ISACA Certified Cybersecurity Operations Analyst™ (CCOA™ )

The accelerated ISACA: Certified Cybersecurity Operations Analyst™ (CCOA™ ) certification focuses on the technical skills to evaluate threats, identify vulnerabilities, and recommend countermeasures to prevent cyber incidents.

As emerging technologies like automated systems using AI evolve, the role of the cyber analyst will only become more critical in protecting digital ecosystems. You will gain an understanding of the what, where and how behind cybersecurity incidents. By identifying patterns, anomalies and indicators of compromise, you become the eyes and ears of your organization's defense.

Breaking into cybersecurity can be difficult for those without years of experience. CCOA™ enables certification earners to demonstrate that they can analyze, detect and respond to threats effectively. Through practical exercises and strategic approaches to ensuring confidentiality and integrity in information systems, professionals who earn a CCOA™ validate that they have essential cybersecurity skills and knowledge, helping them excel in cybersecurity roles and advance their careers.

You'll also learn how to:

• Identify the key components of computer and cloud networking, understand how databases, virtualization, and containerization are leveraged, and become familiar with command-line interfaces, programming, scripting, and more.
• Understand cybersecurity governance and alignment with business drivers, define cybersecurity strategy based on enterprise objectives, establish effective cross-organizational communication for cybersecurity and more.
• Understand common adversarial tactics, techniques, and procedures (TTPs), develop critical and creative thinking skills for threat detection and response, differentiate between dashboard events, attacker mindset insights and more.
• Understand the importance of cybersecurity-incident preparedness, recognize the significance of incident detection and response in mitigating their impact, appreciate the role of proactive planning, practice, process refinement and more.
• Understand the importance of designing countermeasures to protect digital assets, recognize the iterative nature of securing systems and their ecosystems, appreciate the holistic approach to securing assets, consider technical aspects and organizational products, services and critical business processes, and more.

At the end of this course, you'll sit the ISACA exam, and achieve your Certified Cybersecurity Operations Analyst certification. Through Firebrand's Lecture | Lab | Review methodology, you'll get certified at twice the speed of the traditional training and get access to courseware, learn from certified instructors, and train in a distraction-free environment.

Audience

This course is ideal for:

• Cybersecurity professionals with 2-3 years of experience looking to enhance their technical skill set and address cybersecurity challenges more effectively. CCOA is an especially valuable credential for early-career security professionals looking to one day attain their CISM.
• Cybersecurity Analysts
• Information Security Analysts
• Soc Analysts
• Vulnerability Analysts
• Incident Response Analysts

Module 1: Technology Essentials 25%

• Networking
• Systems/Endpoint
• Applications

Module 2: Cybersecurity Principles and Risk 20%

• Cybersecuirty Principles
• Cybersecuirty Risk

Module 3: Adversarial Tactics, Techniques, and Procedures 10%

• Threat Landscape
• Means and Methods

Module 4: Incident Detection and Response 34%

• Incident Detection
• Incident Response

Module 5: Securing Assets 11%

• Controls
• Vulnerability Management

Supporting Tasks

• Identify and analyse threats applicable to the organization.
• Identify and analyse vulnerabilities applicable to the organization.
• Monitor the threat landscape of an organization.
• Synthesize information to protect the organization from cybersecurity risks.
• Contextualize information to aid in the identification of threats/vulnerabilities to protect the organization from risk.
• Develop detection use cases and rule sets for monitoring.
• Monitor events for potential cybersecurity incidents.
• Triage events to determine if an incident has occurred.
• Handle cybersecurity incidents according to incident response documentation, including classification, escalation, and notification.
• Perform analysis considering type, volume, and impact/scale.
• Aid in determining business impact.
• Aid in the prioritization of cybersecurity incidents for management.
• Propose containment measures for a cybersecurity incident.
• Support forensic investigation processes.
• Interpret analysis results.
• Document and report on cybersecurity incidents, including the analysis process and results.
• Consult with external stakeholders (e.g., clients/customers/suppliers) regarding cybersecurity.
• Learn from cybersecurity incidents for continuous improvement.
• Support business objectives for an organization.
• Communicate and/or advise other departments regarding cybersecurity operations and risks.
• Contribute to cybersecurity policies and procedures to align with business objectives.

Before attending this accelerated course, you should ideally have 2-3 years of Cybersecurity experience.

At the end of this accelerated course, you'll sit the following exam at the Firebrand Training Centre, covered by your Certification Guarantee:

ISACA Certified Cybersecurity Operations Analyst™ (CCOA™ ) exam

• Duration: 4 hours (240 minutes)
• Format: Covering five job practice domains, testing your knowledge and ability on real-life job practices
• Number of questions: 115 multiple choice questions and 25 performance based questions
• Passing score: You must receive a score of 450 or higher to pass the exam which represents the minimum standard of knowledge.
• Languages: English
• Domains:
  • Technology Essentials 25%
  • Cybersecurity Principles and Risk 20%
  • Adversarial Tactics, Techniques, and Procedures 10%
  • Incident Detection and Response 34%
  • Securing Assets 11%