course-deatils-thumbnail

Certified Authorization Professional (CAP®)

Course Code: 2513
|

Overview

A Certified Authorization Professional (CAP®) is an information security practitioner who advocates for security risk management in pursuit of information system authorization to support an organization’s mission and operations in line with the legal and regulatory requirements.

This course covers the broad spectrum of topics that are included in the CAP Common Body of Knowledge (CBK), and discusses all the seven domains that are tested in the certification examination for earning the CAP certification.

Schedule Classes

Looking for more sessions of this class?
Talk to us
Isc 2

Course Delivery

This course is available in the following formats:

Live Classroom
Duration: 5 days

Live Virtual Classroom
Duration: 5 days

What You'll learn

  • Understand risk management program processes
  • Understand regulatory and legal requirements
  • Define Information System (IS) and determine Categorization of the IS
  • Selection of Security Controls
  • Implement selected security controls
  • Prepare for and conduct Security Control Assessment
  • Prepare and review Security Assessment Report
  • Develop Plan of Action and Milestones (POAM)
  • Determine IS risks

Outline

Module 1: Information security risk management program

  • Understand the foundation of an organization-wide information security risk management program
  • Understand risk management program processes
  • Understand regulatory and legal requirements

Module 2: Categorization of Information Systems (IS)

  • Define the Information System (IS)
  • Determine Categorization of the Information System (IS)

Module 3: Selection of Security Controls

  • Identify and document baseline and inherited controls
  • Select and tailor security controls
  • Develop security control monitoring strategy
  • Review and approve Security Plan (SP)

Module 4: Implementation of security controls

  • Implement selected security controls
  • Document security control implementation

Module 5: Assessment of security controls

  • Prepare for Security Control Assessment (SCA)
  • Conduct Security Control Assessment (SCA)
  • Prepare Initial Security Assessment Report (SAR)
  • Review Interim Security Assessment Report (SAR) and perform Initial Remediation Actions
  • Develop Final Security Assessment Report (SAR) and optional addendum

Module 6: Authorization of Information Systems (IS)

  • Develop Plan of Action and Milestones (POAM)
  • Assemble Security Authorization Package
  • Determine Information System (IS) risk
  • Make Security Authorization decisions

Module 7: Continuous monitoring

  • Determine Security Impact of Changes to Information Systems (IS) and environment
  • Perform Ongoing Security Control Assessments (SCA)
  • Conduct Ongoing Remediation Actions
  • Update documentation
  • Perform periodic security status reporting
  • Perform Ongoing Information System (IS) Risk Acceptance
  • Decommission Information System (IS)
View More

Prerequisites

There are no mandatory prerequisites for this course, however, completing the Foundations of Agile course prior to taking up this course would be beneficial.

Who Should Attend

The course is highly recommended for –

  • US Federal government professionals, especially those in US Department of State or Department of Defense
  • Military professionals
  • Civilian roles, such as, federal contractors
  • Local governments
  • Private sector organizations

Interested in this course? Let’s connect!

Certification

This course helps participants prepare for the certification examination for earning the CAP® certification. The details of the examination are as follows –

Duration of the examination 3 hours
Number of questions 125
Format of the questions Multiple-choice questions
Passing grade 700 out of 1000 points
Exam availability English

 

The examination evaluates the participant’s expertise in seven specific domains. The weightage of these domains in the examination is as below –

Domain Weightage
Information security risk management program 15%
Categorization of Information Systems (IS) 13%
Selection of Security Controls 13%
Implementation of Security Controls 15%
Assessment of Security Controls 14%
Authorization of Information Systems 14%
Continuous monitoring 16%

Related Courses

Python for network automation
Python for Network Automation
Network fundamentals
Network Fundamentals
Software defined networking function virtualization
Software Defined Networking (SDN) and Network Function Virtualization (NFV)
VoLTE and the IMS
VoLTE and the IMS

Popular Courses

ITIL 4 foundation
ITIL® 4 Foundation
ITIL® Foundation (v3, 2011)
Certified Information Systems Security Professional (CISSP)
Certified Information Systems Security Professional (CISSP)
Mastering Python Programming
Mastering Python Programming

Recent Posts

(ISC)2 pilot testing online exam proctoring, what does it mean for you?

January 20, 2021

Why your organization needs a Certified Scrum Master®?

November 6, 2020

What is Docker and Kubernetes?

October 20, 2020

Getting started with learning DevOps

October 16, 2020