ISC2 Official CGRC Certification Boot Camp
Retail Price: $3,495.00
Next Date: 01/06/2025
Course Days: 5
Enroll in Next Date
Request Custom Course
ISC2 Official CGRC Courseware
Our program combines ISC2 Official CGRC Courseware and our ISC2 CGRC courseware, which keeps immediate pace with advancements in exam content by incorporating feedback from our thousands of ISC2 certified alumni students. They are reviewed every 30 days to ensure all information reflects the most current updates. Relying on traditional CGRC books or externally sourced materials do not offer this advantage.
CPE/CEU Post Class Package
It is very important to stay up to date in this industry. CEUs are required to keep your certifications current. If you want to maintain your professional certified status, we are here to help keep your certifications current.
ISC2 Official CGRC Exam Voucher
Exam: CGRC
Length of exam: 3 hours
Number of items: 125
Item format: Multiple choice
Passing grade: 700 out of 1000 points
OUTLINE
CGRC Certification Exam Outline
CGRC DOMAIN 1: INFORMATION SECURITY RISK MANAGEMENT PROGRAM
-Understand the Foundation of an Organization-Wide Information Security Risk Management Program
-Understand Risk Management Program Processes
-Understand Regulatory and Legal Requirements
CGRC DOMAIN 2: CATEGORIZATION OF INFORMATION SYSTEMS (IS)
-Define the Information System (IS)
-Determine Categorization of the Information System (IS)
CGRC DOMAIN 3: SELECTION OF SECURITY CONTROLS
-Identify and Document Baseline and Inherited Controls
-Select and Tailor Security Controls
-Develop Security Control Monitoring Strategy
-Review and Approve Security Plan (SP)
CGRC DOMAIN 4: IMPLEMENTATION OF SECURITY CONTROLS
-Implement Selected Security Controls
-Document Security Control Implementation
CGRC DOMAIN 5: ASSESSMENT OF SECURITY CONTROLS
-Prepare for Security Control Assessment (SCA)
-Conduct Security Control Assessment (SCA)
-Prepare Initial Security Assessment Report (SAR)
-Review Interim Security Assessment Report (SAR) and Perform Initial Remediation Actions
-Develop Final Security Assessment Report (SAR) and Optional Addendum
CGRC DOMAIN 6: AUTHORIZATION OF INFORMATION SYSTEMS (IS)
-Develop Plan of Action and Milestones (POAM)
-Assemble Security Authorization Package
-Determine Information System (IS) Risk
-Make Security Authorization Decision
CGRC DOMAIN 7: CONTINUOUS MONITORING
-Determine Security Impact of Changes to Information Systems (IS) and Environment
-Perform Ongoing Security Control Assessments (SCA)
-Conduct Ongoing Remediation Actions (e.g., resulting from incidents, vulnerability scans, audits, vendor updates)
-Update Documentation
-Perform Periodic Security Status Reporting
-Perform Ongoing Information System (IS) Risk Acceptance
-Decommission Information System (IS)
NIST/GOVERNANCE OVERVIEW
NIST SP 800-37 rev 1/800-53 rev 4/800-53A rev 4
FIPS 199/200
CNSSI 1253
NIST SP 800-30/800-39/800-60/800-64/800-115/800-137
OMB A-123/A-130
ISC2 CGRC Certification Exam Review
- CGRC Exam Structure
- Exam Registration Process
- Time Management
- Topics and Concepts
- CAP Certification Question Structure
- Vendor Interpretation Techniques