CSSSP Level 2: Professional

CSSSP – Certified Space Systems Security Professional (Level II)

CSSSP Level II is a professional-level certification focused on managing, leading, and executing space cybersecurity operations across government, defense, and commercial space environments.

This course moves beyond foundational concepts to address space security governance, operational leadership, vulnerability management, investigations, incident response, threat intelligence, and forensic operations—all within the unique constraints of space missions and space-enabled systems.

Participants gain the skills required to manage space security programs, lead technical teams, oversee compliance and risk frameworks, coordinate investigations, and respond to cyber incidents affecting space assets, networks, and mission operations.

Professional Space Security Management & Operations. Domains include:

Space Security Management

• Managing Technical Space Security Operations
• Space RMF/ Cybersecurity Risk Management Construct (CSRMC), and Critical Controls
• Space Planning, Policy, Leadership
• Space Vulnerability Management
• Leadership Essentials
• Space Project Management
• Space Audit & Legal
• Space Law & Investigations

Space Incident Response & Threat Hunting

• Space Network Forensics
• Forensics
• Space Threat Intel & Forensics
• Malware Analysis & Space Threat Intelligence
• Space Cyber Threat Intelligence
• Space Battlefield Forensics

Learning Objectives

By the end of this course, participants will be able to:

• Manage and oversee space cybersecurity operations across mission lifecycles.
• Apply Space RMF and critical security controls at program and enterprise levels.
• Lead space security planning, policy, and governance efforts.
• Conduct and manage space vulnerability management programs.
• Apply leadership principles to space cybersecurity teams and missions.
• Manage space projects with integrated security objectives.
• Understand space audit, legal, and regulatory obligations.
• Lead and coordinate space cyber investigations.
• Execute space incident response and threat hunting activities.
• Apply space network forensics and battlefield forensics techniques.
• Analyze malware and space cyber threat intelligence.

Target Audience

• Space cybersecurity managers and leads
• SOC managers supporting space missions
• Space operations and mission assurance managers
• Government and defense cybersecurity leaders
• Space program managers and technical directors
• Incident response and threat intelligence professionals

Prerequisites

• CSSSP Level I (or equivalent experience)
• Experience in cybersecurity, space systems, or mission operations

2-Day Professional Course Outline

DAY 1 – Space Security Management, Governance, and Leadership

Module 1: Space Security Management & Technical Operations

Topics

• Space security as a mission assurance function
• Managing technical space security operations
• Integrating cyber, EW, and mission operations
• Security operations centers (SOC) for space missions
• Metrics, KPIs, and operational readiness

Workshop 1 – Space Security Operations Planning

• Design an operational model for a space security program
• Define roles, escalation paths, and success metrics

Module 2: Space RMF and Critical Security Controls

Topics

• Advanced application of RMF / CSRMC for space systems
• Space-specific tailoring of security controls
• Critical controls for space missions
• Continuous authorization and monitoring
• Managing inherited and shared controls

Workshop 2 – Space RMF Decision Exercise

• Evaluate risk acceptance decisions for a space mission
• Balance mission objectives with cyber risk

Module 3: Space Planning, Policy, and Leadership Essentials

Topics

• Space cybersecurity policy development
• Governance models for space organizations
• Leadership essentials for space security leaders
• Decision-making under uncertainty
• Communicating risk to executive and mission leadership

Workshop 3 – Executive Briefing Simulation

• Prepare and deliver a space cyber risk briefing
• Translate technical risk into mission impact

Module 4: Space Vulnerability Management & Program Oversight

Topics

• Vulnerability management for space systems
• Vulnerability disclosure and coordination
• Patch and configuration management constraints
• Risk-based prioritization for space missions
• Supply chain and third-party risk

Workshop 4 – Vulnerability Management Strategy

• Develop a vulnerability management plan for a space program
• Prioritize vulnerabilities based on mission criticality

Module 5: Space Project Management & Compliance Oversight

Topics

• Integrating security into space project management
• Security milestones and deliverables
• Managing contractors and integrators
• Space audit readiness
• Compliance tracking and reporting

Workshop 5 – Secure Space Project Planning

• Identify security deliverables across a project lifecycle
• Align schedule, cost, and risk

DAY 2 – Investigations, Incident Response, and Threat Intelligence

Module 6: Space Audit, Legal, and Investigations

Topics

• Space cybersecurity audits
• Legal considerations in space cyber incidents
• Evidence handling and chain of custody
• Jurisdictional and international considerations
• Supporting investigations and inquiries

Workshop 6 – Audit & Investigation Scenario

• Respond to an audit finding or legal inquiry
• Identify required evidence and actions

Module 7: Space Incident Response & Threat Hunting

Topics

• Incident response in space environments
• Detecting anomalies in space telemetry and networks
• Threat hunting methodologies for space systems
• Coordinating IR across space and ground segments
• Post-incident lessons learned

Workshop 7 – Space Incident Response Tabletop

• Respond to a simulated space cyber incident
• Make operational decisions under pressure

Module 8: Space Network Forensics & Battlefield Forensics

Topics

• Space network architectures and data sources
• Telemetry and command forensic analysis
• Ground station and relay network forensics
• Battlefield forensics in contested space environments
• Attribution challenges

Workshop 8 – Network Forensics Exercise

• Analyze simulated space network logs
• Identify attack indicators and timelines

Module 9: Malware Analysis & Space Threat Intelligence

Topics

• Malware targeting space systems
• Malware analysis approaches (static and dynamic)
• Threat actor TTPs in space cyber operations
• Mapping malware activity to mission impact

Workshop 9 – Malware Intelligence Analysis

• Analyze a simulated malware report
• Extract indicators and assess mission risk

Module 10: Space Cyber Threat Intelligence & Fusion Analysis

Topics

• Space cyber threat intelligence lifecycle
• Intelligence sources and collection
• Fusing cyber, EW, and kinetic intelligence
• Space threat intelligence reporting

Workshop 10 – Threat Intelligence Fusion

• Produce a space cyber threat intelligence briefing
• Integrate multiple intelligence sources

Module 11: Space Battlefield Forensics & Strategic Attribution

Topics

• Battlefield forensics in space operations
• Attribution challenges in space cyber conflict
• Strategic, operational, and tactical analysis
• Supporting command-level decisions

Capstone Exercise – Space Incident & Intelligence Case

• Lead an end-to-end investigation:
  • Incident response
  • Forensics
  • Threat intelligence
  • Executive reporting

Examination Description

CSSSP Level II Certification Exam

• Format: Multiple-choice + scenario-based questions
• Number of Questions: 75
• Duration: 120 minutes
• Passing Score: 75%

Exam Domains

1. Space Security Management & Leadership
2. Space RMF/ Cybersecurity Risk Management Construct (CSRMC), and Critical Controls
3. Space Vulnerability & Risk Management
4. Incident Response & Threat Hunting
5. Space Forensics & Investigations
6. Malware Analysis & Threat Intelligence

Exam Emphasis

• Operational decision-making
• Management judgment
• Incident leadership
• Intelligence-informed defense

Certification Awarded

Certified Space Systems Security Professional (CSSSP) – Level II (Professional)

 CSSSP Level II Examination Overview

The CSSSP Level II exam validates professional-level competence in managing, leading, and executing space cybersecurity operations.
It focuses on operational decision-making, governance, investigations, incident response, vulnerability management, and threat intelligence, rather than purely theoretical knowledge.

This exam assesses the candidate’s ability to apply security frameworks, manage teams, respond to incidents, oversee investigations, and integrate intelligence into space mission security operations.

Exam Format

• Exam Type: Proctored, closed book
• Question Format:
  • Multiple-choice (single best answer)
  • Scenario-based questions
• Number of Questions: 40
• Duration: 90 minutes
• Passing Score: 70%
• Difficulty Level: Professional / Operational

CSSSP Level II Exam Domains & Weighting

Domain 1: Space Security Management & Leadership (18%)

• Managing space cybersecurity operations
• Technical and operational leadership responsibilities
• SOC and mission security operations
• Metrics, KPIs, and readiness
• Communicating cyber risk to leadership

Domain 2: Space RMF, Critical Controls & Governance (17%)

• Advanced application of RMF / CSRMC
• Tailoring security controls for space missions
• Continuous authorization and monitoring
• Policy development and enforcement
• Governance models for space organizations

Domain 3: Space Vulnerability Management & Risk Oversight (15%)

• Vulnerability identification and prioritization
• Space patch and configuration management constraints
• Supply chain and third-party risk
• Risk acceptance and mitigation strategies
• Vulnerability disclosure coordination

Domain 4: Space Incident Response & Threat Hunting (17%)

• Incident response lifecycle for space systems
• Coordinating ground and space response activities
• Threat hunting methodologies
• Post-incident analysis and lessons learned
• Operational decision-making under attack

Domain 5: Space Forensics, Audit & Legal Considerations (16%)

• Space network and telemetry forensics
• Evidence handling and chain of custody
• Audit readiness and compliance
• Legal, regulatory, and jurisdictional considerations
• Supporting investigations and inquiries

Domain 6: Space Threat Intelligence & Malware Analysis (17%)

• Space cyber threat intelligence lifecycle
• Intelligence sources and fusion
• Malware targeting space systems
• Adversary TTPs and mission impact
• Intelligence reporting and briefing

Scoring & Certification Policy

• Minimum passing score: 75%
• Results reported as Pass / Fail
• Retakes allowed after defined waiting period
• Certification applies to the CSSSP professional tier

Certification Awarded

Upon successful completion, candidates earn:

Certified Space Systems Security Professional (CSSSP) – Level II (Professional)

CSSSP Level II Positioning

Exam Philosophy

The CSSSP Level II exam evaluates the candidate’s ability to:

• Make operational and leadership decisions
• Manage complex space security programs
• Lead incident response and investigations
• Apply threat intelligence to mission defense

It emphasizes judgment, prioritization, and mission impact over rote memorization.