CAP Certified Authorization Professional Exam ExamFOCUS Study Notes & Review Questions 2014

The ISC2 Certified Authorization Professional CAP certification indicates a professional level of knowledge and skills on the subject of federal information system authorization. Authorization means operating a federally owned information system with formal acceptance of risk from an Authorization Officer who has the authority to make major risk related decisions within a federal organization. The CAP exam covers security practices and federal information security/protection laws as well as NIST publications and OMB regulations. Officially there are seven knowledge domains, including: 1. Understanding the Security Authorization of Information Systems 2. Categorize Information Systems 3. Establish the Security Control Baseline 4. Apply Security Controls 5. Assess Security Controls 6. Authorize Information System 7. Monitor Security Controls When we develop our material we do not classify topics the BOK way. In fact, we follow our own flow of instructions which we think is more logical for the overall learning process. Dont worry, it does not hurt to do so, as long as you truly comprehend the material. To succeed in the exams, you need to read as many reference books as possible. There is no single book that can cover everything! This ExamFOCUS book focuses on the more difficult topics that will likely make a difference in exam results. The book is NOT intended to guide you through every single official topic. You should therefore use this book together with other reference books for the best possible preparation outcome.