CMMC Training for Defense Contractors (DIB)
Categories: CMMC, NIST
Course Information
Are you overwhelmed by CMMC? This course will save you WEEKS of research and set you up for success as you prepare for CMMC!
This course provides you with the essential knowledge you need to confidently make those critical (and costly) decisions, such as understanding which CMMC level you should pursue, selecting a compliant MSP, or choosing compliant cloud solutions, all of which are crucial for achieving CMMC certification.
Jacob Hill is leading the CMMC charge at a defense contractor and created this course specifically for other contractors so they can quickly get up to speed on CMMC!
Interested in more than 25 licenses? Contact us for bulk discounts.
Who Should Take This Course?
This overview course is for defense contractor personnel who need an in-depth understanding of CMMC.
Do you need to educate the rest of your organization? Check out our CMMC Awareness Training.
This course is also available for sale to government on GSA Advantage.
Why Should You Take This Course?
CMMC certification (or compliance) will be required to win DoD contracts.
Jacob Hill has been leading the CMMC charge at a small business for several years, and he also previously served in the government as a DoD Contracting Officer Representative (COR). His unique background allows him to simplify complicated topics.
The course is taught in a series of online micro-lectures that are delivered in a focused bottom-line-up-front format and provides a comprehensive overview of your FAR and DFARS cyber contractual requirements.
What is CMMC?
Cybersecurity Maturity Model Certification (CMMC) is a cybersecurity compliance and certification program which the United States Department of Defense (DoD) created that is focused on gaining assurance that its supporting contractors are implementing the 110 requirements to protect its controlled unclassified information (CUI). Nearly all DoD contractors will need to be CMMC compliant or certified to be able to do business with the DoD.
CMMC requirements will begin to appear in contracts by the 4th quarter of 2025.
What is NIST 800-171?
The majority of CMMC’s requirements are based on NIST 800-171, “Protecting CUI in Nonfederal Systems and Organizations.” Most contractors are ALREADY required to comply with NIST 800-171 per DFARS 252.204-7012, and have been required to comply since December of 2017.
Are you compliant? If not, do you know what steps you need to take?
What Companies need to be CMMC Certified?
Nearly all DoD contractors will be required to comply with CMMC in some manner. CMMC consists of 3 levels, and the requirements vary per level:
- CMMC Level 1
- Implement 15 CMMC controls
- Required for contracts with federal contract information (FCI)
- Contractor is required to perform a self-assessment – no 3rd-party assessment is required
- CMMC Level 2
- Implement 110 CMMC controls
- Required for contracts with CUI
- Nearly all contracts will require a 3rd-party assessment by a C3PAO resulting in CMMC certification
- CMMC Level 3
- Implement 24 additional CMMC controls
- Required for DoD’s most critical CUI programs
- All contracts will require a 3rd-party assessment by DIBCAC resulting in CMMC certification
CMMC is an evolving field, and this course will be updated as changes occur. This course is being completely updated and rerecorded and the new version should be available in August 2025!
Enroll Now
Arm yourself with the knowledge you need to successfully navigate the processes of NIST 800-171 and CMMC. Don’t let your business fail because you didn’t achieve compliance or certification.
*This has been created for the DIB by a member of the DIB, and is not affiliated with the DoD, the CyberAB (also known as the CMMC Accreditation Body) or the Cybersecurity Assessor and Instructor Certification Organization (CAICO).
Peer Reviewers
Thank you to the following subject matter experts who peer reviewed this course:
- Koren Wise | Certified CMMC Professional, CMMC Provisional Instructor, CMMC Provisional Assessor Candidate, CMMC Licensed Training Provider, CISSP, PMP
- Paul Veeneman | CMMC Registered Practitioner, CISSP, CISM, CRISC
Featured Reviews
This was an excellent course that thoroughly describes and easily breaks down the CMMC requirements and references. I would highly recommend this course to anyone looking to further develop and prepare themselves for CMMC roles.
Helpful explanation of the information
This course was outstanding! The bite-sized pieces of instruction were delicately balanced between the necessary information to cover and the right amount of it to cover. It was not overwhelming and it was easy to follow. The quizzes added value and reinforced each topic in a no nonsense-type of way. What was even better was that I actually enjoyed the course, it somehow was a bit fun to me!
If you have never heard of CMMC or are considering the certification, this is a great foundational course to familiarize yourself with it. Look no further!
Thank you GRC Academy and Jacob Hill. I look forward to exploring future courses.
Update: I just achieved the CMMC Certified Professional (CCP) certification! This course was such a huge help! It gave me a good foundation for starting my actual CCP course. It should be a pre-requisite for all RP and CCP courses, in my opinion.
The training is nothing short of excellent. As if learning and understanding the requirements of CMMC is not confusing enough, this course will help you cut through the confusion (and varied opinions out there) and get you headed on the right path. It will provide you with the knowledge and resources, as well as a plan, to confidently move your company forward with CMMC.
What Will You Learn
- What is Federal Contract Information (FCI)
- What is Controlled Unclassified Information (CUI)
- The history of NIST 800-171 & CMMC and what it means to you
- What DFARS 252.204-7012, 7019, 7020, and 7021 mean to you
- How to comply with NIST 800-171
- The 110 NIST 800-171 security requirements
- How to calculate a NIST 800-171 score per the DoD assessment methodology
- How NIST 800-171 relates to CMMC
- The 3 levels of CMMC
- When CMMC will be required
- What is a Joint Surveillance Voluntary Assessment (JSVA)
- Which CMMC levels require self-assessment & 3rd-party assessment
- Roles in the CMMC assessment ecosystem
- How to scope for CMMC
- How to prepare for a CMMC assessment
- How to get CMMC certified
- CMMC and Managed Service Providers (MSPs)
- Action plan
Course Content
| Introduction | 00:03:45 |
A course by
Taught by
Peer Reviewed by
Material Includes
- Spreadsheet with NIST 800-171, NIST 800-171A, and CMMC controls
Audience
- DoD contractors
- Defense Industrial Base (DIB)
- Federal contractors
- Small Businesses
- Medium Businesses
- Large Businesses
- Government Entities
- Anyone who wants an in-depth understanding NIST 800-171 and CMMC
4.92-Star Rating | 212 Course Reviews
Course Reviews
This course was very informative and provided a great foundation for understanding the basics of CMMC. As someone who recently started a career in cybersecurity after graduating from college, I found it extremely helpful.
Excellent course materials; highly recommended.
Great course!
Great course
The course was well done and very helpful.
Really well-structured course. As a systems engineer learning CMMC Level 2, I found it easy to follow and engaging.
If cybersecurity frameworks were a genre, CMMC would be the slow-burn political thrillerheavy on policy, light on popcorn. While the subject matter leans heavily toward rules, controls, and compliance jargon, the instructor does a commendable job keeping it structured and digestible. Reference materials are also provided for those who would like to dive a little deeper.
Each chapter ends with a quiz to reinforce key concepts, which helps break up the monotony and ensures you’re not just zoning out while staring at acronyms like a deer in headlights. The presentation is clear, methodical, and professionalno flashy animations or dramatic plot twists, but thats probably for the best when discussing such a vast subject.
Was it boring? A little. But thats the nature of the content, not the fault of the instructor. You dont take a CMMC course for entertainmentyou take it because you want to stay compliant and avoid awkward conversations with auditors. And in that regard, this course delivers exactly what it promises.
It was very informative and went over critical information multiple times. Helps to provide a better understanding of CMMC.
Great course and very good resources. Lots of information but easy to understand. I definitely would recommend this course for everyone seeking to get good knowledge of CMMC ????
Very thorough, and entertaining lectures. For a topic that can seem boring (compliance can be boring after all, let’s be honest), the instructor does a great job keeping us engaged. Also clear explanations with examples, and as the course went on my understanding grew
Very in depth, and entertaining as well!
Just completed the CMMC overview training and now I am closer to my goal of changing to a new career direction. This course provided the information I needed in a “user friendly” manner with bite – sized , expertly explained sections, in addition to the reference materials and additional sources of information made available to me that I was able to down load. As courses go, I really appreciate the presentation and level of expertise throughout the course. 5 stars all day long!
It was very helpful for getting ramped up on CMMC.
Amazing. I’ve taken both the CCP and CCA courses, including study material from those courses. This GRC Academy was head and shoulders better. It’s far more clear and succinct. 10/10 recommend! This is the best overall course I’m aware of.
AMAZING — I’ve gained so much knowledge throughout this course & so happy that I will now be able to apply it. The information is perfectly organized to mirror the best way to learn any and everything CMMC. The information is also highly digestible with several real-life examples provided.
- « Previous
- 1
- …
- 13
- 14
- 15