CompTIA CySA+ (Cybersecurity Analyst+) CS0-002
About this course
CompTIA Cybersecurity Analyst (CySA+) is an IT workforce certification that applies behavioral analytics to networks and devices to prevent, detect, and combat cybersecurity threats through continuous security monitoring.
As attackers have learned to evade traditional signature-based solutions, such as firewalls and anti-virus software, an analytics-based approach within the IT security industry is increasingly important for organizations. CompTIA CySA+ applies behavioral analytics to networks to improve the overall state of security through identifying and combating malware and advanced persistent threats (APTs), resulting in enhanced threat visibility across a broad attack surface. It will validate an IT professional’s ability to proactively defend and continuously improve the security of an organization.
The CompTIA Cybersecurity Analyst (CySA+) certification verifies that successful candidates have the knowledge and skills required to leverage intelligence and threat detection techniques, analyze and interpret data, identify and address vulnerabilities, suggest preventative measures, and effectively respond to and recover from incidents.
Course Outline
Module 1: Intro & Threat and Vulnerability Management
1. Instructor Introduction
2. About the Exam
3. Test Taking Tips and Techniques
4. Explain the importance of threat data and intelligence
5. Given a scenario, utilize threat intelligence to support organizational security
6. Given a scenario, perform vulnerability management activities pt.1
7. Given a scenario, perform vulnerability management activities pt.2
8. Given a scenario, analyze the output from common vulnerability assessment tools
9. Explain the threats and vulnerabilities associated with the specialized technology
10. Explain the threats and vulnerabilities associated with operating in the cloud
11. Given a scenario, implement controls to mitigate attacks and software vulnerabilities pt.1
12. Given a scenario, implement controls to mitigate attacks and software vulnerabilities pt.2
Module 2: Software and Systems Security
1. Given a scenario, apply security solutions for infrastructure management pt.1
2. Given a scenario, apply security solutions for infrastructure management pt.2
3. Given a scenario, apply security solutions for infrastructure management pt.3
4. Explain software assurance best practices
5. Explain hardware assurance best practices
Module 3: Security Operations and Monitoring
1. Given a scenario, analyze data as part of security monitoring activities pt.1
2. Given a scenario, analyze data as part of security monitoring activities pt.2
3. Given a scenario, analyze data as part of security monitoring activities pt.3
4. Given a scenario, implement configuration changes to existing controls to improve security pt.1
5. Given a scenario, implement configuration changes to existing controls to improve security pt.2
6. Explain the importance of proactive threat hunting
7. Compare and contrast automation concepts and technologies CompTIACySA+ CS0-002 C
Module 4: Incident Response
1. Explain the importance of the incident response process
2. Given a scenario, apply the appropriate incident response procedure
3. Given an incident, analyze potential indicators of compromise
4. Given a scenario, utilize basic digital forensic techniques
Module 5: Compliance and Assessment
1. Understand the importance of data privacy and protection
2. Given a scenario, apply security concepts in support of organizational risk mitigation pt.1
3. Given a scenario, apply security concepts in support of organizational risk mitigation pt.2
4. Explain the importance of frameworks, policies, procedures and controls pt.1
5. Explain the importance of frameworks, policies, procedures and controls pt.2
Module 6: Afterword
1. Recap
2. Review Questions
3. Before the exam