ISACA CERTIFIED Cybersecurity Operations Analyst
The target audience for training
- CYBERSECURITY ANALYST
- INFORMATION SECURITY ANALYST
- SOC ANALYST
- VULNERABILITY ANALYST
- INCIDENT RESPONSE ANALYST
What you will learn
ISACA’s Certified Cybersecurity Operations Analyst™ (CCOA™) certification focuses on the technical skills to evaluate threats, identify vulnerabilities, and recommend countermeasures to prevent cyber incidents. As emerging technologies like automated systems using AI evolve, the role of the cyber analyst will only become more critical in protecting digital ecosystems. Analysts specialize in understanding the what, where and how behind cybersecurity incidents. By identifying patterns, anomalies and indicators of compromise, you become the eyes and ears of your organization’s defense.
CCOA is administered through a hybrid exam that assesses a candidate’s knowledge and skills using a blend of traditional multiple-choice and performance-based questions.
Training programme
- Duration: 5 days
Domaine 1 – TECHNOLOGY ESSENTIALS
- Computer and cloud networking fundamentals
- Databases, virtualisation, and containerisation
- Command line interfaces
- APIs: purpose, benefits, and usage
- Principles of DevOps, SecDevOps, and CI/CD pipelines
- Fundamentals of programming and scripting
Domaine 2 – CYBERSECURITY PRINCIPLES AND RISK
- Cybersecurity governance and alignment with business drivers
- Defining strategy based on enterprise objectives
- Cross-organisational communication for cybersecurity
- Roles and responsibilities for initiatives
- Metrics for evaluating programme performance
- Stakeholder engagement and investment planning
- Risk management processes and compliance requirements
- Documenting risk in enterprise operations
Domaine 3 – ADVERSARIAL TACTICS, TECHNIQUES, AND PROCEDURES
- Common adversarial tactics, techniques, and procedures
- Developing critical and creative thinking for threat detection
- Differentiating dashboard events vs attacker insights
- Baseline detections for anomalous behaviours
- Reactive and proactive threat detection capabilities
- Threat hunting and intelligence source utilisation
- Attack vectors, threat actors, and motivations
- Analysis of exploit techniques and attack stages
- Role of security testing in detection and resilience
Domaine 4 – INCIDENT DETECTION AND RESPONSE
- Incident preparedness and significance of early detection
- Components and techniques of detection (analytics, logs, alerts)
- Developing detection use cases and recognising indicators of compromise
- Tools and technologies for effective monitoring
- Fundamentals of incident response: containment and handling
- Forensic, malware, network traffic, and packet analysis techniques
- Threat analysis and structured response processes
Domaine 5 – SECURING ASSETS
- Designing countermeasures for digital asset protection
- Iterative and holistic approaches to system security
- Industry-specific asset protection needs and risk tolerance
- Influence of business goals and risk assessments on security controls
- Contingency planning and business continuity
- Control techniques for securing assets
- Identity and access management principles and practices
- Best practices, frameworks, and standards for asset security
- Vulnerability assessment, remediation, and risk mitigation
Training objectives
- Identify the key components of computer and cloud networking, databases, and virtualised environments
- Understand cybersecurity governance and align security strategy with enterprise objectives
- Analyse adversarial tactics, techniques, and procedures to detect and respond to threats effectively
- Apply incident detection and response techniques, including forensic and malware analysis
- Recognise the significance of proactive incident preparedness and planning
- Design and recommend countermeasures to secure digital assets across industries
- Implement identity, access, and vulnerability management practices
- Apply best practices, frameworks, and standards to strengthen cybersecurity operations
Training prerequisites
The CCOA certification is recommended for cybersecurity professionals with 2–3 years of practical experience who wish to expand their technical capabilities and respond more effectively to evolving cyber threats.
Contents of the official kit
Full Kit : Review Manual, QAE, Exam
- Language : English
- Level : Advanced
- Certification body : ISACA
- Certification: Yes
- Accessibility : Yes
- Duration: 5 days
Important information:
Our courses are not registered with the Répertoire National des Certifications Professionnelles (RNCP), but they do comply with the requirements of the Répertoire Spécifique (RS).