CMMC Certified Professional

Why Should You Attend?

By attending the Certified CMMC Professional training course, you will acquire knowledge about the structure of the CMMC model including CMMC levels, domains, capabilities, processes, and practices. In addition, you will develop the ability to understand, differentiate, and explain the relationship between the CMMC and the primary reference documentation such as FAR 52.204-21, DFARS 252.204-7012, DFARS 252.204-7019-7021, NIST SP 800-171, NIST 800-172, NIST 800-53, CUI Definitions and Guidelines from NARA and DOD, and CERT RMM. You will also be able to (a) identify, describe, and compare the roles and responsibilities of each member of the CMMC ecosystem, (b) know what are the CMMC assessment phases, (c) identify and mitigate ethical concerns based on CMMC-AB Code of Professional Conduct, and (d) define and determine the roles and responsibilities for Federal Contract Information (FCI) and Controlled Unclassified Information (CUI).

This training course will allow you to become a valuable asset for consultancy agencies, CMMC Third-Party Assessment Organizations (C3PAOs), and organizations demanding CMMC trained resources.

The successful completion of the training course is followed by an exam. If you pass the exam, you can apply for a “Certified CMMC Professional” credential. For more information about the examination process, please refer to the Examination section

Who Can Attend?

This training course is intended for:

  • Individuals interested in being part of the CMMC ecosystem as CMMC assessment team members, Certified CMMC Assessors, or Certified CMMC Instructors
  • Individuals seeking to gain knowledge about the CMMC model and its requirements
  • Individuals interested in providing consultancy services for the CMMC preparation 
  • Individuals working for suppliers of the Department of Defense (DoD) and Defense Industrial Base (DIB) and for other organizations seeking CMMC certification
  • Cybersecurity and technology consultants 

Learning objectives

This training course allows you to:

  • Gain a comprehensive understanding of the CMMC maturity levels, domains, capabilities, processes, and practices
  • Understand the relationship between CMMC model, FAR clause 52.204-21, DFARS clause 252.204-7012, NIST SP 800-171, and other standards and frameworks
  • Gain the ability to interpret the requirements of the CMMC model in the specific context of an Organization Seeking Certification (OSC)
  • Develop the necessary knowledge to support an organization in effectively planning, implementing, and attaining the required CMMC maturity level
  • Gain an understanding of the CMMC ecosystem and assessment methodology

Educational approach

This training course is participant centered and:

  • Contains lecture sessions illustrated with graphics, examples, and discussions
  • Encourages interaction between participants by means of questions, suggestions, exercises, and quizzes
  • Contains essay-type exercises that are based on a case study and multiple-choice quizzes, some of which are scenario-based

Prerequisites for attending the training course

There is no specific prerequisite for participating in this training course, however, it is recommended to have a general knowledge of cybersecurity and information technology concepts and principles. 

More Details

  • Day 1: Introduction to CMMC stakeholders, ecosystem, references, FCI, and CUI

    Day 2: CUI protection, CMMC model, domains, and CMMC levels 1 and 2

    Day 3: CMMC levels 3 and 4 

    Day 4: CMMC level 5, CMMC assessment process, and code of professional conduct

  • Examination

    The “Certified CMMC Professional” exam fully meets the requirements of the CMMC-AB Body of Knowledge. It evaluates the participant’s knowledge of the CMMC model, its relevant supporting materials, applicable legal and regulatory requirements, and the CMMC ecosystem. The “Certified CMMC Professional” exam covers the following knowledge areas:

    Knowledge area 1: Data Sources and Governance

    Knowledge area 2: CMMC Ecosystem

    Knowledge area 3: Ethics

    Knowledge area 4: CMMC Reference Documents

    Knowledge area 5: CMMC Source Documents

    Knowledge area 6: Model Construct and Implementation Guidance

    Knowledge area 7: CMMC Assessment Process 

    Knowledge area 8: Scoping

    PECB is a Licensed Partner Publisher (LPP) authorized by the CMMC-AB to develop training courses based on CMMC-AB curricula and exam objectives. As such, the Certified CMMC Professional exam is developed and delivered by other third-party organizations that are part of the CMMC-AB certification process.

    For additional information on CMMC-AB Exams, please visit


    CMMC-AB is authorized by the Department of Defense to serve as the sole provider of CMMC licensing and certification.  As such, for more information about the CMMC-AB certification process, please visit

    The requirements for obtaining the “Certified CMMC Professional” credential are provided below.

    Credential Exam Professional experience CMMC project experience Other requirements
    CMMC Certified Professional CMMC Certified Professional exam College degree in a cyber or information technology field or at least two years of related experience or education; or None Completing CMMC Certified Professional Class (CMMC model training) from an LTP (Licensed Training Provider)
    Two or more years of equivalent experience (including military) in a cyber, information technology, or assessment field
    Passing the DoD CUI Awareness Training

    General Information

    • Participants will be provided with the training course material containing over 450 pages of explanatory information, examples, best practices, exercises, and quizzes. 
    • An attestation of course completion worth 28 CPD (Continuing Professional Development) credits will be issued to the participants who have attended the training course.

    For additional information, please contact us at or visit