Video Description

This lesson introduces the Department of Defense (DoD) Risk Management Framework (RMF). This course prepares participants to take the CAP Exam which consists of 125 multiple choice questions and covers the following domains:

  1. Risk management framework

  2. Categorization of Information Systems

  3. Selection of Security Controls

  4. Security Control Implementation

  5. Security Control Assessment

  6. Information System Authorization

  7. Monitoring of Security Controls

The instructor walks through a chapter by chapter breakdown of the course and tells participants the goals of each chapter. Risk Management Framework is an important concept as it is ever evolving as security systems become more complex and advanced. RMF consists of six key steps: Step 1: Categorize system Step 2: Select security controls Step 3: Implement Security Controls Step 4: Assess Security Controls Step 5: Authorize System Step 6: Monitor Security Controls In the field of RMF, it is important to familiarize yourself with the following terms: 1. Assurance

  1. Integrity

  2. Non-repudiation

  3. Confidentiality

  4. Availability

  5. Authentication

The instructor also explains the security control structure: management, operation and technical.

Course Modules