Task 3-1: Security Control Implementation Task 3.2: Security Control Documentation Lab Step 3: Implement Security ControlsChapter 8: Step 4: Assess Step 4 key references Task 4-1: Assessment Preparation Task 4-2: Security Control Assessment Task 4-3: Security Assessment Report Task 4-4: Remediation Actions Lab Step 4: Assessment PreparationChapter 9: Step 5: Authorize Step 5 key references Task 5-1: Plan of Action and Milestones Task 5-2: Security Authorization Package Task 5-3: Risk Determination Task 5-4: Risk Acceptance Lab Step 5: Authorizing Information SystemsChapter 10: Step 6: Monitor Step 6 key references Task 6-1: Information System and Environment Changes Task 6-2: Ongoing Security Control Assessments Task 6-3: Ongoing Remediation Actions Task 6-4: Key Updates Task 6-5: Security Status Reporting Task 6-6: Ongoing Risk Determination and Acceptance Task 6-7: Information System Removal and Decommissioning Continuous Monitoring Security Automation Domains Lab Step 6: Monitoring Security Controls