Complying with CMMC 2.0 and NIST SP 800-171 Requirements Training

Level: Intermediate

Recent sweeping updates to the U.S. Department of Defense Cybersecurity Maturity Model Certification (CMMC) requirements have left the consultants, contractors, and the Defense Industrial Base (DIB) questioning where this leaves us and how to proceed. This course is intended to address the questions of what CMMC 2.0 is all about, how certification will work under the new model, the SP 800-171 requirements that must be satisfied and how to meet them, and what this means for DoD contracting organizations. These same 800-171 requirements cover all Non-Federal Organizations (NFOs) that handle U.S. Federal Government controlled unclassified information. This course will also feature self-attestation guidance and will help organizations meet the external 3rd party assessments that will still be required for a subset of businesses handling protected U.S. Federal Government information.

Key Features of this CMMC 2.0 and NIST SP 800-171 Training:

  • After-course instructor coaching included
  • Learning Tree end-of-course exam included

You Will Learn How To:

  • Understand and comply with the new CMMC 2.0 framework
  • Assess CMMC 2.0 and CMMC 1.0 differences and repercussions to your organization
  • Meet NIST SP 800-171 requirements
  • Perform self-assessments conforming to DFARS standards and generate a SPRS score
  • Identify which contract levels are subject to independent assessments
  • Satisfy third-party CMMC 2.0/SP 800-171 assessments
  • Maintain an acceptable security posture over the contract lifecycle

Choose the Training Solution That Best Fits Your Individual Needs or Organizational Goals

LIVE, INSTRUCTOR-LED

In Class & Live, Online Training

  • 4-day instructor-led training course
  • After-course instructor coaching included
  • Learning Tree end-of-course exam included
View Course Details & Schedule

Standard $2990 USD

Government $2659 USD

RESERVE SEAT

PRODUCT #2074

TRAINING AT YOUR SITE

Team Training

  • Bring this or any training to your organization
  • Full - scale program development
  • Delivered when, where, and how you want it
  • Blended learning models
  • Tailored content
  • Expert team coaching

Customize Your Team Training Experience

CONTACT US

Save More On Training with FlexVouchers – A Unique Training Savings Account

Our FlexVouchers help you lock in your training budgets without having to commit to a traditional 1 voucher = 1 course classroom-only attendance. FlexVouchers expand your purchasing power to modern blended solutions and services that are completely customizable. For details, please call 888-843-8733 or chat live.

In Class & Live, Online Training

Time Zone Legend:
Eastern Time Zone Central Time Zone
Mountain Time Zone Pacific Time Zone

Note: This course runs for 4 Days

  • Mar 1 - 4 9:00 AM - 4:30 PM EST Herndon, VA / Online (AnyWare) Herndon, VA / Online (AnyWare) Reserve Your Seat

  • Mar 22 - 25 9:00 AM - 4:30 PM EDT Herndon, VA / Online (AnyWare) Herndon, VA / Online (AnyWare) Reserve Your Seat

  • Apr 26 - 29 9:00 AM - 4:30 PM EDT Herndon, VA / Online (AnyWare) Herndon, VA / Online (AnyWare) Reserve Your Seat

  • May 17 - 20 9:00 AM - 4:30 PM EDT Herndon, VA / Online (AnyWare) Herndon, VA / Online (AnyWare) Reserve Your Seat

  • Jun 27 - 30 9:00 AM - 4:30 PM EDT Herndon, VA / Online (AnyWare) Herndon, VA / Online (AnyWare) Reserve Your Seat

  • Jul 19 - 22 9:00 AM - 4:30 PM EDT Herndon, VA / Online (AnyWare) Herndon, VA / Online (AnyWare) Reserve Your Seat

  • Aug 16 - 19 9:00 AM - 4:30 PM EDT Herndon, VA / Online (AnyWare) Herndon, VA / Online (AnyWare) Reserve Your Seat

  • Sep 20 - 23 9:00 AM - 4:30 PM EDT Herndon, VA / Online (AnyWare) Herndon, VA / Online (AnyWare) Reserve Your Seat

Guaranteed to Run

When you see the "Guaranteed to Run" icon next to a course event, you can rest assured that your course event — date, time — will run. Guaranteed.

Important CMMC 2.0 and NIST SP 800-171 Training Information

  • Prerequisites

    Prior security experience is helpful but not necessary. Critical thinking skills and the ability to make decisions are key.
  • Who Should Attend

    Organizations Seeking Approval (OSC) personnel including:

    • System development life cycle personnel (e.g., program managers, mission/business owners, information owners/stewards, system designers and developers, system/security engineers, systems integrators)
    • Personnel with system, security, or risk management and oversight responsibilities (e.g., chief information officers, chief information security officers, system owners, information system security managers).
    • Security assessment and monitoring personnel (e.g., auditors, system evaluators, assessors, verifiers/validators, analysts)
    • Third parties providing CMMC 2.0 implementation and assessment support services

CMMC 2.0 and NIST SP 800-171 Training Outline

  • Lesson 1 – The Nature of Protected Information

    • Acknowledging the importance of protecting US Government information
    • Recognizing categories of protected information
    • Describing protected information and the law
  • Lesson 2 – Threats to Protected Information

    • Defining types of security failures
    • Judging the impact of security failures
    • Defining risk
    • Identifying threats and vulnerabilities in organizational systems
    • Recognizing motivations for data compromise
    • Identifying characteristics of threat actors
  • Lesson 3 – Introduction to CMMC 2.0

    • Describing CMMC Goals
    • Synopsizing CMMC Evolution
    • Defining the model tiers
    • Describing the four CMMC 2.0 program phases
    • Listing assessment requirements
    • Explaining model implementation
    • Charting the CMMC implementation timeline
  • Lesson 4 – CMMC 2.0 and NIST SP 800-171

    • Describing NIST SP 800-171, SP 800-171A and SP 800-172
    • Categorizing security controls
    • Identifying SP 800-171 control families
    • Describing SP 800-171 security control structure
    • Explaining the importance of basic assumptions underlying SP 800-171
  • Lesson 5 – Characterizing the Non-Federal System

    • Identifying NARA CUI categories and markings
    • Verifying confidentiality impact level
    • Identifying special considerations for classified defense information
    • Determining the organizational system boundary
    • Building the System Security Plan
  • Lesson 6 – Securing the Organizational System

    • Determining the security control baseline
    • Assessing the need for enhanced assurance
    • Updating the System Security Plan
    • Tailoring the security control baseline
    • Selecting the approach to securing organizational systems
    • Implementing security controls
    • Documenting security control implementation, compliance and effectiveness
  • Lesson 7 – Assessing System Cybersecurity Risk

    • Building the Security Assessment Plan
    • Assessment methodologies
    • Assessment optimization
    • Assessing security control compliance and effectiveness
    • Documenting security control compliance
  • Lesson 8 – Reporting Self-Assessment Results

    • Completing the System Security Plan
    • Building the Plan of Action and Milestones (POA&M)
    • Requesting CMMC waivers
    • Compiling the assessment report
    • Preserving an acceptable system security posture

Team Training

CMMC 2.0 and NIST SP 800-171 FAQs

  • Are third party assessments by C3PAOs a thing of the past?

    No. C3PAOs will be needed to assess the OSCs requiring a Level 2 Assessment. Keep in mind that Level 2 is bifurcated and some OSCs will be able to self-attest.
  • Will NIST replace CMMC 2.0?

    No, NIST is the What, and CMMC is the How. They are both needed and play an integral role in the new cyber security mandate.
  • Is this course suitable for those individuals who wish to become CMMC-CPs?

    Yes, this will lay a great foundation prior to attending the Course 2072, CyberSecurity Maturity Model Certification (CMMC): Certified CMMC Professional (CCP), and sitting for the CCP Certification exam.
Herndon, VA / Online (AnyWare)
Herndon, VA / Online (AnyWare)
Herndon, VA / Online (AnyWare)
Herndon, VA / Online (AnyWare)
Herndon, VA / Online (AnyWare)
Herndon, VA / Online (AnyWare)
Herndon, VA / Online (AnyWare)
Herndon, VA / Online (AnyWare)
Why do we require your location?

It allows us to direct your request to the appropriate Customer Care team.

Preferred method of contact:
Chat Now

Please Choose a Language

Canada - English

Canada - Français