The Certified Authorized Professional or CAP certification from ISC(2) validates a candidate's skills while using the risk management framework and provides an end-to-end understanding of management processes. The CAP certification is part of the DoD 8570 mandate and it covers several RMF steps and processes. This certification shows employers that candidates have the technical skills and knowledge needed to authorize and maintain information systems within large organizations. Many organizations are currently in need of cybersecurity professionals who can conduct security assessments and use RMF processes for better cybersecurity, and the current average salary of a CAP holder is $91,000 according to PayScale.
1. Know the Exam
While preparing for the CAP exam it is important to know what to expect on exam day. The CAP exams run time is a total of 3 hours and has a maximum of 125 questions. The exam questions are in a multiple-choice format and a passing score is a 700 out of 1000 points. Currently, the exam follows 7 weighted domains that outline the contents of the exam. As with most ISC(2) certifications candidates must show at least 2 years of prior work experience in relation to one of the 7 exam domains in order to sit for the CAP exam.
2. Study the Domains
The CAP certification covers seven different domains and each domain is weighted differently. The seven domains are as followed:
Domain 1: Information Security Risk Management Program 15%
Domain 2: Categorization of Information Systems 13%
Domain 3: Selection of Security Controls 13%
Domain 4: Implementation of Security Controls 15%
Domain 5: Assessment of Security Controls 14%
Domain 6: Authorization of Information Systems 14%
Domain 7: Continuous Monitoring 16%
The easiest way to cover all seven domains is by breaking each domain up individually and conducting self-assessments for a better understanding of where you currently stand in the exam preparation process. There may be an overlap on some domains, but it is for good reason and those topics will most likely show on the exam more than once, so be sure to take time and study all domains to ensure success on exam day.
3. Take a Practice Test
The best way to find out where you currently stand in the preparation process is by self-assessing and utilizing free resources found on the web. On the official ISC(2) website, you can find sample CAP exam questions that are worded in the same format that you will experience while taking the real exam, so it can give you a good insight as to what to expect. Also, it is important to only use valid resources while you are preparing. Remember to check exam codes on the study material you choose to make sure you are preparing for the current CAP exam.
4. Rest Well and Stay Focused
This is probably really simple advice that everyone hears before taking a big exam, but it works. Taking a night to rest before taking a strenuous exam can ensure better results on exam day. The CAP exam runtime is a total of 3 hours so be sure to use your time wisely and take breaks if needed.
I hope you found this blog post helpful. Here at SecureNinja, we offer a 5-day certification boot camp for our CAP training with some of the highest success rates in the industry. We can provide an organized classroom-based session with vendor-approved instructors, and we can get you and your team certified in less than 5 days.
SecureNinja is an award-winning training and certification school, and SecureNinja has a proven track record of assisting Fortune 100, Government, and Military organizations. For more information on how SecureNinja can benefit you or your organization fill out the form to the right of this post or call 703 – 535 – 8600 today!