Skip to Content
Home /  Courses And Programs / Certified CMMC Assessor

Certified CMMC Assessor (CCA)

This course is the second of two courses in the Cybersecurity Maturity Model Certification (CMMC) roadmap to become a Department of Defense CMMC assessor. The CCA course prepares assessors to evaluate Organizations Seeking Certification (OSC) against CMMC Level 2 requirements, properly identify CMMC Level 2 scoping, assess Level 2 practices and assessment objectives, and conduct the CMMC Assessment Process (CAP).

Certified CMMC Assessor (CCA) Course Benefits

  • Instruction content authorized by the DoD – CMMC Authorized Training Material (CATM)
  • Authorization to sit for the Certified CMMC Assessor (CCA) exam
  • Upon successful completion of the CCA exam
    • Authorized to participate as a CMMC assessment team member
      • Under the supervision of a Lead Certified CMMC Assessor (CCA)
      • Assess and score CMMC Level 2 Practices and Assessment Objectives (after completing 3 DoD required prerequisite assessments)
    • Authorized to use the CYBER-AB Certified CMMC Assessor logo
    • Listed in the CYBER-AB Marketplace

Key Topics:

  • Determine the difference between logical (virtual) and physical locations
  • Determine the difference between professional and industrial environments
  • Identify single and multi-site environmental constraints and evidence requirements
  • Identify cloud and hybrid environment constraints and Evidence requirements
  • Identify on-premises environmental constraints
  • Identify environmental exclusions for a level 2 CMMC assessment
  • Categorize CUI data in the form of assets that are in scope
  • Identify separation techniques
  • Identify FCI and CUI scoping considerations
  • Apply the appropriate phases and steps for a CMMC Level 2 Assessment.
  • Determine methods and objects for evidence
    • Examine
    • Interview
    • Test
  • Determine adequacy and sufficiency related to evidence around all below practices
    • Characteristics of acceptable evidence
  • Identify, evaluate, and assess 93 CMMC Level 2 Practices and their corresponding 261 assessment objectives

Intended Audience

The intended audience for the Certified CMMC Assessor (CCA) course includes:

  • Employees of Organizations Seeking CMMC Certification (OSC)
    • Information Technology (IT) and Cybersecurity Professionals
    • Regulatory Compliance Officers
    • Legal and Contract Compliance Professionals
    • Management Professionals
  • Cybersecurity and Technology Consultants
  • Federal Employees
  • Department of Defense (DoD) Members
  • Candidate CMMC Assessment Team Members

Next Step: After successfully completing this course, consider taking the exam to receive certification from Cyberab. For more information refer to this website: 
Upon successfully completing the course, you can request an Award of Completion from your instructor. 

Contact: For more information about this course, please email

Course Number: CSE-80016

Credit: 0

Course typically offered: Live online

Next Available Course: will be offered over a 5-day period, PST on March 13-17, 2023. 

Prerequisites: Students should have a basic understanding of cybersecurity practices, cybersecurity concepts, and cybersecurity assessment techniques. Also students must have completed the Certified CMMC Professional (CCP) course and have thorough familiarity with CMMC materials at

Note: Upon start of the course, each student will receive a Digital Access Key. This DAK is specific to each individual and it is non-refundable. The cost of the course is non-refundable one week before the start day of the course. 
Students will need a personal computer/laptop and reliable internet connection to connect to the course site. 

By 2025, recipients of DoD contracts will be required to comply with the Cybersecurity Model Maturity Certification provisions. Learn more about CMMC and CUI at UC San Diego.

Course Number: CSE-80016
Credit: 0.00 unit(s)

+ Expand All