The World’s First Executive Cyber Security Program!

Walk–thru Checklists for Cyber Security In Class!

"The instructor Ali Pabrai was superb! The entire CCSA Program was extremely helpful. Full of valuable
information. Overall rating of course and instructor: 10. Ali Pabrai is extremely knowledgeable
in cyber security.He made the class and information come across in a very
comprehensive manner. Superb course & trainer! Recommended!"

Eloy Escamilla
Knapp Medical Center

Delivered Privately, On-Site, Worldwide!

Examine the NIST Cyber Security Framework (CSF)!

"The energy that Ali Pabrai maintained helped me stay engaged in the material covered. Much appreciated!
Overall rating of course and instructor: 10. Structure of presentation made content easier to learn."

Joe Wood
Prime Healthcare

Step thru Security Incident Management!

Understand Cyber Security Plan Components In-Class!

"Ali Pabrai is a wealth of knowledge and full of energy and passion for security. Enjoyed Ali’s CCSA class.
Overall rating of course and instructor: 10. Very concise and informative program."

Uma Mahesh
Prime Healthcare

CCSA℠ validates knowledge and skill sets in cyber security with particular focus and emphasis on the development of an applicable cyber security incident response and an enterprise cyber security program.

Increasingly, businesses are challenged with both securing their digital assets and the information infrastructure. Organizations need to monitor the changing dynamics of their infrastructure to mitigate risks and vulnerabilities to ensure compliance with best practices

The CCSA℠ is a unique program in the compliance and security industry - indeed the first of a kind in the world. It is laser-beam focused on thoroughly examining cyber security requirements and establishing best practices that can be applied in securing today’s digital business information infrastructure.

Organizations are quickly moving to a digital ecosystem that is governed by strict regulatory compliance requirements. Validate your compliance security skills and knowledge and distinguish yourself with the credential, CCSA℠.

From this compliance and security training program you will:

  • Examine and build a practical & applicable cyber security program for an organization
  • Step through core components of an actionable incident response plan
  • Identify policies that reflect an organization’s priority for security in the areas of risk assessment, mobile devices, cloud computing, encryption and more
  • Walk thru incident management and other checklist documents to establish consistency in monitoring enterprise security capabilities
  • Learn about key reference sources vital for managing an enterprise cyber security program

CCSA℠ program is of value to compliance professionals and managers, information security officers, security practitioners, privacy officers and senior IT professionals.

The CCSA℠ exam validates knowledge and skill sets in cyber security with particular focus and emphasis on the development of an applicable cyber security incident response and an enterprise cyber security program.

Exam Name Exam Number Number of Questions Time Allowed Passing Score
CCSA-1 CCS-101 60 60 Minutes 75%
Distribution of Questions

CCSA℠ exam questions are developed with the intent of measuring knowledge and application of general concepts in the area of cyber security incident response and an enterprise cyber security program. Every CCSA℠ exam question has a stem (question) and five
options (answer choices). The candidate is asked to choose the correct or best answer from the options. The stem may be in the
form of a question or incomplete statement. In some instances, a scenario or description problem may be included.

Examination Areas
Cyber Security
Security Incident Management
Vulnerability Assessment & Penetration Testing
Essential Cyber Policies
Establishing a Cyber Security Program

After payment processing, a confirmation for access to the exam will be provided within one business day. The exam must be taken with a 3 months period from the date access is provided.

Module 1: Cybersecurity Framework

  • Framework Core
  • Framework Core Functions
  • Framework Implementation Tiers
  • Functions, Categories & Sub-Categories

Module 2: Security Incident Management

  • Fundamentals
  • Serious Incident Management
  • Incident Management Recommendations
  • Incident Attack Vectors
  • Handling an Incident

Module 3: Vulnerability Assessment & Penetration Testing

  • Vulnerability Scans
  • Wireless Assessment
  • Pen Test Methodology
  • External & Internal Pen Test
  • Exploitable Vulnerabilities
  • Segmentation
  • Detect & Prevent Intrusions
  • Change-Detection Mechanism
  • Firewall/DMZ Assessment
  • Enterprise Risk Assessment

Module 4: Essential Cyber Policies

  • Information Security Policies
  • Organization of Information Security
  • Risk Assessment
  • Risk Management
  • Audit Controls
  • Mobile Devices
  • Breach Notification
  • Information Security Incident Management
  • System Acquisition, Development and Maintenance
  • Supplier Relationships

Module 5: Encryption

  • Encryption Assessment: Cloud, Mobile & More
  • Mandates: Standards & Regulations
  • Encryption Strategy

Module 6: Establishing a Cyber Security Program

  • Prioritize and Scope
  • Orient
  • Create a Current Profile
  • Conduct a Risk Assessment
  • Create a Target Profile
  • Determine, Analyze, and Prioritize Gaps
  • Implement Action Plan

This is an excellent program for professionals that have earned credentials such as CISSP, CISM, CISA, Security+, MCSE, and CBCP.

CISSP, CISM, CISA, Security+, MCSE and CBCP certified professionals will find that the CCSA℠ program adds significant depth to their knowledge of compliance requirements related to information security. These compliance requirements directly impact the security priorities and initiatives across all types of organizations and business.

The fast track is available only for CCSA℠ students that attend instructor led training. ecfirst recognizes the breadth of security content that must be mastered to attain certain security credentials. Fast Track for the CCSA℠ class means if you have another security credential, such as CISSP or Security+, you will still need to take the class but you will not have to take the exam to get the CCSA℠ credential. It will automatically be given once you send the documentation that you have another security credential.

The Certified Cyber Security Architect (CCSA℠) exam fee is $495.00.

CCSA℠ must comply with the following requirements to retain certification:

  • Comply with the ecfirst Code of Professional Ethics
  • The CCSA℠ certification is valid for three-years. Recertification costs $495 and you will get an updated copy of the CCSA℠ manual and a new certificate. If you do not renew your certification within the three year period you will be required to retake the CCSA℠ exam and pay $495.

ecfirst may, at its discretion after due and thorough consideration, revoke an individual’s CCSA℠ certification for any of the following reasons:

  • Violating any provision of the Code of Professional Ethics
  • Falsifying or deliberately failing to provide relevant information.
  • Intentionally misstating a material fact.
  • Engaging or assisting others in dishonest, unauthorized or inappropriate behavior at any time in connection with the CCSA℠ exam or the certification process.

The CCSA℠ Program can be delivered at any location world-wide. To schedule the 1-day CCSA℠ Program at your site, please contact ecfirst at +1.480.663.3225 or

Bring ecfirst training, certification and executive briefs to your site. ecfirst will customize the session to meet your specific requirements and time frames.


ecfirst is passionate about developing and validating information security compliance knowledge. ecfirst, in business since 1999, was recognized as an Inc. 500 fastest growing privately held business in the United States in its first year of eligibility. ecfirst is an organization with deep hands-on experience in compliance and IT services.

ecfirst serves a Who’s Who client list of over 2,000 that includes Principal Financial, numerous hospitals including Edward, Sherman, Condell, BSA, Mercy, Northwest Community, Samaritan and many others. State and county governments that have been trained by ecfirst include the State of Oregon, Iowa, and Illinois. U.S. government agencies that have participated in ecfirst programs include the U.S. Department of Veterans Affairs, Air Force, Coast Guard, Homeland Security, Coast Guard and several others.


This document is a guide to those pursuing the CCSA℠ certification. No representations or warranties are made by ecfirst that the use of this guide or any other associate publication will assure candidates of passing the CCSA℠ exam.


Copyright © 2006-2016 by ecfirst. Reproduction or storage in any form for any purpose is not provided without prior written permission from ecfirst. No other right or permission is granted with respect to this work. All rights reserved.

Contact Information

295 NE Venture Drive
Waukee, IA 50263, United States
Toll Free: +1.877.899.9974 x23
Cell: +1.480.663.3225