Certified CMMC Assessor Domain 2: CMMC Level 2 Assessment Scoping Course

2 hours, 13 minutes

Syllabus

Analyze the CMMC assessment scope of CUI assets

Video - 00:08:00
One of the most critical aspects of any assessment is establishing an accurate scope for CUI assets, which we cover in this video.
Categorization of CUI data with in-scope assets

Video - 00:17:00
This reference to the CUI categories provides the majority of what assessors need to be aware of to identify assets that are in scope and or not in scope.
Security protection assets

Video - 00:14:00
Discover how security protection assets provide security functions or capabilities to the contractor's assessment scope.
Contractor risk managed assets

Video - 00:06:00
In this video, we discuss contractor risk managed assets, such as the people that manage or process federal contract information and CUI.
Specialized managed assets

Video - 00:12:00
We dive into specialized assets, which may or may not process, store, or transmit CUI.
Out-of-scope assets

Video - 00:01:00
A discussion of out of scope assets, which cannot process, store, or transmitted CUI, and why they cannot.
CMMC assessment asset categories (in-scope)

Video - 00:27:00
In this section we will address assessment scope from multiple perspectives.In this section we will address how to analyze the CMMC Assessment Scope based on in-scope asset categories within the CMMC Level 2 Assessment Scoping Guide.
CMMC assessment asset categories (out-of-scope)

Video - 00:01:00
We offer a quick look at out of scope assessment asset categories.
Separation techniques

Video - 00:14:00
We discuss the two separation techniques provided by the Department of Defense: logical and physical separation.
FCI and CUI within the same assessment scope

Video - 00:06:00
This video describers FCI and CUI within the same assessment scope.
FCI and CUI within different CMMC assessment scopes

Video - 00:11:00
This video describers FCI and CUI within different assessment scopes.
External services providers

Video - 00:15:00
We discuss external service provider considerations,which include responsibility matrix, nonduplication, service level agreements, and scoping considerations.

Unlock 7 days of free training

  • 1,400+ hands-on courses and labs
  • Certification practice exams
  • Skill assessments
Start a Free Trial

Plans & pricing

Infosec Skills Personal

$299 / year

Buy Now 7-Day Free Trial
  • 190+ role-guided learning paths (e.g., Ethical Hacking, Threat Hunting)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Custom certification practice exams (e.g., CISSP, Security+)
  • Skill assessments
  • Infosec peer community support

Infosec Skills Teams

$799 per license / year

Book a Meeting
  • Team administration and reporting
  • Dedicated client success manager
  • Single sign-on (SSO)
    Easily authenticate and manage your learners by connecting to any identity provider that supports the SAML 2.0 standard.
  • Integrations via API
    Retrieve training performance and engagement metrics and integrate learner data into your existing LMS or HRS.
  • 190+ role-guided learning paths and assessments (e.g., Incident Response)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Create and assign custom learning paths
  • Custom certification practice exams (e.g., CISSP, CISA)
  • Optional upgrade: Guarantee team certification with live boot camps

Learn about scholarships and financing with

Affirm logo

Award-winning training you can trust