CCOA ™: Certified Cybersecurity Operations Analyst ™

Course Information

Course Name

CCOA ™: Certified Cybersecurity Operations Analyst ™

Exam code

CCOA

Duration

5 Days

Certification

Certified Cybersecurity Operations Analyst™

Overview

This five-session exam-prep course combines knowledge and practice to prepare learners for the CCOA exam. Instructors are encouraged to tailor the course to the learners’ experience level. The initial domains may be better suited for review, providing more time to focus on the complex concepts in Domains 4 and 5.

Audience Profile

• Cybersecurity Analyst

• Information Security Analyst

• SOC Analyst

• Vulnerability Analyst

• Incident Response Analyst

Prerequisites

At Course Completion

Course Outline

Module 1: Technology Essentials

Learning Objectives:

• Identify the key components of both computer and cloud networking.

• Understand how databases, virtualization, and containerization are leveraged.

• Become familiar with command line interfaces.

• Identify the purpose, benefits, and use of APIs.

• Understand the principles and concepts of DevOps, SecDevOps, and the CI/CD pipeline.

• Fundamentally understand programming and scripting.

Topics:

Networking

• Computer Networking Models

• Devices Ports Protocols

• Network Access Controls

• Network Tools

• Network Topology

• Segmentation

System & Endpoint

• Databases

• Command Line

• Containers and Virtualization

• Middleware

• Operating Systems

Applications

• Application Programming Interface

• Automated Deployment

• Programming and Scripting

Module 2: Cybersecurity Principles and Risk

Learning Objectives:

• Understand cybersecurity governance and alignment with business drivers.

• Define cybersecurity strategy based on enterprise objectives.

• Establish effective cross-organizational communication for cybersecurity.

• Define roles and responsibilities for cybersecurity initiatives.

• Develop metrics for evaluating cybersecurity program performance.

• Inform stakeholders about investment needs for asset protection.

• Implement repeatable processes for cybersecurity risk management.

• Recognize internal and external compliance requirements.

• Document risk associated with enterprise operations.

Topics:

Cybersecurity Principles

• Compliance

• Governance

• Risk Management

• Roles and Responsibility

• Security Models

Cybersecurity Risk

• Application Security Risk

• Cloud Technology Risk

• Data Risk

• Network Security Risk

• Supply Chain Risk

• System Endpoint Risk

• Web Application Risk

• User Risk

Module 3: Adversarial Tactics, Techniques, and Procedures

Learning Objectives:

• Understand common adversarial tactics, techniques, and procedures (TTPs).

• Develop critical and creative thinking skills for threat detection and response.

• Differentiate between dashboard events and attacker mindset insights.

• Tune baseline detections for malicious and anomalous behaviors.

• Implement time-optimized reactive detection capabilities.

• Engage in proactive threat-hunting activities.

• Explore the threat landscape, including attack vectors and threat actors.

• Identify motivations behind cyberattacks.

• Utilize threat intelligence sources effectively.

• Recognize various attack types and cyberattack stages.

• Analyze exploit techniques used by threat actors.

• Understand the significance of security testing in cybersecurity.

Topics:

Treat Landscape

• Attack Vectors

• Threat Actors and Agents

• Threat Intelligence Sources

Part B: Means and Methods

• Attack Types

• Cyber Attack Stages

• Exploit Techniques

• Security Testing

Module 4: Incident Detection and Response

Learning Objectives:

• Understand the inevitability of cybersecurity incidents and the importance of incident preparedness.

• Recognize the significance of incident detection and response in mitigating the impact of cybersecurity events.

• Appreciate the role of proactive planning, practice, and process refinement in effective incident response.

• Identify the components and techniques involved in incident detection, from data analytics to security logs and alerts.

• Learn to develop detection use cases and recognize indicators of compromise for early threat identification.

• Explore the various security monitoring tools and technologies essential for effective incident detection.

• Master the fundamentals of incident response, including containment strategies and handling procedures.

• Gain proficiency in forensic analysis, malware analysis, network traffic analysis, packet analysis, and threat analysis for comprehensive incident response.

• Explore the various security monitoring tools and technologies essential for effective incident detection.

• Master the fundamentals of incident response, including containment strategies and handling procedures.

• Gain proficiency in forensic analysis, malware analysis, network traffic analysis, packet analysis, and threat analysis for comprehensive incident response.

Topics:

Incident Detection

• Data Analysis

• Detection Analysis

• Indicators of Attack & Compromise

• Indicators of Attack Indicators of Compromise

• Logs and Alerts

• Advanced Log Analysis

Incident Response

• Incident Containment

• Incident Handling

• Forensic Analysis

• Network Traffic Analysis

• Packet Analysis Threat Analysis

Module 5: Securing Assets

Learning Objectives:

• Understand the importance of designing countermeasures to protect digital assets.

• Recognize the iterative nature of securing systems and their ecosystems.

• Appreciate the holistic approach to securing assets, considering technical aspects and organizational products, services, and critical business processes.

• Differentiate between the security needs of various industries based on the unique values assigned to digital assets and risk tolerance levels.

• Gain insight into how an organization’s business goals and risk assessments influence the selection of security controls.

• Develop foundational knowledge of contingency planning to ensure business continuity during security incidents.

• Explore different control techniques applicable to securing digital assets.

• Understand the principles and practices of identity and access management to ensure proper authorization
  and authentication.

• Become familiar with industry best practices, guidance, frameworks, and standards relevant to asset security.

• Master the processes of vulnerability assessment, identification, remediation, and tracking to effectively manage vulnerabilities and mitigate risk.

Topics:

Controls

• Contingency Planning

• Controls and Techniques

• Identity and Access Management

• Industry Best

• Collecting and Verifying Integrity of Data

• Collecting and Documenting Incidents

Vulnerability Management

• Vulnerability Assessment

• Vulnerability Identification

• Vulnerability Remediation

• Vulnerability Tracking

All ISACA certification courses are conducted by certified trainers from Iverson.

Digital Methods acts as the official training partner and assists with program consultation, registration, coordination, scheduling, and administrative arrangements to ensure a smooth and professionally managed training experience.