Incident Management

Certified Cybersecurity Operations Analyst™ (CCOA™)

This 4-day intensive course will provide you with the necessary knowledge and practical skills to work effectively as a Cybersecurity Operations Analyst.

You will learn how to detect, analyze and respond to cyber threats, manage security incidents efficiently and use common cybersecurity tools and technologies. The course will provide you with an in-depth understanding of security monitoring, incident response, threat intelligence and basic network security principles.

Through hands-on exercises and real-world scenarios, you will develop the skills required for day-to-day work.

The CCOA™ certificate positions you as a qualified expert in the field of cyber security operations - a qualification that is recognized worldwide and significantly enhances your career opportunities.

** At the end of the course, each participant is free to take the ISACA Certified Cybersecurity Operations Analyst™ (CCOA™) exam directly at our own Schönbrunn TASC test center.

Show dates

Preise ab € 3.290 zzgl. 19% Ust

Duration: 4 days

Level: Beginner

Code: CCOA

CPEs: 48

Buchen Sie noch heute online oder rufen Sie uns an unter +49 7031 2024741wenn Sie Hilfe bei der Auswahl des richtigen Kurses benötigen oder über Firmenrabatte sprechen möchten.

With the CCOA™ certification, you will develop in-depth knowledge of cybersecurity operations - from threat analysis to incident response. Ideal for operational security roles.

Your benefits

Schönbrunn TASC is an ISACA accredited training organization (ATO). This means that you have access to official ISACA course materials and can take your CISA exam during the course at the Schönbrunn TASC training center. If you do not pass the exam on your first attempt (which we do not expect), our performance guarantee covers you - this means you train for free the second time.

• You learn in small groups (max. 10 participants per course)
• In-house modern training room and test center in a distraction-free, quiet atmosphere (PSI/ Pearson Vue/ Kryterion)
• Experienced, constantly trained and ISACA accredited trainers guide you through the course
• You will receive comprehensive official ISACA training materials, manuals and case studies for self-study
• interactive discussions and group work to help you apply your knowledge
• A light breakfast, lunch, snacks and drinks are provided throughout the day
• hotel recommendations near the training and test center
• it is possible to take the exam at the Schönbrunn TASC test center afterwards**

Requirements

• Interest in the areas of ATTP, Incident Detection and Response and experience in networking
• Due to the extensive examination, 2-3 years of professional experience in the field of Operation Security is recommended - but not a requirement

Target group

• IT Administrators
• Information Security Consultant
• Cybersecurity Analysts
• Information Security Analysts
• SOC Analysts
• Vulnerability Analysts
• Incident Response Analysts

Training schedule

Module 1 - Technological basics

Part A - Networks

• Network models
• Devices, Ports & Protocols
• Network Access Control
• Network analysis tools
• Network topologies & segmentation

Part B - System & Endpoint

• Databases
• Command Line
• Containers & Virtualization
• Middleware
• Operating Systems

Part C - Applications

• Application Programming Interface (API)
• Automated deployment
• Programming & Scripting

Module 2 - Cybersecurity principles and risks

Part A - Cybersecurity principles

• Compliance
• Governance
• Risk Management
• Roles & responsibilities
• Security models

Part B - Cybersecurity risk

• Application security risk
• Cloud technology risk
• Data risk
• Network security risk
• Supply chain risk
• System/endpoint risk
• Web application risk
• User risk

Module 3 - Adversary Tactics, Techniques & Procedures (TTPs)

Part A - Threat Landscape

• Attack vectors
• Threat actors & agents
• Threat Intelligence Sources

Part B - Means & Methods

• Types of attack
• Phases of the cyberattack
• Exploit techniques
• Security testing

Module 4 - Incident Detection & Response

Part A - Incident detection

• Data analysis
• Detection Analysis
• Indicators of Attack & Compromise
• Logs & Alerts
• Advanced Log Analysis

Part B - Incident Response

• Incident Containment
• Incident Handling
• Forensic Analysis
• Network Traffic Analysis
• Packet & Threat Analysis

Module 5 - Asset Protection

Part A - Controls

• Contingency/Continuity Planning
• Controls & Techniques
• Identity & Access Management
• Industry Best Practices
• Recording & verification of data integrity
• Recording & documentation of incidents

Part B - Vulnerability Management

• Vulnerability assessment
• Vulnerability identification
• Vulnerability remediation
• Vulnerability Tracking

Complete lab list

1. Incident management system (SOC case)
2. Threat intelligence platform (MISP)
3. SIEM with Elastic
4. DNS & e-mail/SMTP analysis
5. HTTP/HTTPS analysis
6. Endpoint security analysis
7. Vulnerability scanning & analysis
8. Windows logs
9. Advanced log analysis
10. Incident containment
11. Capture & verification of data integrity
12. Recording & documentation of incidents
13. Malware analysis with CyberChef

Certification

ISACA exam CCOA™- Certified Cybersecurity Operations Analyst™

Duration: 4 hours
Number of questions: 139
Format: Multiple choice and performance-based questions
Languages: English, Chinese, French, German, Japanese, and Spanish

Schönbrunn TASC is an ISACA ATO. This means that you will have access to official ISACA course materials and take your CCOA™ exam during the intensive course at the Schoenbrunn TASC training center. If you do not pass the exam on your first attempt, you are covered by our performance guarantee - you train again free of charge.

Requirements for the CCOA™ certification

The CCOA™ certification is especially valuable for those who want to pursue a career in cybersecurity or further develop their existing skills.

The following requirements are necessary for the CCOA™certification

1. Successful completion of the ISACA Certified Cybersecurity Operations Analyst™ (CCOA™) exam .
2. Submission of the application for (CCOA™) certification
3. Compliance with the ISACA Code of Professional Ethicsand the Continuing Professional Education Policy

Find your date for
Certified Cybersecurity Operations Analyst™ (CCOA™)