What is covered in the CMMC Certified Assessor (CCA) exam?
The CMMC Certified Assessor (CCA) exam consists of 150 questions covering four job practice domains, all testing your knowledge and ability before authorization to lead and conduct official Cybersecurity Maturity Model Certification (CMMC) Level 2 certification assessments for C3PAOs.
Job practice areas tested for and validated by a CCA certification
15% DOMAIN 1 – Evaluating Organizations Seeking Certification (OSC) Against CMMC Level 2
A—Assess the various environmental considerations of Organizations Seeking Certification (OSCs) against CMMC Level 2 practices.
20% DOMAIN 2 – CMMC Level 2 Assessment Scoping
A—Analyze the CMMC assessment scope of Controlled Unclassified Information (CUI) assets as they pertain to a CMMC assessment using the five categories of CUI assets as defined in the CMMC Level 2 Assessment Scoping Guide.
B—Given a scenario, analyze the CMMC assessment scope based on the redetermined CUI categories within the CMMC Level 2 Assessment Scoping Guide.
C—Evaluate the CMMC assessment scope considerations based on the CMMC Level 2 Assessment Scoping Guide.
25% DOMAIN 3 – CMMC Assessment Process (CAP)
A—Given a scenario, apply the appropriate phases and steps to plan, prepare, conduct, and report on a CMMC Level 2 Assessment.
40% DOMAIN 4 – Assessing CMMC Level 2 Practices
A—Identify evidence verification/validation methods and objects for practices based on the CMMC Level 2 Assessment Guide and CMMC Assessment Process (CAP) documentation.
Getting ready for the exam
CCA training is available through an ATP on the CyberAB Marketplace.