Certified CMMC Assessor Domain 2: CMMC Level 2 Assessment Scoping Course
2 hours, 13 minutes
Syllabus
Analyze the CMMC assessment scope of CUI assets
Video - 00:08:00
One of the most critical aspects of any assessment is establishing an accurate scope for CUI assets, which we cover in this video.
Categorization of CUI data with in-scope assets
Video - 00:17:00
This reference to the CUI categories provides the majority of what assessors need to be aware of to identify assets that are in scope and or not in scope.
Security protection assets
Video - 00:14:00
Discover how security protection assets provide security functions or capabilities to the contractor's assessment scope.
Contractor risk managed assets
Video - 00:06:00
In this video, we discuss contractor risk managed assets, such as the people that manage or process federal contract information and CUI.
Specialized managed assets
Video - 00:12:00
We dive into specialized assets, which may or may not process, store, or transmit CUI.
Out-of-scope assets
Video - 00:01:00
A discussion of out of scope assets, which cannot process, store, or transmitted CUI, and why they cannot.
CMMC assessment asset categories (in-scope)
Video - 00:27:00
In this section we will address assessment scope from multiple perspectives.In this section we will address how to analyze the CMMC Assessment Scope based on in-scope asset categories within the CMMC Level 2 Assessment Scoping Guide.
CMMC assessment asset categories (out-of-scope)
Video - 00:01:00
We offer a quick look at out of scope assessment asset categories.
Separation techniques
Video - 00:14:00
We discuss the two separation techniques provided by the Department of Defense: logical and physical separation.
FCI and CUI within the same assessment scope
Video - 00:06:00
This video describers FCI and CUI within the same assessment scope.
FCI and CUI within different CMMC assessment scopes
Video - 00:11:00
This video describers FCI and CUI within different assessment scopes.
External services providers
Video - 00:15:00
We discuss external service provider considerations,which include responsibility matrix, nonduplication, service level agreements, and scoping considerations.
Unlock 7 days of free training
- 1,400+ hands-on courses and labs
- Certification practice exams
- Skill assessments
Plans & pricing
Infosec Skills Personal
$299 / year
- 190+ role-guided learning paths (e.g., Ethical Hacking, Threat Hunting)
- 100s of hands-on labs in cloud-hosted cyber ranges
- Custom certification practice exams (e.g., CISSP, Security+)
- Skill assessments
- Infosec peer community support
Infosec Skills Teams
$799 per license / year
- Team administration and reporting
- Dedicated client success manager
-
Single sign-on (SSO)
Easily authenticate and manage your learners by connecting to any identity provider that supports the SAML 2.0 standard.
-
Integrations via API
Retrieve training performance and engagement metrics and integrate learner data into your existing LMS or HRS.
- 190+ role-guided learning paths and assessments (e.g., Incident Response)
- 100s of hands-on labs in cloud-hosted cyber ranges
- Create and assign custom learning paths
- Custom certification practice exams (e.g., CISSP, CISA)
- Optional upgrade: Guarantee team certification with live boot camps