The Certified Authorization Professional (CAP) certification exam is one of the most-demanded and industry-leading IT certifications. To qualify for this exam, the candidates must fulfill the eligibility requirements, including two years of cumulative, full-time paid work experience in one or more of the seven domains of the CAP CBK. In addition, the candidates should also be aware of some essential information before applying for the CAP exam.
In this article, we will examine which security practitioners who take the CAP exam, the process for applying for the CAP exam, CAP exam questions and passing score, CAP domains both before and after October 15th, 2018, and CAP exam preparation and training guidelines.
Who Should Take the CAP Exam?
According to (ISC)2, “taking a CAP exam is ideal for IT, information security, information assurance contractors and practitioners who use the Risk Management Framework (RMF) in local governments, the U.S. federal government (such as U.S. Department of Defense or Department of State), private sector organizations, the military, or civilian roles (such as federal contractors).”
As a matter of fact, IT risk is the key factor of uncertainty in any enterprise. Therefore, organizations want to identify, mitigate or eliminate risks before they become really big nightmares. Companies’ ability to manage risk will assist them to act more confidently and ensure business continuity.
According to CareersinAudit in 2013: “Risk management is essential in a company because, without it, a business cannot possibly define its objectives for the future.” CareersinAudit also adds that many organizations have developed separate teams for their risk management departments. These departments or companies have opened the floodgates of new jobs in the IT marketplace. The rewards of risk management jobs are also very high in terms of salaries, because risk professionals play a pivotal role in enterprises. According to the CertMag Salary Survey 2018, the average salary of the CAP is the $131,100.
CAP Exam Details
How Do You Apply for the CAP Exam?
You can apply for the CAP exam at the Pearson VUE website. The Pearson VUE is (ISC)2’s global partner and administrator of all (ISC)2 exams. Pearson VUE conducts innovative computer-based testing solutions through a secure electronic test delivery. To schedule your exam:
- Review an availability of your CAP exam
- Visit the Pearson VUE website
- Review the Pearson VUE Non-Disclosure Agreement (NDA)
- Create a Pearson VUE account
- Register for your CAP exam
- Select an appropriate testing center
- Select a convenient time
- Pay for the exam
Once you complete the registration at Pearson VUE, your registration details are automatically sent to the (ISC)2. After that, you will receive the confirmation email from Pearson VUE about your successful registration process. This email covers your appointment details, testing location and all other instructions related to your exam. Pearson VUE also allows candidates to register through the phone. If you want to find the phone number for your region, you can visit the Pearson VUE site.
In some cases, you may need to cancel or reschedule your exam. Doing so requires you to contact Pearson VUE either through phone or online. If you are canceling by phone, you must inform Pearson VUE at least 24 hours prior to your exam. If you cancel online, then the period is 48 hours before the exam. Pearson VUE charges you a cancellation fee of U.S. $100 and rescheduling fee of U.S. $50.
How Many Questions Are on the CAP Exam?
The CAP exam has 125 multiple-choice questions, and he candidates have to complete the exam within 3 hours. The exam is available only in the English language at present.
How Is the CAP Exam Scored?
You need to secure 700 points out of 1000 to pass your CAP certification exam. During and after the certification exam, the candidates must adhere to the (ISC)2 Code of Ethics; otherwise, your certification can be revoked even after passing the exam.
What Topics Are on the CAP Exam?
The CAP examination evaluates your expertise across seven domains. (ISC)2 has introduced an updated version of CAP Common Body of Knowledge (CBK), which is applicable after October 15th, 2018. However, if your exam if before October 15th, 2018, you should follow the older version of CAP CBK which is given below:
|Domain 1: Risk Management Framework (RMF)||20%|
|Domain 2: Categorization of Information Systems||8%|
|Domain 3: Selection of Security Controls||13%|
|Domain 4: Security Control Implementation||10%|
|Domain 5: Security Control Assessment||19%|
|Domain 6: Information System Authorization||13%|
|Domain 7: Monitoring of Security Controls||17%|
However, if your exam is after October 15th, 2018, then you need to follow the latest version of CAP CBK, which is given below:
|Domain 1: Information Security Risk Management Program||15%|
|Domain 2: Categorization of Information Systems (IS)||13%|
|Domain 3: Selection of Security Controls||13%|
|Domain 4: Implementation of Security Controls||15%|
|Domain 5: Assessment of Security Controls||14%|
|Domain 6: Authorization of Information Systems (IS)||14%|
|Domain 7: Continuous Monitoring||16%|
CAP Exam Preparation and Training
Attempting to pass via last-minute cramming is not the best approach in studying for your CAP exam. To help sort out your time management for your CAP exam, you need to set up a timetable and choose a peaceful environment for your study. Once you have been fully prepared for your CAP exam, you need to take the mock tests before appearing for the actual exam. A mock test will help you to figure out your weaknesses and identify the areas that need improvement.
Wasting time on irrelevant resources can be stressful and fruitless. Therefore, you must study (ISC)2 Self-Study Resources to best prepare for your CAP exam.
You can take part in InfoSec’s 3-day CAP Training Boot Camp. This process concentrates on gearing up candidates through extensive mentoring and drill sessions, review of the entire CAP CBK and practical question-and-answer scenarios, all through the high-energy seminar approach.
The Certified Authorization Professional (CAP) is the cybersecurity practitioner who is looking to advance his/her career in information security and risk management. These IT security controls are vital for almost every public and private organization, as IT systems are everywhere. To prevent or mitigate the impact of IT risks, organizations are highly looking for CAP-certified professionals.
CAPs have innumerable career opportunities in the IT marketplace. However, if you do not hold a CAP Certification, you can apply for the CAP exam at Pearson VUE website and complete your registration process. After that, you need to get CAP Training which is indispensable for every student. And you can take part in InfoSec’s 3-day CAP Training Boot Camp to best prepare for the CAP exam. Good luck with your certification!
Requesting Special Accommodation, (ISC)2
(ISC)2 Self-Study Resources, (ISC)2
The Importance of Risk Management In An Organisation, Careers in Audit
(ISC)2 Certification Testing, Pearson VUE
Salary Survey 2018: An all-new Salary Survey 75, Certification Magazine