Federal Risk Management Framework (RMF) 2.0 Implementation with CAP Exam Review R2.1
9/8/2021 - 9/10/202111/8/2021 - 11/10/2021COURSE LENGTH:
9:00am - 4:30pm
Federal Risk Management Framework (RMF) 2.0 Implementation with CAP Exam Review focuses on the Risk Management Framework prescribed by NIST Standards. This course can also be used to aid in preparation for the ISC2 Certified Authorization Professional (CAP) exam, as it covers 100% of the CAP exam requirements.
AUDIENCE AND PREREQUISITES
This course is current as of March 2019. It was revised due to NIST producing new and updated publications over the preceding two years, including SP 800-37, rev. 2; SP-800-53, rev. 5; SP 800-160, V1 and V2; and SP 800-171, rev. 1 (among others). It was also revised to incorporate ISC2ís update to the CAP Exam criteria and domain content in October 2018.
The printed book comes with a CD of reference materials including sample documents, NIST publications, and regulatory documents. Downloadable ancillary materials include a study guide and a references and policies handout. Verified instructors will also be given access to a sample CAP exam with answer key.
This RMF-CAP Course is appropriate for Managers, system owners, and IT/security personnel that are either transitioning to or implementing risk management fundamentals for the first time.
RMF-CAP is a mid-level certification that requires a minimum of two years documented experience in one or more of the seven CAP domains.You may take the certification exam prior to completing the experience requirement, but you must then complete the experience requirement in order to gain full accreditation.
Course Cost doesn't include courseware cost $ 120. This course is subject to a minimum enrollment to run. If the minimum enrollment is not met this couse may run as a virtual live instructor led course. For more information, please email: email@example.com or call 207-775-0244.
1: Introduction RMF overview Key concepts including assurance, assessment, authorization Security controls2: Cybersecurity Policy Regulations & Framework Security laws, policy, and regulations System Development Life Cycle (SLDC) Documents for cyber security guidance3: RMF Roles and Responsibilities Tasks and responsibilities for RMF roles4: Risk Analysis Process Overview of risk management Four-step risk management process Tasks breakdown Risk assessment reporting and options 5: Step 1: Categorize Step key references and overview Sample SSP Task 1-1: Security Categorization Task 1-2: Information System Description Task 1-3: Information System Registration Lab: The Security Awareness Agency6: Step 2: Select Step key references and overview Task 2-1: Common Control Identification Task 2-2: Select Security Controls Task 2-3: Monitoring Strategy Task 2-4: Security Plan Approval Lab: Select Security Controls7: Step 3: Implement Step key references and overview Task 3-1: Security Control Implementation Task 3.2: Security Control Documentation Lab: Security Control Implementation 8: Step 4: Assess Step key references and overview Task 4-1: Assessment Preparation Task 4-2: Security Control Assessment Task 4-3: Security Assessment Report Task 4-4: Remediation Actions Task 4-5: Final Assessment Report Lab: Assessment Preparation9: Step 5: Authorize Step key references and overview Task 5-1: Plan of Action and Milestones Task 5-2: Security Authorization Package Task 5-3: Risk Determination Task 5-4: Risk Acceptance Lab Step 5: Authorizing Information Systems10: Step 6: Monitor Step key references and overview Task 6-1: Information System & Environment Changes Task 6-2: Ongoing Security Control Assessments Task 6-3: Ongoing Remediation Actions Task 6-4: Key Updates Task 6-5: Security Status Reporting Task 6-6: Ongoing Risk Determination & Acceptance Task 6-7: Information System Removal & Decommissioning Continuous Monitoring Security Automation Domains Lab: Info System & Environment ChangesA: Supplement ReferenceB: RMF/CAP Review and Step ChecklistsC: Acronym ReferenceAnswer Keys