Certified SCADA Security Architect (CSSA) Learning Path

16 hours, 12 minutes

Quick facts

About this learning path

  • courses

    100% online

  • Duration

    16 hours, 12 minutes

  • Assessment


About Certified SCADA Security Architect (CSSA)



CSSA Skill Assessment

Assessment - 75 questions

CSSA Practice Exam

Assessment - 75 questions

Custom CSSA Practice Exam

Assessment - 75 questions

Introduction to SCADA Security

Course - 00:20:00

This introductory course covers the basic information security concepts related to the security of Industrial Control Systems (ICS) and Supervisory Control And Data Acquisition (SCADA) systems. It starts of with an overview of different types of Industrial Control Systems and common ICS components and provides background information about Basic Process Control Systems (BPCS) and Safety Instrumentation Systems (SIS). The course also highlights the strengths and weaknesses of ICS/SCADA systems when it comes to security.
ICS Protocols

Course - 01:07:00

This course provides basic information about security features of common protocols used in Industrial Control Systems (ICS). It provides a brief overview of the evolution of Process Control Networks (PCN), compares and contrasts ICS environments with other Information Technology systems, and walks through relevant features of commonly used ICS protocols, including Modbus, DNP3, HART, PROFIBUS and PROFINET, BACnet, and others.
SCADA Security Frameworks

Course - 01:07:00

Begin your review of SCADA (Supervisory Control and Data Acquisition) systems with this course on SCADA security frameworks. You’ll look at known and emerging threats to SCADA and specific examples of attacks, such as the Maroochy Shire sewage spill; security frameworks and strategy; and important policies, standards, procedures and guidelines. Review the process of developing a SCADA security policy and brush up on your knowledge of SCADA security standards bodies.
SCADA Security Assessment

Course - 00:45:00

Protecting any system means knowing where its weak spots are first, and that goes double for a vital SCADA system. In this course on SCADA security assessment you’ll review the risk management process, including critical terms and phases; take a look at SCADA security objectives and the structure of a security assessment program; and finally, go in-depth on SCADA security testing methodology, including special considerations when applying standard security testing methodologies to industrial control and SCADA systems.
SCADA Device Identification and Analysis

Course - 00:43:00

SCADA Vulnerabilities

Course - 00:27:00

No system is foolproof, and that includes SCADA systems. Prepare for the worst by getting familiar with SCADA vulnerabilities, vulnerability scanning, server OS testing and authentication and remote access. Includes vocabulary, charts and a list of 63 SCADA manufacturers with known vulnerabilities.
Pentesting SCADA Services and Protocols

Course - 00:23:00

Find the weak spots before your enemies do. In this course, you’ll review the fundamentals of penetration-testing SCADA services and protocols. Beginning with attacking standard services, you’ll look at attacking server OS, attacking ICS protocols and, crucially, attacking wireless communications. Why can you crack one protocol three different ways but only brute-force another? What’s the difference between mutation fuzzing and generation fuzzing, and what can they do for you? Brush up now and save your SCADA.
SCADA Access Controls

Course - 00:31:00

If you can secure your perimeter, you’ve won half the battle. This course on SCADA access controls will help you keep the edges covered as you review the fundamentals of system control categorization, physical safety and security, access control models and the importance of identification, authentication and authorization. Look at the goals of physical security, the pros and cons of proximity devices, the types of authentication and more.
Remote Access and Field Site Security

Course - 00:37:00

A certain amount of remote access will be needed for technicians to do their jobs at field sites. However, that access comes with its own set of challenges. Brush up on remote access and field site security with this course covering remote access technologies, firewall architectures, field site firewalls, encryption and more. Includes vocabulary and diagrams.
SCADA Network Security

Course - 00:39:00

Security is key to any network, and SCADA networks are no exception. Refresh your knowledge of SCADA network security with this course covering secure network design, firewalls and logical security zones. Review firewall rules, vocabulary, useful concepts, tips for choosing a provider and more.
SCADA Intrusion Detection and Incident Response

Course - 01:01:00

An attack on the SCADA system is going to happen: it’s only a matter of time. That’s why it’s more important than ever to be on top of your game with SCADA intrusion detection and response. In this course, you’ll look at incident detection and incident prevention (and the differences between the two), take time for a quick introduction to the Snort open-source intrusion detection system (IDS) and brush up on log monitoring, log management and incident response. Includes vocabulary, diagrams and examples.
SCADA Preventative Controls

Course - 00:46:00

They say an ounce of prevention is worth a pound of cure. This course on SCADA preventative controls underlines that old saying by examining just what you can do to prevent or lessen disasters before they occur. Covering anti-malware, patch management, application whitelisting and Active Directory and Group Policy, this course includes vocabulary, examples, diagrams and an in-depth look at the pros and cons of Microsoft Active Directory.
ICS/SCADA Security Best Practices

Course - 00:26:00

Learn about the three aspects of SCADA security best practices - prevention, detection and correction.
CSSA Exam Overview

Course - 00:05:00

The details

Learning path insights

How to claim CPEs

Should you complete this learning path, you’ll be able to download a certificate of completion. Use this to claim your CPEs or CPUs.

Associated NICE Work Roles

All Infosec training maps directly to the NICE Workforce Framework for Cybersecurity to guide you from beginner to expert across 52 Work Roles.

  • All-Source Analyst
  • Mission Assessment Specialist
  • Exploitation Analyst

No software. No set up. Unlimited access.

Skip the server racks and spin up a realistic environment with one click. Infosec Skills cyber ranges require no additional software, hardware or server space so your team can spend less time configuring environments and more time learning. Unlimited cyber range access is included in every Infosec Skills subscription so your team can skill up however they learn best.

Unlock 7 days of free training

  • 1,400+ hands-on courses and labs
  • Certification practice exams
  • Skill assessments

Plans & pricing

Infosec Skills Personal

$299 / year

  • 190+ role-guided learning paths (e.g., Ethical Hacking, Threat Hunting)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Custom certification practice exams (e.g., CISSP, Security+)
  • Skill assessments
  • Infosec peer community support

Infosec Skills Teams

$799 per license / year

  • Team administration and reporting
  • Dedicated client success manager
  • Single sign-on (SSO)
    Easily authenticate and manage your learners by connecting to any identity provider that supports the SAML 2.0 standard.
  • Integrations via API
    Retrieve training performance and engagement metrics and integrate learner data into your existing LMS or HRS.
  • 190+ role-guided learning paths and assessments (e.g., Incident Response)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Create and assign custom learning paths
  • Custom certification practice exams (e.g., CISSP, CISA)
  • Optional upgrade: Guarantee team certification with live boot camps

Learn about scholarships and financing with

Affirm logo