COVID-19 (Coronavirus) situation:

Testing candidates: Check our COVID-19 Update Page to review the health and safety measures in place for testing and find out about any country-specific testing policies.

Appointment availability is limited due to social distancing precautions and varies by location. Please note that our customer service wait-times are also longer than usual right now. For information on rescheduling, refunds, and more, please check out our FAQs.

CVP Certification Exam Domains

1. Physical Security (11%)

  1. Understand the different embodiments for modules (2-4%)
  2. Understand requirements for physical security for modules specific to levels 1-3 (4-6%)
  3. Understand requirements for physical security for modules specific to level 4 (1-3%)

2. Authentication, Roles, Services, and Operational Environment (20%)

  1. Understand authentication requirements and concepts (3-6%)
  2. Define the requirements for roles (1-3%)
  3. Understand the concepts of services using approved and non-approved functions, and bypass (2-5%)
  4. Understand the concepts of reviewing and testing Software Modules (5-9%)
  5. Describe the operational environment requirements/concepts and how to test them (2-4%)

3. Algorithms & Self-tests (20%)

  1. Understand the concepts of the approved and allowed algorithms (2-4%)
  2. Identify which algorithms are approved or allowed (5-6%)
  3. Understand the issues related to testing the components of the algorithms (2-4%)
  4. Identify the tester's responsibilities when reviewing an algorithm's implementation (2-3%)
  5. Identify the power-up tests and know the associated requirements (4-6%)
  6. Understand the requirements for conditional tests (4-5%)

4. Key Establishment (20%)

  1. Understand the requirements for key generation, key agreement, key transport and key derivation and applicable standards and guidance (5-8%)
  2. Understand and identify the approved random bit generators (3-5%)
  3. Understand the notion of entropy and methods of entropy estimation (4-5%)
  4. Possess general knowledge of the key establishment protocols and standards in the IT industry (2-5%)

5. Key Management (12%)

  1. Understand the requirements for key entry and output and trusted paths (6-8%)
  2. Understand the requirements for key storage (2-3%)
  3. Understand the various types of key and CSP zeroization (2-3%)

6. Security Assurances (17%)

  1. Understand the requirements of module specification including approved and non-approved modes (4-7%)
  2. Understand the programmatic guidance and associated documentation requirements (5- 10%)
  3. Understand the requirements for ports & interfaces, finite state model, EMI/EMC, mitigation of other attacks and design assurance (3-5%)
  4. Understand the concept and testing requirements for formal modeling (1-3%)
Last updated 2020-06-30