Accelerated CSX Cybersecurity Practitioner Certification Suite

Up to 20 CPE – Ten practice labs, online exam and certification application

ISACA Member: $549

Non-Member: $599

Purchase


COMPREHENSIVE CSX CYBERSECURITY PRACTITIONER CERTIFICATION

Up to 48 CPE – Coursework, labs, online exam and certification application

ISACA Member: $1799

Non-Member: $2099

Purchase


The above offers are for individual purchase.

Learn About Corporate Training >>

The CSX Cybersecurity Practitioner Certification (CSX-P) has been updated to reflect the job tasks of today’s cybersecurity practitioner.

CSX-P was named 2016 Top Professional Certification program by the SC Magazine Awards and remains the first and only comprehensive performance certification testing one’s ability to perform globally validated cybersecurity skills spanning five security functions – Identify, Protect, Detect, Respond, and Recover – derived from the CSX-P Content Outline. CSX-P requires candidates demonstrate critical cybersecurity skills in a live, virtual environment assessing candidates’ analytical ability to identify and resolve network and host cybersecurity issues by applying foundational cybersecurity knowledge and skills required of an evolving cyber first responder.


View Candidate’s Guide >>

 

 

 Exam Availability

February 2019

 Exam Description

The ISACA CSX Cybersecurity Practitioner (CSX-P) certification verifies that successful candidates have the knowledge and skills required to identify assets and remediate vulnerabilities; configure and implement protective technologies; and detect, respond and recover from incidents.

 Content Areas

Domain 1-Business and Security Environment (ID) – 20%
Domain 2-Operational Security Readiness (PR) – 20%
Domain 3-Threat Detection and Evaluation (DE) – 20%
Domain 4-Incident Response and Recovery (RS & RC) – 40%

 Prerequisites

Possess any one of the following professional certifications: CISA, CISM, CRISC, CGEIT, CPTO, CSX Cybersecurity Fundamentals Certificate, CEH, ECSA, LPT, GCIH, OSCP, GPEN, CySA+, CISSP
OR
Possess three years of experience in three of the five cybersecurity activity domains (identify, protect, detect, respond, recover).

 Certification Requirements

Pass CSX Cybersecurity Practitioner examination.
Apply for certification
Compliance with ISACA’s Code of Professional Ethics
Compliance with ISACA’s CSX-P CPE Policy is required to maintain certification

 Type of Exam

Online, lab-based skills assessment

 Number of Tasks

5

 Length of Exam

1 hour (60 minutes) to complete and score the exam. Scoring is immediate.

 Languages

English only

 Price

$549 member / $599 non-member

 Re-Certification Requirements

Attain and report an annual minimum of one-hundred-twenty (120) CPE hours over three years with a minimum reporting requirement of twenty (20) CPE hours each year. A minimum of 50% of the yearly and total CPE hours must be obtained from skills-based training/lab activities.


View CPE Policy >>

 

No specific training is required for the CSX-P certification. CSX-P candidates are assessed on their ability to perform cybersecurity tasks.

This 1-hour exam contains no multiple-choice questions. Where applicable, man pages and help files are available. Candidates must complete tasks of varying durations with minimal instruction while navigating between multiple virtual machines and are expected to:

  • Demonstrate an ability to:
    • Use vulnerability assessment processes and scanning tool sets to identify and document vulnerabilities based on defined asset criticality and technical impacts.
    • Obtain and aggregate information from multiple sources – for example: logs, event data, network assessments – for use in threat intelligence, metrics incident detection, and response.
    • Implement specified cybersecurity controls – for network, application, endpoint, server, and more – and validate that controls are operating as required by defined policy or procedure.
    • Implement and document changes to cybersecurity controls – for example: endpoint security and network security – in compliance with change management procedures.
    • Identify anomalous activity and potential internal, external, and third-party threats to network resources using network traffic monitors or intrusion detection and prevention systems, as well as ensure timely detection of indicators of compromise.
    • Perform initial attack analysis to determine the attack vectors, targets and scope and potential impact.
    • Execute defined response plans to contain damage on affected assets.
     
  • Be comfortable working with a variety of applications, operating systems, tools, and utilities prior to sitting for the exam. This includes but is not limited to:
    • Kali Linux
    • Kibana
    • Microsoft Windows Server 2016
    • Microsoft Windows clients – all beginning with XP
    • Microsoft security features
    • Nmap/Zenmap
    • Network troubleshooting commands
    • OpenVAS
    • PfSense
    • Security Onion
    • Squil
    • Terminal applications
    • Ubuntu
    • Wireshark
     
  • Individuals unfamiliar with the Lab on Demand platform are encouraged to review this tutorial to gain insights regarding layout and navigation of the exam environment.

 

 

1

Business and Security Environment (ID)

20%

1A

Business Environment

 

1A1
1A2
1A3

Digital Infrastructure
Enterprise Architecture
Data and Digital Communication

 

1B

Security Environment

 

1B1
1B2
1B3
1B4

Network
Operating Systems
Applications
Virtualization and Cloud

 

2

Operational Security Readiness (PR)

20%

2A

Protection

 

2A1
2A2
2A3
2A4
2A5

Digital and Data Assets
Ports and Protocols
Protection Technologies
Identity and Access Management
Configuration Management

 

2B

Preparedness

 

2B1
2B2
2B3

Threat Modeling
Contingency Planning
Security Procedures

 

3

Threat Detection and Evaluation (DE)

20%

3A

Monitoring

 

3A1
3A2
3A3
3A4
3A5

Vulnerability Management
Security Logs and Alerts
Monitoring Tools and Appliances
Use Cases
Penetration Testing

 

3B

Analysis

 

3B1
3B2
3B3
3B4

Network Traffic Analysis
Packet Capture and Analysis
Data Analysis
Research and Correlation

 

4

Incident Response and Recovery (RS&RC)

40%

4A

Incident Handling

 

4A1
4A2

Notifications and Escalation
Digital Forensics

 

4B

Mitigation

 

4B1
4B2
4B3

Containment
Attack Countermeasures
Corrective Actions

 

4C

Restoration

 

4C1
4C2
4C3

Security Functions Validation
Incident Analysis and Reporting
Lessons Learned and Process Improvement

 

 

ISACA and authorized training partners offer training for the CSX Cybersecurity Practitioner Certification. The Accelerated CSX Cybersecurity Practitioner Certification Suite offered by ISACA is a collection of 10 self-paced online practice labs, the certification exam, and the certification application. In person training is available thru ISACA approved training partners.

COURSE STRUCTURE

Each practice lab in this training covers complex technical skills and concepts in one of five areas aligned to existing global cybersecurity frameworks:

  • Identify: Identification, assessment and evaluation of assets, threats and vulnerabilities in both internal and external networks
  • Protect: Implementation of cybersecurity controls to protect a system from identified threats
  • Detect: Detection of network and system incidents, events and compromise indicators, along with assessment of potential damag
  • Respond: Execution of comprehensive incident response plans and mitigation of cyber incidents
  • Recover: Recovery from incidents and disasters, including post incident-response documentation and implementation of continuity plan

 

Frequently Asked Questions

View Candidate’s Guide >>
View CPE Policy >>

Q: WHY CSX CYBERSECURITY PRACTITIONER CERTIFICATION?

Employers, governments, and academia widely recognize the shortcomings of traditional multiple-choice exams. Whereas not all certifications are conducive to performance assessment, the cybersecurity industry demands it. No two corporate networks are identical meaning today’s cybersecurity practitioner must adapt to ever-changing environments. CSX-P exam takers cannot simply “cram” – they must perform tasks using widely available security tools and in doing so have demonstrated aptitude for performing security tasks in dissimilar environments.

Q: What are the prerequisites to take the certification?

There are no training prerequisites to take the CSX-P certification exam. Any candidate who feels that he or she has the knowledge and ability to pass the certification requirements may take the certification as long as they meet the professional requirements.

Q: Where can I find a list of test centers?

There are none! The CSX-P exam is delivered entirely online, which allows CSX-P candidates greater scheduling flexibility without the need to locate and travel to a physical test center.

Q: How do I prepare for the certification?

Candidates are strongly encouraged to review the Exam Content Outline and Preparation tabs on this website, as well as other publicly available information. The Accelerated CSX Cybersecurity Practitioner Certification Suite offered by ISACA is a collection of 10 self-paced online practice labs, the certification exam, and the certification application which will aid in preparation but should not be considered all encompassing.

Q: HOW DO I SCHEDULE MY CSX CYBERSECURITY PRACTITIONER EXAM?

Purchasing the Accelerated CSX Cybersecurity Practitioner Certification Suite will provide candidates with the exam which they can take at their convenience.

Be sure to read through the important information below regarding equipment requirements.

Internet Speed: At least 1MB connectivity: The ability to access https://nexus.isaca.org and https://www.isaca.org