CompTIA CySA+ Cybersecurity Analyst

Name: CompTIA CySA+ Cybersecurity Analyst
SKU: 17774
Price: 2795 USD
Availability: InStock

Add to Wishlist

Download PDF

Description

This course covers the duties of cybersecurity analysts who are responsible for monitoring and detecting security incidents in information systems and networks, and for executing a proper response to such incidents. Depending on the size of the organization, this individual may act alone or may be a member of a cybersecurity incident response team (CSIRT). The course introduces tools and tactics to manage cybersecurity risks, identify various types of common threats, evaluate the organization’s security, collect and analyze cybersecurity intelligence, and handle incidents as they occur. Ultimately, the course promotes a comprehensive approach to security aimed toward those on the front lines of defense.

Outline

Module 1 / Threat Management 1

Cybersecurity Analysts

Cybersecurity Roles and Responsibilities
Frameworks and Security Controls
Risk Evaluation
Penetration Testing Processes
Reconnaissance Techniques
The Kill Chain
Open Source Intelligence
Social Engineering
Topology Discovery
Service Discovery
OS Fingerprinting

Module 2 / Threat Management 2

Security Appliances

Configuring Firewalls
Intrusion Detection and Prevention
Configuring IDS
Malware Threats
Configuring Anti-virus Software
Sysinternals
Enhanced Mitigation Experience Toolkit

Logging and Analysis

Packet Capture
Packet Capture Tools
Monitoring Tools
Log Review and SIEM
SIEM Data Outputs
SIEM Data Analysis
Point-in-Time Data Analysis

Mdoule 3 / Vulnerability Management

Managing Vulnerabilities

Vulnerability Management Requirements
Asset Inventory
Data Classification
Vulnerability Management Processes
Vulnerability Scanners
Microsoft Baseline
Security Analyzer
Vulnerability Feeds and SCAP
Configuring Vulnerability Scans
Vulnerability Scanning Criteria
Exploit Frameworks

Remediating Vulnerabilities

Analyzing Vulnerability Scans
Remediation and Change Control
Remediating Host Vulnerabilities
Remediating Network Vulnerabilities
Remediating Virtual Infrastructure Vulnerabilities

Secure Software Development

Software Development Lifecycle
Software Vulnerabilities
Software Security Testing
Interception Proxies
Web Application Firewalls
Source Authenticity
Reverse Engineering

Module 4 / Cyber Incident Response

Incident Response

Incident Response Processes
Threat Classification
Incident Severity and Prioritization
Types of Data

Forensics Tools

Digital Forensics Investigations
Documentation and Forms
Digital Forensics Crime Scene
Digital Forensics Kits
Image Acquisition
Password Cracking
Analysis Utilities

Incident Analysis and Recovery

Analysis and Recovery Frameworks
Analyzing Network Symptoms
Analyzing Host Symptoms
Analyzing Data Exfiltration
Analyzing Application Symptoms
Using Sysinternals
Containment Techniques
Eradication Techniques
Validation Techniques
Corrective Actions

Module 5 / Security Architecture

Secure Network Design

Network Segmentation
Blackholes, Sinkholes, and Honeypots
System Hardening
Group Policies and MAC
Endpoint Security

Managing Identities and Access

Network Access Control
Identity Management
Identity Security Issues
Identity Repositories
Context-based Authentication
Single Sign On and Federations
Exploiting Identities
Exploiting Web Browsers and Application

Security Frameworks and Policies

Frameworks and Compliance
Reviewing Security Architecture
Procedures and Compensating Controls
Verifications and Quality Control
Security Policies and Procedures
Personnel Policies and Training

PreRequisites

CompTIA CySA+ certification is aimed at IT professionals with (or seeking) job roles such as IT Security Analyst, Security Operations Center (SOC) Analyst, Vulnerability Analyst, Cybersecurity Specialist, Threat Intelligence Analyst, and Security Engineer.
Ideally, you should have successfully completed gtslearning’s “CompTIA Network+ Certification” and “CompTIA Security+ Certification” courses or have equivalent knowledge. Specifically, it is recommended that you have the following skills and knowledge before starting this course:

Know basic network terminology and functions (such as OSI Model, Topology, Ethernet, Wi-Fi, switches, routers).
Understand TCP/IP addressing, core protocols, and troubleshooting tools.
Identify network attack strategies and defenses.
Know the technologies and uses of cryptographic standards and products.
Identify network- and host-based security technologies and practices.
Describe the standards and products used to enforce security on web and communications technologies.

Audience

This course is designed to assist students in preparing for the CompTIA® Cybersecurity Analyst (CySA+®) (Exam CS0-001) certification examination. What you learn and practice in this course can be a significant part of your preparation.

In addition, this course can help students who are looking to fulfill DoD directive 8570.01 for information assurance (IA) training. This program is designed for personnel performing IA functions, establishing IA policies, and implementing security measures and procedures for the Department of Defense and affiliated information systems and networks.

Starting From