CompTIA Cybersecurity Analyst (CySA )
(CS0-002.AE1) / ISBN : 978-1-64459-179-6
Skills You’ll Get
Get the support you need. Enroll in our Instructor-Led Course.
Interactive Lessons
18+ Interactive Lessons | 320+ Quizzes | 160+ Flashcards | 160+ Glossary of terms
Gamified TestPrep
85+ Pre Assessment Questions | 2+ Full Length Tests | 85+ Post Assessment Questions | 170+ Practice Test Questions
Hands-On Labs
30+ LiveLab | 00+ Minutes
Introduction
- What Does This Course Cover?
- Objectives Map for CompTIA Cybersecurity Analyst (CySA+) Exam CS0-002
Today’s Cybersecurity Analyst
- Cybersecurity Objectives
- Privacy vs. Security
- Evaluating Security Risks
- Building a Secure Network
- Secure Endpoint Management
- Penetration Testing
- Reverse Engineering
- The Future of Cybersecurity Analytics
- Summary
- Exam Essentials
Using Threat Intelligence
- Threat Data and Intelligence
- Threat Classification
- Attack Frameworks
- Applying Threat Intelligence Organizationwide
- Summary
- Exam Essentials
Reconnaissance and Intelligence Gathering
- Mapping and Enumeration
- Passive Footprinting
- Gathering Organizational Intelligence
- Detecting, Preventing, and Responding to Reconnaissance
- Summary
- Exam Essentials
Designing a Vulnerability Management Program
- Identifying Vulnerability Management Requirements
- Configuring and Executing Vulnerability Scans
- Developing a Remediation Workflow
- Overcoming Risks of Vulnerability Scanning
- Vulnerability Scanning Tools
- Summary
- Exam Essentials
Analyzing Vulnerability Scans
- Reviewing and Interpreting Scan Reports
- Validating Scan Results
- Common Vulnerabilities
- Summary
- Exam Essentials
Cloud Security
- Understanding Cloud Environments
- Operating in the Cloud
- Cloud Infrastructure Security
- Summary
- Exam Essentials
Infrastructure Security and Controls
- Understanding Defense-in-Depth
- Improving Security by Improving Controls
- Analyzing Security Architecture
- Summary
- Exam Essentials
Identity and Access Management Security
- Understanding Identity
- Threats to Identity and Access
- Identity as a Security Layer
- Federation and Single Sign-On
- Summary
- Exam Essentials
Software and Hardware Development Security
- Software Assurance Best Practices
- Designing and Coding for Security
- Software Security Testing
- Hardware Assurance Best Practices
- Summary
- Exam Essentials
Security Operations and Monitoring
- Security Monitoring
- Summary
- Exam Essentials
Building an Incident Response Program
- Security Incidents
- Phases of Incident Response
- Building the Foundation for Incident Response
- Creating an Incident Response Team
- Coordination and Information Sharing
- Classifying Incidents
- Summary
- Exam Essentials
Analyzing Indicators of Compromise
- Analyzing Network Events
- Investigating Host-Related Issues
- Investigating Service and Application-Related Issues
- Summary
- Exam Essentials
Performing Forensic Analysis and Techniques
- Building a Forensics Capability
- Understanding Forensic Software
- Conducting Endpoint Forensics
- Network Forensics
- Cloud, Virtual, and Container Forensics
- Conducting a Forensic Investigation
- Forensic Investigation: An Example
- Summary
- Exam Essentials
Containment, Eradication, and Recovery
- Containing the Damage
- Incident Eradication and Recovery
- Wrapping Up the Response
- Summary
- Exam Essentials
Risk Management
- Analyzing Risk
- Managing Risk
- Security Controls
- Summary
- Exam Essentials
Policy and Compliance
- Understanding Policy Documents
- Complying with Laws and Regulations
- Adopting a Standard Framework
- Implementing Policy-Based Controls
- Security Control Verification and Quality Control
- Summary
- Exam Essentials
Appendix: Video Tutorials
- Introduction
- Threat and Vulnerability Management
- Software and Systems Security
- Security Operations and Monitoring
- Incident Response
- Compliance and Assessment
- Afterword
Today’s Cybersecurity Analyst
- Setting up a Honeypot on Kali Linux
- Using the iptables Command to Create a Personal Firewall in Linux
Reconnaissance and Intelligence Gathering
- Using the hping Program
- Scanning the Local Network
- Performing Reconnaissance on a Network
- Identifying Search Options in Metasploit
- Making Syslog Entries Readable
- Using nslookup for Passive Reconnaissance
Designing a Vulnerability Management Program
- Conducting Vulnerability Scanning Using Nessus
- Using OWASP ZAP
- Inspecting the Vulnerability in the Echo Server's Source Code
- Performing Session Hijacking Using Burp Suite
- Using Nikto
- Performing Vulnerability Scanning Using OpenVAS
Analyzing Vulnerability Scans
- Attacking a Website Using XSS Injection
- Exploiting a Website Using SQL Injection
- Performing a MITM Attack
- Detecting Rootkits
Software and Hardware Development Security
- Encrypting and Decrypting Messages Using Kleopatra
- Encrypting and Decrypting a File Using AES Crypt
Security Operations and Monitoring
- Downloading and Installing Wireshark
Analyzing Indicators of Compromise
- Configuring Snort
- Simulating the DDoS Attack
- Confirming the Spoofing Attack in Wireshark
- Capturing a Packet Using Wireshark
- Performing a Memory-Based Attack
- Examining Audited Events
- Enabling Logging for Audited Objects
Performing Forensic Analysis and Techniques
- Using the MD5 Hash Algorithm
- Using Apktool to Decode and Analyze the apk file
Any questions?
Check out the FAQs
Still have unanswered questions and need to get in touch?
Contact Us NowThere is no required prerequisite for CompTIA CS0-001 certification exam, but the candidate should hold CompTIA Network+, Security+ or equivalent knowledge. He or she should have a minimum of 3-4 years of hands-on information security or related experience.
USD 359
Pricing and taxes may vary from country to country.
Pearson VUE
Multiple-choice and performance-based
The exam contains 85 questions.
165 minutes
750
(on a scale of 100-900)
In the event that you fail your first attempt at passing the CySA+ examination, CompTIA's retake policies are:
- CompTIA does not require a waiting period between the first and second attempt to pass such examination. However, if you need a third or subsequent attempt to pass the examination, you shall be required to wait for a period of at least 14 calendar days from the date of your last attempt before you can retake the exam.
- If a candidate has passed an exam, he/she cannot take it again without prior consent from CompTIA.
- A test result found to be in violation of the retake policy will not be processed, which will result in no credit awarded for the test taken. Repeat violators will be banned from participation in the CompTIA Certification Program.
- Candidates must pay the exam price each time they attempt the exam. CompTIA does not offer free re-tests or discounts on retakes.
CompTIA CySA+ certification expires after three years from the date of issue, after which the certification holder will need to renew their certification via CompTIA's Continuing Education Program.