Center for Qualified CyberSecurity Excellence & Mastery

"Where Qualified Cyber Education Happens"

CMMC Cybersecurity Maturity Model Certification

To safeguard sensitive national security information, the Department of Defense (DoD) launched CMMC 2.0, a comprehensive framework to protect the defense industrial base from increasingly frequent and complex cyberattacks. With its streamlined requirements, CMMC 2.0: Cuts red tape for small and medium sized businesses Sets priorities for protecting DoD information Reinforces cooperation between the DoD and industry in addressing evolving cyber threats

Overview of the CMMC Program - The Cybersecurity Maturity Model Certification (CMMC) program enhances cyber protection standards for companies in the DIB. It is designed to protect sensitive unclassified information that is shared by the Department with its contractors and subcontractors. The program incorporates a set of cybersecurity requirements into acquisition programs and provides the Department increased assurance that contractors and subcontractors are meeting these requirements. The framework has three key features: Tiered Model: CMMC requires that companies entrusted with national security information implement cybersecurity standards at progressively advanced levels, depending on the type and sensitivity of the information. The program also sets forward the process for information flow down to subcontractors.

Assessment Requirement: CMMC assessments allow the Department to verify the implementation of clear cybersecurity standards.
Implementation through Contracts: Once CMMC is fully implemented, certain DoD contractors that handle sensitive unclassified DoD information will be required to achieve a particular CMMC level as a condition of contract award.

Class Fee:$3,990
Time: 72 Lecture hrs
Learning Level:Entry
Contact Hours: 72 Lecture hrs
Prerequisites: None
Credits:72 CPE / 3 CEU
Method of Delivery:Residential (face-to-face) or Hybrid
Instructor: TBD - Exam 
Method of Evaluation:95 % attendance     2. 100 % completion of Lab
Grading:Pass = Attendance+ labs & quizzes Fail  > 95% Attendance
Text Materials:labs, SU Pen Testing Materials, resource CD’s and attack handouts


This 72 hour accelerated class is taught using face to face modality or hybrid modality. Class includes 72 hours of contact studies, labs, reading assignments and final exam - passing the final exam is a requirement for graduation.

Who Should A Why must companies comply? Why us –

In 2019 the Department of Defense (DoD) announced the creation of the Cybersecurity Maturity Model Certification (CMMC) to govern the Defense Industrial Base (DIB). Cybersecurity Maturity Model Certification (CMMC) relies on self-assessments and third party assessors.

The CMMC builds from NIST 800-171 but also includes controls from other cybersecurity frameworks. Where CMMC differs is in both the maturity model and the role of third-party assessors.

With the implementation of CMMC 2.0, the Department is introducing several key changes that build on and refine the original program requirements. These are: Introduction to the CMMC, Understanding the Supply Chain, Protecting Sensitive Data,  Understanding the CMMC Methodology, Building Business Better Through Cybersecurity,  Network Diagrams and Scope

Learning Objectives: 72 hrs Lecture
Students will gain a general understanding of how to audit for CMMC Compliance.
On the surface, project management seems straightforward. However, at best, only 80% of projects end up being economically. Spirit of collaboration: Allows companies, under certain limited circumstances, to make Plans of Action & Milestones (POA&Ms) to achieve certification. Added flexibility and speed: Allows waivers to CMMC requirements under certain limited circumstances. On November 4, 2021 the Department of Defense unveiled an update to the Cybersecurity Maturity Model Certification framework – CMMC 2.0 – to streamline compliance, increase flexibility, and lower cost for manufacturers and IT providers. About CMMC 2.0

You will learn the 5 Step Guide to Understand:

Modules 72 hrs lecture

DFARS Clause 252.204-7012 and NIST 800-171 cybersecurity requirements for primes and subcontractors are no longer voluntary and DoD audits, coupled with the Cybersecurity Maturity Model Certification (CMMC) version 2.0 will require all companies conducting business with the DoD to be certified by a third party. Audit ready, third party verified compliance with DFARS/NIST 800-171 involves much more than documentation and accomplishing it cost-effectively for your business requires an approach informed by the experience gained from hundreds of implementations. CyberSheath created this easy to follow 5 Step Guide informed by real world implementation experience to enable you to quickly and efficiently comply and pass any audit. 

Grades - All students must ordinarily take all quizzes, labs, final exam and submit the class practical in order to be eligible for a Q/ISP, Q/IAP, Q/SSE, or Q/WP credential unless granted an exception in writing by the President. Books - No books are required for this course. However, you may want to supplement your preparation for or review of some lectures with self-assigned readings relevant to those lectures' content from either of the books below.