Additional Information
-
This is a foundational course introducing students to the existing legal framework the US Government uses to ensure the safeguarding of Federal Contract Information (FCI). Instructors provide a thorough review of the CMMC Level 1 (V2.0) and the 17 associated practice requirements. Students will understand self assessments and 3rd Party Assessments and will become proficient at using the CMMC Scoping Guidance for Level 1 and the Assessment Guide for CMMC Level 1. Students will spend a full day understanding the CMMC Assessment Process (CAP) from the vantage point of what a CMMC Certified Professional (CCP) is responsible – and their role in planning, executing and reporting the assessment. This will include the Assessment Readiness Review. Instructors orient students to the market participants in the CMMC ecosystem and the ethical obligations of CMMC credentialed professionals.
Students will gain an orientation to CMMC Level 2 including a high level review of the 110 practice requirements, how to score a CMMC assessment, when limited practice deficiencies are allowed, when and how POA&Ms result in a final assessment and certification.
Close to 50% of this course is interactive through a series of tools from a digital workbook, Case Study, exercises, breakout rooms, polling, chat boxes, whiteboarding and instructor facilitated dialogue.
-
Day 1 – Implementation: Landscape & Issues
• Implementation: (CUI) & (FCI) – legal requirements and safeguarding
• Implementation: Defining the boundaries of your CMMC Scope
• Implementation: The CMMC AB Ecosystem
• Implementation: Ethics
• Implementation: CMMC Model & Reference Documents
• Implementation: CMMC Model & Source Documents
• Implementation: CMMC Model Architecture: Domains, Practices & Processes
• Implementation: Introduction to CMMC Scoping
Day 2 & 3 – Implementation: The CMMC Domain requirements
• Understanding & Implementing Practices & Process in all domains:
o Incident Response Domain
o Access Control Domain
o Identification & Authentication Domain
o Asset Management Domain
o Maintenance Domain
o Media Protection Domain
o Awareness & Training Domain
o Security Assessment Domain
o Situational Awareness Domain
o System & Communication Protection Domain
o Risk Management Domain
o System & Information Integrity
o Audit & Accountability Domain
o Configuration Management Domain
o Personnel Security Domain
o Physical Protection Domain
o Recovery Domain
Day 4 – Implementation: The Assessment Processes
• Implementation: Adequate, sufficient & timely evidence and assessment findings
• Implementation: What Implementers need to know about the Assessment Process (CAP)
• Implementation: ABC’s of SSP’s
• PRACTICE EXAM – 3 Hrs – 120 Questions
-
Exam Prerequisites:
• College Degree in a cyber or information technology field or 2+ years of related experience or education;
• 2+ yrs of equivalent experience (including military) in a cyber, information technology or assessment field;
• To sit for the exam – must complete a CMMC AB Certified Professional Class (CMMC model training) from an LTP (Licensed Training Provider).
• To become a credentialed CCP you must pass the DoD CUI Awareness Training within three months of the exam (https://securityhub.usalearning.gov/index.html). The timing is important as the course is offered on a rolling basis but candidates must take the course within 90 days of sitting for the course.
Exam: Administered by the CMMC AB. Exam Vouchers are available through the CMMC AB only.
Exam Prep: Precision owns the CCP EXAM SIMULATOR ™. The simulator is a comprehensive question bank that helps students take the exam numerous times, scores the exam and provides the answers to the questions and why. This is an invaluable tool to prepare for the exam. We have more than 600 questions available and functions like a course review. The CCP EXAM SIMULATOR ™ is an additional fee. There are many options available to gain access to the SIMULATOR for very low cost. Access is ONLY for 1 student and will remain open until you PASS the CCP course.
-
Basic foundational knowledge on cybersecurity and its practical applications.