Certified CMMC Assessor (CCA) Training

Certified CMMC Assessor (CCA) Training
The Certified CMMC Assessor (CCA) course is the next step for CMMC Certified Professionals (CCPs) looking to advance their careers as Assessors in the Cybersecurity Maturity Model Certification (CMMC) program. This comprehensive training prepares individuals to evaluate and assess organizations against the CMMC framework, ensuring compliance with cybersecurity practices required by the United States Department of Defense (DoD) contracts.
As the CMMC program is poised for significant growth, this course equips participants with the knowledge and skills needed to meet the increasing demand for qualified assessors in the defense industry.
Save my seat
Accredited Training Provider (ATP)
Certified CMMC Professional (CCP)
Certified CMMC Assessor (CCA)
Certified CMMC Provisional Instructor (PI)
Google Reviews
See more reviews on google
Class Dates
Virtual Live Classes - CCP
Participate in interactive online sessions from anywhere. Weekly start dates available.
$2,999 -40hrs
2 weeks / 20 hours per week
Virtual Live Classes - CCP
Participate in interactive online sessions from anywhere. Weekly start dates available.
$2,999 -40hrs
2 weeks / 20 hours per week
Virtual Live Classes - CCA
Participate in interactive online sessions from anywhere. Weekly start dates available.
$2,999 -40hrs
2 weeks / 20 hours per week
Class Sign up Closed
Order
Order
CCP Self-Paced Learning
Start anytime with our flexible asynchronous training programs. Learn at your own pace.
$1,999 -Self Paced - 3hrs of time with our instructor
Order
CCA Self-Paced Learning
Start anytime with our flexible asynchronous training programs. Learn at your own pace.
$1,999 -Self Paced - 3hrs of time with our instructor
Order
CMMC Program Overview
The Cybersecurity Maturity Model Certification (CMMC) program, managed by The Cyber AB (formerly known as the CMMC Accreditation Body or the CMMC-AB), is designed to validate defense contractors' compliance with the cybersecurity practices required by their contracts. Once rulemaking has concluded and CMMC 2.0 has been fully implemented, all organizations providing products or services to the United States Department of Defense (DoD) must achieve the CMMC level required in the desired contract.
1
Program Introduction
CMMC program designed to validate defense contractors' cybersecurity compliance
2
Rulemaking and Implementation
CMMC 2.0 to be fully implemented after rulemaking conclusion
3
Mandatory Certification
All DoD contractors must achieve required CMMC level for desired contracts
Course Audience
The Certified CMMC Assessor (CCA) course is designed for a diverse audience within the cybersecurity and defense industry sectors.
Aspiring CMMC Assessors
Individuals interested in becoming CMMC Certified Assessors (CCA)
Certified CMMC Instructors
CCIs who want to teach the CCA course in the future
Defense Industry Professionals
Employees in the Defense Industrial Base (DIB)
Compliance Specialists
Compliance officers and staff
Future Consultants
Prospective CMMC consultants
Course Objectives
This course covers identifying the scope of an Assessment, assessing the CMMC Level 2 practices, and using an established process and workflow to enable efficiencies during an Assessment. In this course, you will apply the CMMC Assessment Process to validate the performance of cybersecurity practices in the 14 domains derived from NIST SP 800-171.
Protect CUI
Protect Controlled Unclassified Information with the CMMC program
Assessor Responsibilities
Establish key elements of responsibilities as a professional CMMC Assessor
Assessment Process
Work through an Assessment and validate context and scope of a Level 2 CMMC Assessment
Domain Practices
Assess practices in 14 domains derived from NIST SP 800-171
CMMC Domains - Part 1
The course covers assessment practices for the following CMMC domains:
Access Control (AC)
Assess practices in the Access Control domain
Awareness and Training (AT)
Assess practices in the Awareness and Training domain
Audit and Accountability (AU)
Assess practices in the Audit and Accountability domain
Security Assessment (CA)
Assess practices in the Security Assessment domain
Configuration Management (CM)
Assess practices in the Configuration Management domain
Identification and Authentication (IA)
Assess practices in the Identification and Authentication domain
Incident Response (IR)
Assess practices in the Incident Response domain
CMMC Domains - Part 2
The course continues to cover assessment practices for the remaining CMMC domains:
Maintenance (MA)
Assess practices in the Maintenance domain
Media Protection (MP)
Assess practices in the Media Protection domain
Personnel Security (PS)
Assess practices in the Personnel Security domain
Physical Protection (PE)
Assess practices in the Physical Protection domain
Risk Assessment (RA)
Assess practices in the Risk Assessment domain
System and Communications Protection (SC)
Assess practices in the System and Communications Protection domain
System and Information Integrity (SI)
Assess practices in the System and Information Integrity domain
Certification Exam Preparation
This course is designed for CMMC Certified Professionals (CCPs) who are interested in becoming CMMC Certified Assessors (CCAs). It prepares students for the CMMC Certified Assessor (CCA) certification exam, which is a required step toward becoming an Assessor.
To assist you in your preparation for the exam, Logical Operations provides a reference document that indicates where the material for the CCA-1 exam objectives is covered in the Logical Operations Certified CMMC Assessor (CCA) courseware.
1
2
3
1
CCA Certification Exam
Final step to become a Certified CMMC Assessor
2
Exam Preparation
Course designed to prepare CCPs for the CCA exam
3
Reference Materials
Logical Operations provides exam objective coverage guide
Prerequisites
To ensure your success in this course, you must have the foundational cybersecurity knowledge of a CMMC Certified Professional, which you can obtain by taking the following course and exam:
- Certified CMMC Professional (CCP)
This is an unofficial summary provided for your convenience. Always refer to The Cyber AB website (https://cyberab.org/CMMC-Ecosystem/Ecosystem-Roles/Assessing-and-Certification) for official requirements and be aware that CMMC requirements are subject to change.
1
2
3
1
CCA Course
Advanced training for aspiring CMMC Assessors
2
CCP Certification
Required foundational knowledge
3
Cybersecurity Basics
Fundamental understanding of cybersecurity concepts
Course Content Overview - Part 1
The Certified CMMC Assessor (CCA) course covers a comprehensive range of topics:
1
Lesson 1: Protecting CUI with the CMMC Program
Topic A: Protect Controlled Unclassified Information
Topic B: Utilize the CMMC Source Documents
2
Lesson 2: Being an Assessor
Topic A: Identify Assessment Roles and Responsibilities
Topic B: Establish an Assessor Mindset
Topic C: Determine the OSC's Cybersecurity Environment
3
Lesson 3: Working Through an Assessment
Topic A: Identify Assessment Flow and Milestone Events
Topic B: Prepare to Work with the OSC
Topic C: Formalize the Plan
Topic D: Assess the Evidence
Topic E: Handle Non-Conformity Issues
Topic F: Finalize the Assessment
4
Lesson 4: Validating the Scope of a CMMC Assessment
Topic A: Define Scope Fundamentals
Topic B: Categorize the Assets
Topic C: Determine the OSC Context
Topic D: Define ESPs
Topic E: Validate the Assessment Scope
Course Content Overview - Part 2
The course continues with in-depth coverage of CMMC domains:
1
Lesson 5: Assessing the AC Practices
Evaluate Access Control practices and identify connections
2
Lesson 6: Assessing the AT Practices
Evaluate Awareness and Training practices and identify connections
3
Lesson 7: Assessing the AU Practices
Evaluate Audit and Accountability practices and identify connections
4
Lesson 8: Assessing the CA Practices
Evaluate Security Assessment practices and identify connections
5
Lesson 9: Assessing the CM Practices
Evaluate Configuration Management practices and identify connections
6
Lesson 10: Assessing the IA Practices
Evaluate Identification and Authentication practices and identify connections
7
Lesson 11: Assessing the IR Practices
Evaluate Incident Response practices and identify connections
Course Content Overview - Part 3
The final lessons of the course cover the remaining CMMC domains:
Lesson 12: Assessing the MA Practices
Evaluate Maintenance practices and identify connections
Lesson 13: Assessing the MP Practices
Evaluate Media Protection practices and identify connections
Lesson 14: Assessing the PE Practices
Evaluate Physical Protection practices and identify connections
Lesson 15: Assessing the PS Practices
Evaluate Personnel Security practices and identify connections
Lesson 16: Assessing the RA Practices
Evaluate Risk Assessment practices and identify connections
Lesson 17: Assessing the SC Practices
Evaluate System and Communications Protection practices and identify connections
Lesson 18: Assessing the SI Practices
Evaluate System and Information Integrity practices and identify connections
The course also includes appendices on evidence collection, additional documentation for CCAs, and mapping course content to the CCA exam.
Next Steps
Ready to take the next step in your CMMC Assessor journey? Here's what you need to do:
1
Find an ATP
Reach out to a CyberAB Approved Training Provider (ATP) to inquire about available training dates.
2
View ATP List
Access the full list of Approved Training Providers on the official CyberAB website.
3
Enroll in Course
Register for the Certified CMMC Assessor (CCA) course with your chosen ATP.
4
Prepare for Exam
Complete the course and use provided materials to prepare for the CCA certification exam.
This course material is CMMC-AB Approved Training Materials (CATM). The content has been reviewed in detail and explicitly approved by a DoD office, as well as an independent agency working under the approval of the DoD. The multiple reviews verified that the course not only addressed the certification exam blueprint, but also met other rigorous content and instructional requirements that were included as part of the Approved Publishing Partner (APP) program expectations.
Course Specifications
Certified CMMC Assessor (CCA)
This courseware is CMMC-AB Authorized Training Material (CATM), and may be used by CMMC-AB Licensed Training Providers to offer Certified CMMC Assessor classes.
Course Specifications
Course Length:
5 days
Course Description
Overview:
The Cybersecurity Maturity Model Certification (CMMC) program provides a standard model and process for conducting a conformity assessment of Department of Defense (DoD) suppliers and service providers. Organizations wanting to provide products and services to the DoD will be required to demonstrate their cybersecurity competency and compliance under the CMMC program.
A Certified CMMC Assessor (CCA) applies a rigorous Assessment Process to ensure the relevant security controls have been effectively implemented and that there is evidence that these controls can be sustained.
This course covers identifying the scope of an Assessment, assessing the CMMC Level 2 practices, and using an established process and workflow to enable efficiencies during an Assessment.
Course Objectives:
In this course, you will apply the CMMC Assessment Process to validate the performance of cybersecurity practices in the 14 domains derived from NIST SP 800-171. You will:
Protect CUI with the CMMC program.
Establish the key elements of your responsibilities as a professional CMMC Assessor.
Work through an Assessment.
Validate the context and scope of a Level 2 CMMC Assessment.
Assess the practices in the Access Control (AC) domain.
Assess the practices in the Awareness and Training (AT) domain.
Assess the practices in the Audit and Accountability (AU) domain.
Assess the practices in the Security Assessment (CA) domain.
Assess the practices in the Configuration Management (CM) domain.
Assess the practices in the Identification and Authentication (IA) domain.
Assess the practices in the Incident Response (IR) domain.
Assess the practices in the Maintenance (MA) domain.
Assess the practices in the Media Protection (MP) domain.
Assess the practices in the Personnel Security (PS) domain.
Assess the practices in the Physical Protection (PE) domain.
Assess the practices in the Risk Assessment (RA) domain.
Assess the practices in the System and Communications Protection (SC) domain.
Assess the practices in the System and Information Integrity (SI) domain.
Target Student:
This course is designed for Certified CMMC Professionals (CCP) who are interested in becoming Certified CMMC Assessors (CCA), as well as Certified CMMC Instructors (CCI) who want to teach this CCA course in the future. This course is also beneficial to employees of Defense Industrial Base (DIB) Organizations Seeking Certification (OSCs) because an understanding of how CCPs and CCAs think during an Assessment will ensure better Assessment readiness.
Prerequisites:
To ensure your success in this course, you must have the foundational cybersecurity knowledge of a Certified CMMC Professional, which you can obtain by taking the following course and exam:
Certified CMMC Professional (CCP)
Course-specific Technical Requirements
Hardware:
For this course, you will need one computer for each student and one for the instructor. Each computer will need the following minimum hardware configurations:
Sufficient processor speed, RAM, and storage space for good system performance when running Windows and Microsoft 365.
Mouse, keyboard, and monitor.
High-speed, stable Internet connection.
For the instructor's computer, a method to project and/or share the screen as needed for local and remote class participants.
Software:
Microsoft® 365® license (which provides the Microsoft Office apps)
Microsoft® Windows® 10 Professional
Adobe® Acrobat® Reader®
If necessary, software for viewing the course slides. (Instructor machine only.)
Course Content
Lesson 1: Protecting CUI with the CMMC Program
Topic A: Protect Controlled Unclassified Information
Topic B: Utilize the CMMC Source Documents
Lesson 2: Being an Assessor
Topic A: Identify Assessment Roles and Responsibilities
Topic B: Establish an Assessor Mindset
Topic C: Determine the OSC's Cybersecurity Environment
Lesson 3: Working Through an Assessment
Topic A: Identify Assessment Flow and Milestone Events
Topic B: Prepare to Work with the OSC
Topic C: Formalize the Plan
Topic D: Assess the Evidence
Topic E: Handle Non-Conformity Issues
Topic F: Finalize the Assessment
Lesson 4: Validating the Scope of a CMMC Assessment
Topic A: Define Scope Fundamentals
Topic B: Categorize the Assets
Topic C: Determine the OSC Context
Topic D: Define ESPs
Topic E: Validate the Assessment Scope
Lesson 5: Assessing the AC Practices
Topic A: Evaluate the AC Practices
Topic B: Identify AC Connections and Considerations
Lesson 6: Assessing the AT Practices
Topic A: Evaluate the AT Practices
Topic B: Identify AT Connections and Considerations
Lesson 7: Assessing the AU Practices
Topic A: Evaluate the AU Practices
Topic B: Identify AU Connections and Considerations
Lesson 8: Assessing the CA Practices
Topic A: Evaluate the CA Practices
Topic B: Identify CA Connections and Considerations
Lesson 9: Assessing the CM Practices
Topic A: Evaluate the CM Practices
Topic B: Identify CM Connections and Considerations
Lesson 10: Assessing the IA Practices
Topic A: Evaluate the IA Practices
Topic B: Identify IA Connections and Considerations
Lesson 11: Assessing the IR Practices
Topic A: Evaluate the IR Practices
Topic B: Identify IR Connections and Considerations
Lesson 12: Assessing the MA Practices
Topic A: Evaluate the MA Practices
Topic B: Identify MA Connections and Considerations
Lesson 13: Assessing the MP Practices
Topic A: Evaluate the MP Practices
Topic B: Identify MP Connections and Considerations
Lesson 14: Assessing the PE Practices
Topic A: Evaluate the PE Practices
Topic B: Identify PE Connections and Considerations
Lesson 15: Assessing the PS Practices
Topic A: Evaluate the PS Practices
Topic B: Identify PS Connections and Considerations
Lesson 16: Assessing the RA Practices
Topic A: Evaluate the RA Practices
Topic B: Identify RA Connections and Considerations
Lesson 17: Assessing the SC Practices
Topic A: Evaluate the SC Practices
Topic B: Identify SC Connections and Considerations
Lesson 18: Assessing the SI Practices
Topic A: Evaluate the SI Practices
Topic B: Identify SI Connections and Considerations
Appendix A: Evidence Collection Approach for CMMC Practices Levels 1 and 2
Appendix B: Additional Documentation for CCAs
Appendix C: Mapping Course Content to the CCA Exam
Company Data
3815 River Crossing Pkwy Suite 100
Indianapolis, IN 46240
1-877-732-6772
info@lionfishcybersecurity.com
Terms and Conditions
Privacy Policy
(This is not a Lionfish address) 
This institution is regulated by the Office for Career and Technical Schools
10 N Senate Avenue, Suite SE 308, Indianapolis 46204 - OCTS@dwd.in.gov https://www.in.gov/dwd/2731.htm
© Copyright 2024 Lionfish Cyber Security. All Rights Reserved