Hello everyone. I passed the CAP exam yesterday, 07 MAR 2020. There is no much out there for those of use who want/need guidance to prepare for this exam.
This is how I prepared/passed for the exam.
(1) Subscribe to the InfoSec online videos for 30 days ($30 something a month), which includes a section for CAP. Those videos, about 7 hours of videos, provided a good baseline of knowledge for the CAP exam. After the videos, and a bunch of notes, I took the InfoSec final preparation exam: 125 questions...scored super low, somewhere in the low 60s.
(2) I was lucky that my organization paid for me to do the InfoSec online live class (3-day class). This live (online) class gives you two opportunities to take the certification exam, if you fail the first try. The instructor gave us a 100 question preparation exam at the end of the course. I scored somewhere in the 60s/not good after a 3 day bootcamp and opportunity to watch a set of videos before the bootcamp. Everyday after the class I reviewed my notes and some of the NIST documents.
(3) I took the following 1 1/2 weeks to re-watch/review the InfoSec CAP videos two more times. This helped me to updated the notes that I took during the first try (step 1 above). You should be able to do the videos in two or three days. Well actually in one day, but it was too much for me.
(4) Three days before the exam I did about 250 questions back to back: the 125 questions from the InfoSec site (step 1) (with a 72%), and the other100 from the InfoSec CAP online class (from step 2) (with 70 something %). Additionally, I reviewed some of the NIST documents required for the exam.
(5) The morning of the exam I completed the 100 question exam from the InfoSec CAP class (from step 2). This time I passed with a 82%. This also helped my brain be "CAP ready before the exam.
(6) During the exam... As you know, this is a 3 hours, 125 question exam, and you can go back to review any question of your choosing. This is different from the CISSP exam. Completed all the questions in 1 1/2 hours. Took another 30 minutes to review some of my answers.
(7) Finished the exam unsure about the outcome. Pick up the print out from the secretary and read the first sentence with a "Congratulation" statement .
Things that I recommend:
The InfoSec bootcamp (or any other organization bootcamp) was very helpful, especially the "pass guaranteed" option took some stress during my certification exam. The InfoSec videos and final exam from those videos were SUPER helpful. The additional set of exam provided by the instructor was also super important for me to pass the CAP cert. The more practice exams you take the better.
You DO need some RMF experience. I have 4 years RMF experience and it helped, but was not vital for the certification exam. Again, this is only my opinion.
I hope this help you to pass the CAP certification. Good luck.
Hi. I studied version 2 located at https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-37r2.pdf
I have been telling my co-workers to pay the 30-day option from the InfoSec videos. I really think those videos really helped. Keep in mind, this RMF is not for everyone...meaning it is a boring topic for most people. The videos might be a little bit boring too for most people, but it really really work for me. Good luck!