Certified Authorization Professional (CAP) Training Course and Workshop in Bangalore, Mysore, Chennai, Hyderabad, Pune, Mumbai, Delhi, Noida, Gurgaon, Kolkata

In Certified Authorization Professional (CAP) Exam preparatory training course, one will gain an understanding of the new authorization process and prepare for the CAP certification exam. On the path to CAP certification, one will gain the knowledge and skills needed to accurately and effectively apply cost-effective and appropriate security controls based on risk and best practices.

By attending Certified Authorization Professional (CAP) Exam preparatory workshop, delegates will learn:

New processes and concepts, including:
- Authorization process
- Risk assessment process
- Risk Management Framework
- Incident response and contingency planning
- Information System Continuous Monitoring
Individual and organization roles, responsibilities, requirements, and reports
CAP certification exam preparation
- Common, system-specific, hybrid, and compensating controls
- CyberScope and CyberStat
- Security Content Automation Protocol (SCAP) and methods for media sanitization
Effective strategies for process implementation and test-taking

Two years of computer security experience
Experience with information security directives, standards, and guidelines related to authorization and risk management processes and managing/participating in the development of security control assessments, continuous monitoring, security policy, and/or auditing for information systems

This Certified Authorization Professional (CAP) class is recommended for:

Senior information security officers, information assurance managers , information system owners, project managers, information system security officers, system managers, and system administrators
Any individual seeking to better understand how to secure an IT system while preparing for the CAP certification exam

Describe the Risk Management Framework (RMF)

Domain Introduction
Domain Terminology and References
Historical and Current Perspective of Authorization
Introducing the Examples Systems
Introduction to the Risk Management Framework (RMF)
The RMF Roles and Responsibilities
The RMF Relationship to Other Processes
Example System Considerations

Categorize Information Systems

Domain Introduction
Domain Terminology and References
RMF Step 1 – Roles and Responsibilities
Preparing to Categorize an Information System
Categorize the Information System
Categorizing the Examples System
Describe the Information System and Authorization Boundary
Register the Information System
RMF Step 1 Milestones, Key Activities and Dependencies

Select Security Controls

Domain Introduction
Domain Terminology and References
RMF Step 2 – Roles and Responsibilities
Understanding FIPS 200
Introducing SP 800-53
The Fundamentals
The Process
- Appendix D – Security Control Baselines
- Appendix E – Assurance and Trustworthiness
- Appendix F – Security Control Catalog
- Appendix G – Information Security Programs
- Appendix H – International Information Security Standards
- Appendix I – Overlay Template
- Appendix J – Privacy Control Catalog
Identify and Document Common (Inherited) Controls
System Specific Security Controls
Continuous Monitoring Strategy
Review and Approve Security Plan
RMF Step 2 Milestone Checkpoint
Example Information Systems

Implement Security Controls

Domain Introduction
Domain Terminology and References
RMF Step 3 – Roles and Responsibilities
Implement Selected Security Controls
Contingency Planning
Configuration, Patch and Vulnerability Management
Firewalls and Firewall Policy Controls
Interconnecting Information Technology Systems
Computer Security Incident Handling
Security Awareness and training
Security Considerations in the SDLC
Malware Incident Prevention and Handling
Computer Security Log Management
Protecting Confidentiality of Personal Identifiable Information
Continuous Monitoring
Security Control Implementation
Document Security Control Implementation
RMF Step 3 Milestone Checkpoint

Assess Security Control

Domain Introduction
Domain Terminology and References
RMF Step 4 – Roles and Responsibilities
Understanding SP 800-115
Understanding SP 800-53A
Prepare for Security Control Assessment
Develop Security Control Assessment Plan
Assess Security Control Effectiveness
Develop Initial Security Assessment Report (SAR)
Review Interim SAR and Perform Initial Remediation Actions
Develop Final SAR and Optional Addendums
RMF Step 4 Milestone Checkpoint

Authorize Information System

Domain Introduction
Domain Terminology and References
RMF Step 5 – Roles and Responsibilities
Develop Plan of Action and Milestones (POAM)
Assemble Security Authorization Package
Determine Risk
Determine the Acceptability of Risk
Obtain Security Authorization Decision
RMF Step 5 Milestone Checkpoint

Monitor Security Controls

Introduction
Domain Terminology and References
RMF Step 6 – Roles and Responsibilities
Understanding SP 800-137
Determine Security Impact of Changes to System and Environment
Perform Ongoing Security Control Assessment
Conduct Ongoing Remediation Actions
Update Key Documentation
Perform Periodic Security Status Reporting
Perform Ongoing Determination and Acceptance
Decommission and Remove System
RMF Step 6 Milestone Checkpoint

Encarta Labs Advantage

One Stop Corporate Training Solution Providers for over 6,000 various courses on a variety of subjects
All courses are delivered by Industry Veterans
Get jumpstarted from newbie to production ready in a matter of few days

Trained more than 50,000 Corporate executives across the Globe
All our trainings are conducted in workshop mode with more focus on hands-on sessions

Certified Authorization Professional (CAP)

COURSE AGENDA