CAP Certification Boot Camp Outline
The Official (ISC)² courseware covers a broad spectrum of topics in the 7 domains of the CAP Common Body of Knowledge (CBK). With Training Camp’s exam prep guide your course content will always be up-to-date with the most current version of the exam. This mix of courseware offers an in-depth review of the CBK as needed, and offers the advantage of Training Camp exam performance boosters.
CAP Domain 1: Information Security Risk Management Program
-Understand the Foundation of an Organization-Wide Information Security Risk Management Program
-Understand Risk Management Program Processes
-Understand Regulatory and Legal Requirements
CAP Domain 2: Categorization of Information Systems (IS)
-Define the Information System (IS)
-Determine Categorization of the Information System (IS)
CAP Domain 3: Selection of Security Controls
-Identify and Document Baseline and Inherited Controls
-Select and Tailor Security Controls
-Develop Security Control Monitoring Strategy
-Review and Approve Security Plan (SP)
CAP Domain 4: Implementation of Security Controls
-Implement Selected Security Controls
-Document Security Control Implementation
CAP Domain 5: Assessment of Security Controls
-Prepare for Security Control Assessment (SCA)
-Conduct Security Control Assessment (SCA)
-Prepare Initial Security Assessment Report (SAR)
-Review Interim Security Assessment Report (SAR) and Perform Initial Remediation Actions
-Develop Final Security Assessment Report (SAR) and Optional Addendum
CAP Domain 6: Authorization of Information Systems (IS)
-Develop Plan of Action and Milestones (POAM)
-Assemble Security Authorization Package
-Determine Information System (IS) Risk
-Make Security Authorization Decision
CAP Domain 7: Continuous Monitoring
-Determine Security Impact of Changes to Information Systems (IS) and Environment
-Perform Ongoing Security Control Assessments (SCA)
-Conduct Ongoing Remediation Actions (e.g., resulting from incidents, vulnerability scans, audits, vendor updates)
-Perform Periodic Security Status Reporting
-Perform Ongoing Information System (IS) Risk Acceptance
-Decommission Information System (IS)
As an (ISC)² Preferred Official Training Provider, Training Camp offers CPE units for our (ISC)² class alumni that can be used for a wide range of CEU and CPE requirements.
Is the CAP certification right for me?
Earning the CAP certification is a proven way to build your career and demonstrate your expertise within the risk management framework (RMF). The CAP is ideal for IT, information security, and information assurance practitioners and contractors who use the RMF process.
(ISC)² CAP Exam Voucher Policy
Unofficial training providers may say they include the exam voucher, but this is neither true nor ethical. (ISC)² and (ISC)² Official Training Providers, such as Training Camp are the only authorized organizations with the ability to offer vouchers for our exams. Unauthorized companies do not have the access required to purchase CAP exam vouchers. An authorized organization will never ask for a candidate’s Pearson VUE credentials.
Make sure you or your employees do not provide them to an unauthorized company. This puts them at risk and violates the terms of the (ISC)² Non Disclosure Agreement, which could result in losing their (ISC)² certification, being suspended indefinitely from retaking the exam, and losing money you’ve paid for the exam. This warning is shown clearly when enrolling for any CAP exam date. By going through official channels for exam vouchers, they – and your organization – eliminate these risks
Interested in CAP certification or RMF training for your team? Learn more about Training Camp Enterprise Solutions.