Cybersecurity Maturity Model Certification (CMMC) Boot Camp | Capitol Technology University

Who needs this training?

If your company is a DoD contractor or subcontractor and accesses government computing systems, the training is essential. This training program will acquaint senior business leaders and their staff with CMMC requirements and help them prepare for assessment and implementation. There is also a two hour Executive Overview available.

What is CMMC and how does it impact my company?

The US Department of Defense (DoD), under the Office of Acquisition and Sustainment (A&S), initiated the requirement for all DoD contractor systems for assessment under the aspects of a formalized Controlled Unclassified Information (CUI) Program. The Cybersecurity Maturity Model Certification (CMMC) was conceptualized in 2019 and an Accreditation Board (AB) worked to develop the model to assess nonfederal organizations. The CMMC-AB, also organized in 2019, built an organization to lead the nation and the world in the CUI cyber arena. In 2020, the Accreditation Board released version 1 of the CMMC requirements. The DoD has scheduled full implementation for accreditation to begin in fiscal year 2025 but encourages contractor training immediately. DoD contractor personnel and their information technology practitioners should plan on the full 10-hour training.

What is covered?

On Day 1 (first 2 hours) we’ll cover an executive summary. It will include how to recognize Controlled Unclassified Information (CUI), overview the Cybersecurity Maturity Model, and introduce a self-assessment tool. Both Management and IT Security Practitioners should attend.

On Days 2-5 (A total of 8 hours), we’ll do a deep dive for IT security staff using the security controls contained in various National Institute of Standards and Technology (NIST). Students will learn the elements of the Defense Department, Acquisition, NIST, and CMMC publications as they apply to implementation by contractors subject to the CMMC certification requirements. The course will provide the skills and tools to achieve results for CMMC effectively. Relevant Federal regulations, policies, guidance, and cover in-depth the risk management framework.

Monday
- Executive Overview
- CUI Overview
- Introduction to the CMMC Model
Tuesday
- What is Controlled Unclassified Information?
- DoD Implementation
- NARA Registry
- CUI References, Markings
- DFARS Clause
- FCI Data
Wednesday
- The Maturity Model
- The Five Levels in the CCMC
- Developing consistent and repeatable outcomes
Thursday
- Assessment Guide
- What is assessed
- Assessment methods
- The practices necessary to be in compliance
Friday
- Preparing for Assessment
- Assessment first steps
- Determining the level of assessment
- How to connect the Assessment
- Reporting, Remediation and Adjudication
- 32 CFR 2002 CUI Program Regulation
- FIPS 199 Standards for Categorization of Federal Information and Information Systems
- FIPS 200 Minimum Security Requirements for Federal Information and Information Systems.
- SP 800-53 Security and privacy controls for federal information systems and organizations
- SP 800-171 Protecting controlled unclassified information in nonfederal systems and organizations
- SP 800-171A Assessing security requirements for controlled unclassified information
- SP 800-171B Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations
- SP 800-161Supply Chain Risk Management Practices for Federal Information Systems and Organizations
- CMMC-AB Model
- CSET Cyber Security Evaluation Tool (CSET®) tool

Schedule and Cost

The Bootcamp is from 10 a.m. to Noon, Eastern DST, Monday to Friday. Additional Bootcamp sessions will be scheduled based on interest. If you would like the training, but need a different date, please let us know

Executive Summary Only (Monday, only) $250
Full boot camp (Monday to Friday): $900

DATES

~~May 17 – 21~~ Canceled
~~June 21 – 25~~ Canceled
July 19 – 23
Aug 23 – 27
Sep 20 – 24
Oct 25 – 29

Training Format

Live virtual real-time interactive session led by certified faculty. No travel is required.

Bootcamp Faculty

Leighton Johnson

Leighton Johnson, CISSP, CISM, is a provisionally Certified CMMC Assessor (CCA). He is the CTO and Founder of ISFMT, a provider of computer security, forensics consulting, and certification. He is CMMC-AB Marketplace listed.

Dr. Henry Williams

Dr. Henry Williams is a provisionally Certified CMMC Assessor (CCA). He is CEO/President of CTC Cyber Solutions, LLC, which provides cybersecurity and information technology solutions. He is CMMC-AB Marketplace listed.

Additional questions?

Please email proed@captechu.edu

Or contact Iris Lieberman, Associate Director of Admissions at 301-655-2119