ProfessionalVendor-neutralISACA· issued from US

CSX-P

ISACA Cybersecurity Practitioner

Official page at ISACA ↔ Compare with another cert

Exam fee

$760

Ongoing

$45/yr AMF · 20 CPE/yr

Study time

80–160 hrs

Delivery

Test center

Validity

3 yrs (renewal cycle)

› Quality score

24.5 / 40

Four-axis SecProve rubric, each 0–10. SecProve editorial assessment — each axis carries a written justification so you can push back on any single call without dismissing the whole score.

Blueprint rigor

How well-defined and rigorous the exam blueprint is.

Five-domain blueprint mapping CIS / NIST controls; less granular than CISSP.

6.5/10

Practical evidence

Hands-on labs / written reports vs pure MCQ.

Live lab portion in a virtualised environment — ISACA's most hands-on credential.

7.5/10

Currency & upkeep

How aggressively content is kept current with the field.

Refreshed irregularly; lab content is the most up-to-date piece.

6.5/10

Market recognition

How often this signal actually moves a hiring decision.

Recognised inside ISACA-tracked SOC programs; modest brand pull outside. [Holders: 5k, 2024-12]

4.0/10

› Market signals

public, citable inputs to the recognition score

Holders worldwide

5,000

as of 2024-12 · source

› Exam format

Hands-on exam in virtual lab environment, 4 hours. Incident detection, response and recovery.

Passing score

Lab-based (pass/fail across cyber-task scenarios)

Retake policy

Fee: $575 per attempt

Wait: 30d between attempts

Cap: 4 attempts/year

ISACA member $575 / non-member $760. 4 attempts per rolling 12-month window.

› Recertification

Valid for 3 years. 120 CPE over 3 years + annual AMF.

› 3-year cost of ownership

Exam (1×)

$760

AMF (3×)

$135@$45/yr

Total

$895

Excludes study materials, training, retake risk, and lost-wage opportunity. Use as a floor estimate.

› NICE Framework work roles

The NIST NICE work-role IDs this cert maps to. NICCS lookup.

PD-WRL-003PD-WRL-001OG-WRL-014

Recognition

Global

Exam languages

› Core domains covered

The 3 domains this cert is centrally about. Passing the exam demonstrates working knowledge of each.

A10Security Operations

SOC operations, SIEM tuning, SOAR playbooks, alert triage, log analysis, runbook development.

A11Detection Engineering & Threat Hunting

SIGMA/YARA/Suricata rule writing, hypothesis-driven hunting, log deep-dives, detection gap analysis.

A7Incident Response & Forensics

IR playbooks, memory/disk/network forensics, chain of custody, malware analysis.

› Prerequisites

Experience

No formal prerequisites. Recommended: 3–5 years SOC/incident response experience.

› Study materials

Curated starting points. Not exhaustive — vet each against your learning style and the current exam version.

Official guides

ISACA CSX-P Resources — ISACA

Training providers

ISACA CSX Training Platform

Practice tests

CSX Lab Practice Environment

Free / community

MITRE ATT&CK

› Version & lifecycle

Current version

2024 refresh

Released

2024-01

Performance-based, hands-on cyber-task evaluation in a virtualized lab.

› Salary signal

Cyber analyst / SOC tier 1-2, US, 2-5 years.

$90K–$135K

median $110K

ISACA Salary Survey + Glassdoor 'Cybersecurity Analyst' aggregations · 2024 · US base only · p25–p75 range

› How it compares

CCOA

Both are ISACA technical-tier credentials. CSX-P is broader hands-on; CCOA is SOC-analyst-specialized.

↔ Compare side-by-side

See this cert’s domains highlighted on the interactive map, or compare it against the rest of the catalog.

Highlight on the domain map Browse all certifications