CUP OF CYBER – (ISC)2 CAP Exam and Certification

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
[Music] and here we are we made it to Friday Oh weekend ahead some folks have a three-day weekend with Presidents Day on Monday but today we're gonna dig in because it is Friday we still have work to do it is Friday so we'll talk about certifications today we're talking about the certified authorization professional or the cap exam it's one of the ISC squared exams a lot of details talk about what the exams about how much it's gonna cost you how to keep it what jobs you can get all that stuff if you're gonna join us this morning for our cup of cyber hope you do a cup of cyber hourly coffee in a Salt Lake City mug it is crazy it's Valentine's Day today Friday February 14th Valentine's Day so if you have your significant other and you haven't had anything planned yet you might want to get that together get something going probably too late to get any reservations for dinner or anything like that maybe something you can make it home more or take care of that person however you think you need to if you don't have that significant other know that it's also a national ferris-wheel day so maybe you got that stick that in your pocket for something to talk about today so we are talking about this certified authorization professional exam from is c-squared this exam has been around for a while it's changed names at least once when NIST changed the name of the certification and accreditation process to the RMF that the cap cap was called the certification and accreditation professional kept the acronym the same cap and they changed it over to certify authorization professional to reflect you know what we got ahead to have for the RMF so the exam itself 125 multiple-choice questions or as I like to say multiple guests questions jump in there ABCDE ABCD no e in 25% just by guessing like other cap exit our other is e squared exams there's practice questions in there as well that won't count against you but you don't know what they are time limit is three hours to take the exam plenty of time to get through these if you study and prepare for the certification exam passing score 700 out of a thousand points or actually a 70% and exam fee like all of these is C squared well even Capcom comptia even CompTIA is getting a little expensive on there but is e squared ISACA they're all gonna cost you a bit of money to get into the security field so the exam fee for this one 599 bucks to take the exam it's just it's a lot of money in certification so there's a lot of money in the the cyber field the security field but there's a lot of money for maintenance as well so you have to get certified you have to get educated you have to get trained get that experience built up these certifications there they're gonna cost you a little bit of money just because that's how it's how they're set up to take the exam to become a cab certified professional you have to have two years experience in one or more of the domains and if it's experience has to be paid experience you have to have paid experience in one or two one or more of the domains for at least a cumulative two years once you get the certification let me get it pass it then you have to do your maintenance right so you have to do 60 continuing professional education credits a year which means you have to read books you have to go to more training you have to do stuff to enhance your your security experience and help the field itself the certification itself is is on a three year cycle so every year you have to get those six TCPS three years you have to it's even three years you have to have the six TCPS and then at the end of three years they'll evaluate everything and then if you've been keeping up you've been following the professional ethics you've been doing your CPEs then you'll get issued the certification for another three years there is a hundred and twenty-five dollar annual maintenance fee so on top of the certification fee every year you're gonna have to pay 125 bucks they have changed it they being is C squared it used to be you pay for every certification you have with is e squared so if you have the cap and you have something like C is is P and is a CP and also we'll talk about those later then you pay a fee for each foot but apparently now checking their with their website you pay one fee covers all your certifications which is good because you know you could get a number of certifications from IC squared and then you know used to be 85 bucks for CISSP and then 85 bucks for cap and 85 bucks now it's just one hundred twenty-five dollars flat fee one or more apparently that's the first time I've seen that so it's a little bit new according to certain Mac cert magazine in 2018 the average salary for someone with a cap certification is 121 thousand five hundred and ten dollars pretty exact in ninety five cents maybe I don't know that's it you know it's gonna get it's gonna open doors and as you see you later when we look at 85-74 the DoD in the government there are positions that require you to have something like the cap exam the cap feels fill some of those requirements so what is the the certification all about what do you have to know what are the domains that you have to know for the cap so you can see we're in a circle back if you guys have followed along with any of the RMF training you're gonna see exactly how this thing lines out but domain one information security risk management program how do you manage your your your risk management how do you manage the security program that's our our first domain out of the gate that's when you need to know domain to categorize categorization of information system or is how do we kind of categorize a system domain three selection of security controls we're gonna go a little bit quick through this cuz I'm gonna show you something here in a minute in a minute domain 4 in limitation of security controls five assessment of security controls six authorization of an information system and finally seven and the last domain continuous monitoring seven domains you have to you have to know seven that you have to you know kind of be the master of but if you look this is what the RMF looks like prepare in the middle there that supports all of the others that's kind of like your domain one and then around the outside categorize the system select the controls implement the controls assess the controls authorize the system and monitor the controls there is your cap exam so if you know the arm out you're good at the are math you know it you know the supporting documents you know the the roles and authorizations you know the the tasks within each of these steps then you're good I'll throw a card up above I was do that wrong way up above actually be over there to a link to each of these each of these steps a little more detail in each of these steps then we've talked about in our cup of cyber over the last few weeks at this point the point of this recording we've covered all but the bond monitoring of the controls and also throw a card right dang every time over there think backwards over there that will show you some of the RMF tasks that have already been put out that you can check out so a lot of this stuff you know we've already thrown a lot of the training out online and we're going to over the next few weeks we're gonna be refreshing all of the current RMF videos with RMF 2.0 videos which is the new version of the arm app so the cap exam tests you on your ability to implement the RMF that's really what it does if you look at 85 70 this is the DoD requirement for certain positions within the DoD and if you look I am level one and I am level two both have the cap as a certification that meets that requirement so if you're an I am and that's information assurance management level one or level two one of those jobs cap is going to check that block you're gonna be you're gonna have a certification that's required in that job you don't have to get all of them so you see like I am level one is a cap or the GSL C or the security plus with continue it with continuing education you know that's any of those work for for level one so cap will work for your level one I am or your level two I am requirement you don't have to get all those you can get one of them so cap or explore for that right so you've you're on a place where you're around the DoD then you can look for things like izzo information system security officer normally that's a level one or level two they can't be level three depending on the system they're supporting but generally at level one and level two again a lot of the other government is going to adopt what the DoD is doing and I've seen it in a number of places that the certifications that are on this list are kind of certifications they require for like jobs in in other government agencies right if we look at this thing over time this is what I think this is my opinion of what certifications you need at different positions and obviously it's gonna vary by person it's gonna vary by the job you're going after there's a lot of variables but this is just you know a point in time line in the sand this is kind of what if I was hiring somebody this is kind of where I would put them and obviously your experience your personality your education it's all all gonna in fact impact this but you know I would think you know starting with A+ and actually I would start with IT fundamentals Plus which is below that but for some reason on the graphic it didn't make it so to redo the graphic a plus first I maybe even throw a Network+ in there and then security plus then the cap exam then CISSP or the certified information systems security professional another is e squared exam it's a tough one and then there's specializations of cissp is s ep the engineering professional so the information system security engineering professional and then the information system security architecture professional as you can see from the bottom to the top their help desk analyst good place to get in if you're already in the field that's a nice place to start help desk is where a lot of people an IT start and then going off into different directions so it doesn't mean you have to start there so you know how would all say if you can get a job like an is o or information system security officer right out the gate do that I think that's one of the most beneficial jobs and Security's gonna learn ton so next is is o then security analyst or security consultant that's about where I see the cap so if you've done a plus security plus cap you're probably well set for security analyst and consultant obviously CISSP to ISS EP as where you can be your security engineering jobs I would say you can probably get into engineering before you get your ep but it's definitely not going to hurt and then architect would be ISS ap or architecture professional so that's where I see personally I see the world you know your mileage may vary hey you know there's a ton of other jobs that fall on the the right side of that arrow but that's that's where I kind of see that the bulk of things if I was hiring somebody that's what I look for so we did we did could make it to Friday it's nice so I hope you are planning something well good this weekend hope you do get a long weekend you deserve it spend some time learning cyber like I say we always need more people in the field not enough people in in cyber not enough interesting not enough good people inside you're in you you want to learn the field you want to get Get Smart on security tons video without that we'd love you to watch the videos on our channel that's why we're doing them hopefully we're part adding value I don't know I'm trying to say adding value to the field and if you do if you do like it like liked the video hit that thumbs up to be notified when I hit that Bell I guess get the bell to be notified if you tell us Friday I'll be notified when new content comes out subscribe to the channel we would really appreciate that if you do that it's gonna help us and comment below let us know what do you think about the cap certification what do you think about my career path does that make sense am i way off base I could be maybe maybe you think something different love to hear what you got to say so comment below like subscribe hit the bell while all that stuff enjoy your Valentine's Day or your ferris wheel day whichever one you want to partake in have a good weekend and we'll see you even though it's Monday is a holiday I'll be here Monday talking about your cup of cyber be safe out there
Info
Channel: Cyber-Recon
Views: 2,115
Rating: 5 out of 5
Keywords: cap boot camp, cap certification training, cap exam, cap free test questions, cap practice exams, cap questions and answers, certified aithorization professional, cyber security, cyber security certifications, identity and access management, information security, isc cap questions, isc exam 2018, isc2 cap certification, it certifications where to start, nist rmf, risk management framework, cup of cyber
Id: DRIwVe7In7Y
Channel Id: undefined
Length: 15min 28sec (928 seconds)
Published: Fri Feb 14 2020
Related Videos
RMF2020 Cup of Cyber The RMF Prepare Step Part 1
Cyber-Recon
1.1K
6 Types of Grants for Nonprofits (and how to find them)
Amber Melanie Smith
23K
CASP vs CISSP: Which Certification Should You Get?
IT Dojo
82K
CISSP EXAM CRAM - DOMAIN 1 Security and Risk Management
Inside Cloud and Security
36K
CUP OF CYBER - CISM Certification - Certified Information Security Manager
Cyber-Recon
859
Comparing web API types: SOAP, REST, GraphQL and RPC
AltexSoft
11K
CUP OF CYBER ISSO- Look inside the ISSO role
Cyber-Recon
1.9K
AC-3 Access Enforcement - Cup of Cyber
Cyber-Recon
100
How I Passed the Certified Cloud Security Professional (CCSP)
CableSupply.com
15K
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.