Buy an exam voucher

About the certification

The Certified Cybersecurity Analyst is a certification intended for individuals seeking to validate their knowledge of Cybersecurity Management.

The exam covers topics such as most common types of cybersecurity attacks, threats, vulnerabilities, types of malware, phishing, pharming, spam, scams, frauds, identity theft, social engineering, network security, encryption, cryptography, digital certificates, privacy, anti-malware tools and wireless security, techniques and tools used in the identification, collection, acquisition and preservation of digital evidence, Ethical Hacking Terminology, Hacking Tools, Foot printing, Reconnaissance, Scanning Networks, Enumeration, Sniffing, Exploits, Social Engineering, DoS and DDoS Attack, Cross-Site Scripting (XSS), Malwares, Session Hijacking, Buffer Overflow, Cracking Passwords, Hacking Wireless Networks, Evading IDS, Firewalls, and Honeypots, Types Of Penetration Testing, Stages of Penetration Testing, Ethical Hacking Techniques and Tools, Vulnerability Scanning, Exploits, The Metasploit Framework, Web Application Attacks, Password Attacks, Port Scanning, Enumeration, Social Engineering, Web Application Attacks, Exploitation, Wireless Attacks, Mobile Hacking, NIST Cybersecurity Framework (CSF) 2.0 Core (Functions, Categories, and Subcategories), Profiles and Tiers.

The Certified Cybersecurity Analyst certification exam is an online, closed-book, and remotely-proctored exam. It includes 80 questions and the passing score is 70%. Candidates will have 1200 minutes to complete the exam. Validate your knowledge of Cybersecurity Management and advance your career. Purchase your exam voucher now!





Information Security Management Foundation (ISO/IEC 27001)

Exam details

Exam code

ITC-180

Launch date

May 28, 2025

Exam description

The Certified Cybersecurity Analyst certification exam validates the candidate’s knowledge of cybersecurity management.

Current version

v1 (May 28, 2025)

Exam format

Multiple choice; computer-based; closed book (online proctored exam)

Number of questions

80 questions

Passing score

70% (56 out of 80)

Exam duration

120 minutes

Level

Foundation

Languages

English and Portuguese

Exam description

The exam covers topics such as Cybersecurity concepts, most common types of cybersecurity attacks (Spoofing, IP Address spoofing, ARP spoofing, DNS spoofing, email spoofing, port scanning, Denial of Service Attack, Distributed Denial of Service Attack, network sniffing, Man-in-the-middle attack, session hijacking attack, Cross-side scripting attack, SQL injection attack, buffer overflow attack, brute force attack) threats, vulnerabilities, types of malware (viruses, worms, trojans, rootkits, backdoors, ransomware, adware, spyware, botnets), phishing, pharming, spam, scams, frauds, identity theft, social engineering, network security, encryption, cryptography, digital certificates, privacy, anti-malware tools and wireless security), techniques and tools used in the identification, collection, acquisition and preservation of digital evidence, Ethical Hacking Terminology, Hacking Tools, Foot printing, Reconnaissance, Scanning Networks, Enumeration, Sniffing, Exploits, Social Engineering, DoS and DDoS Attack, Cross-Site Scripting (XSS), Malwares (Viruses, Worms, Trojans, Spyware, Rootkits, and Ransomware), Session Hijacking, Buffer Overflow, Cracking Passwords, Hacking Wireless Networks, Evading IDS, Firewalls, and Honeypots, Types Of Penetration Testing, Stages of Penetration Testing (information gathering, finding exploitable vulnerabilities, gaining access to systems, exploitation, post exploitation and reporting), Ethical Hacking Techniques and Tools (Kali Linux, Wireshark, Nmap, Nessus and Burp Suite), Vulnerability Scanning, Exploits, The Metasploit Framework, Web Application Attacks, Password Attacks (Brute Force and Wordlists), Port Scanning, Enumeration, Social Engineering, Web Application Attacks (Cross Site Scripting, SQL Injection), Exploitation, Wireless Attacks, Mobile Hacking, CSF Core (Functions, Categories, and Subcategories), CSF Core Functions (Govern, Identify, Protect, Detect, Respond, and Recover), CSF Profiles (Current Profile and Target Profile), Steps for creating and using a CSF Organizational Profile, CSF Tiers, Online Resources That Supplement the CSF (Informative References, Implementation Examples, and Quick Start Guides), Improving Cybersecurity Risk Communication and Integration, and Appendix A. CSF Core).

RECOMMENDED HOURS OF STUDY

16 hours

BLOOM'S TAXONOMY

Level 1 (Remembering), Level 2 (Understanding) and Level 3 (Applying)

Recommended reading

• The NIST Cybersecurity Framework (CSF) 2.0
• ISO/IEC 27032:2023(en) Cybersecurity — Guidelines for Internet security
• ISO/IEC 27037:2012(en) Information technology — Security techniques — Guidelines for identification, collection, acquisition and preservation of digital evidence

Prerequisites

There are no prerequisites for this certification

Recommended experience

Six months of work experience in Cybersecurity

Validity period

Lifetime

Exam Content Outline

   Domains Weight

1. Cybersecurity Threat Landscape: Attacks, Vulnerabilities, and Malware

25%

2. Computer Forensics

25%

3. Ethical Hacking and Penetration Testing

25%

4. NIST Cybersecurity Framework (CSF) 2.0

25%
   Total

100%

How to get certified

1

Browse our certification programs and choose your certification.

2

Discover the exam objectives and prepare for your exam.

3

Register for your online proctored exam.

4

Take your online proctored exam in the comfort of your home or office.

5

Congratulations! You are certified!

Frequently Asked Questions

  • After purchasing an exam voucher, how much time do I have to take the exam?

    After purchasing an exam voucher, candidates will have 180 days to take the exam.

  • Does the exam voucher include a retake?

    The exam voucher includes 2 retakes in case the candidate fails the first attempt.

  • Are there any prerequisites to take the exams?

    There are no prerequisites to take the exams. ITCERTS recommends that candidates have at least six months of work experience in the area that the certification exam covers.

  • What is the exam retake policy?

    If a candidate does not achieve a passing score on the first attempt, there is no waiting period between the first and the second attempt. If a candidate does not achieve a passing score on the second attempt, the candidate must wait at least 7 days before retaking the exam for a third time. A candidate may not take a given exam any more than three times per year (12 months).

  • How do I register for an Online Proctored Exam?

    Visit the Online Proctored Exam registration page to find complete instructions.

  • Are there any mandatory training to take an exam?

    Training is recommended as part of your certification preparation, but it is not mandatory.

  • Which languages are the exams available in?

    Our exams are currently available in English and Portuguese.

  • Where can I take the exams?

    Exams are delivered online (Online Proctored Exams) and can be taken from anywhere in the world.

  • Do the ITCERTS certifications expire?

    ITCERTS certifications are considered good-for-life and do not expire.

  • How can a potential employer verify my certifications?

    Your employer can verify your certification on our certification verification page. Your certification number will be needed in order to process the verification.

Subscribe

Subscribe

Subscribe to our newsletter

About us

ITCERTS is an independent certification organization that offers vendor-neutral certification programs to IT professionals worldwide.

Contact

E-mail
info@itcerts.ca

Address

4145 North Service Road, 2nd Floor Burlington, ON Canada

Copyright © 2025 Itcerts, Inc. All rights reserved.   Privacy Policy

Copyright © 2025 Itcerts, Inc. Todos os diretos reservados. Privacy Policy