Should I Become a Cybersecurity Practitioner (CSX)?

There are a lot of different security certificates one can achieve in order to increase their knowledge in the cybersecurity field. Since cybersecurity is a young, still-growing field, there are a lot of new certificates still being created. One of the more recent certificates is the Cybersecurity Practitioner (CSXP) by ISACA. It is different from many of the other exams in the security field, because it is a real-time, hands-on exam where the candidate has to prove their knowledge by dealing with different incident response scenarios in a virtual environment.

Basic Information About CSX Practitioner Certification

The Cybersecurity Practitioner (CSXP) exam is a vendor-neutral, performance-based certification from ISACA. It is a real-world, live, virtual lab environment designed to test the practical knowledge of a candidate. There are no multiple choice questions. The time limit for the exam is 3.5 hours. There will be few instructions and the candidate will be expected to switch between multiple virtual machines while multitasking. ISACA also offers a lab preview for demonstration purposes.

The exam will test for knowledge in domains of prevention, detection, and response in relation to a cybersecurity incident. It is focused around the role of a first responder, and is designed to demonstrate experience with firewalls, patching, anti-virus, vulnerability scans with basic analysis, and the ability to implement common security controls. It assumes knowledge of Kali Linux, Microsoft Windows Server and Workstation, as well as Ubuntu Linux. It is the second new exam in the ISACA library of certificates, immediately following the Cybersecurity Fundamentals Certificate, which is designed to demonstrate fundamental knowledge of cybersecurity.

Fees and Training

Breakdown of knowledge domains

  • Protect: 33-37%
  • Detect: 21-24%
  • Respond: 16-18%
  • Identify: 13-15%
  • Recover: 10-12%

Familiar tools and techniques

  1. Linux system administration (entry level)
  2. Md5deep64
  3. Microsoft Windows Domain Administration (entry level)
  4. Microsoft Security Essentials
  5. Network troubleshooting commands
  6. Nmap/Zenmap
  7. Pfsense
  8. Security Onion
  9. Snorby
  10. Snort
  11. Tcpdump
  12. Terminal applications
  13. Wireshark

Training

Although training will not be required to sit for this exam, ISACA does offer their own training labs, which cost $500 per lab with six months of total access. ISACA also offers bootcamps and training at conferences, for a fee. The author could find no other training outside of ISACA at the time of this writing.

Exam fees

  • ISACA members: $540
  • Non-members: $725

Testing Locations

Testing locations are proctored by Prometric. Once a candidate purchases an exam voucher, the candidate is allowed to sit for the exam within the next seven months. Candidates can find testing locations at prometric.com/isaca. Exams are only available in English at the time of this writing.

More Information

ISACA provides a PDF with more information, for those serious about sitting the CSXP exam. Candidates can also view the ISACA website for more detailed information than this article provides. One can also find more information on maintaining the CSXP certification there, as well. This certification shows that a candidate has hands-on, practical experience and knows how to protect a network and resolve security-related issues. Since this certification is a real-time, practical exam it stands out from most of the other multiple choice exams in this space. It is definitely a certification worth considering.

Advertisements

2 comments

  1. John Johnson · · Reply

    CSXP is a joke: only two job ads request it today 8/16/17 on Indeed. Get a CISSP, CEH or SANS.

    Like

    1. Thank you for commenting! Sorry it took me so long to approve.

      I ask that we all please remember there is little call for it right now because it is new. It’s the chicken or the egg dichotomy. Eventually, more job postings will include it; just give it time.

      I also feel the number of job listings should not be a qualifier as to this exam’s quality. We will need more people to take the test in the InfoSec community and give their feedback before we can make a call. It’s not about the demand for the certification, it is about the knowledge gained. If this exam teaches you valuable knowledge and skills (because it is practical) then it was worth taking it!

      I made this blog to share new things and what I’m learning. That’s what marches our community forward.

      Like

Express your opinion

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: