Description
COMBINATION Certified CMMC Professional (CCP) + Certified CMMC Assessor (CCA) Course | This is a premium course offering. No discounts or coupons permitted.
NOTE: This CCP+CCA back-to-back course is recommended only for those individuals who have SIGNIFICANT experience implementing and/or assessing NIST SP 800-53 and/or NIST SP 800-171 security controls in defense contractor organizations OR that simply want an accelerated path to the information from both courses. IF you are pursuing CCP and CCA certification, we recommend you have a minimum of five years experience in working with NIST SP 800-53 and/or NIST SP 800-171. THESE ARE RECOMMENDATIONS FROM THE CMMC TRAINING ACADEMY ONLY FOR THIS ONE COMBINED COURSE DUE TO ITS ACCELERATED DELIVERY SCHEDULE. If you lack the experience noted, please enroll in our standard duration CCP and/or CCA courses.
- COMBO Certified CMMC Professional (CCP) & Certified CMMC Assessor (CCA) Course
- Format: Live | CMMC-AB (Provisional) Certified Instructor Led
- Times:
- USA: Daily 8:30 a.m. – 6:30 p.m. (Arizona) Mountain Standard Time
- Europe: Daily 9:00 a.m. – 7:00 p.m. Central European Time
- Duration: CCP 2.5 days + CCA 2.5 days
- Online Courseware
Course Outline
This course delivers the Certified CMMC Professional (CCP) and the Certified CMMC Assessor (CCA) courses back-to-back in a 5-day course. This combo course delivers the FULL Certified CMMC Professional (CCP) and Certified CMMC Assessor (CCA) course content. No content has been modified or eliminated.
Who Should Attend?
- Employees of DoD contractors that make up the Defense Industrial Base (DIB)
- Regulatory compliance officers and legal team members
- Cybersecurity managers
- Consultants looking to provide CMMC guidance
- Individuals starting the CMMC-AB / The Cyber AB / CAICO Certified CMMC Assessor or Certified CMMC Instructor career path
- Anyone looking to build a foundation of knowledge and skills around the new CMMC requirements
Why Should You Attend?
Only those with a minimum of five (5) years working hands-on implementing and/or assessing NIST SP 800-53 and/or NIST SP 800-171 security controls. DO NOT register for this course if you do not have this experience. No other assessment framework (e.g., ISO 27001, NIST CSF, HITRUST, etc.) will be accepted as an alternative.
Who Can Attend?
This training course is intended for:
- Individuals interested in being part of the CMMC-AB / The Cyber AB / CAICO ecosystem such as Certified CMMC Professional (CCP), Certified CMMC Assessors (CCA) and/or Certified CMMC Instructors (CCI)
- Individuals seeking to gain knowledge about the CMMC model and its requirements
- Individuals interested in providing consultancy services for CMMC preparation
- Individuals working for suppliers of the Department of Defense (DoD) and Defense Industrial Base (DIB) and for other organizations seeking CMMC certification
- Cybersecurity and technology consultants and CMMC assessment team members
What are the prerequisites to get certified?
- CCP Exam Prerequisites
- Review the CCP Exam Blueprint.
- Learn more about the CCP Exam Requirements.
- College degree in a cyber or information technical field or 2+ years of related experience or education;
or - 2+ years of equivalent experience (including military) in a cyber, information technology, or assessment
field; and - Suggested CompTIA A+ or equivalent knowledge/experience; and
- Complete Certified CMMC Professional Class offered by a Licensed Training Provider (LTP); and
- Pass DOD CUI Awareness Training no earlier than three months prior to the exam.
- https://securityhub.usalearning.gov/index.html
- CCA Exam Prerequisite
- Review the CCA Exam Blueprint
- Learn more about the CCA Exam Requirements.
- Take CCA training with a Licensed Training Provider (LTP). LTPs can be found through the CMMC Central Marketplace.
- Note: Only individuals successfully trained by an LTP will have access to register to take the CCA exam
- Pay exam fee, register for exam, and take and pass CCA certification exam
- Have or gain a favorable DoD Suitability Determination, or Possess a NAC (National Agency Check) or other DoD accepted clearance
- Only required to participate on certified Level 2 CMMC assessments
- Citizenship Requirements
- CCP
- No U.S. citizenship is required for non-certified services or to attend training
- U.S. citizenship required to participate in Level 2 certified assessments
- CCA
- No U.S. citizenship is required for non-certified services or to attend training
- U.S. citizenship required to participate in Level 2 certified assessments
- International C3PAOs
- Must be citizens of the country where the C3PAO is based
- Authorized only to assess contractors based in that country
- The U.S. Government must establish bi-lateral agreements with other countries with respect to CMMC prior to the issuance of any authorizations related to CMMC
- CCP
Target Student:
This course is reserved for EXPERIENCED NIST SP 800-53 and/or NIST SP 800-171 professionals. No other assessment framework (e.g., ISO 27001, NIST CSF, HITRUST, etc.) will be accepted as an alternative. This course provides the prerequisite training for the Certified CMMC Professional (CCP) program and the Certified CMMC Assessor (CCA) program. This combo course delivers the FULL Certified CMMC Professional (CCP) and Certified CMMC Assessor (CCA) course content. No content has been modified or eliminated.
CCP Course Content:
- Lesson 1: Managing Risk within the Defense Supply Chain
- Topic A: Identify Threats to the Defense Supply Chain
- Topic B: Identify Regulatory Responses against Threats
- Lesson 2: Handling Sensitive Information
- Topic A: Identify Sensitive Information
- Topic B: Manage the Sensitive Information
- Lesson 3: Ensuring Compliance through CMMC
- Topic A: Describe the CMMC Model Architecture
- Topic B: Define the CMMC Program and Its Ecosystem
- Topic C: Define Self-Assessments
- Lesson 4: Performing CCP Responsibilities
- Topic A: Identify Responsibilities of the CCP
- Topic B: Demonstrate Appropriate Ethics and Behavior
- Lesson 5: Scoping Certification and Assessment Boundaries
- Topic A: Use the CMMC Assessment Scope Documentation
- Topic B: Get Oriented to the OSC Environment
- Topic C: Determine How Sensitive Information Moves
- Topic D: Identify Systems in Scope
- Topic E: Limit Scope
- Lesson 6: Preparing the OSC
- Topic A: Foster a Mature Cybersecurity Culture
- Topic B: Evaluate Readiness
- Lesson 7: Determining and Assessing Evidence
- Topic A: Determine Evidence
- Topic B: Assess the Practices Using the CMMC Assessment Guides
- Lesson 8: Implementing and Evaluating Level 1
- Topic A: Identify CMMC Level 1 Domains and Practices
- Topic B: Perform a CMMC Level 1 Gap Analysis
- Topic C: Assess CMMC Level 1 Practices
- Lesson 9: Identifying Level 2 Practices
- Topic A: Identify CMMC Level 2 Practices
- Lesson 10: Working through an Assessment
- Topic A: Identify Assessment Roles and Responsibilities
- Topic B: Plan and Prepare the Assessment
- Topic C: Conduct the Assessment
- Topic D: Report the Assessment Results
- Topic E: Conduct the CMMC POA&M Close-Out Assessment
- Appendix A: Evidence Collection Approach for CMMC Level 1 Practices
- Appendix B: Additional Documentation for CCPs
- Appendix C: Mapping Course Content to the CCP Exam
CCA Course Outline
- Lesson 1: Protecting CUI with the CMMC Program
- Topic A: Protect Controlled Unclassified Information
- Topic B: Utilize the CMMC Source Documents
- Lesson 2: Being an Assessor
- Topic A: Identify Assessment Roles and Responsibilities
- Topic B: Establish an Assessor Mindset
- Topic C: Determine the OSC’s Cybersecurity Environment
- Lesson 3: Working Through an Assessment
- Topic A: Identify Assessment Flow and Milestone Events
- Topic B: Prepare to Work with the OSC
- Topic C: Formalize the Plan
- Topic D: Assess the Evidence
- Topic E: Handle Non-Conformity Issues
- Topic F: Finalize the Assessment
- Lesson 4: Validating the Scope of a CMMC Assessment
- Topic A: Define Scope Fundamentals
- Topic B: Categorize the Assets
- Topic C: Determine the OSC Context
- Topic D: Define ESPs
- Topic E: Validate the Assessment Scope
- Lesson 5: Assessing the AC Practices
- Topic A: Evaluate the AC Practices
- Topic B: Identify AC Connections and Considerations
- Lesson 6: Assessing the AT Practices
- Topic A: Evaluate the AT Practices
- Topic B: Identify AT Connections and Considerations
- Lesson 7: Assessing the AU Practices
- Topic A: Evaluate the AU Practices
- Topic B: Identify AU Connections and Considerations
- Lesson 8: Assessing the CA Practices
- Topic A: Evaluate the CA Practices
- Topic B: Identify CA Connections and Considerations
- Lesson 9: Assessing the CM Practices
- Topic A: Evaluate the CM Practices
- Topic B: Identify CM Connections and Considerations
- Lesson 10: Assessing the IA Practices
- Topic A: Evaluate the IA Practices
- Topic B: Identify IA Connections and Considerations
- Lesson 11: Assessing the IR Practices
- Topic A: Evaluate the IR Practices
- Lesson 12: Assessing the MA Practices
- Topic A: Evaluate the MA Practices
- Topic B: Identify MA Connections and Considerations
- Lesson 13: Assessing the MP Practices
- Topic A: Evaluate the MP Practices
- Topic B: Identify MP Connections and Considerations
- Lesson 14: Assessing the PE Practices
- Topic A: Evaluate the PE Practices
- Topic B: Identify PE Connections and Considerations
- Lesson 15: Assessing the PS Practices
- Topic A: Evaluate the PS Practices
- Topic B: Identify PS Connections and Considerations
- Lesson 16: Assessing the RA Practices
- Topic A: Evaluate the RA Practices
- Topic B: Identify RA Connections and Considerations
- Lesson 17: Assessing the SC Practices
- Topic A: Evaluate the SC Practices
- Topic B: Identify SC Connections and Considerations
- Lesson 18: Assessing the SI Practices
- Topic A: Evaluate the SI Practices
- Topic B: Identify SI Connections and Considerations
