🚀 Launch Special: $29/mo for life --d --h --m --s Claim Your Price →
ICS-SCADA
Coming Soon
Expected availability announced soon

This course is in active development. Preview the scope below and create a free account to be notified the moment it goes live.

Notify me
ICS-SCADA EC-Council Coming Soon

ECCouncil ICS SCADA

The EC‑Council ICS/SCADA Cybersecurity certification teaches professionals the architecture, threat landscape, network and endpoint defenses, and monitoring techniques essential for securing critical industrial control systems.

240
Minutes
125
Questions
70/100
Passing Score
$1499
Exam Cost

Who Should Take This

It is intended for experienced control‑system engineers, security analysts, and OT managers who design, operate, or protect SCADA and other industrial environments. Candidates should have a solid foundation in networking and cybersecurity and seek to validate expertise in safeguarding critical infrastructure.

What's Covered

1 ICS Architecture and Fundamentals
2 ICS Threat Landscape
3 ICS Network Security
4 ICS Endpoint Security
5 ICS Security Monitoring
6 ICS Vulnerability Management
7 ICS Incident Response
8 ICS Governance and Compliance
9 IT/OT Convergence Security
10 ICS Security Program Management

What's Included in AccelaStudy® AI

Adaptive Knowledge Graph
Practice Questions
Lesson Modules
Console Simulator Labs
Exam Tips & Strategy
20 Activity Formats

Course Outline

60 learning goals
1 ICS Architecture and Fundamentals
2 topics

ICS components and architecture

  • Apply Purdue model analysis to identify security zone boundaries trust levels and data flow requirements in industrial networks.
  • Apply ICS asset inventory including PLC RTU HMI DCS and engineering workstation identification and classification.
  • Analyze ICS network architecture to identify flat networks missing segmentation and insecure remote access pathways.

ICS communication protocols

  • Apply Modbus protocol analysis to identify unauthenticated commands function code abuse and data manipulation risks.
  • Apply DNP3 protocol security assessment including authentication bypass SA implementation and unsolicited response attacks.
  • Apply OPC-UA security evaluation including certificate management authentication mechanisms and encryption configuration.
2 ICS Threat Landscape
2 topics

ICS-specific threats

  • Analyze ICS threat actors including nation-state groups cybercriminals and hacktivists targeting critical infrastructure systems.
  • Analyze ICS-specific malware including Stuxnet Triton Industroyer and BlackEnergy to understand attack methodologies and impacts.
  • Apply ICS attack chain analysis using ICS Kill Chain and MITRE ATT&CK for ICS to map adversary behaviors.

Supply chain and insider threats

  • Analyze ICS supply chain risks including compromised firmware vendor remote access and counterfeit components.
  • Apply insider threat assessment for ICS environments considering operator access engineering tools and maintenance procedures.
  • Design ICS threat monitoring strategies addressing both IT-borne and OT-native attack vectors across converged environments.
3 ICS Network Security
2 topics

Network segmentation

  • Apply ICS network segmentation using firewalls DMZs and unidirectional gateways to enforce Purdue model boundaries.
  • Apply ICS remote access security including jump servers VPN and MFA for vendor and engineer access to OT networks.
  • Analyze ICS network traffic patterns to establish baselines and identify anomalous communications between zones.

Protocol security

  • Apply EtherNet/IP and CIP protocol security including device authentication encryption and access control configuration.
  • Apply BACnet and building automation protocol security for facilities management system protection.
  • Design ICS network security architectures incorporating microsegmentation encrypted tunnels and protocol-aware firewalls.
4 ICS Endpoint Security
2 topics

Device hardening

  • Apply PLC hardening including firmware updates access control password management and unused port disabling.
  • Apply HMI and engineering workstation hardening including application whitelisting USB control and patch management.
  • Analyze ICS endpoint security posture to identify default credentials unpatched firmware and excessive access permissions.

Secure configuration

  • Apply ICS configuration management including backup procedures change control and configuration validation for OT devices.
  • Apply physical security controls for ICS endpoints including cabinet locks tamper detection and environmental monitoring.
  • Design ICS endpoint security programs balancing security hardening with operational availability and safety requirements.
5 ICS Security Monitoring
2 topics

OT monitoring

  • Apply passive ICS network monitoring using OT-specific IDS to detect protocol anomalies and unauthorized commands.
  • Apply ICS asset discovery and monitoring using passive fingerprinting to maintain real-time inventory without disrupting operations.
  • Analyze ICS network alerts to distinguish legitimate operational changes from potential cyber attacks on industrial processes.

Threat detection

  • Apply ICS-specific SIEM integration including OT log collection protocol-aware correlation and ICS alert prioritization.
  • Apply behavioral analysis for ICS networks to detect process manipulation command injection and configuration tampering.
  • Design ICS security monitoring architectures integrating IT and OT visibility while respecting operational constraints.
6 ICS Vulnerability Management
2 topics

Assessment techniques

  • Apply non-intrusive ICS vulnerability assessment using passive scanning configuration review and firmware analysis.
  • Apply ICS patch management strategies balancing vulnerability remediation with operational continuity and vendor support.
  • Analyze ICS vulnerability severity considering safety impact process disruption and cascading failure potential.

Risk mitigation

  • Apply compensating controls including network isolation application whitelisting and protocol filtering when patching is infeasible.
  • Apply ICS security testing in lab environments using digital twins and simulation to validate patches before production deployment.
  • Design ICS vulnerability management programs incorporating risk-based prioritization vendor coordination and maintenance windows.
7 ICS Incident Response
2 topics

Safety-aware IR

  • Apply ICS incident detection using OT-specific indicators including process variable anomalies setpoint changes and logic modifications.
  • Apply ICS containment procedures prioritizing human safety process stability and environmental protection over data preservation.
  • Analyze ICS incident artifacts including PLC logic changes HMI screenshots and historian data to determine attack scope.

Recovery and continuity

  • Apply ICS recovery procedures including PLC logic restoration configuration rollback and process restart verification.
  • Apply ICS business continuity including manual override procedures backup control systems and degraded operations planning.
  • Design ICS incident response plans coordinating IT security OT engineering safety teams and regulatory notification requirements.
8 ICS Governance and Compliance
2 topics

Regulatory frameworks

  • Apply NERC CIP standards for bulk electric system cybersecurity including asset identification security management and incident reporting.
  • Apply IEC 62443 industrial automation security standards for zone and conduit design security levels and component requirements.
  • Apply NIST SP 800-82 guidelines for ICS security including risk assessment security architecture and operational procedures.

Compliance management

  • Analyze ICS compliance gaps against applicable frameworks to identify deficiencies and prioritize remediation efforts.
  • Apply ICS audit procedures including evidence collection control testing and documentation for regulatory compliance.
  • Design ICS governance programs integrating cybersecurity requirements with safety management and operational excellence frameworks.
9 IT/OT Convergence Security
2 topics

Convergence challenges

  • Apply IT/OT convergence security assessment to identify risks from connecting previously isolated industrial networks to enterprise IT.
  • Apply cloud-connected ICS security including edge computing IoT gateway protection and cloud-based historian security.
  • Analyze data flow between IT and OT environments to identify insecure interfaces unprotected APIs and excessive connectivity.

Unified security

  • Apply unified IT/OT security monitoring integrating enterprise SIEM with OT-specific detection for holistic threat visibility.
  • Apply zero-trust principles to ICS environments including microsegmentation identity verification and continuous monitoring.
  • Design converged IT/OT security strategies addressing cultural differences technology constraints and shared risk management.
10 ICS Security Program Management
2 topics

Program development

  • Apply ICS security risk assessment using quantitative methods to evaluate threats to critical infrastructure and prioritize investments.
  • Apply ICS security awareness training for operators engineers and managers addressing OT-specific threats and safe practices.
  • Analyze ICS security program effectiveness using metrics including incident rates compliance status and vulnerability trends.

Strategic planning

  • Apply ICS security roadmap development incorporating technology upgrades process improvements and capability maturation.
  • Design ICS security investment strategies balancing protection of legacy systems with modernization and digital transformation goals.
  • Analyze emerging ICS threats including AI-powered attacks quantum computing risks and advanced persistent threats to critical infrastructure.

Scope

Included Topics

  • All domains in EC-Council ICS/SCADA cybersecurity covering industrial control system security architecture protocols risk management and incident response.
  • ICS architecture including SCADA DCS PLC RTU HMI and the Purdue model for industrial network segmentation.
  • OT protocols including Modbus DNP3 OPC-UA EtherNet/IP and BACnet security analysis and hardening.
  • ICS threat landscape including nation-state attacks on critical infrastructure ICS-specific malware and insider threats.
  • ICS security monitoring including OT-specific IDS passive network monitoring and anomaly detection in industrial environments.
  • ICS incident response including safety-aware containment recovery procedures and coordination with operational teams.
  • ICS governance including NERC CIP IEC 62443 and NIST SP 800-82 compliance frameworks.

Not Covered

  • IT network penetration testing covered by CEH and CPENT.
  • General SOC operations covered by CSA.
  • IT incident response procedures covered by ECIH.
  • IT forensics covered by CHFI.
  • Executive governance covered by CCISO.

Official Exam Page

Learn more at EC-Council

Visit

ICS-SCADA is coming soon

Adaptive learning that maps your knowledge and closes your gaps.

Create Free Account to Be Notified

Trademark Notice

EC-Council®, CEH®, and all EC-Council certification marks are registered trademarks of the International Council of Electronic Commerce Consultants. EC-Council does not endorse this product.

AccelaStudy® and Renkara® are registered trademarks of Renkara Media Group, Inc. All third-party marks are the property of their respective owners and are used for nominative identification only.