Realtime website analytics

 

 

FISMApedia


Q/IAP non degree Qualified/ Information Assurance Professional CyberSecurity Certificate of Mastery CoM

Q/C&A Qualified/ Certification & Accreditation Class
This class Earns the CNSS 4011, 4012, 4013A, 4015, AND 4016A Certifications
1 Class earns 5 NSA-CNSS Approved Certificates

Need your Fully Qualified Navy System Certifier and Validator Certificate?
Earn the MOST ADVANCED Risk Analyst Certificate available - Get 4106A Certified

SU courses are certified by the Information Assurance Courseware Evaluation (IACE) Program under the auspices of the National IA Education and Training Program. SU courseware meets all of the elements of the Committee on National Security Systems (CNSS) National Training Standards.

The IACE Program provides consistency in training and education for the information assurance skills that are critical to our nation. SU is 4011, 4012, 4013, 4015 and 4016E, I, "A" (Advanced) 4016A level.

SU Q/IAP® Qualified/ Information Assurance Professional Certificate of Mastery CoM nondegree (3 Q/IAP + Security+®, CASP®, ISMS® or CISSP®)

Q/AAP® Qualified Access, Authentication & PKI Professional Certification Class

Q/NSP® Qualified/ Network Security Policy Administrator & SOA Security Oriented Architect Certification Class

*Q/CA Qualified/ Certification & Accreditation Administrator Certification Class Certificate of Mastery CoM

DoD Information Technology Security Certification and Accreditation Process DITSCAP Certification Class

~SU Security+® CompTIA Certification Class

~SU CISSP® ISC2® Certified Information Security Systems Professional Class

SU CASP® - CompTIA Advance Security Professional Certification Class

ISSEP® ISC2® Information Security Systems Engineer Certification Class

SU CISA® Certified Information Security Auditor Certification Class

SU CISM® Certified Information Security Manager Certification Class

Certified ISO 27001 SU ISMS® Lead Auditor Certification Class

Certified ISO 27001 SU ISMS® Lead Implementation Certification Class

Q/C&AThis 5-day session of Q/CA Fully Qualified Navy Validator Training meets the objectives of the CNSS-4012 Senior System Manager (SSM) and CNSS-4015 System Certifier and 4016 Risk Analyst certificate course which is specifically designed to consolidate all SSM and System Certifier and Analyst knowledge requirements into a single, comprehensive curriculum. This course provides 5 (five) days of intense, highly concentrated, non-technical professional training necessary to achieve the in-depth knowledge, skills, and abilities needed to enforce Information Assurance and Cybersecurity requirements, apply Information System Security (INFOSEC) methodologies and facilitate authorization and accreditation (C&A) activities.


SU’s Qualified Authorization and Accreditation Professional training and certification covers the exam objectives that measure of the knowledge, skills and abilities required for personnel involved in the process of authorizing and maintaining information systems. Specifically, this credential applies to those responsible for formalizing processes used to assess risk and establish security requirements and documentation. Their decisions will ensure that information systems possess security commensurate with the level of exposure to potential risk, as well as damage to assets or individuals. The 5 day immersive boot camp covers all of the latest exam objectives complete with 400+ up to date exam question Quiz Engine. The course is intended for students who have at least one full year of experience using the Federal Risk Management Framework (RMF) or comparable experience gained from the ongoing management of information system authorizations, such as ISO 27001.

CAP certification is appropriate for commercial markets, civilian and local governments, and the U.S. Federal government, including the State Department and the Department of Defense (DoD). Job functions such as authorization officials, system owners, information owners, information system security officers, certifiers, and senior system managers are great fits as CAPs.

• Onsite/Off Site facilitation /• public 5 day course or private training avail.

CNSS 4105 requirement : this course addresses professional and functional requirements necessary for System Managers and System Certifiers and to identify specific assurance levels and evaluate risk impact thresholds in meeting applicable security policies, standards and requirements to ensure that accrediting authorities have the information necessary to make an objective accreditation determination based on an acceptable level of risk. This course focuses on analyzing, evaluating, and assessing, information system security policies, processes and procedures necessary to ensure a comprehensive multi-disciplined assessment of technical and non-technical security features and associated safeguards.

Lastly this is a fully certified (CNSS)-4016 A (Advanced) Risk Analyst course that provides five days of intense, highly concentrated training necessary to achieve the fundamental knowledge, skills and abilities needed to analyze, assess, control, determine, mitigate and manage risk within a federal management and acquisition framework or within federal interest computer systems that store, process, display or transmit classified or sensitive information (e.g. Personally Identifiable Information (PII), Electronically Protected Health Information (ePHI)/Individually Identifiable Health Information (IIHI) , etc).. which addresses specific knowledge factors and functional requirements established for Entry and Intermediate and ADVANCED Level Risk Analysts. Specific focus is directed on identifying, implementing and integrating management, acquisition and administrative risk methodologies for securing critical and sensitive information infrastructures and establishing standards necessary to help protect the confidentiality, maintain the integrity and ensure the availability of critical organizational computing resources. Download SU's class schedule now!

Note: This class can be easily tailored to meet the certification and accreditation needs of any organization.

Class Fee: $2,995*
Time: 7:45 am - 5pm
Location: Click here to view the class schedule
Learning Level: Understanding of TCP/IP Protocols
CPE Credits: 50 with practical 40CPE without practical
Prerequisites: Contractors and govt and military that work for government IS or won a contract award to service the military IS .
   
Method of Delivery - Residential On Ground
Method of Evaluation: 1. 95 % attendance 2. 100 % completion of Lab
Grading: Pass = 95% Attendance and 100% Completion of Labs and Practical
Fail => 95% Attendance and > 100% Completion of Labs and Practical

We're here to help!
CALL NOW 877-357-7744

SU’s Qualified Authorization Professional Q/CA training and certification covers the exam objectives that measure of the knowledge, skills and abilities required for personnel involved in the process of authorizing and maintaining information systems. Specifically, this credential applies to those responsible for formalizing processes used to assess risk and establish security requirements and documentation. Their decisions will ensure that information systems possess security commensurate with the level of exposure to potential risk, as well as damage to assets or individuals. The 5 day immersive boot camp covers all of the latest exam objectives complete with 400+ up to date exam question Quiz Engine. The course is intended for students who have at least one full year of experience using the Federal Risk Management Framework (RMF) or comparable experience gained from the ongoing management of information system authorizations, such as ISO 27001.

Q/CA certification is appropriate for commercial markets, civilian and local governments, and the U.S. Federal government, including the State Department and the Department of Defense (DoD). Job functions such as authorization officials, system owners, information owners, information system security officers, certifiers, and senior system managers are great fits as FQNVs.

What You Will Learn
The Q/CA RMF examination tests the breadth and depth of a candidate’s knowledge by focusing on the seven domains which comprise the Q/CA RMF exam and be preparedfor the CAP CBK®, taxonomy of information security topics:

  • Understanding the Security Authorization of Information Systems
  • Categorize Information Systems
  • Establish the Security Control Baseline
  • Apply Security Controls
  • Assess Security Controls
  • Authorize Information System
  • Monitor Security Controls 

The ideal candidate should have experience, skills or knowledge in any of the following areas:

  • IT Security
  • Information Assurance
  • Information Risk Management
  • Certification
  • Systems Administration
  • One - two years of general technical experience
  • Two years of general systems experience
  • One - two years of database/systems development/network experience
  • Information Security Policy
  • Technical or auditing experience within government, the U.S. Department of Defense, the financial or health care industries, and/or auditing firms
  • Strong familiarity with NIST documentation

Upon the completion of our Q/CA Course, students will know how to: The goal of the course is to prepare professionals for the challenges of authorization and accreditation concepts and functions. Our program will provide you with a quick and proven method for mastering this huge range of knowledge.

Prerequisites The Q/CA program is targeted at professionals with at least 2 years of experience in information systems security certification, RFM and accreditation. To achieve the Q/CA or ISC2 CAP credential, you need a minimum of two years of direct full-time information systems security certification and accreditation professional experience in one or more of these five areas:

  • Understanding the Purpose of Certification
  • Initiation of the System Authorization Process
  • Certification Phase
  • Accreditation Phase
  • Continuous Monitoring Phase

SU Q/CA Course Outline

Domain 1: Describe the Risk Management Framework (RMF)

  • Module 1: Domain Introduction
  • Module 2: Domain Terminology and References
  • Module 3: Historical and Current Perspective of Authorization
  • Module 4: Introducing the Examples Systems
  • Module 5: Introduction to the Risk Management Framework (RMF)
  • Module 6: The RMF Roles and Responsibilities
  • Module 7: The RMF Relationship to Other Processes
  • Module 8: Example System Considerations
  • Module 9: End of Domain Review and Questions

Domain 2: RMF Step 1: Categorize Information Systems

  • Module 1: Domain Introduction
  • Module 2: Domain Terminology and References
  • Module 3: RMF Step 1 - Roles and Responsibilities
  • Module 4: Preparing to Categorize an Information System
  • Module 5: Categorize the Information System
  • Module 6: Categorizing the Examples System
  • Module 7: Describe the Information System and Authorization Boundary
  • Module 8: Register the Information System
  • Module 9: RMF Step 1 Milestones, Key Activities and Dependencies
  • Module 10: End of Domain Review and Questions

Domain 3: RMF Step 2: Select Security Controls

  • Module 1: Domain Introduction
  • Module 2: Domain Terminology and References
  • Module 3: RMF Step 2 - Roles and Responsibilities
  • Module 4: Understanding FIPS 200
  • Module 5: Introducing SP 800-53
  • Module 6: The Fundamentals
  • Module 7: The Process
  • Module 8: Appendix D - Security Control Baselines
  • Module 9: Appendix E - Assurance and Trustworthiness
  • Module 10: Appendix F - Security Control Catalog
  • Module 11: Appendix G - Information Security Programs
  • Module 12: Appendix H - International Information Security Standards
  • Module 13: Appendix I - Overlay Template
  • Module 14: Appendix J - Privacy Control Catalog
  • Module 15: Identify and Document Common (Inherited) Controls
  • Module 16: System Specific Security Controls
  • Module 17: Continuous Monitoring Strategy
  • Module 18: Review and Approve Security Plan
  • Module 19: RMF Step 2 Milestone Checkpoint
  • Module 20: Example Information Systems
  • Module 21: End of Domain Review and Questions

Domain 4 - RMF Step 3: Implement Security Controls

  • Module 1: Domain Introduction
  • Module 2: Domain Terminology and References
  • Module 3: RMF Step 3 - Roles and Responsibilities
  • Module 4: Implement Selected Security Controls
  • Module 5: Contingency Planning
  • Module 6: Configuration, Patch and Vulnerability Management
  • Module 7: Firewalls and Firewall Policy Controls
  • Module 8: Interconnecting Information Technology Systems
  • Module 9: Computer Security Incident Handling
  • Module 10: Security Awareness and Training
  • Module 11: Security Considerations in the SDLC
  • Module 12: Malware Incident Prevention and Handling
  • Module 13: Computer Security Log Management
  • Module 14: Protecting Confidentiality of Personal Identifiable Information
  • Module 15: Continuous Monitoring
  • Module 16: Security Control Implementation
  • Module 17: Document Security Control Implementation
  • Module 18: RMF Step 3 Milestone Checkpoint
  • Module 19: End of Domain Review and Questions

Domain 5 - RMF Step 4: Assess Security Control

  • Module 1: Domain Introduction
  • Module 2: Domain Terminology and References
  • Module 3: RMF Step 4 - Roles and Responsibilities
  • Module 4: Understanding SP 800-115
  • Module 5: Understanding SP 800-53A
  • Module 6: Prepare for Security Control Assessment
  • Module 7: Develop Security Control Assessment Plan
  • Module 8: Assess Security Control Effectiveness
  • Module 9: Develop Initial Security Assessment Report (SAR)
  • Module 10: Review Interim SAR and Perform Initial Remediation Actions
  • Module 11: Develop Final SAR and Optional Addendums
  • Module 12: RMF Step 4 Milestone Checkpoint
  • Module 13: End of Domain Review and Questions

Domain 6 - RMF Step 5: Authorize Information System

  • Module 1: Domain Introduction
  • Module 2: Domain Terminology and References
  • Module 3: RMF Step 5 - Roles and Responsibilities
  • Module 4: Develop Plan of Action and Milestones (POAM)
  • Module 5: Assemble Security Authorization Package
  • Module 6: Determine Risk
  • Module 7: Determine the Acceptability of Risk
  • Module 8: Obtain Security Authorization Decision
  • Module 9: RMF Step 5 Milestone Checkpoint
  • Module 10: End of Domain Review and Questions

Domain 7 - RMF Step 6: Monitor Security Controls

  • Module 1: Introduction
  • Module 2: Domain Terminology and References
  • Module 3: RMF Step 6 - Roles and Responsibilities
  • Module 4: Understanding SP 800-137
  • Module 5: Determine Security Impact of Changes to System and Environment
  • Module 6: Perform Ongoing Security Control Assessment
  • Module 7: Conduct Ongoing Remediation Actions
  • Module 8: Update Key Documentation
  • Module 9: Perform Periodic Security Status Reporting
  • Module 10: Perform Ongoing Determination and Acceptance
  • Module 11: Decommission and Remove System
  • Module 12: RMF Step 6 Milestone Checkpoint
  • Module 13: End of Domain Review and Questions

The Q/CA now Q/AA Qualified Authorization and Accreditation Professional credential measures of the knowledge, skills and abilities required for C&A / A&A personnel. In particular, this credential applies to professionals who need to setup the formal processes used to assess risk and establish security requirements based on regulatory standards. It’s a very important job which ensures that information systems have appropriate security controls to mitigate potential risk, as well as protecting against damage to assets or individuals. Civilians, state and local governments, as well as system integrators supporting these organizations seek after this credential.


Prerequisites
Basic computer literacy.


*Class fees are subject to change

Top 
View Class Schedule

Current Schedule
Site Map SU Policies Webmaster Contact Us Opt-Out Testimonials Advertise Brochure
Copyright © 2017 Security University, Inc. All rights reserved.
Translate this page to