How to Earn the Cisco CyberOps Professional Certification: Step-by-Step

Earning certifications becomes more crucial as the IT job market becomes increasingly competitive. This is true, particularly in the cybersecurity field, where professionals are expected to have a deep understanding of multiple systems and always get it right the first time. Cisco offers numerous CyberOps certifications to help validate the skills cybersecurity professionals need.

This article discusses what it takes to earn the Cisco CyberOps Professional certification. We’ll walk through a step-by-step guide to ensure you are as informed as possible before earning the title. So let’s get started!

Level Up with Online Cisco Training Today

Networking is the backbone of IT — and Cisco is king in networking technologies and practices. Organizations of all sizes across different industries trust and rely on Cisco solutions — and have for years. That’s why you can’t go wrong with learning Cisco technologies and earning their certifications. 

Earning CyberOps Professional status validates you have the knowledge and skills that companies need to perform active defense security roles. Achieving this certification will be challenging but ultimately worth it if you hope to build and validate your security expertise.

Not a CBT Nuggets subscriber? Sign up for a 7-day free trial to get a feel of what it’s like to learn IT before you commit to a subscription.

Step 1: Make Sure it’s the Right Cert for You

First, you'll need to determine whether the CyberOps Professional is the right security certification for your skills and experience. As this is a Cisco Professional-level certification, the exam is recommended for those with at least five years of experience in IT security (or more).

There are no official prerequisites, but you should assess your current skill level and consider whether you have enough cyber ops experience to receive the certification.

You may be more prepared for the Cisco CyberOps Associate instead, designed for network engineers with at least a year of experience in security best practices. If you have more experience and know that the Professional exam is your goal, you can start taking steps towards achieving it.

Step 2: Register for the Exams

Cisco requires that you pass two separate exams to earn Cisco CyberOps Professional certification. Each one costs $300 at the time of this writing. The first exam is the CBRCOR exam. The second test can be any exam you want to take — as long as the exam is either the CBRFIR or the CBRTHD. 

To meet your goals, it is recommended that you sign up for both of the exams. Put them as far into the future as you are comfortable with. Generally, I like to give myself eight weeks before taking an exam.  Each one of these exams is tailored to validate various professions that fall under the umbrella of cybersecurity. We will get into those, but let’s touch on the first exam mentioned: the CBRCOR.

Step 3: Pass the CBRCOR Exam

The first step to earning the CyberOps Professional certification is passing the CBRCOR exam. The CBRCOR exam will test your general knowledge of cybersecurity. The exam is divided into the following domains: 

• Fundamentals

• Techniques

• Processes

• Automation

The exam consists of multiple-choice and fill-in-the-blank questions. The questions validate a broad understanding of cybersecurity principles. Now, let’s take the final step to earning the CyberOps Professional cert.

Step 4: Passing the CBRFIR or CBRTHD

Luckily, you are not required to take both of these exams. However, carefully considering which one you decide to attempt is essential. Let’s first go over the CBRFIR.

The CBRFIR tests your ability to conduct forensic analysis. The test is "Conducting Forensic Analysis and Incident Response Using Cisco Technologies for CyberOps." While the name is incredibly long, the test lasts only 60 minutes. This exam covers the following domains:

• Fundamentals (20%)

• Forensic Techniques (20%)

• Incident Response Techniques (30%)

• Forensics Processes (15%)

• Incident Response Processes (15%)

Remember that this list isn’t all-inclusive, but it primarily consists of the subjects you are most likely to see. This exam is for professionals who have considerable experience reviewing security breaches. Additionally, candidates should have experience managing teams that investigate and mitigate breaches. Having a firm grasp of Linux operating systems is also highly advantageous.

If that isn’t your cup of tea, you can also take the CBRTHD. If you pass this exam, you also earn a Cisco Certified Specialist certification: Threat Hunting and Defending. Let’s go over the CBRTHD exam’s domains:

• Threat Hunting Fundamentals (20%)

• Threat Modeling Techniques (10%)

• Threat Actor Attribution Techniques (20%)

• Threat Hunting Techniques (20%)

• Threat Hunting Processes (20%)

• Threat Hunting Outcomes (10%)

As you can see, this exam is essentially the other side of the coin. The previous exam involved conducting forensic analyses of known and past threats. This exam, on the other hand, deals with mitigating threats before they infect the system.

RELATED: Choosing a Cisco CyberOps Professional Concentration Exam (CBRFIR vs CBRTHD)

Final Thoughts

The CyberOps Professional is a highly worthwhile certification to obtain. However, make sure you have some experience under your belt before pursuing this certification. Otherwise, you might be setting yourself up for major exam-day disappointment.

Once you know you want to earn CyberOps Professional, sign up for the CBRCOR exam and pass it. Next, decide which of the two exams is suitable for you — the CBRTHD or the CBRFIR — either one can be a great option, but remember you get an additional certification for taking the CBRTHD. Once those two exams are passed, you will be CyberOps Professional-certified and more marketable in IT security.