CompTIA CySA+ (CS0-002)

This Course Includes:

Get certified for the CySA+ CS0-002 exam with the CompTIA Cybersecurity Analyst (CySA+) course and lab. The lab provides a hands-on learning experience in a safe, online environment. The CySA+ study guide covers the CS0-002 exam objectives and provides an understanding of the topics such as firewalls and anti-virus software. The CySA+ practice test will provide you an analytics-based approach within the IT security industry that is increasingly important for organisations.

What do you get:

The CompTIA CySA+ certification proves that the candidate has the ability required for identifying and combating malware and advanced persistent threats (APTs), resulting in enhanced threat visibility across a broad attack surface. The CompTIA CySA+ CS0-002 exam enhances the intelligence and threat detection techniques required in the market along with analysing and interpreting data and identifying and addressing vulnerabilities.

Lessons 1: Introduction

  • Goals and Methods
  • Who Should Read This Course?
  • Strategies for Exam Preparation
  • How the Course Is Organised

Lessons 2: The Importance of Threat Data and Intelligence

  • Intelligence Sources
  • Indicator Management
  • Threat Classification
  • Threat Actors
  • Intelligence Cycle
  • Commodity Malware
  • Information Sharing and Analysis Communities

Lessons 3: Utilising Threat Intelligence to Support Organisational Security

  • Attack Frameworks
  • Threat Research
  • Threat Modeling Methodologies
  • Threat Intelligence Sharing with Supported Functions

Lessons 4: Vulnerability Management Activities

  • Vulnerability Identification
  • Validation
  • Remediation/Mitigation
  • Scanning Parameters and Criteria
  • Inhibitors to Remediation

Lessons 5: Analysing Assessment Output

  • Web Application Scanner
  • Infrastructure Vulnerability Scanner
  • Software Assessment Tools and Techniques
  • Enumeration
  • Wireless Assessment Tools
  • Cloud Infrastructure Assessment Tools

Lessons 6: Threats and Vulnerabilities Associated with Specialised Technology

  • Mobile
  • Internet of Things (IoT)
  • Embedded Systems
  • Real-Time Operating System (RTOS)
  • System-on-Chip (SoC)
  • Field Programmable Gate Array (FPGA)
  • Physical Access Control
  • Building Automation Systems
  • Vehicles and Drones
  • Workflow and Process Automation Systems
  • Incident Command System (ICS)
  • Supervisory Control and Data Acquisition (SCADA)

Lessons 7: Threats and Vulnerabilities Associated with Operating in the Cloud

  • Cloud Deployment Models
  • Cloud Service Models
  • Function as a Service (FaaS)/Serverless Architecture
  • Infrastructure as Code (IaC)
  • Insecure Application Programming Interface (API)
  • Improper Key Management
  • Unprotected Storage
  • Logging and Monitoring

Lessons 8: Implementing Controls to Mitigate Attacks and Software Vulnerabilities

  • Attack Types
  • Vulnerabilities

Lessons 9: Security Solutions for Infrastructure Management

  • Cloud vs. On-premises
  • Asset Management
  • Segmentation
  • Network Architecture
  • Change Management
  • Virtualisation
  • Containerisation
  • Identity and Access Management
  • Cloud Access Security Broker (CASB)
  • Honeypot
  • Monitoring and Logging
  • Encryption
  • Certificate Management
  • Active Defense

Lessons 10: Software Assurance Best Practices

  • Platforms
  • Software Development Life Cycle (SDLC) Integration
  • DevSecOps
  • Software Assessment Methods
  • Secure Coding Best Practices
  • Static Analysis Tools
  • Dynamic Analysis Tools
  • Formal Methods for Verification of Critical Software
  • Service-Oriented Architecture

Lessons 11: Hardware Assurance Best Practices

  • Hardware Root of Trust
  • eFuse
  • Unified Extensible Firmware Interface (UEFI)
  • Trusted Foundry
  • Secure Processing
  • Anti-Tamper
  • Self-Encrypting Drives
  • Trusted Firmware Updates
  • Measured Boot and Attestation
  • Bus Encryption

Lessons 12: Analysing Data as Part of Security Monitoring Activities

  • Heuristics
  • Trend Analysis
  • Endpoint
  • Network
  • Log Review
  • Impact Analysis
  • Security Information and Event Management (SIEM) Review
  • Query Writing
  • E-mail Analysis

Lessons 13: Implementing Configuration Changes to Existing Controls to Improve Security

  • Permissions
  • Whitelisting and Blacklisting
  • Firewall
  • Intrusion Prevention System (IPS) Rules
  • Data Loss Prevention (DLP)
  • Endpoint Detection and Response (EDR)
  • Network Access Control (NAC)
  • Sinkholing
  • Malware Signatures
  • Sandboxing
  • Port Security

Lessons 14: The Importance of Proactive Threat Hunting

  • Establishing a Hypothesis
  • Profiling Threat Actors and Activities
  • Threat Hunting Tactics
  • Reducing the Attack Surface Area
  • Bundling Critical Assets
  • Attack Vectors
  • Integrated Intelligence
  • Improving Detection Capabilities

Lessons 15: Automation Concepts and Technologies

  • Workflow Orchestration
  • Scripting
  • Application Programming Interface (API) Integration
  • Automated Malware Signature Creation
  • Data Enrichment
  • Threat Feed Combination
  • Machine Learning
  • Use of Automation Protocols and Standards
  • Continuous Integration
  • Continuous Deployment/Delivery

Lessons 16: The Incident Response Process

  • Communication Plan
  • Response Coordination with Relevant Entities
  • Factors Contributing to Data Criticality

Lessons 17: Applying the Appropriate Incident Response Procedure

  • Preparation
  • Detection and Analysis
  • Containment
  • Eradication and Recovery
  • Post-Incident Activities

Lessons 18: Analysing Potential Indicators of Compromise

  • Network-Related Indicators of Compromise
  • Host-Related Indicators of Compromise
  • Application-Related Indicators of Compromise

Lessons 19: Utilising Basic Digital Forensics Techniques

  • Network
  • Endpoint
  • Mobile
  • Cloud
  • Virtualisation
  • Legal Hold
  • Procedures
  • Hashing
  • Carving
  • Data Acquisition

Lessons 20: The Importance of Data Privacy and Protection

  • Privacy vs. Security
  • Non-technical Controls
  • Technical Controls

Lessons 21: Applying Security Concepts in Support of Organisational Risk Mitigation

  • Business Impact Analysis
  • Risk Identification Process
  • Risk Calculation
  • Communication of Risk Factors
  • Risk Prioritisation
  • Systems Assessment
  • Documented Compensating Controls
  • Training and Exercises
  • Supply Chain Assessment

Lessons 22: The Importance of Frameworks, Policies, Procedures, and Controls

  • Frameworks
  • Policies and Procedures
  • Category
  • Control Type
  • Audits and Assessments

Exam FAQs

FAQ's are not Available for this course.




22+ Lessons

Delivery Method:




Scroll to Top