Search Website

Validating credentials, please wait...
  • General Inquiries 1-571-481-9307

  • Fax 1-202-315-3003

Home

Cyber Certified Experts (CCE)® Program

Cyber Certified Experts (CCE)® Program
Cyber Certified Experts (CCE)® Program

So why seek a certification?

The Lunarline School of Cybersecurity (SCS) Cyber Certified Experts (CCE)® Program is designed to reflect individual’s knowledge specific to cyber processes and terminology. Our vendor-neutral exams are specifically aligned with industry-recognized standards, and offer a variety of concentrated areas. Each certification can help you seek greater opportunities and recognition, keeping you competitive and proving you are serious about your career.

 

Prerequisite

There is no training prerequisite. However, candidates must possess at least 3-5 years of experience in information security in order to obtain the Certified Expert-level certificate. Those that pass the test, but do not possess the requisite experience, will be awarded the Certified Expert Associate certificate; this can be upgraded upon obtaining the necessary experience (send qualifying details to certifications@lunarline.com upon eligibility).

 

Registration | Original Grant

To Apply Online: Select the Certified Expert (CE) credential from the list below. Select “Apply for Certification” to get started. Be prepared to upload your resume with highlights clearly showing relevant years of experience as required for that certification (note: each credential has its own unique requirements). This is required in advance of gaining access to the online testing system and is used to determine if you qualify for the Certified Expert or Certified Expert Associate -level.

Please allow 5-7 business days for our team to contact you with your final registration information to take the exam. Once given access to the online testing system, exam access is limited to 60 days; once started, each exam is timed (varies from 90-150 minutes); and there is a minimum score of 70% to successfully pass.

Once the exam is successfully completed, you will receive your certificate by email and a paper copy will be mailed to your physical address.

Veterans and Active Duty Military: : In honor of your service, you are entitled to take one exam in the CCE Program free of charge, available for one year starting November 11th, 2016. To register for an exam, select the Certified Expert (CE) credential from the list below. Select “Apply for Certification” to get started. Be prepared to upload your proof of military service and resume (high relevant experience).

Proof of service may include:

  • Active Duty: Leave and Earnings Statement (LES)
  • Veterans: Service Verification through your eBenefits account (preferred, see steps below); Veteran Identification Card (VIC); or Certificate of Release or Discharge from Active Duty DD 214.

The Department of Veterans Affairs makes validating military service easy. Just follow these steps: Login to eBenefits > Click on the eBenefits logo (top left) > Click on VA Letters link > Click on Service Verification link > Print to .pdf

Once the exam has been successfully completed, you will receive your certification details by email and a certificate will be mailed to your physical address. Click here to read more on this Veterans Day announcement.

Resume Audits: All submissions are subject to an audit. Each submission has a 30-day audit window from the date of submission. If your submission is selected for an audit, you will be notified via email within this window. The audit notification provides detailed information on how to comply with the terms of the audit.

 

Three-Year Certification Cycle

Once you earn a Certified Expert (CE) credential, you are certified for a period of three years. Every CE credential requires you to pay a $75 annual fee and earn 60 Professional Development Credits (PDCs) during the three-year certification cycle to be eligible for renewal. PDCs are the measuring unit used to quantify approved learning and professional activities. The goal of PDCs is to ensure that your certified competencies stay relevant and up-to-date.

 

Annual Fees

Annual fees may be paid yearly or you may pay the entire three-year cycle all at once. The due date of each annual fee is based on your cycle start date. The annual fees may be submitted anytime, however must be current prior to submitting PDCs. Visit the online payment form to submit payments.

Annual Fee: $75 | Total Fee (Three-Year Cycle): $225

If at any time you are unsure of your balance, email certifications@lunarline.com. Reminders will be sent via email periodically to update you on your activity and status.

Note: If the exam was successfully completed prior to 2017, the certification holder is considered a CCE Program Early-Adopter. As a thank you, all Early-Adopters will have their annual PDC requirement and annual fee waived in 2017.

 

Report PDCs

PDCs are the measuring unit used to quantify approved learning and professional activities. Each CE credential requires a minimum number of PDCs, which may be submitted online anytime during each three-year cycle. If you earn more than the required PDCs in a three-year cycle, up to 20 PDCs may be applied to the next cycle. Only PDCs earned in the final year (12 months) of the certification cycle can be applied to a future cycle.

Three-Year PDC Minimum: 60 Credits

PDC activities must be related to topics that are substantially consistent (at least 50%) with the Concentration Area for your certification. Resources that can be used to provide examples of topics and concepts for PDC activities include the exam description, authoritative source(s), as well as the Concentration and Specialty Areas.

Certification Holders must retain proof of credits earned and are encouraged to include that documentation when reporting PDCs. Lunarline’s PDC Auditor performs random audits of claimed PDCs. If chosen for an audit, the certification holder will receive instructions via email regarding the need for any additional clarification or documentation to support.

 

Multiple CE Credentials

If a Certification Holder has more than one CE credential, the PDCs reported will automatically be counted toward all the active credentials. If the credentials fall within separate Concentration Areas, the Certification Holder must earn a minimum of 15 PDCs in a Concentration Area for each certification during each credential’s certification cycle.

For example, if a Certificant holds a CECS and CEIA, they must at least earn 15 credits related to the Protect and Defend (P&D) Concentration Area and 15 credits toward the Securely Provision (SP) Concentration Area. These 30 credits will automatically apply to the total credits required to renew both credentials.

 

Help

We are here to help. Review our FAQs and Exam Policies to find information on the CCE Program, including registration, annual requirements, and more! Still left with questions? Contact us at certifications@lunarline.com.


Featured Certifications


Available Certifications

 

Certification Description

​Successful completion of this exam will demonstrate a candidates ​ability to understand and implement the Information and Communication Technology (ICT) Supply Chain Risk Management (SCRM) practices. The candidate ​will be able to integrate an organization-wide risk management process and exhibit their knowledge on the system development life cycle (SDLC), information system boundaries, and security control allocations. The candidate ​will have a strong understanding of each step in the Risk Management Framework (RMF). They will be able demonstrate their ability to implement security and privacy controls for federal information systems and other organizations.​

Authoritative Sources

  • NIST SP 800-37 Rev. 1 – Guide for Applying the Risk Management Framework to Federal Information Systems: A Security Life Cycle Approach
  • NIST SP 800-53 Rev. 4 – Security and Privacy Controls for Federal Information Systems and Organizations (SA – Family)
  • NISTIR 7622 – Notional Supply Chain Risk Management Practices for Federal Information Systems

Requirements

​Candidates must possess at least 3 years relevant experience in acquisition of information technology in order to obtain the Expert -level certificate. Those that pass the test, but do not possess the requisite experience, will be awarded the Certified Expert Associate certificate; this can be upgraded upon obtaining the necessary experience (send qualifying details to certifications@lunarline.com upon eligibility).

Certification Description

​Successful completion of this exam will demonstrate a candidates ​ability to plan the security and privacy aspects of cloud computing solutions before engaging them. They will demonstrate their understanding of the public cloud computing environment and ensure that a cloud computing solution satisfies organizational security and privacy requirements. The candidate ​will demonstrate their ability to maintain accountability over the privacy and security of data and applications implemented and deployed in public cloud computing environments.

Authoritative Sources

  • NIST SP 800-144 – Guidelines on Security and Privacy in Public Cloud Computing
  • FedRAMP Documents – Guide to Understanding FedRAMP

Requirements

​Candidates must possess at least 3 years of experience in information security or engineering of cloud systems in order to obtain the Expert -level certificate. Those that pass the test, but do not possess the requisite experience, will be awarded the Certified Expert Associate certificate; this can be upgraded upon obtaining the necessary experience (send qualifying details to certifications@lunarline.com upon eligibility).

Certification Description

​Successful completion of this exam will demonstrate a candidates ​ understanding of the security requirements for cryptographic modules. The candidate will be able to implement and understand the proper requirements at each security level of the cryptographic module. They will understand cryptographic module specifications, cryptographic ports and interfaces, authorized roles for operators and corresponding services within each role, and service. The candidate ​will have a strong understanding of the Finite State Model and physical security mechanisms and levels​.

Authoritative Sources

  • Executive Order 12333 – United States Intelligence Activities (As amended by EO 13284, EO13355, and EO13470)
  • DoDD 5240.01 –  DoD Intelligence Activities
  • DoD 5240.1-R – Procedures Governing the Activities of DoD Intelligence Components that Affect United States Persons

Requirements

​Candidates must possess at least 3 years of experience in electronic or cyber collections in order to obtain the Expert -level certificate. Those that pass the test, but do not possess the requisite experience, will be awarded the Certified Expert Associate certificate; this can be upgraded upon obtaining the necessary experience (send qualifying details to certifications@lunarline.com upon eligibility).

Certification Description

​Successful completion of this exam will demonstrate a candidates ​understanding of the process for performing digital forensics. They will demonstrate their knowledge on policies that contain clear statements addressing all major forensic considerations, such as contacting law enforcement, performing monitoring, and conducting regular reviews of forensic policies and procedures. The candidate ​will be able to demonstrate their ability in operational troubleshooting, log monitoring, data recovery, data acquisition, due diligence/regulatory compliance, collection, examination, analysis, and reporting.

Authoritative Sources

  • NIST SP 800-101 Rev. 1 – Guidelines on Mobile Device Forensics
  • NIST SP 800-36 – Guide to Selecting Information Technology Security Products

Requirements

​Candidates must possess at least 3 years relevant experience in forensics, security engineering, and/or incident response in order to obtain the Expert -level certificate. Those that pass the test, but do not possess the requisite experience, will be awarded the Certified Expert Associate certificate; this can be upgraded upon obtaining the necessary experience (send qualifying details to certifications@lunarline.com upon eligibility).

Certification Description

Successful completion of this exam will demonstrate a candidates ​understanding of current cybersecurity capabilities relative to cyber threat analysis. Candidate will be able to consume basic threat intelligence from external sources, develop, share and use basic threat intelligence.

Candidate will exhibit their ability to establish, maintain, and use information sharing relationships. The candidate ​will understand the Cyber Attack Life Cycle, threat intelligence, information sharing architectures, and formal vs. informal information sharing communities

Authoritative Sources

  • NIST SP 800-150 Guide to Cyber Threat Information Sharing

Requirements

​Candidates must possess at least 3 years relevant experience in security threat analysis in order to obtain the Expert -level certificate. Those that pass the test, but do not possess the requisite experience, will be awarded the Certified Expert Associate certificate; this can be upgraded upon obtaining the necessary experience (send qualifying details to certifications@lunarline.com upon eligibility).

Certification Description

Successful completion of this exam will demonstrate a candidates ​understanding of the HIPAA security rule where the candidate ​shall demonstrate their abilities to implement administrative safeguards, physical safeguards, and the technical safeguards of protected health information (PHI). The candidate ​shall demonstrate their knowledge on HIPAA risk assessments, implementation and maintenance of an incident response plan, data classification, data encryption, and system architecture to facilitate compliance.

Authoritative Sources

  • NIST SP 800-66 Rev. 1 – An Introductory Resource Guide for Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule
  • CFR Parts 160, 162, and 164: HIPAA Administrative Simplification Regulation Text (as amended through March 26, 2013)
  • U.S. Department of Health and Human Services guidance  U.S. Department of Health and Human Services covered entity and business associate guidance​ (see enhancement)
  • U.S. Department of Health and Human Services guidance: http://www.hhs.gov/ocr/privacy/hipaa/administrative/index.html (see enhancement)

Requirements

​Candidates must possess at least 3 years of experience in healthcare specific security assessments in order to obtain the Expert -level certificate. Those that pass the test, but do not possess the requisite experience, will be awarded the Certified Expert Associate certificate; this can be upgraded upon obtaining the necessary experience (send qualifying details to certifications@lunarline.com upon eligibility).

Certification Description

Successful completion of this exam will demonstrate a candidate’s ability to manage the process to restore normal service operation as quickly as possible to minimize the impact to business operations.  The candidate shall demonstrate knowledge on planning, coordinating, communicating, implementing, and monitoring all the activities required to restore normal operations from the incident.  The candidate shall demonstrate establishing continuous process improvement to enhance future incident management responses.
Candidates will have a 60 day period to complete the exam.

Candidates will have one attempt at each exam; each exam is timed.​

Authoritative Sources

  • NIST SP 800-34 – Contingency Planning Guide for Federal Information Systems
  • NIST SP 800-61 – Computer Security Incident Handling Guide​

Requirements

​Candidates must possess at least 3 years of experience with incident responses as a member of a CERT or COOP Team in order to obtain the Expert -level certificate. Those that pass the test, but do not possess the requisite experience, will be awarded the Certified Expert Associate certificate; this can be upgraded upon obtaining the necessary experience (send qualifying details to certifications@lunarline.com upon eligibility).

Certification Description

Successful completion of this exam will demonstrate a candidates ​ability to conduct assessments of security and privacy controls employed within federal information systems and organizations. The candidate shall demonstrate their knowledge on conducting security control assessments that support organizational risk management processes and that are aligned with the stated risk tolerance of the organization. The candidate ​shall also demonstrate their knowledge of the six-steps of the Risk Management Framework (RMF) which include security categorization, security control selection, security control implementation, security control assessment, information system authorization, and continuous monitoring

Authoritative Sources

  • NIST SP 800-37 Rev. 1 – Guide for Applying the Risk Management Framework to Federal Information Systems: A Security Life Cycle Approach
  • NIST SP 800-53 Security and Privacy Controls for Federal Information Systems and Organizations
  • NIST SP 800-53A Revision 4 – Assessing Security and Privacy Controls in Federal Information Systems and Organizations: Building Effective Assessment Plans

Requirements

​Candidates must possess at least 3 years of experience in information security assessments and auditing in order to obtain the Expert -level certificate. Those that pass the test, but do not possess the requisite experience, will be awarded the Certified Expert Associate certificate; this can be upgraded upon obtaining the necessary experience (send qualifying details to certifications@lunarline.com upon eligibility).

Certification Description

Successful completion of this exam will demonstrate a candidate’s ​ability to detect different types of attacks and recognize the toolkits, malicious code, and techniques used by a specific intruder. The candidate’s understanding of the associated risks, effects, severity, and the prevention, mitigation, and recovery methods for different attacks will also be demonstrated.​

Candidates will have a 60 day period to complete the exam.  Candidates will have one attempt at each exam; each exam is timed.

Authoritative Sources

  • NIST SP 800-61 Rev.2 – Computer Security Incident Handling Guide

Requirements

​Candidates must possess at least 3 years relevant experience in incident response / security operations in order to obtain the Expert -level certificate. Those that pass the test, but do not possess the requisite experience, will be awarded the Certified Expert Associate certificate; this can be upgraded upon obtaining the necessary experience (send qualifying details to certifications@lunarline.com upon eligibility).

Certification Description

Successful completion of this exam will demonstrate a candidates ​ability to develop and implement an approach to malware incident prevention. They will be able to incorporate malware incident prevention and handling into their awareness programs and understand malware incident policies and procedures. The candidate will demonstrate their vulnerability mitigation capabilities in order to reduce the impact of malware incidents. Candidate’s ​will demonstrate their knowledge of all phases of incident response to include preparation, detection and analysis, containment/eradication/recovery, and post-incident activities.

Candidates will have a 60 day period to complete the exam.  Candidates will have one attempt at each exam; each exam is timed.

Authoritative Sources

  • NIST SP 800-83 Rev. 1 – Guide to Malware Incident Prevention and Handling for Desktops and Laptops​

Requirements

​Candidates must possess at least 3 years relevant experience in forensics, security engineering, and/or incident response in order to obtain the Expert -level certificate. Those that pass the test, but do not possess the requisite experience, will be awarded the Certified Expert Associate certificate; this can be upgraded upon obtaining the necessary experience (send qualifying details to certifications@lunarline.com upon eligibility).

Certification Description

Upon successful completion of this exam a candidate will have the ability to demonstrate how data being used by an app should be secured, the environment in which an app will be deployed, and the acceptable level of risk for an app. The candidate will demonstrate the app vetting process in detail. Candidate’s will also understand the development of system threat models for mobile devices and the resources that are accessed through the mobile devices. Additionally, the candidate ​will gain a high level of knowledge of the transactions and code set standards, identifier standards, privacy rule, security rule, enforcement rule, and breach notification rule as stated in the HIPAA administrative simplification regulations.​

Authoritative Sources

 

  • NIST Special Publication 800-163 – Vetting the Security of Mobile Applications
  • NIST SP 800-124 Rev. 1- Guidelines for Managing the Security of Mobile Devices in the Enterprise
  • CFR Parts 160, 162, and 164: HIPAA Administrative Simplification Regulation Text (as amended through March 26, 2013)
  • U.S. Department of Health and Human Services guidance  U.S. Department of Health and Human Services covered entity and business associate guidance​ (see enhancement)

Requirements

​Candidates must possess at least 3 years relevant experience in mobile security in order to obtain the Expert -level certificate. Those that pass the test, but do not possess the requisite experience, will be awarded the Certified Expert Associate certificate; this can be upgraded upon obtaining the necessary experience (send qualifying details to certifications@lunarline.com upon eligibility).

Certification Description

Successful completion of this exam will demonstrate a candidates ​ability to detect and analyze various network packets and associated flags.  Following or tracing various protocol streams to determine various attacks will be demonstrated.  The candidate ​will demonstrate the ability to reconstruct files for analysis and recreation of different attack scenarios.​​

Authoritative Sources

  • Wireshark User’s Guide
  • NIST SP 800-86 – Guide to Integrating Forensic Techniques into Incident Response
  • NIST SP 800-83 Rev. 1 – Guide to Malware Incident Prevention and Handling for Desktops and Laptops

Requirements

​Candidates must possess at least 3 years relevant experience in programming, configuring, and/or securing web servers and services in order to obtain the Expert -level certificate. Those that pass the test, but do not possess the requisite experience, will be awarded the Certified Expert Associate certificate; this can be upgraded upon obtaining the necessary experience (send qualifying details to certifications@lunarline.com upon eligibility).

Certification Description

Successful completion of this exam will demonstrate a candidates ​ability in  protecting the confidentiality of personally identifiable information (PII) in information systems from a cyber security perspective. The candidate ​will also validate their ability to understand factors for determining the potential impact of inappropriate access, use, and disclosure of PII along with providing recommendations for developing an incident response plan for breaches involving PII.​​

Authoritative Sources

  • NIST SP 800-122 – Guide to Protecting the Confidentiality of Personally Identifiable Information (PII)

Requirements

​Candidates must possess at least 3 years of experience in privacy in order to obtain the Expert -level certificate. Those that pass the test, but do not possess the requisite experience, will be awarded the Certified Expert Associate certificate; this can be upgraded upon obtaining the necessary experience (send qualifying details to certifications@lunarline.com upon eligibility).

Certification Description

Successful completion of this exam will demonstrate a candidates ​ability to procure, develop, integrate, modify, operate and maintain an information system in accordance with federal security requirements. The candidate ​shall demonstrate their knowledge of the program management controls in order to facilitate compliance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards.​​

Authoritative Sources

  • NIST SP 800-100 Information Security Handbook: A Guide for Managers
  • NIST SP 800-53 Rev. 4 – Security and Privacy Controls for Federal Information Systems and Organizations (PM- Family)

Requirements

​Candidates must possess at least 5 years relevant experience in security engineering, management, or technology in order to obtain the Expert -level certificate. Those that pass the test, but do not possess the requisite experience, will be awarded the Certified Expert Associate certificate; this can be upgraded upon obtaining the necessary experience (send qualifying details to certifications@lunarline.com upon eligibility).

Certification Description

Successful completion of this exam will demonstrate a candidates ​understanding of the instructions, recommendations, and considerations for federal information system contingency planning. The candidate ​will validate their abilities on the seven progressive steps of each stage of the system development life cycle and fundamental planning principles necessary for developing an effective contingency capability.​​​

Authoritative Sources

  • NIST SP 800-34 – Contingency Planning Guide for Federal Information Systems

Requirements

​Candidates must possess at least 3 years relevant experience in recovery and contingency planning in order to obtain the Expert -level certificate. Those that pass the test, but do not possess the requisite experience, will be awarded the Certified Expert Associate certificate; this can be upgraded upon obtaining the necessary experience (send qualifying details to certifications@lunarline.com upon eligibility).

Certification Description

Successful completion of this exam will demonstrate a candidates ​ability to manage information security risks to organizational operations, organizational assets, individuals, other organizations, and the Nation resulting from the operation and use of federal information systems. The candidate will exhibit their ability to integrate an organization-wide risk management processes (RMF). They will be able to demonstrate their knowledge of the system development life cycle, information system boundaries, and security control allocations. The candidate ​will have a strong understanding of each step in the RMF. Candidate’s will also be able to demonstrate their ability to implement security and privacy controls for federal information systems and other organizations.​​​

Authoritative Sources

  • NIST SP 800-37 Rev. 1 – Guide for Applying the Risk Management Framework to Federal Information Systems: A Security Life Cycle Approach
  • NIST SP 800-53 Rev. 4 – Security and Privacy Controls for Federal Information Systems and Organizations (RA, PM Family)
  • NIST SP 800-39 – Managing Information Security Risk: Organization, Mission, and Information System View
  • NIST SP 800-30 Rev. 1 – Guide for Conducting Risk Assessments

Requirements

​Candidates must possess at least 3 years relevant experience in information security and risk assessments in order to obtain the Expert -level certificate. Those that pass the test, but do not possess the requisite experience, will be awarded the Certified Expert Associate certificate; this can be upgraded upon obtaining the necessary experience (send qualifying details to certifications@lunarline.com upon eligibility).

Certification Description

Successful completion of this exam will demonstrate a candidates ​understanding of  the application of the Risk Management Framework (RMF) to federal information systems. The candidate shall demonstrate their knowledge of security and privacy controls and shall exercise their understanding of the six-steps of the RMF which include security categorization, security control selection, security control implementation, security control assessment, information system authorization, and continuous monitoring. The candidate ​shall demonstrate their ability to follow procedures for conducting assessments of the security and privacy controls that support organizational risk management processes.​​

Authoritative Sources

  • NIST SP 800-37 Rev. 1 – Guide for Applying the Risk Management Framework to Federal Information Systems: A Security Life Cycle Approach
  • NIST SP 800-53 Rev. 4 – Security and Privacy Controls for Federal Information Systems and Organizations
  • NIST SP 800-53A Revision 4 – Assessing Security and Privacy Controls in Federal Information Systems and Organizations: Building Effective Assessment Plans

Requirements

​Candidates must possess at least 3 years of experience in information security Assessments and Authorization (A&A) in order to obtain the Expert -level certificate. Those that pass the test, but do not possess the requisite experience, will be awarded the Certified Expert Associate certificate; this can be upgraded upon obtaining the necessary experience (send qualifying details to certifications@lunarline.com upon eligibility).

Certification Description

Successful completion of this exam will demonstrate a candidates ​ability to implement security measures to protect the confidentiality, integrity, and availability of information and information processing on computer systems and networks. The candidate ​shall demonstrate their ability for applying the Risk Management Framework to federal information systems to include conducting the activities of security categorization, security control selection and implementation, security control assessment, information system authorization, and security control monitoring.​

Authoritative Sources

  • NIST SP 800-37 Rev. 1 – Guide for Applying the Risk Management Framework to Federal Information Systems: A Security Life Cycle Approach
  • NIST SP 800-53 Rev. 4 – Security and Privacy Controls for Federal Information Systems and Organizations

Requirements

​Candidates must possess at least 3 years of experience in information security in order to obtain the Expert -level certificate. Those that pass the test, but do not possess the requisite experience, will be awarded the Certified Expert Associate certificate; this can be upgraded upon obtaining the necessary experience (send qualifying details to certifications@lunarline.com upon eligibility).

Certification Description

Successful completion of this exam will demonstrate a candidates ​ability to understand the policy, legal, and compliance aspects of governance from the role of a manager or senior-level executive relative to establishing and implementing an information security program. The candidate ​shall demonstrate their knowledge in strategic planning and finance in order to implement and drive cyber security requirements and best practices throughout their organizations.​​

Authoritative Sources

  • NIST SP 800-100 Information Security Handbook: A Guide for Managers
  • NIST SP 800-37 Rev. 1 – Guide for Applying the Risk Management Framework to Federal Information Systems: A Security Life Cycle Approach

Requirements

​​Candidates must possess at least 5 years relevant experience in security engineering, management, or technology in order to obtain the Expert -level certificate. Those that pass the test, but do not possess the requisite experience, will be awarded the Certified Expert Associate certificate; this can be upgraded upon obtaining the necessary experience (send qualifying details to certifications@lunarline.com upon eligibility).

Certification Description

Successful completion of this exam will demonstrate a candidates ​ability to integrate an organization-wide risk management process. The candidate ​will be able to demonstrate their knowledge on the system development life cycle, information system boundaries, and security control allocations. The candidate will have a strong understanding of each step in the Risk Management Framework (RMF). The candidate ​will be able demonstrate their ability to implement security and privacy controls for federal information systems and other organizations.​​

Authoritative Sources

  • NIST SP 800-37 Rev. 1 – Guide for Applying the Risk Management Framework to Federal Information Systems: A Security Life Cycle Approach
  • NIST SP 800-53 Rev. 4 – Security and Privacy Controls for Federal Information Systems and Organizations

Requirements

​Candidates must possess at least 3 years relevant experience in security program / enterprise management in order to obtain the Expert -level certificate. Those that pass the test, but do not possess the requisite experience, will be awarded the Certified Expert Associate certificate; this can be upgraded upon obtaining the necessary experience (send qualifying details to certifications@lunarline.com upon eligibility).

Certification Description

Successful completion of this exam will demonstrate a candidates ​ability to deploy enterprise patch management tools through the application of standard security techniques. Candidates will also demonstrate the use of a security configuration checklist (also called a lockdown, hardening guide, or benchmark) for verifying that the product has been configured properly, and/or for identifying unauthorized changes to the product. The candidate ​will have a strong understanding of each step in the Risk Management Framework (RMF). They will also be able demonstrate their ability to implement security and privacy controls for federal information systems and other organizations.​​

Authoritative Sources

  • NIST SP 800-40 Rev. 3– Guide to Enterprise Patch Management Technologies
  • NIST SP 800-53 Rev. 4 – Security and Privacy Controls for Federal Information Systems and Organizations (RA Family)
  • SP 800-70 Rev.2 National Checklist Program for IT Products—Guidelines for Checklist Users and Developers​​

Requirements

​Candidates must possess at least 3 years relevant experience in information security or engineering of cloud systems in order to obtain the Expert -level certificate. Those that pass the test, but do not possess the requisite experience, will be awarded the Certified Expert Associate certificate; this can be upgraded upon obtaining the necessary experience (send qualifying details to certifications@lunarline.com upon eligibility).

Certification Description

Successful completion of this exam will demonstrate a candidate’s understanding of the application of the Information Security Continuous Monitoring (ISCM) to federal information systems and organizations. The candidate shall demonstrate knowledge of security and privacy controls related to continuous monitoring and shall exercise their understanding of the six-steps of continuous monitoring in accordance with NIST Special Publication 800-137. It is critical for the candidate to understand ISCM definitions, roles, and responsibilities, and supporting NIST Special Publications such as NIST SP 800-37, 800-53, 800-53A, and NIST SP 800-55. The candidate shall demonstrate their ability to follow procedures for conducting assessments of the security and privacy controls that support organizational risk management processes.​​

Authoritative Sources

  • NIST SP 800-137 – Information Security Continuous Monitoring (ISCM) for Federal Information Systems and Organizations
  • NIST SP 800-37 Rev. 1 – Guide for Applying the Risk Management Framework to Federal Information Systems: A Security Life Cycle Approach
  • NIST SP 800-55 Rev. 1 – Performance Measurement Guide for Information Security

Requirements

Candidates must possess at least 3 years of experience in Information Security Continuous Monitoring, Security Operations, and/or Security Assessments and Authorization (SA&A) in order to obtain the Certified Expert certificate. Those that pass the test, but do not possess the requisite experience, will be awarded the Certified Expert Associate certificate; this can be upgraded upon obtaining the necessary experience (send qualifying details to certifications@lunarline.com upon eligibility).

Renewal: Each certification must be renewed annually; requiring 20 Professional Development Credits (PDCs) and payment of a $75 certification renewal fee.

If the exam is successfully completed prior to 2017, the candidate is considered a CCE Program Early Adopter. As a thank you, all early adopters will have their annual PDC requirement and annual fee waived on their first anniversary.

Additional details regarding PDC and renewal fee submission will be sent to all early adopters early 2017.

 


Upcoming Certifications

Visit these upcoming certifications and add an alert to be notified when it is available.

 

Certification Description

Successful completion of this exam will demonstrate a candidate’s ability to understand technical requirements in each of the areas of identity proofing, registration, authenticators, management processes, authentication protocols, federation, and related assertions. They will demonstrate understanding of the policy framework and the core policy elements. The candidate will be able to implement system-level security principles in the design, development, and operation of access management of an information system. The candidate will be able demonstrate their ability to implement security and privacy controls for federal information systems and other organizations.

Authoritative Sources

  • NIST SP 800-63-3 – Digital Identity Guidelines
  • NIST SP 800-63A – Digital Identity Guidelines: Enrollment and Identity Proofin
  • NIST SP 800-63B – Digital Identity Guidelines: Authentication and Lifecycle Management
  • NIST SP 800-63C – Digital Identity Guidelines: Federation and Assertions

Requirements

Candidates must possess at least 3 years of experience in access management, information security or engineering of access management systems in order to obtain the Expert -level certificate. Those that pass the test, but do not possess the requisite experience, will be awarded the Certified Expert Associate certificate; this can be upgraded upon obtaining the necessary experience (send qualifying details to certifications@lunarline.com upon eligibility).

Certification Description

Successful completion of this exam will demonstrate a candidate’s ability to understand technical requirements establish information sharing goals, identify cyber threat information sources, scope information sharing activities, develop rules that control the publication and distribution of threat information, engage with existing sharing communities, and make effective use of threat information in support of the organization’s overall cybersecurity practices. This exam will demonstrate a candidate’s ability to use different types of Intelligence Sources (Intel such as:  GEOINT, MASINT, SIGINT, and OSINT) and utilize the collaboration and visualization tools, applications, and programs used by the various sources to maintain battlespace awareness.  The candidate’s understanding of being able to gather and synthesize all-source Intel-related information to support the battlespace and promote situational awareness across the IC and broader US Government.  Intelligence software tools and program, interaction in collaborative environments, records management, and metadata and writing comprehensive and cohesive documents will also be demonstrated. They will demonstrate understanding of the policy framework and the core policy elements. The candidate will be able to implement system-level security principles in the design, development, and operation of all-source analysis tools and environment for an organization, entity, or system. The candidate will be able demonstrate their ability to implement security and privacy controls for federal information systems and other organizations.

Authoritative Sources

  • Executive Order 12333 – United States Intelligence Activities (As amended by EO 13284, EO13355, and EO13470);
  • ICD 501 – Discovery and Dissemination or Retrieval of Information within the Intelligence Community
  • DoDD 5240.01 –  DoD Intelligence Activities
  • DoD 5240.1-R – Procedures Governing the Activities of DoD Intelligence Components that Affect United States Persons
  • NIST SP 800-​​150 – Guide to Cyber Threat Information Sharing

Requirements

Candidates must possess at least 3 years of relevant experience in all-source analysis, information security, or engineering of threat management systems in order to obtain the Expert -level certificate. Those that pass the test, but do not possess the requisite experience, will be awarded the Certified Expert Associate certificate; this can be upgraded upon obtaining the necessary experience (send qualifying details to certifications@lunarline.com upon eligibility).

Certification Description

Successful completion of this exam will demonstrate a candidates ability to understand the processes and procedures required to prevent, detect, investigate, contain, eradicate, and recover from incidents that impact the organizational mission.  The candidate shall demonstrate their knowledge and understanding of the required authority to formally assume responsibility and be held fully accountable for operating an information system at an acceptable level of risk.  The candidate ​shall demonstrate and understand the processes and procedures required to appropriately categorize and report cybersecurity incidents as dictated by policy as well as coordinate and communicate incident response actions with Law Enforcement Agencies, Federal agencies, and/or external governmental entities.

Authoritative Sources

  • NIST SP 800-37 Rev. 1 – Guide for Applying the Risk Management Framework to Federal Information Systems: A Security Life Cycle Approach
  • NIST SP 800-39 – Managing Information Security Risk: Organization, Mission, and Information System View
  • NIST SP 800-53 Rev. 4 – Security and Privacy Controls for Federal Information Systems and Organizations
  • DoDI 8510.01 Risk Management Framework for DoD IT
  • DoE O 205.1B Department of Energy Cyber Security Program

Requirements

Candidates must possess at least 3 years of experience as a Representative or Designated AO in order to obtain the Expert -level certificate. Those that pass the test, but do not possess the requisite experience, will be awarded the Certified Expert Associate certificate; this can be upgraded upon obtaining the necessary experience (send qualifying details to certifications@lunarline.com upon eligibility).

Certification Description

​Successful completion of this exam will demonstrate a candidates ​ability to collects information, not necessarily from human sources, but from technical sources such as:  wiretaps, bugs, cyber-collection, MASINT devices, SIGINT devices, and other means.  The candidate ​shall demonstrate their knowledge and understanding of being able to gather and synthesize all related information to support the battlespace and promote situational awareness across the IC and broader US Government.

Authoritative Sources

  • Executive Order 12333 – United States Intelligence Activities (As amended by EO 13284, EO13355, and EO13470)
  • DoDD 5240.01 –  DoD Intelligence Activities
  • DoD 5240.1-R – Procedures Governing the Activities of DoD Intelligence Components that Affect United States Persons

Requirements

​Candidates must possess at least 3 years of experience in electronic or cyber collections in order to obtain the Expert -level certificate. Those that pass the test, but do not possess the requisite experience, will be awarded the Certified Expert Associate certificate; this can be upgraded upon obtaining the necessary experience (send qualifying details to certifications@lunarline.com upon eligibility).

Certification Description

​Successful completion of this exam will demonstrate a candidates ​ability to process an electronic crime scene and be responsible for identifying, preserving, collecting, and securing evidence at an electronic crime scene. The candidate ​shall demonstrate their knowledge on conducting electronic crime scene assessments and investigations.

Authoritative Sources

  • NIJ Special Report – Electronic Crime Scene Investigations:  A Guide for First Responders, 2nd Ed.
  • Crime Scene Investigation – A Guide for Law Enforcement
  • Dept. of Justice – The Role and Impact of Forensic Evidence in the Criminal Justice Dept.
  • NIST SP 800-83 Rev. 1 – Guide to Malware Incident Prevention and Handling for Desktops and Laptops
  • NIST SP 800-86 – Guide to Integrating Forensic Techniques into Incident Response

Requirements

​Candidates must possess at least 3 years of experience in electronic crime scene assessments and processing​ in order to obtain the Expert -level certificate. Those that pass the test, but do not possess the requisite experience, will be awarded the Certified Expert Associate certificate; this can be upgraded upon obtaining the necessary experience (send qualifying details to certifications@lunarline.com upon eligibility).

Certification Description

​Successful completion of this exam will demonstrate a candidates ​ability to identify classical access control models and mechanisms. They will demonstrate their understanding of the policy machine framework and the core policy elements. The candidate ​will be able to implement system-level security principles in the design, development, and operation of an information system. The candidate will be able demonstrate their ability to implement security and privacy controls for federal information systems and other organizations.

Authoritative Sources

  • NISTIR 7987 – Policy Machine: Features, Architecture, and Specification
  • NIST SP 800-27 Rev. A – Engineering Principles for Information Technology Security (A Baseline for Achieving Security)
  • NIST SP 800-53 Rev. 4 – Security and Privacy Controls for Federal Information Systems and Organizations

Requirements

​Candidates must possess at least 5 years relevant experience in security architecture​ in order to obtain the Expert -level certificate.​ Those that pass the test, but do not possess the requisite experience, will be awarded the Certified Expert Associate certificate; this can be upgraded upon obtaining the necessary experience (send qualifying details to certifications@lunarline.com upon eligibility).

Certification Description

​Successful completion of this exam will demonstrate a candidates ​ability to implement security and privacy controls for federal information systems and other organizations. The candidate will be able to implement system-level security principles in the design, development, and operation of an information system. The candidate will be able to demonstrate their knowledge in systems security engineering discipline and the fundamental security principles, concepts, and terminology. The candidate ​will be able to demonstrate the relationship between the System Development Life Cycle and other IT disciplines. They will be able to demonstrate their ability to implement security into each phase of the Information System Development Life Cycle.

Authoritative Sources

  • NIST SP 800-160 Systems Security Engineering: An Integrated Approach to Building Trustworthy Resilient Systems
  • NIST SP 800-64 Rev. 2 – Security Considerations in the System Development Life Cycle
  • NIST SP 800-37 Rev. 1 – Guide for Applying the Risk Management Framework to Federal Information Systems: A Security Life Cycle Approach
  • NIST SP 800-27 Rev. A – Engineering Principles for Information Technology Security (A Baseline for Achieving Security)
  • NIST SP 800-53 Rev. 4 – Security and Privacy Controls for Federal Information Systems and Organizations

Requirements

​Candidates must possess at least 5 years relevant experience in security engineering in order to obtain the Expert -level certificate. Those that pass the test, but do not possess the requisite experience, will be awarded the Certified Expert Associate certificate; this can be upgraded upon obtaining the necessary experience (send qualifying details to certifications@lunarline.com upon eligibility).

Certification Description

Successful completion of this exam will demonstrate a candidate’s ability to understand technical and legal requirements related to cybersecurity and privacy specific laws. They will demonstrate understanding of the legal policy framework and the core policy elements. The candidate will be able to implement system-level security principles in the design, development, and operation of controls related to the legal requirements to enhance an organizations security, privacy, and legal compliance. The candidate will be able demonstrate their ability to implement security and privacy controls for federal information systems and other organizations related to each law and understand the related policy and guidelines supporting each law.

Authoritative Sources

  • 18 U.S.C. § 1029. Fraud and Related Activity in Connection with Access Devices
  • U.S.C. § 1030. Fraud and Related Activity in Connection with Computers
  • U.S.C. § 2511. Interception and Disclosure of Wire, Oral, or Electronic Communications Prohibited
  • U.S.C. § 2701. Unlawful Access to Stored Communications
  • U.S.C. § 2702. Disclosure of Contents
  • U.S.C. § 2703. Requirements for Governmental Access
  • .S.C. § 362. Communication Lines, Stations, or Systems
  • U.S.C. § 552a Privacy Act of 1974
  • Public Law No: 107–347—DEC. 17 2002 – E-Government Act of 2002
  • Public Law No: 113-283 – Federal Information Security Modernization Act (FISMA) of 2014

Requirements

Candidates must possess at least 3 years of experience in cyber and/or privacy law, information security or privacy compliance and policy in order to obtain the Expert -level certificate. Those that pass the test, but do not possess the requisite experience, will be awarded the Certified Expert Associate certificate; this can be upgraded upon obtaining the necessary experience (send qualifying details to certifications@lunarline.com upon eligibility).

Certification Description

Successful completion of this exam will demonstrate a candidate’s ability to develops cyberspace workforce plans, strategies and guidance to support cyberspace workforce manpower, personnel, training and education requirements and to address changes to cyberspace policy, doctrine, materiel, force structure, and education and training requirements. They will demonstrate understanding of the policy framework and the core policy elements. The candidate will be able to implement and conduct cybersecurity and privacy training for an organization, entity, or system. The candidate will be able demonstrate their ability to implement training and awareness security and privacy controls for federal information systems and other organizations.​

Authoritative Sources

  • NIST SP 800-16 – A Role-Based Model for Federal Information Technology / Cyber Security Training​
  • NIST SP 800-181 – NICE Cybersecurity Workforce Framework (NCWF): National Initiative for Cybersecurity Education
  • DoD Directive 8140.01 Cyberspace Workforce Management

Requirements

​Candidates must possess at least 3 years of experience in cybersecurity operations as well as teaching or instruction, in any mix of offensive and defensive operations, in order to obtain the Expert -level certificate. Those that pass the test, but do not possess the requisite experience, will be awarded the Certified Expert Associate certificate; this can be upgraded upon obtaining the necessary experience (send qualifying details to certifications@lunarline.com upon eligibility).

Certification Description

Successful completion of this exam will demonstrate a candidate’s ability to understand technical and policy requirements to securely develop and administer databases and/or data management systems that allow for the storage, query, and utilization of data. The candidate will be able to implement organizational wide and system-level security and privacy principles in the design, development, operation, and testing of data security and database controls. The candidate will be able demonstrate their ability to implement security and privacy data controls for federal information systems and other organizations.

Authoritative Sources

  • DoD Database Security Requirements Guide (SRG)

Requirements

Candidates must possess at least 3 years of experience in data or database cyber and/or privacy, information security or privacy compliance and policy in order to obtain the Expert-level certificate. Those that pass the test, but do not possess the requisite experience, will be awarded the Certified Expert Associate certificate; this can be upgraded upon obtaining the necessary experience (send qualifying details to certifications@lunarline.com upon eligibility).

Certification Description

S​Successful completion of this exam will demonstrate a candidates ​ability to build a holistic view of the organization’s strategy, processes, information, and information technology assets along with integrating cybersecurity to ensure the security of the enterprise is maintained.  The candidate ​shall demonstrate their knowledge and understanding to design, deliver, and/or improve/maintain an architecture that supports the most efficient and secure IT environment to meet the business needs of the organization.

Authoritative Sources

  • NIST SP 800-35 – Guide to Information Technology Security Services
  • NIST SP 800-36 – Guide to Selecting Information Technology Security Products;
  • DoD Architecture Framework
  • DoD Information Enterprise Architecture (IEA) Vol I & II
  • NIST SP 800-53 Security and Privacy Controls for Federal Information Systems and Organizations
  • NISTIR 7756 – CAESARS Framework Extension: An Enterprise Continuous Monitoring Technical Reference Architecture
  • The Federal Enterprise Architecture Framework (FEAF)

Requirements

Candidates must possess at least 3 years of experience in security architecture in order to obtain the Expert -level certificate. Those that pass the test, but do not possess the requisite experience, will be awarded the Certified Expert Associate certificate; this can be upgraded upon obtaining the necessary experience (send qualifying details to certifications@lunarline.com upon eligibility).

Certification Description

Successful completion of this exam will demonstrate a candidates ​ability to analyze exploits of different types of vulnerabilities of various services (protocols such as:  HTTP, HTTPS, ICP, HTCP, WCCP, SOCKS, PHP, CGI, ODBC, HTML, and XML) and technologies (such as:  Web Servers, Database Servers, Windows, Linux, and Embedded Devices).  The candidate shall demonstrate the ability to recognize the toolkits, malicious code, and techniques used for exploitation. The candidate’s understanding of the associated risks, effects, severity, and the prevention, mitigation, and recovery methods for different exploits will also be demonstrated.

Authoritative Sources

  • NIST IR 7788 – Security Risk Analysis of Enterprise Networks Using Probabilistic Attack Graphs
  • NIST IR 7435 – The Common Vulnerability Scoring System (CVSS) and Its Applicability to Federal Agency Systems
  • DoDI O-3600.03 – Technical Assurance Standard (TAS) for Computer Network Attack (CNA) Capabilities   **PKI-Enabled

Requirements

​Candidates must possess at least 3 years relevant experience in analyzing exploits of various protocols, services, and technologies in order to obtain the Expert -level certificate. Those that pass the test, but do not possess the requisite experience, will be awarded the Certified Expert Associate certificate; this can be upgraded upon obtaining the necessary experience (send qualifying details to certifications@lunarline.com upon eligibility).

Certification Description

Successful completion of this exam will demonstrate a candidate’s ability to understand tactics, techniques and procedures (TTP) in the process of proactively and iteratively searching through networks, systems, and data (internal and external) to detect and isolate advanced threats that evade existing security solutions – specifically hacker/hacktivist and related group intentions and capabilities, and nation-state sponsored CNE (computer network exploitation) and CNA (computer network attack) targeting the critical systems, data, and infrastructure. The candidate will be able to develop, implement, configure, and enhance organizational wide and system-level security forensic sampling tools and advanced multimedia exploitation tools to help identify internal and external organizational Indicators Of Compromise (IOCs) The candidate will use threat information from multiple sources to conduct analysis of system / network anomalies. The candidate will be able detect, respond, recover, and report these findings in accordance with Government and organizations incident handling requirements.

Authoritative Sources

  • NIST SP 800-150 Guide to Cyber Threat Information Sharing
  • NIST SP 800-101 Rev. 1 – Guidelines on Mobile Device Forensics
  • NIST SP 800-86 – Guide to Integrating Forensic Techniques into Incident Response
  • NIST SP 800-83 Rev. 1 – Guide to Malware Incident Prevention and Handling for Desktops and Laptops
  • NIST SP 800-61 Rev.2 – Computer Security Incident Handling Guide
  • The NIST Computer Forensics Tool Testing Project Handbook (Hash Analysis)

Requirements

Candidates must possess a Certified Expert Hunt Team (CEHT) certifications and at least 5 years of experience in advanced malware analysis, cyber hunt, forensic sampling, or incident response and forensics (or forensic sampling) in order to obtain the Expert -level certificate. Those that pass the test, but do not possess the requisite experience, will be awarded the Certified Expert Associate certificate; this can be upgraded upon obtaining the necessary experience (send qualifying details to certifications@lunarline.com upon eligibility).

Certification Description

Successful completion of this exam will demonstrate a candidate’s ability to understand tactics, techniques and procedures (TTP) in the process of proactively and iteratively searching through networks, systems, and data (internal and external) to detect and isolate advanced threats that evade existing security solutions. The candidate will be able to develop, implement, configure, and enhance organizational wide and system-level security hunt tools in the use threat information from multiple sources to conduct analysis of system / network anomalies. The candidate will be able detect, respond, recover, and report these findings in accordance with Government and organizations incident handling requirements.

Authoritative Sources

  • NIST SP 800-150 Guide to Cyber Threat Information Sharing
  • NIST SP 800-101 Rev. 1 – Guidelines on Mobile Device Forensics
  • NIST SP 800-86 – Guide to Integrating Forensic Techniques into Incident Response
  • NIST SP 800-83 Rev. 1 – Guide to Malware Incident Prevention and Handling for Desktops and Laptops
  • NIST SP 800-61 Rev.2 – Computer Security Incident Handling Guide

Requirements

Candidates must possess at least 3 years of experience in cyber hunt, advanced malware analysis, or incident response and forensics (or forensic sampling) in order to obtain the Expert -level certificate. Those that pass the test, but do not possess the requisite experience, will be awarded the Certified Expert Associate certificate; this can be upgraded upon obtaining the necessary experience (send qualifying details to certifications@lunarline.com upon eligibility).

Certification Description

Successful completion of this exam will demonstrate a candidate’s ability to understand technical and policy requirements to securely develop and administer Identification and authorization governance to meet organizational security and privacy requirements. The candidate will be able to implement organizational wide and system-level security and privacy principles in the design, development, operation, and testing of identity governance controls. The candidate will be able demonstrate their ability to implement security and privacy data controls for federal information systems and other organizations. The candidate will have knowledge of relevant laws, policies, procedures, or governance related to identity governance.

Authoritative Sources

  • NISTIR 8149 – Developing Trust Frameworks to Support Identity Federations
  • NIST SP 1800-3 -Attribute Based Access Control
  • NIST SP 800-53 – Security and Privacy Controls for Federal Information Systems and Organizations (IA and AC Families)

Requirements

Candidates must possess at least 3 years of experience in identify and authorization management, analysis or engineering, or related identity governance information security or privacy compliance and policy in order to obtain the Expert -level certificate. Those that pass the test, but do not possess the requisite experience, will be awarded the Certified Expert Associate certificate; this can be upgraded upon obtaining the necessary experience (send qualifying details to certifications@lunarline.com upon eligibility).

Certification Description

Successful completion of this exam will demonstrate a candidates ​ability to implement The NIST 800- 53 R4 Incident Response, Personal Security and Contingency Planning security controls. The candidate ​will demonstrate their ability to identify events and incidents along with the need for response. They will demonstrate policy, plan, and procedure elements. The candidate will exhibit their knowledge in understanding and implementing incident response team structures, models, and response personnel. They will be able to demonstrate all steps in handling an incident from preparation to post-incident activities.

Authoritative Sources

  • NIST SP 800-61 Rev.2 – Computer Security Incident Handling Guide
  • NIST SP 800-53 Rev. 4 – Security and Privacy Controls for Federal Information Systems and Organizations (IR – Family)

Requirements

​​Candidates must possess at least 3 years relevant experience in incident handling or incident response in order to obtain the Expert -level certificate. Those that pass the test, but do not possess the requisite experience, will be awarded the Certified Expert Associate certificate; this can be upgraded upon obtaining the necessary experience (send qualifying details to certifications@lunarline.com upon eligibility).

Certification Description

Successful completion of this exam will demonstrate a candidates ​ability to plan the full-spectrum of information operations (such as:  Electronic Warfare, Computer Network Operations, and Operations Security) and be responsible for collaboration and integration of information operations into joint operations, planning, and preparation processes of the operating environment.  The candidate ​shall demonstrate their knowledge and understanding of being able to gather and synthesize all related information operations to support the full-spectrum across the IC and broader US Government.

Authoritative Sources

  • Joint Publication 3-13: Information Operations
  • DoDD 3600.01 – Information Operations

Requirements

​​Candidates must possess at least 3 years of experience in information operations or one of its sub-specialties in order to obtain the Expert -level certificate. Those that pass the test, but do not possess the requisite experience, will be awarded the Certified Expert Associate certificate; this can be upgraded upon obtaining the necessary experience (send qualifying details to certifications@lunarline.com upon eligibility).

Certification Description

Successful completion of this exam will demonstrate a candidates ​understanding of current insider threats relative to cybersecurity and how to manage these within your organization. They will exhibit their ability to establish, maintain, and use information sharing relationships. The candidate ​will understand the Cyber Attack Life Cycle, threat intelligence, information sharing architectures, and formal vs. informal information sharing communities.

Authoritative Sources

  • NIST SP 800-150 Guide to Cyber Threat Information Sharing

Requirements

​Candidates must possess at least 3 years relevant experience in security engineering in order to obtain the Expert -level certificate. Those that pass the test, but do not possess the requisite experience, will be awarded the Certified Expert Associate certificate; this can be upgraded upon obtaining the necessary experience (send qualifying details to certifications@lunarline.com upon eligibility).

Certification Description

Successful completion of this exam will demonstrate a candidates ​ability to understand the different technologies, frameworks, and process of capturing, developing, sharing, and effectively using organizational knowledge.  The candidate ​shall demonstrate their knowledge and understanding of the strategies (explicit transfer vs. implicit transfer, communities of practice, and knowledge management systems or repositories) within a Knowledge Management framework and of the multi-disciplinary approach to achieving organizational objectives by making the best use of knowledge.

Authoritative Sources

  • ATP 6-01.1 (FM 6-01.1) – Techniques for Effective Knowledge Management
  • CJCSI 3150.25 – Joint Lessons Learned Program
  • CJCSI 5124.01 – Charter of the Knowledge Management Cross-Functional Team

Requirements

​Candidates must possess at least 3 years of experience in knowledge management in order to obtain the Expert -level certificate. Those that pass the test, but do not possess the requisite experience, will be awarded the Certified Expert Associate certificate; this can be upgraded upon obtaining the necessary experience (send qualifying details to certifications@lunarline.com upon eligibility).

Certification Description

Successful completion of this exam will demonstrate a candidate’s ability to understand technical and policy requirements to use defensive measures and information collected from a variety of sources to identify, analyze, and report events that occur or might occur within the network to protect information, information systems, and networks from threats. Tests, implements, deploys, maintains, reviews, and administers the infrastructure hardware and software that are required to effectively manage the computer network defense service provider network and resources. Monitors network to actively remediate unauthorized activities. The candidate will be able to implement organizational wide and system-level security and privacy principles in the design, development, operation, and testing of network security and privacy controls. The candidate will be able demonstrate their ability to implement security and privacy data controls for federal information systems and other organizations.

Authoritative Sources

  • DoD Strategy for Defending Networks, Systems, and Data
  • DoD Network Infrastructure Security Technical Implementation Guide (STIG)
  • DoD Network Devices Security Technical Implementation Guide (STIG)
  • NIST SP 800-53 Security and Privacy Controls for Federal Information Systems and Organizations
  • NISTIR 7756 – CAESARS Framework Extension: An Enterprise Continuous Monitoring Technical Reference Architecture

Requirements

Candidates must possess at least 3 years of experience in network defense, cyber and/or privacy, information security or privacy compliance and policy focused in network defense in order to obtain the Expert -level certificate. Those that pass the test, but do not possess the requisite experience, will be awarded the Certified Expert Associate certificate; this can be upgraded upon obtaining the necessary experience (send qualifying details to certifications@lunarline.com upon eligibility).

Certification Description

Successful completion of this exam will demonstrate a candidates ​ability to conduct different types of offensive activities or capabilities (such as:  Computer Network Attack and Computer Network Exploitation) and recognize the toolkits, malicious code, and techniques used. The candidate’s understanding of the activities that, through the use of cyberspace, actively gather information from computers, information systems, or networks, or manipulate, disrupt, deny, degrade, or destroy targeted computers, information systems, or networks will also be demonstrated.

Authoritative Sources

  • Joint Publication 3-12: Cyberspace Operations
  • DoDI O-3600.03 – Technical Assurance Standard (TAS) for Computer Network Attack (CNA) Capabilities   **PKI-Enabled

Requirements

​Candidates must possess at least 3 years relevant experience in offensive cyberspace operations in order to obtain the Expert -level certificate. Those that pass the test, but do not possess the requisite experience, will be awarded the Certified Expert Associate certificate; this can be upgraded upon obtaining the necessary experience (send qualifying details to certifications@lunarline.com upon eligibility).

Certification Description

Successful completion of this exam will demonstrate a candidates ​ability to plan full-spectrum cyberspace operations and be responsible for integrating cyberspace operations into joint operations and planning processes, intelligence preparation of the operating environment, and targeting in cyberspace.  The candidate ​shall demonstrate their knowledge and understanding of being able to gather and synthesize all related information to support the full-spectrum cyberspace operations across the IC and broader US Government.​​​

Authoritative Sources

  • Joint Publication 5-0:  Joint Operations Planning
  • Joi​​​nt Publication 3-0: Joint Operations
  • Joint Publication 3-12: Cyberspace Operations

Requirements

​Candidates must possess at least 3 years of experience in cyberspace operations in order to obtain the Expert -level certificate. Those that pass the test, but do not possess the requisite experience, will be awarded the Certified Expert Associate certificate; this can be upgraded upon obtaining the necessary experience (send qualifying details to certifications@lunarline.com upon eligibility).

Certification Description

Successful completion of this exam will demonstrate a candidates ​ability to detect different types of web service (protocols such as:  HTTP, HTTPS, ICP, HTCP, WCCP, SOCKS, PHP, CGI, ODBC, HTML, and XML) attacks and recognize the toolkits, malicious code, and techniques used by a specific intruder. The candidate’s understanding of the associated risks, effects, severity, and the prevention, mitigation, and recovery methods for different attacks will also be demonstrated.​​

Authoritative Sources

  • NIST SP 800-95 – Guide to Secure Web Services
  • NIST SP 800-28 Version 2 – Guidelines on Active Content and Mobile Code
  • NIST SP 800-44 Version 2 – Guidelines on Securing Public Web Servers
  • DISA STIGs
  • OWASP Top 10

Requirements

​Candidates must possess at least 3 years relevant experience in programming, configuring, and/or securing web servers and services in order to obtain the Expert -level certificate. Those that pass the test, but do not possess the requisite experience, will be awarded the Certified Expert Associate certificate; this can be upgraded upon obtaining the necessary experience (send qualifying details to certifications@lunarline.com upon eligibility).

Certification Description

Successful completion of this exam will demonstrate a candidates ​ability to carefully plan and address the security aspects of the deployment of various Server types, such as a Linux-based Server or a Windows-based Server.  The candidate will be able to implement appropriate security management practices and controls when maintaining and operating a secure Server.  They will demonstrate their knowledge of how the various Server operating systems are deployed, configured, and managed to meet the security requirements of an organization. They will also be able to demonstrate the process of maintaining the security of the various Server types to ensure continued security.​​

Authoritative Sources

  • NIST SP 800-123 – Guide to General Server Security
  • DISA Linux Operating Systems STIGs

Requirements

Candidates must possess at least 5 Years relevant experience in security administration of various workstations and/or servers in order to obtain the Expert -level certificate. Those that pass the test, but do not possess the requisite experience, will be awarded the Certified Expert Associate certificate; this can be upgraded upon obtaining the necessary experience (send qualifying details to certifications@lunarline.com upon eligibility).

Certification Description

Successful completion of this exam will demonstrate a candidates ​ability to carefully plan and address the security aspects of the deployment of a Linux Server. The candidate will be able to implement appropriate security management practices and controls when maintaining and operating a secure Linux Server. They will demonstrate their knowledge of how the Linux Server operating system is deployed, configured, and managed to meet the security requirements of an organization. They will also be able to demonstrate the process of maintaining the security of Linux Servers to ensure continued security.​​

Authoritative Sources

  • NIST SP 800-123 – Guide to General Server Security
  • DISA Windows Operating Systems STIGs​

Requirements

Candidates must possess at least 5 Years relevant experience in security administration of Linux workstations and/or servers in order to obtain the Expert -level certificate.​ Those that pass the test, but do not possess the requisite experience, will be awarded the Certified Expert Associate certificate; this can be upgraded upon obtaining the necessary experience (send qualifying details to certifications@lunarline.com upon eligibility).

Certification Description

Successful completion of this exam will demonstrate a candidates ​ability to carefully plan and address the security aspects of the deployment of a Windows Server. The candidates ​will be able to implement appropriate security management practices and controls when maintaining and operating a secure Windows Server. They will demonstrate their knowledge of how the Windows Server operating system is deployed, configured, and managed to meet the security requirements of an organization. They will also be able to demonstrate the process of maintaining the security of Windows Servers to ensure continued securi​​ty.

Authoritative Sources

  • NIST SP 800-123 – Guide to General Server Security
  • DISA Windows Operating Systems STIGs​

Requirements

Candidates must possess at least 5 Years relevant experience in in security administration of Windows workstations and/or servers in order to obtain the Expert -level certificate.​ Those that pass the test, but do not possess the requisite experience, will be awarded the Certified Expert Associate certificate; this can be upgraded upon obtaining the necessary experience (send qualifying details to certifications@lunarline.com upon eligibility).

Certification Description

Successful completion of this exam will demonstrate a candidates ​ability to understand the policy, legal, and compliance aspects of governance from the role of a manager or senior-level executive relative to establishing and implementing an information security program. The candidate ​shall demonstrate their knowledge in strategic planning and finance in order to implement and drive cyber security requirements and best practices throughout their organizations.​​

Authoritative Sources

  • NIST SP 800-100 Information Security Handbook: A Guide for Managers
  • NIST SP 800-37 Rev. 1 – Guide for Applying the Risk Management Framework to Federal Information Systems: A Security Life Cycle Approach

Requirements

​Candidates must possess at least 5 years relevant experience in security engineering, management, or technology in order to obtain the Expert -level certificate. Those that pass the test, but do not possess the requisite experience, will be awarded the Certified Expert Associate certificate; this can be upgraded upon obtaining the necessary experience (send qualifying details to certifications@lunarline.com upon eligibility).

Certification Description

Successful completion of this exam will demonstrate a candidates ​ability to exhibit their ability to integrate an organization-wide risk management process. They will be able to demonstrate their knowledge on the system development life cycle, information system boundaries, and security control allocations. The candidate ​will have a strong understanding of each step in the Risk Management Framework (RMF). They will be able demonstrate their ability to implement security and privacy controls with an emphasis on security control assessment policy and procedures.​​

Authoritative Sources

  • NIST SP 800-37 Rev. 1 – Guide for Applying the Risk Management Framework to Federal Information Systems: A Security Life Cycle Approach

Requirements

Candidates must possess at least 3 years relevant experience in order to obtain the Expert -level certificate. Those that pass the test, but do not possess the requisite experience, will be awarded the Certified Expert Associate certificate; this can be upgraded upon obtaining the necessary experience (send qualifying details to certifications@lunarline.com upon eligibility).

Certification Description

Successful completion of this exam will demonstrate a candidates ​ability to exhibit key practices for mitigating the most egregious exploitable software weaknesses. They will demonstrate their extensive knowledge on software security testing; secure coding, architecture and design. The candidate ​will also demonstrate their knowledge on software supply chain risk management and due diligence.​​

Authoritative Sources

  • https://buildsecurityin.us-cert.gov/swa/software-assurance-pocket-guide-series
  • Key Practices for Mitigating the Most Egregious Exploitable Software Weaknesses, Development, Volume II – (Version 2.3, November 1, 2012)
  • Software Security Testing, Development, Volume III – (Version 1.0, May 21, 2012)

Requirements

Candidates must possess at least 5 years relevant experience in development and/or software assurance​ in order to obtain the Expert -level certificate. ​ Those that pass the test, but do not possess the requisite experience, will be awarded the Certified Expert Associate certificate; this can be upgraded upon obtaining the necessary experience (send qualifying details to certifications@lunarline.com upon eligibility).

Certification Description

Successful completion of this exam will demonstrate a candidates ​ability to process the steps by which targets are recommended and its different phases (such as:  Objectives and guidance derivation, Target development, Weaponing, Force application, Execution planning, and Combat assessment) along with supporting and understanding operations and intelligence.  The candidate ​shall demonstrate their knowledge on the Phases of the Targeting Process, supporting missions, and providing and directing strategic and operational intelligence analytical support.  Target Systems Analysis, preparing, briefing, and publishing of broad and complex targeting assessments, and conducting near, mid and long term targeting in support of the mission will also be demonstrated.​​

Authoritative Sources

  • Joi​​​nt Publication 3-0: Joint Operations
  • Joint Publication 3-60: Joint Targeting

Requirements

​Candidates must possess at least 3 years of experience in processing targeting phases in order to obtain the Expert -level certificate. Those that pass the test, but do not possess the requisite experience, will be awarded the Certified Expert Associate certificate; this can be upgraded upon obtaining the necessary experience (send qualifying details to certifications@lunarline.com upon eligibility).

Certification Description

Successful completion of this exam will demonstrate a candidate’s ability to understand technical and policy requirements to use defensive measures and information collected from a variety of sources to identify, analyze, and report events that occur or might occur within the network to protect virtual information systems, and networks from threats. Tests, implements, deploys, maintains, reviews, and administers the infrastructure hardware and software that are required to effectively manage the computer network defense of virtual systems and resources. Monitors network and virtual devices to actively remediate unauthorized activities. The candidate will be able to implement organizational wide and system-level security and privacy principles in the design, development, operation, and testing of virtual security and privacy controls. The candidate will be able demonstrate their ability to implement security and privacy data controls for federal information systems and other organizations.

Authoritative Sources

  • NIST SP 800-180 – NIST Definition of Microservices, Application Containers and System Virtual Machines
  • NIST SP 800-125 – Guide to Security for Full Virtualization Technologies
  • DoD Software-Defined Networking (SDN) using Network Virtualization (NV) Security Technical Implementation Guide (STIG)
  • NIST SP 800-53 Security and Privacy Controls for Federal Information Systems and Organizations
  • NISTIR 7756 – CAESARS Framework Extension: An Enterprise Continuous Monitoring Technical Reference Architecture

Requirements

Candidates must possess at least 3 years of experience in cloud security or virtualization technology security, defense, cyber and/or privacy, information security or privacy compliance and policy focused in cloud or virtual machine / device defense in order to obtain the Expert -level certificate. Those that pass the test, but do not possess the requisite experience, will be awarded the Certified Expert Associate certificate; this can be upgraded upon obtaining the necessary experience (send qualifying details to certifications@lunarline.com upon eligibility).

Certification Description

Successful completion of this exam will demonstrate a candidate’s ability to apply language, cultural, and technical expertise to support information collection, analysis, and other cybersecurity activities.

Authoritative Sources

  • NIST SP 800-150 Guide to Cyber Threat Information Sharing
  • Executive Order 12333 – United States Intelligence Activities (As amended by EO 13284, EO13355, and EO13470)
  • ICD 501 – Discovery and Dissemination or Retrieval of Information within the Intelligence Community
  • DoD 5240.1-R – Procedures Governing the Activities of DoD Intelligence Components that Affect United States Persons
  • DoDD 5240.01 –  DoD Intelligence Activities​

Requirements

Candidates must possess at least 3 years of experience in cyber intelligence, threat intelligence, or related fields with a foreign language. The candidate must maintain a Defense Language Proficiency Test of L2/R2 proficiency or equivalent language test to maintain the certification on top of the passing the exam. Those that pass the test, but do not possess the requisite experience, will be awarded the Certified Expert Associate certificate; this can be upgraded upon obtaining the necessary experience (send qualifying details to certifications@lunarline.com upon eligibility).

c

 

Become a Cyber Certified Expert and take your test today!

For more information on our certification programs, email us at certifications@lunarline.com.