Get certified for the CySA+ CS0-002 exam with the CompTIA Cybersecurity Analyst (CySA+) course and lab. The lab provides a hands-on learning experience in a safe, online environment. The CySA+ study guide covers the CS0-002 exam objectives and provides an understanding of the topics such as firewalls and anti-virus software. The CySA+ practice test will provide you an analytics-based approach within the IT security industry that is increasingly important for organisations.
What do you get:
The CompTIA CySA+ certification proves that the candidate has the ability required for identifying and combating malware and advanced persistent threats (APTs), resulting in enhanced threat visibility across a broad attack surface. The CompTIA CySA+ CS0-002 exam enhances the intelligence and threat detection techniques required in the market along with analysing and interpreting data and identifying and addressing vulnerabilities.
Lessons 1: Introduction
- Goals and Methods
- Who Should Read This Course?
- Strategies for Exam Preparation
- How the Course Is Organised
Lessons 2: The Importance of Threat Data and Intelligence
- Intelligence Sources
- Indicator Management
- Threat Classification
- Threat Actors
- Intelligence Cycle
- Commodity Malware
- Information Sharing and Analysis Communities
Lessons 3: Utilising Threat Intelligence to Support Organisational Security
- Attack Frameworks
- Threat Research
- Threat Modeling Methodologies
- Threat Intelligence Sharing with Supported Functions
Lessons 4: Vulnerability Management Activities
- Vulnerability Identification
- Validation
- Remediation/Mitigation
- Scanning Parameters and Criteria
- Inhibitors to Remediation
Lessons 5: Analysing Assessment Output
- Web Application Scanner
- Infrastructure Vulnerability Scanner
- Software Assessment Tools and Techniques
- Enumeration
- Wireless Assessment Tools
- Cloud Infrastructure Assessment Tools
Lessons 6: Threats and Vulnerabilities Associated with Specialised Technology
- Mobile
- Internet of Things (IoT)
- Embedded Systems
- Real-Time Operating System (RTOS)
- System-on-Chip (SoC)
- Field Programmable Gate Array (FPGA)
- Physical Access Control
- Building Automation Systems
- Vehicles and Drones
- Workflow and Process Automation Systems
- Incident Command System (ICS)
- Supervisory Control and Data Acquisition (SCADA)
Lessons 7: Threats and Vulnerabilities Associated with Operating in the Cloud
- Cloud Deployment Models
- Cloud Service Models
- Function as a Service (FaaS)/Serverless Architecture
- Infrastructure as Code (IaC)
- Insecure Application Programming Interface (API)
- Improper Key Management
- Unprotected Storage
- Logging and Monitoring
Lessons 8: Implementing Controls to Mitigate Attacks and Software Vulnerabilities
- Attack Types
- Vulnerabilities
Lessons 9: Security Solutions for Infrastructure Management
- Cloud vs. On-premises
- Asset Management
- Segmentation
- Network Architecture
- Change Management
- Virtualisation
- Containerisation
- Identity and Access Management
- Cloud Access Security Broker (CASB)
- Honeypot
- Monitoring and Logging
- Encryption
- Certificate Management
- Active Defense
Lessons 10: Software Assurance Best Practices
- Platforms
- Software Development Life Cycle (SDLC) Integration
- DevSecOps
- Software Assessment Methods
- Secure Coding Best Practices
- Static Analysis Tools
- Dynamic Analysis Tools
- Formal Methods for Verification of Critical Software
- Service-Oriented Architecture
Lessons 11: Hardware Assurance Best Practices
- Hardware Root of Trust
- eFuse
- Unified Extensible Firmware Interface (UEFI)
- Trusted Foundry
- Secure Processing
- Anti-Tamper
- Self-Encrypting Drives
- Trusted Firmware Updates
- Measured Boot and Attestation
- Bus Encryption
Lessons 12: Analysing Data as Part of Security Monitoring Activities
- Heuristics
- Trend Analysis
- Endpoint
- Network
- Log Review
- Impact Analysis
- Security Information and Event Management (SIEM) Review
- Query Writing
- E-mail Analysis
Lessons 13: Implementing Configuration Changes to Existing Controls to Improve Security
- Permissions
- Whitelisting and Blacklisting
- Firewall
- Intrusion Prevention System (IPS) Rules
- Data Loss Prevention (DLP)
- Endpoint Detection and Response (EDR)
- Network Access Control (NAC)
- Sinkholing
- Malware Signatures
- Sandboxing
- Port Security
Lessons 14: The Importance of Proactive Threat Hunting
- Establishing a Hypothesis
- Profiling Threat Actors and Activities
- Threat Hunting Tactics
- Reducing the Attack Surface Area
- Bundling Critical Assets
- Attack Vectors
- Integrated Intelligence
- Improving Detection Capabilities
Lessons 15: Automation Concepts and Technologies
- Workflow Orchestration
- Scripting
- Application Programming Interface (API) Integration
- Automated Malware Signature Creation
- Data Enrichment
- Threat Feed Combination
- Machine Learning
- Use of Automation Protocols and Standards
- Continuous Integration
- Continuous Deployment/Delivery
Lessons 16: The Incident Response Process
- Communication Plan
- Response Coordination with Relevant Entities
- Factors Contributing to Data Criticality
Lessons 17: Applying the Appropriate Incident Response Procedure
- Preparation
- Detection and Analysis
- Containment
- Eradication and Recovery
- Post-Incident Activities
Lessons 18: Analysing Potential Indicators of Compromise
- Network-Related Indicators of Compromise
- Host-Related Indicators of Compromise
- Application-Related Indicators of Compromise
Lessons 19: Utilising Basic Digital Forensics Techniques
- Network
- Endpoint
- Mobile
- Cloud
- Virtualisation
- Legal Hold
- Procedures
- Hashing
- Carving
- Data Acquisition
Lessons 20: The Importance of Data Privacy and Protection
- Privacy vs. Security
- Non-technical Controls
- Technical Controls
Lessons 21: Applying Security Concepts in Support of Organisational Risk Mitigation
- Business Impact Analysis
- Risk Identification Process
- Risk Calculation
- Communication of Risk Factors
- Risk Prioritisation
- Systems Assessment
- Documented Compensating Controls
- Training and Exercises
- Supply Chain Assessment
Lessons 22: The Importance of Frameworks, Policies, Procedures, and Controls
- Frameworks
- Policies and Procedures
- Category
- Control Type
- Audits and Assessments