Hello everyone! I just took and passed the Certified Authorization Professional exam. Leaning about how the Reference Managment Framework aligns with the Systems Development LifeCycle was a hoot! It's a good exam to take and one that's going to be really sought after as large companies and the Federal Govt decide how important it is to have security controls on your network. As me any question here and I will try to help!
The exam consists almost entirely of the Reference Management Framework and the resulting NIST control standards and how to implement them. Mostly the Federal Government uses these standards, but I'm finding alot of large companies are starting to see the value of securing their networks using these standards..
First I would like to say congrats to ya on passing the exam. I was wondering if you could tell me what are some good training materials or classes I could attend and acquire to better prepare me for this exam?
I took the online class from ISC2. The Body of Knowledge is the best thing that helped me get ready for the class. The book ISC2 gives you is set up nicely. That's all I used. Plus, having an overall knowledge of NIST and the network approval process helps!
Let me know if you have anymore questions...
I'll also add understand the Systems Development Life Cycle and how it mirrors the RMF framework. Once I learned that, the test was a piece of cake, I swear. It was alot easier than the CISSP...