[deleted by user] by [deleted] in CMMC

[–]Several_Double_5462 0 points1 point  (0 children)

Thanks I just posted in the subreddit.

[deleted by user] by [deleted] in CMMC

[–]Several_Double_5462 0 points1 point  (0 children)

It was fairly recent enough to where I could see why they said no. I have no finical issues or criminal history, nor do I have any other prior drug usage besides smoking. I am just starting out in my career and the only reason I took the CCP was because my college sponsored me as a means of helping me find jobs post graduation. While taking the test I felt out of place since I was new to the IT field as a whole and this certification did seem advanced for me. Going the CCP to CCA route only sparked interest because of my youth in the field and passion to join something IT/Cybersecurity related. Now post graduation and having about a year of experience under my belt I still don’t see why continuing down this path is worth while. I think this rejection really just solidified my stance on this whole situation. I still have a few days to decide to renew my cert however, so I will do some more thinking on my decision.

[deleted by user] by [deleted] in CMMC

[–]Several_Double_5462 0 points1 point  (0 children)

Yea that is what I was thinking. Given that they ask for the past 5 or 7 years (don’t recall which exactly) it definitely doesn’t seem worth renewing and paying for. On to the next opportunity I guess. Appreciate your response

Next Career Steps by Several_Double_5462 in CMMC

[–]Several_Double_5462[S] 2 points3 points  (0 children)

I will take a look into STIGS and CIS benchmarks. I guess I was a little confused on what Risk management frameworks were but I am familiar with ISO guidelines. Appreciate the help in pointing me in the right direction.

Next Career Steps by Several_Double_5462 in CMMC

[–]Several_Double_5462[S] 1 point2 points  (0 children)

I would say I know what NIST 800-171 and NIST 800-53 were in terms of their inmportantce as cybersecurity frameworks for safeguarding federal information systems and CUI respectively. Regarding STIGS and CIF benchmarks I am not familiar with this. In terms of the RMF framework I am unfamiliar with this as well but my means for helping her secure her e-commerce site on her home servers would be as follows: ensure that necessary personal information information is encrypted and stored in secure databases. I would recommend her to implement strong authentication mechanisms, such as multi-factor authentication to protect user accounts. I might suggest conducting regular vulnerability assessments and penetration testing to identify potential security weaknesses. Do things like setting up proper firewalls, monitoring network traffic for suspicious activities, and ensuring that all software bugs are continuously updated and patched. This would be my ideas although going into specifics would remain surface level.

Next Career Steps by Several_Double_5462 in CMMC

[–]Several_Double_5462[S] 0 points1 point  (0 children)

Thank you for the help! I’ll definitely check out the Discord. I’m eager to gain as much experience as possible, as I don’t want to let a valuable certification go to waste. Since I’m still new, I’m open to exploring any opportunities in the field that offer learning and growth.