Achieving Certified Authorization Professional (CAP) certification validates your qualifications, skills, and experience in applying, assessing, and maintaining information system security using the new National Institute of Standards and Technology (NIST) Risk Management Framework (RMF). On the path to CAP certification, you will gain the knowledge and skills needed to accurately and effectively apply cost-effective and appropriate security controls based on risk and best practices. The CAP certification is accepted by private and government sectors, and in some organizations, it is required for specific jobs (i.e., DoD Directive 8570).

In this course, you will gain an understanding of the new authorization process and prepare for the CAP certification exam, based on the new SP 800-37 process and the new (ISC)2 Common Body of Knowledge (CBK).

Certification:

• CAP certification
• Portions of the Information System Security Engineer Professional (ISSEP) certification

What You'll Learn

• New processes and concepts, including:
  • Authorization process (NIST SP 800-37, revision 1)
  • Risk assessment process (NIST SP 800-30)
  • Risk Management Framework (NIST SP 800-39)
  • Incident response and contingency planning (NIST SP 800-65 and SP 800-34)
  • Information System Continuous Monitoring(NIST SP 800-53A SP 800-137)
• Individual and organization (Office of Management and Budget, Department of Homeland Security, NIST, and National Security Agency) roles, responsibilities, requirements, and reports
• CAP certification exam preparation
  • Common, system-specific, hybrid, and compensating controls
  • CyberScope and CyberStat
  • Security Content Automation Protocol (SCAP) and methods for media sanitization
• Effective strategies for process implementation and test-taking

Who Needs to Attend

• Senior information security officers (SISOs), information assurance managers (IAMs), information system owners, project managers, information system security officers (ISSOs), system managers, and system administrators
• Any individual seeking to better understand how to secure an IT system and meet Federal Information Security Management Act (FISMA) requirements while preparing for the CAP certification exam

Prerequisites

• Two years of computer security experience using OMB, NIST and/or DoD FISMA
• Experience with information security directives, standards, and guidelines related to authorization and risk management processes and managing/participating in the development of security control assessments, continuous monitoring, security policy, and/or auditing for information systems

Follow-On Courses

There are no follow-ons for this course.

Course Outline

1. Security Authorization

• Security Processes and Concepts
• Personally Identifiable Information
• Supply Chain Security
• Trust Relationships
• System Development Life Cycle (SDLC)
• Risk Management
• Certification and Accreditation (C&A) or Authorization
• Roles and Responsibilities
• Authorization Evolution
• Key Documents
  • Authorization 2010 and Beyond (SP 800-37 and CNSSI-1253)
  • RMF (SP 800-37 and SP 800-39)
• Assessment vs. Authorization
• Compliance vs. Governance
  • Players, Regulations, and Documents
  • OMB Circulars and Memos

2. Categorize Information and Information System

• Adequate Security
• Risk-Based Cost-Effective System Security Plan
• Categorization
• Capital Planning and Investment Control Process
• Federal Enterprise Architecture (FEA)
• Accreditation Boundaries
• Interconnecting Information Systems

3. Select Security Controls

• Specific, Common, and Hybrid Controls
• Selecting Security Controls
• Tailoring Controls
• E-Authentication Assurance Levels

4. Implement Security Controls

• Security Control Implementation
• Tailoring and Compensating Controls
• Firewalls
• Computer Security Log Management
• Approved Configurations, Tests, and Checklists
• Malware Incident Prevention and Handling
• Incident Response
• Contingency Plans
• Awareness, Training, and Education

5. Assess Security Controls

• Security Test and Assessment
• Vulnerability Tools and Techniques
• Security Assessment Plan (SAP)
• Security Assessment Report (SAR)

6. Authorize Information System

• Plan of Actions and Milestones (POAM)
• Security Authorization Package
• Authorization
  • Authority tOperate (ATO)
  • Interim Authorization tTest (IATT)
  • Interim AT(IATO)
  • Denial of Approval tOperate (DATO)

7. Monitor Security Controls

• Continuous Monitoring
• Information Security Continuous Monitoring (ISCM)
• Configuration Management
• Patch and Vulnerability Management
• Security Content Automation Protocol (SCAP)
• Performance Measurement
• Program Review for Information Security Management Activities (PRISMA)
• Disposal and Media Sanitization