CSXP - Certified Cybersecurity Practitioner

CSXP was named 2016 Top Professional Certification program by the SC Magazine Awards and remains the first and only comprehensive performance certification testing one’s ability to perform globally validated cybersecurity skills spanning five security functions – Identify, Protect, Detect, Respond, and Recover

CSXP requires candidates demonstrate critical cybersecurity skills in a live, virtual environment assessing candidates’ analytical ability to identify and resolve network and host cybersecurity issues by applying foundational cybersecurity knowledge and skills required of an evolving cyber first responder.

Code: csxp

Duration: 5.0 days

Enquire Now

Start learning today!

Click Hereto customize your Training


The ISACA CSX Practitioner (CSXP) certification verifies that successful candidates have the knowledge and skills required to identify and remediate vulnerabilities; configure and implement protective technologies; and detect, respond, and recover from incidents. The ISACA CSX Practitioner examination is a performance examination consisting of 30 items aligned to the Exam Content Outline (see topics below). This 4-hour exam contains no multiple-choice questions or simulations and intentionally restricts access to the internet.
  • Business and Security Environment (23%)
  • Operational Security Readiness (23%)
  • Threat Detection and Evaluation (27%)
  • Incident Response and Recovery (27%)


Module 1: Identify

  •  Asset Identification
  •  Data Flow Identification
  •  Enterprise Asset Identification
  •  Data Flow Analysis
  •  Enterprise Data Flow Analysis
  •  Identify Challenge
Associated Topics:
  •  Network infrastructure analysis
  •  Digital asset analysis
  •  Network topology construction
  •  Network topology diagrams
  •  Data flow identification and mapping
  •  Tools used to construct a network topology diagram
  •  Tools used to identify data flow
  •  Importance of security review
  •  Gap analysis and its usage
  •  Security policies and procedures
  •  Development process for policies and procedures
  •  Information Sharing
  •  Importance of understanding legal and regulatory requirements
  •  Threat modeling

Module 2: Protect

  •  Firewall Setup
  •  Backup and Restore Points
  •  File System Protections
  •  OS Baseline
  •  Protect Challenge
Associated Topics:
  •  Vulnerability scanning
  •  Vulnerability scanning personnel
  •  Vulnerability scanning tools
  •  Configuring monitoring systems and alert criteria
  •  Implementing, configuring, and monitoring security tools and systems
  •  Developing use cases for security monitoring
  •  Incident response plan development
  •  Incident response plan testing
  •  Incorporation of security considerations into business functions
  •  Monitoring user access, privileges, and permissions
  •  Monitoring compliance with security procedures and requirements
  •  Development of security training
  •  Evaluating security configurations against established configuration standards and baselines
Module 3: Detect

  •  Sec Onion Setup and Testing
  •  Snort Rules
  •  Event Detection
  •  Data and Network Analysis
  •  Vulnerability Analysis
  •  Detect Challenge
Associated Topics:
  •  Assessing threat level and potential impact of anomalous behavior and security events
  •  Researching, analyzing, and correlating system activity and security events
  •  Monitoring and analyzing outputs from security tools, systems, and logs
  •  Analyzing malicious activity to determine weaknesses and exploitation methods
Module 4: Respond

  •  Incident Correlation
  •  Network Forensics
  •  Malware Investigation and Evaluation
  •  Response Challenge
Associated Topics:
  •  Notifying appropriate incident response teams according to established protocols
  •  Identifying and implementing appropriate containment measures, countermeasures, and corrective actions
  •  Collecting and preserving digital evidence according to relevant regulations and laws
  •  Conducting post-incident analysis
  •  Communicating and documenting notifications and outcomes of incident response
Module 5: Recover

  •  Re-Imaging
  •  Restore Points
Associated Topics:
  •  Validating whether restored systems meet security requirements
  •  Updating security plans and procedures following incident response


Professionals established in the cybersecurity field with at least 1 to 3 years’ experience.


CSXP candidates should hold at least one of the following certifications: CISA, CRISC, CISM, CGEIT, ECSA, CEH, LPT, GCIH, OSCP, GPEN, CySA+, CISSP, CSX Penetration Testing Overview (CPTO), or CSX Cybersecurity Fundamentals
If the candidate does not hold at least one of the above certifications, it is recommended that they have 3 years of experience in 3 or more of the 5 CSX-P cybersecurity domains which align with those of the globally accepted NIST Cybersecurity Framework: Identify, Protect, Detect, Respond and Recover.


Certified Cybersecurity Practitioner Certification

Course Benefits

  • Career growth
  • Broad Career opportunities
  • Worldwide recognition from leaders
  • Up-to Date technical skills
  • Popular Certification Badges

ISACA Popular Courses


This course introduces you to Artificial Intelligence (AI), a rapidly growing and changing field that is becoming increasingly vital to business survival, job s


The course is intended for individuals with familiarity with and experience in information systems auditing, control or security


This course is an intensive, four-day review program to prepare individuals who are planning to sit for the Certified Information Security Manager (CISM) exam.

Enquire Now
By clicking "Submit", I agree to the Terms Of Use and Privacy Policy