CCNA Cyber Ops Review

4 min readJun 20, 2018

Disclaimer: I am NOT at all associated with Cisco or any other party related to this certification

It goes without saying that cybersecurity is a popular and often lucrative field — for example, Glassdoor cites the average SOC Analyst salary at $60K, with even higher salaries at larger companies. However, with so many entry-level cybersecurity and networking certifications available it can be difficult to decide exactly which to pursue.

Two of the most commonly recommended are CompTIA Security+ and CCNA Routing and Switching. These are undoubtedly great choices given their solid curriculum and industry recognition. However, earlier this year, I learned of Cisco’s recently released CCNA Cyber Ops certification scholarship program. It included free training over several months and two free takes of each required exam.

What is a CCNA?

The term CCNA (Cisco Certified Network Associate) typically refers to a specific certification: CCNA Routing and Switching. This cert focuses on Cisco hardware and software such as routers and Cisco IOS. It requires passing two exams and prepares certificate-takers primarily for sys admin work in a Cisco environment.

There are also a number of other CCNA certs such as Data Center and Security that focus on their corresponding roles. CCNA Cyber Ops is the newest of these CCNA variants.

CCNA Cyber Ops prepares students to work in a Security Operations Center (SOC). A SOC team monitors the network for security threats and then triages and responds to those threats. A SOC is typically structured into different levels of analysts similar to a IT support help desk, where each level filters tickets up to increasingly skilled workers. Forensics and incident response specialists also often make up a SOC in order to combat network intrusions and to reconstruct incidents.

SOCs are most commonly found in large organizations that deal with sensitive information, such as banks, defense contractors, and government agencies. SOC type work is also often found in teams combined with Network Operations Centers (NOC). Both of these centers can be outsourced to third party security firms or to the businesses that run an organizations data hosting, such as a Managed Service Provider (MSP).

My Journey

While there were a few eligibility requirements and a short quiz, I easily passed both and spent the next several months studying for and then passing each exam.

By its nature, this cert is also much less vendor specific than Routing and Switching. It focuses on a few popular monitoring and forensics tools such as the Security Onion operating system instead of just Cisco products.

Like many Cisco certs, there are two exam which must be passeds: Security Fundamentals (SECFND) and Cybersecurity Operations (SECOPS). The training is divided into two parts, each focusing and on an exam, and consists of videos lectures, slides, quizzes, forums, lectures, and hands-on labs. While SECOPS contained the most new and interesting material to me, it was actually SECFND that was the most difficult and required me to take it twice in order to pass.

Unsurprisingly, I found the labs included in the course materials to be the most valuable part of the process. There are many resources out there for learning penetration testing and other offensive security skills, but it can be harder to learn blue team skills in a hands-on fashion. By providing virtual machines with realistic logs to dig into, the labs gave me exposure I would not otherwise have had.

Is the CCNA Cyber Ops Worthwhile?

I was fortunate enough to complete the program when Cisco was offering the exams and training for free. This also meant I had to take an assessment before starting. For anyone else interested, I would say that you should be comfortable with the basics of networks such as TCP and tools such as Wireshark before beginning the course.

To get similar training you will now need to pay ~$325, as well as exam costs of ~$300 each for a total of almost $1000.

Pros

CCNA and Cisco names are well regarded
Labs are excellent hands-on training
Only notable SOC cert on the market
Not vendor specific

Cons

Not as well known as the other Cisco or CompTIA certifications
Not formally recognized by the US DoD (yet)

Is the CCNA Cyber Ops Right for Me?

My current role does not involve SOC work, but I did draw upon knowledge I gained in the course while interviewing for this and other positions. I also use the skills I gained to better understand large corporate networks and to increase the effectiveness of logging and alerting systems.

All-in-all, while I am glad I obtained my CCNA Cyber Ops, if I were to choose one entry level certification to pay for out of pocket, I would probably pursue a better known CCNA or CompTIA cert. However, if Cisco opens up their scholarship program again it is definitely worth pursuing.

I can see this certification being a better buy as it becomes more well known and as employers begin seeking out candidates with it on their resume. I also can see organizations paying for their own entry level SOC analysts to complete this training.