Shopping Cart  [0]

Call 800.698.5501

CAP Certification - Certified Authorization Professional Boot Camp - Risk Management Framework (RMF) - Training Camp

CAP Certification Training
TrainingCamp Twitter Feed
CISSP Training

Our 6 Day CAP Certification Boot Camp is the only Official (ISC)² Exam Prep Boot Camp. Our course features exclusive options, such as our Training Camp designed Official (ISC)² Evening Review Sessions, and hosting of the Official (ISC)² CAP exam at the end of class.

Led by (ISC)² authorized instructors, This course is designed for the information security practitioner who champions system security commensurate with an organization's mission and risk tolerance, while meeting legal and regulatory requirements.

In addition to our public course schedule, we can also offer Private Group Training with the Official (ISC)² CAP exam hosted at any location in the world, with no student minimum number.


CAP Boot Camp

Duration: 6 days
Exam Voucher: Included
Testing: Delivered On-Site
GI Bill Eligible: ≤ 100% of Fees
GSA Catalog: GS-02F-0044T
capCertification Training Details

  • 6 Days Instruction w/ Onsite Testing
  • 100% Exam Pass Guarantee
  • Training Camp's Exam Preparation Study Guide
  • Additional Self-Paced Video Lectures
  • Real-world Learning Scenarios

  • Official (ISC)² CAP Exam Voucher
  • Official (ISC)² Training Courseware
  • Official (ISC)² Flash Cards
  • Official (ISC)² Practice Exam
  • Official (ISC)² Evening Review

  • CISSP Partner Award Winner
    Having trained and certified over 20,000 CISSPs globally, Training Camp has been awarded numerous awards from (ISC)² for over ten years. Our decade-long partnership with (ISC)² demonstrates Training Camp's experience and expertise delivering information security certification training across their full portfolio of certifications.

    Training Camp is the only approved accelerated training partner for (ISC)². We are held to the highest level of quality assurance for all of our (ISC)² Boot Camp offerings.


    CAP Instructors
    (ISC)² Approved Certified Instructors

    We utilize Authorized (ISC)² instructors who are Subject Matter Experts well-versed in accelerated learning and exam preparation during our CAP boot camp. Their delivery accommodates every student's learning needs through individualized instruction, lab partner and group exercises, independent study, self-testing, and question/answer drills.


    CAP Courseware
    Customized 100% Updated Exam Preparation Study Guide
    *Training Camp Exclusive Feature

    Our award-winning comprehensive exam preparation best practice guide book is designed with extensive work from (ISC)² Instructors, Training Camp Subject Matter Experts, feedback from the contributions from (ISC)² members, and It conceptually mirrors the NIST system authorization process in compliance with the Office of Management and Budget (OMB) Circular A-130, Appendix III.


    CAP Certification Practice Tests
    Detailed Evening Review & Official (ISC)² Practice Exam
    *Training Camp Exclusive Feature

    This zero-distraction, accelerated CAP boot camp review includes value-added evening review sessions & official (ISC)² practice exams - representative of the actual exam questions from (ISC)², and key to CAP preparation.


    CAP Exam
    Hosted Onsite Official CAP Exam
    *Training Camp Exclusive Feature

    We host the official (ISC)² CAP exam at the end of the class for our students. These examinations are delivered at our site - with (ISC)² approval - not at 'local' testing centers that are subject to seat availability. Our goal is for students to leave class with CAP certification.


    CAP Candidate
    The course is intended for students who have at least one full year of experience using the federal Risk Management Framework (RMF) or comparable experience gained from the ongoing management of information system authorizations, such as ISO 27001.

    CAP certification is appropriate for commercial markets, civilian and local governments, and the U.S. Federal government, including the State Department and the Department of Defense (DoD). Job functions such as authorization officials, system owners, information owners, information system security officers, certifiers, and senior system managers are great fits as CAPs.
    Training on your terms.

    Training Camp offers the full spectrum of learning [delivery] options - providing our customers with end-to-end solutions to assist in achieving education goals.


    Instructor-Led Boot Camps
    Check out our full listing of Training Camp course programs, offered at nationwide locations.


    Onsite Training [Worldwide]
    Training Camp offers Official (ISC)² CAP training with onsite examination delivery anywhere in the world.


    Self-Paced Online
    Learn security at your own pace, at home, on mobile, anywhere you have access to the internet and a web browser.




    CAP Certification Course Outline

    Domain 1: Describe the Risk Management Framework (RMF)

    • Module 1: Domain Introduction
    • Module 2: Domain Terminology and References
    • Module 3: Historical and Current Perspective of Authorization
    • Module 4: Introducing the Examples Systems
    • Module 5: Introduction to the Risk Management Framework (RMF)
    • Module 6: The RMF Roles and Responsibilities
    • Module 7: The RMF Relationship to Other Processes
    • Module 8: Example System Considerations
    • Module 9: End of Domain Review and Questions

    Domain 2: RMF Step 1: Categorize Information Systems

    • Module 1: Domain Introduction
    • Module 2: Domain Terminology and References
    • Module 3: RMF Step 1 - Roles and Responsibilities
    • Module 4: Preparing to Categorize an Information System
    • Module 5: Categorize the Information System
    • Module 6: Categorizing the Examples System
    • Module 7: Describe the Information System and Authorization Boundary
    • Module 8: Register the Information System
    • Module 9: RMF Step 1 Milestones, Key Activities and Dependencies
    • Module 10: End of Domain Review and Questions

    Domain 3: RMF Step 2: Select Security Controls

    • Module 1: Domain Introduction
    • Module 2: Domain Terminology and References
    • Module 3: RMF Step 2 - Roles and Responsibilities
    • Module 4: Understanding FIPS 200
    • Module 5: Introducing SP 800-53
    • Module 6: The Fundamentals
    • Module 7: The Process
    • Module 8: Appendix D - Security Control Baselines
    • Module 9: Appendix E - Assurance and Trustworthiness
    • Module 10: Appendix F - Security Control Catalog
    • Module 11: Appendix G - Information Security Programs
    • Module 12: Appendix H - International Information Security Standards
    • Module 13: Appendix I - Overlay Template
    • Module 14: Appendix J - Privacy Control Catalog
    • Module 15: Identify and Document Common (Inherited) Controls
    • Module 16: System Specific Security Controls
    • Module 17: Continuous Monitoring Strategy
    • Module 18: Review and Approve Security Plan
    • Module 19: RMF Step 2 Milestone Checkpoint
    • Module 20: Example Information Systems
    • Module 21: End of Domain Review and Questions

    Domain 4 - RMF Step 3: Implement Security Controls

    • Module 1: Domain Introduction
    • Module 2: Domain Terminology and References
    • Module 3: RMF Step 3 - Roles and Responsibilities
    • Module 4: Implement Selected Security Controls
    • Module 5: Contingency Planning
    • Module 6: Configuration, Patch and Vulnerability Management
    • Module 7: Firewalls and Firewall Policy Controls
    • Module 8: Interconnecting Information Technology Systems
    • Module 9: Computer Security Incident Handling
    • Module 10: Security Awareness and Training
    • Module 11: Security Considerations in the SDLC
    • Module 12: Malware Incident Prevention and Handling
    • Module 13: Computer Security Log Management
    • Module 14: Protecting Confidentiality of Personal Identifiable Information
    • Module 15: Continuous Monitoring
    • Module 16: Security Control Implementation
    • Module 17: Document Security Control Implementation
    • Module 18: RMF Step 3 Milestone Checkpoint
    • Module 19: End of Domain Review and Questions

    Domain 5 - RMF Step 4: Assess Security Control

    • Module 1: Domain Introduction
    • Module 2: Domain Terminology and References
    • Module 3: RMF Step 4 - Roles and Responsibilities
    • Module 4: Understanding SP 800-115
    • Module 5: Understanding SP 800-53A
    • Module 6: Prepare for Security Control Assessment
    • Module 7: Develop Security Control Assessment Plan
    • Module 8: Assess Security Control Effectiveness
    • Module 9: Develop Initial Security Assessment Report (SAR)
    • Module 10: Review Interim SAR and Perform Initial Remediation Actions
    • Module 11: Develop Final SAR and Optional Addendums
    • Module 12: RMF Step 4 Milestone Checkpoint
    • Module 13: End of Domain Review and Questions

    Domain 6 - RMF Step 5: Authorize Information System

    • Module 1: Domain Introduction
    • Module 2: Domain Terminology and References
    • Module 3: RMF Step 5 - Roles and Responsibilities
    • Module 4: Develop Plan of Action and Milestones (POAM)
    • Module 5: Assemble Security Authorization Package
    • Module 6: Determine Risk
    • Module 7: Determine the Acceptability of Risk
    • Module 8: Obtain Security Authorization Decision
    • Module 9: RMF Step 5 Milestone Checkpoint
    • Module 10: End of Domain Review and Questions

    Domain 7 - RMF Step 6: Monitor Security Controls

    • Module 1: Introduction
    • Module 2: Domain Terminology and References
    • Module 3: RMF Step 6 - Roles and Responsibilities
    • Module 4: Understanding SP 800-137
    • Module 5: Determine Security Impact of Changes to System and Environment
    • Module 6: Perform Ongoing Security Control Assessment
    • Module 7: Conduct Ongoing Remediation Actions
    • Module 8: Update Key Documentation
    • Module 9: Perform Periodic Security Status Reporting
    • Module 10: Perform Ongoing Determination and Acceptance
    • Module 11: Decommission and Remove System
    • Module 12: RMF Step 6 Milestone Checkpoint
    • Module 13: End of Domain Review and Questions