• 708.689.0131
  • Contact us
  • Login
Infosec Logo
  • Infosec Logo
  • Products
  • Solutions
  • Resources
  • Company
  • Product overview
  • Infosec IQ logo Security awareness & culture
  • Infosec Skills logo On-demand training & cyber ranges
  • Infosec Skills Live Boot Camps logo On-demand training & cyber ranges
  • Infosec IQ overview
  • Security awareness training
  • Phishing simulator
  • Reporting & assessments
  • Integrations & automation
  • Global administration
  • Browse all training
  • Pricing & features
  • Demo
  • Infosec Skills overview
  • Role-guided training
  • Infosec Skills Teams
  • Cyber ranges & labs
  • Certifications & CPEs
  • Skill assessments
  • Browse all training
  • Pricing & features
  • Book a meeting
  • Live boot camps
  • Infosec Institute certifications
  • DoD 8570 certifications
  • Get team boot camp pricing
  • View boot camp schedule
  • Book a meeting
  • Pre-built training plans
  • Compliance, industry & role-based training
  • Custom education
  • Personalized learning
  • Languages
  • Gamified learning
  • 1000+ phishing templates
  • Simulation types
  • Phishing email reporter
  • Dashboard reports
  • Security culture survey
  • Assessments
  • Learner analytics
  • Learner management
  • Threat response orchestration
  • Integrations
  • 52 NICE Work Roles
  • SOC Analyst
  • Cloud Security Engineer
  • Security Manager
  • ICS Security Practitioner
  • Security Engineer
  • Penetration Tester
  • Digital Forensics Analyst
  • Information Risk Analyst
  • Security Architect
  • Secure Coder
  • Boot camp overview
  • CISSP Boot Camp
  • Security+ Boot Camp
  • Ethical Hacking Boot Camp
  • CCNA Dual Cert Boot Camp
  • CASP+ Boot Camp
  • CCSP Boot Camp
  • CISM Boot Camp
  • CySA+ Boot Camp
  • PMP Boot Camp
  • Browse all boot camps
Choose Your Own Adventure

Security awareness games by Infosec

Click to Play

On-demand training for every cybersecurity role

Download Catalog

Certification training from industry experts

Get Pricing
  • Solutions overview
  • By organization type
  • By need
  • For business teams
  • For government & contractor teams
  • For MSPs & resellers
  • Security awareness
  • Phishing simulation
  • Technical skill development
  • IT certification
  • Compliance & framework
  • CMMC certification

    2021 IT & Security Talent Pipeline Study

    Download Now
    • Cyber Work
    • Webcasts
    • Case studies
    • Reports & whitepapers
    • Blog
    • Community
    • Infosec Inspire
    • Free tools
    • Cyber Work Podcast
    • Cyber Work Applied
    • Infosec Insiders
    • TechExams
    • YouTube
    • LinkedIn
    • Facebook
    • Twitter
    • Phishing Risk Test
    • Security awareness ROI calculator
    • Security awareness training plans
    • Security awareness buyer’s guide

      Cyber Work Podcast

      New cybersecurity career conversations every week

      Listen Now
      • About us
      • Events & webcasts
      • Careers
      • Scholarships & awards
      • Infosec Gives
      • Infosec Gives Partner Program
      • About us
      • Leadership
      • Newsroom
      • Recognition
      • Industry alliances
      • Infosec Hall of Fame
      • Infosec Security Awareness Awards
      • Infosec Accelerate Scholarship Program

        We’re hiring!

        Join a team dedicated to making a difference.

        Get To Know Us

        Certified CMMC Professional (CCP) Training Boot Camp

        Start your CMMC journey by becoming a Certified CMMC Professional (CCP)! This five-day boot camp provides a comprehensive overview of the Cybersecurity Maturity Model Certification requirements and prepares you to earn your CCP, which is the first step to becoming a Certified CMMC Assessor.

        View Pricing Book a Boot Camp
        dod-cmmc-preparation-boot-camp

        Earn your CCP, with exam insurance!

        • Five days of expert, live Certified CMMC Professional training
        • Exam Insurance
        • Exam Payment
        • Unlimited practice exam attempts
        • 100% Satisfaction Guarantee
        • Free annual Infosec Skills subscription ($299 value!)
        • 1-year access to all boot camp video replays and materials
        • Pre-study learning path
        • Knowledge Transfer Guarantee

        Certified CMMC Professional

        The Certified Professional is a gateway to becoming a Certified Assessor, but it also certifies you as a valuable resource for consulting agencies, CMMC Third-Party Assessor Organizations (C3PAOs) and organizations needing CMMC support and guidance. Earning your CCP allows you to:

        • Participate as an assessment team member under the supervision of a Certified Assessor
        • Work towards becoming a Certified Assessor or Certified Instructor
        • Validate your training and understanding of the CMMC for clients and employers
        • Use the Certified CMMC Professional logo and be listed in the CMMC-AB Marketplace

        CMMC-AB Licensed Training Provider and Licensed Partner Publisher

        Infosec CMMC Licensed Partner Publisher logo

        Infosec is a Licensed Training Provider (LTP) and a Licensed Partner Publisher (LPP) for the Cybersecurity Maturity Model Certification Accreditation Body (CMMC-AB), an independent accreditation entity created in January 2020 that’s responsible for establishing, managing, controlling and administering the CMMC assessment, certification, training and accreditation processes for the defense supply chain.

         

        View full course schedule

        CMMC training overview

        Developed by the Office of the Under Secretary of Defense for Acquisition and Sustainment (OUSD A&S) and other federal stakeholders, the Cybersecurity Maturity Model Certification (CMMC) assesses and enhances the cybersecurity posture of the Defense Industrial Base. The CMMC encompasses multiple maturity levels that range from “Basic cybersecurity hygiene” to “Advanced/progressive.” The required CMMC level will be specified in requests for information (RFIs) and requests for proposals (RFPs) for DoD contracts.

        What you'll learn

        • Understand the CMMC model, its history, need and development
        • Articulate the CMMC model framework, its constructs and usage
        • Demonstrate an understanding of applicable legal and regulatory guidance, roles and responsibilities as it pertains to the handling of controlled data (FCI/CUI) within the DoD
        • Understand how to engage supplemental materials (such as NIST 800-171, ISO 27001) to further inform practice characterization
        • Demonstrate how CMMC practices are influenced by the progression of CMMC maturity processes
        • Demonstrate relationships between practices and their applicable capabilities/domains
        • Understand the CMMC assessment methodology, its requirements and work flows
        • Demonstrate an understanding of the Code of Professional Conduct/COE through practical example

        CMMC Maturity Levels

        The CMMC model has five levels for measuring cybersecurity maturity, and each level has a set of processes and practices. In this boot camp, you’ll learn what goes into each of the following levels:

        • CMMC Level 1
          • Processes: Performed
          • Practices: Basic Cyber Hygiene
        • CMMC Level 2
          • Processes: Documented
          • Practices: Intermediate Cyber Hygiene
        • CMMC Level 3
          • Processes: Managed
          • Practices: Good Cyber Hygiene
        • CMMC Level 4
          • Processes: Reviewed
          • Practices: Proactive
        • CMMC Level 5
          • Processes: Optimizing
          • Practices: Advanced/Progressive

        Who should attend

        • Employees of DoD contractors that make up the Defense Industrial Base (DIB)
        • Regulatory compliance officers and legal team members
        • Cybersecurity managers
        • Consultants looking to provide CMMC guidance
        • Individuals starting the Certified CMMC Assessor or Certified CMMC Instructor career path
        • Anyone looking to build a foundation of knowledge and skills around the new CMMC requirements

        Citizen requirements

        Certified Professionals and Certified Assessors must meet citizenship requirements defined by the CMMC-AB:

        • Certified Professionals and CCA-1 Assessors: U.S. person (U.S. citizenship is required to participate as a team member on ML-2 assessments)
        • CCA-3 and above: U.S. citizenship is required
        • International C3PAOs: Must be a citizen of the country where the C3PAO is based, will be authorized only to assess contractors based in that country, and the U.S. Government must establish bi-lateral agreements with other countries with respect to CMMC prior to the issuance of any authorizations related to CMMC

        Prerequisites

        • College degree in a technical field or other equivalent experience (including military) OR
        • 2+ Years in cyber or other information technology field
        • CompTIA A+ Certification (or similar knowledge)
        • Gain CMMC-AB approval of the submitted application as to education and experience requirements
        • Complete the DoD Mandatory CUI Training

        Everything you need to earn your CMMC-AB CCP

        • Five days of expert, live Certified CMMC Professional training
        • Exam Insurance
        • Exam Payment
        • Unlimited practice exam attempts
        • 100% Satisfaction Guarantee
        • Free annual Infosec Skills subscription ($299 value!)
        • 1-year access to all boot camp video replays and materials
        • Pre-study learning path
        • Knowledge Transfer Guarantee
        Everything you need to earn your CMMC-AB CCP
        View Pricing

        Exam Insurance — we've got you covered.

        If you don’t pass, we’ll cover your second attempt free!

        Learn More

        CCP training schedule

        Infosec’s CMMC training is more than just a boot camp. We support you before, during and after your live training to ensure you’re fully prepared for your exam — and get certified on your first attempt.

        • Before your boot camp
          • Start learning now. You’ll get immediate access to all the content in Infosec Skills the moment you enroll. Prepare for your live boot camp, uncover your knowledge gaps and maximize your training experience.

        • During your boot camp
          • Day 1

            Purpose of the model

            • Define domain of the model
            • Supporting culture and guiding behavior
            • Explain Federal Acquisition Regulation relationship
            • Explain Defense Federal Acquisition Regulation relationship
            • Define difference between FAR 52.204-21 and DFARS 252.204-7012
            • Describe how NIST 800-171 has helped shape the CMMC

            Maturation model

            • Identify maturity level description
            • Compare focus of maturation levels
            • Define process maturity as institutionalization
            • Describe cumulative processes of maturation level
            • Describe cumulative cyber hygiene practices across level
            • Identify capabilities across domains

            Roles and responsibilities

            • Describe C3PAO’s (Certified Third-Party Assessment Organizations) role
            • Describe assessor’s (CCA-1, CCA-3, CCA-5) role
            • Describe assessment team members’ role
            • Describe OSC’s (Organization Seeking Certification) role
            • Describe RPO’s (Registered Professional Organization) role
            • Describe RP’s (Registered Practitioners) role and responsibilities
            • Describe LPP’s (Licensed Partner Publisher) role and responsibilities
            • Describe LTP’s (Licensed Training Provider) role and responsibilities

            Roles of Certified Professional in the CMMC ecosystem

            • Describe technical opportunities
            • List external consultant opportunities
            • Compare opportunities across CMMC ecosystem

            Ethics

            • Identify current and future legal obligations of contractors
            • Define legal responsibility of C3PAO
            • Compare legal differences between LPP and LTP

            Day 2

            DoD supply chain

            • Describe expectations from DoD acquisitions
            • Define defense industrial base
            • Define difference between DIB and DSC
            • Describe role of supply chain protecting DoD
            • Describe the DoD expectations for supply chain contractors
            • Identify types of information targeted by adversaries
            • Evaluate consequences of non-compliance

            Protecting information

            • Define Federal Contract Information (FCI)
            • Define Controlled Unclassified Information (CUI)
            • Identify minimum federal contract Information
            • Identify Controlled Technical Information
            • Identify Export Controlled information
            • Compare FCI and CUI

            Day 3 and 4

            CMMC documentation

            • Understand organization of CMMC assessment guide
            • Define connection to NIST SP 800-171A
            • Use unique identifiers to identify practices and processes
            • Use model matrix to identify practices and processes associated with a maturation model
            • Use clarifications to find additional explanations
            • Identify additional elements added to CMMC-AB

            CMMC domains

            For the following domains, you should be able to define the domain, utilize reference doc(s), identify where an assessor would look, identify who an assessor would ask, describe what an assessor would test, compare domain across maturation levels and distinguish associated capabilities:

            • Access control (AC)
            • Asset management (AM)
            • Audit & accountability (AU)
            • Awareness & training (AT)
            • Configuration management (CM)
            • Identification & authentication (IA)
            • Incident response (IR)
            • Maintenance (MA)
            • Media protection (MP)
            • Personnel security (PS)
            • Physical protection (PE)
            • Recovery (RE)
            • Risk management (RM)
            • Security assessment (CA)
            • Situational awareness (SA)
            • System & communications protection (SC)
            • System & information integrity (SI)

            Day 5

            Assessment team protocols

            • Assessment as partnership
              • Compare audits and assessments
              • Define characteristics of an assessment
              • Describe guiding principles of assessment
              • Write feedback based on assessment data
            • Assessment team member role
              • Label steps in assessment methodology
              • Utilize CMMC appendices to identify observable evidence
              • Describe assessment team role

            Certified CMMC Professional (CCP) exam review

        • After your boot camp
          • Your boot camp includes a 1-year subscription to Infosec Skills, so you can take additional time to prepare for your exam, get a head start on your next certification goal or start earning CPEs.

        Find your boot camp

        Take the course online?
        Learn more about online
        866.471.0059
        • Today
        • Next week
        • Next month
        See additional dates

        Sign up

        Enroll in a boot camp

          See additional dates
          Infosec logo

          Products

          Infosec IQ Security awareness, culture & phishing simulator Infosec Skills Hands-on skill development & boot camps

          Resources

          Cyber Work Blog Infosec Inspire Events & webcasts

          Company

          Contact us About Infosec Careers Newsroom Partners
          • ©2022 Infosec Institute, Inc.
            • Trademarks
            • Privacy Policy

          Infosec, part of Cengage Group