CompTIA Cybersecurity Analyst (CySA+)
Introduction
CompTIA CySA+ is the only intermediate high-stakes cybersecurity analyst certification with both hands-on, performance-based questions and multiple-choice questions. CySA+ focuses on the candidates’ ability to not only proactively capture, monitor and respond to network traffic findings, but also emphasizes software and application security, automation, threat hunting and IT regulatory compliance, which affects the daily work of security analysts. CySA+ covers the most up-to-date core security analyst skills and upcoming job skills used by threat intelligence analysts, application security analysts, compliance analysts, incident responders/handlers and threat hunters, bringing new techniques for combating threats inside and outside of the Security Operations Center (SOC).
Target Audience
This course is designed primarily for cybersecurity practitioners who perform job functions related to protecting information systems by ensuring their availability, integrity, authentication, confidentiality and non-repudiation. This course focuses on the knowledge, ability and skills necessary to provide for the defence of those information systems in a cybersecurity context, including protection, detection, analysis, investigation and response processes. In addition, the course ensures that all members of an IT team, everyone from helpdesk staff to the Chief Information Officer to understand their roles in these security processes.
Prerequisites
Before attending this course, delegates must have achieved the following requirements:
- At least two years (recommended) of experience in computer network security technology or a related field
- The ability to recognize information security vulnerabilities and threats in the context of risk management
- Foundation-level operational skills with some of the common operating systems for computing environments
- Foundational knowledge of the concepts and operational framework of common assurance safeguards in computing environments. Safeguards include but are not limited to basic authentication and authorization, resource permissions and anti-malware mechanisms
- Foundation-level understanding of some of the common concepts for network environments, such as routing and switching
- Foundational knowledge of major TCP/IP networking protocols, including but not limited to TCP, IP, UDP, DNS, HTTP, ARP, ICMP and DHCP
- Foundational knowledge of the concepts and operational framework of common assurance safeguards in network environments. Safeguards include, but are not limited to firewalls, intrusion prevention systems and VPNs
What Skills Will You Learn?
- Threat and Vulnerability Management
- Software and Systems Security
- Compliance and Assessment
- Security Operations and Monitoring
- Incident Response
Jobs that use CompTIA CySA+
- Security Analyst
- Security Engineer
- Incident Response or Handler
- Threat Hunter
- Threat Intelligence Analyst
- Application Security Analyst
- Compliance Analyst
Course Outline
- 1 - ASSESSING INFORMATION SECURITY RISK
- 2 - ANALYSING THE THREAT LANDSCAPE
- 3 - ANALYSING RECONNAISSANCE THREATS TO COMPUTING AND NETWORK ENVIRONMENTS
- 4 - ANALYSING ATTACKS ON COMPUTING AND NETWORK ENVIRONMENTS
- 5 - ANALYSING POST-ATTACK TECHNIQUES
- 6 - MANAGING VULNERABILITIES IN THE ORGANIZATION
- 7 - IMPLEMENTING PENETRATION TESTING TO EVALUATE SECURITY
- 8 - COLLECTING CYBERSECURITY INTELLIGENCE
- 9 - ANALYSING LOG DATA
- 10 - PERFORMING ACTIVE ASSET AND NETWORK ANALYSIS
- 11 - RESPONDING TO CYBERSECURITY INCIDENTS
- 12 - INVESTIGATING CYBERSECURITY INCIDENTS
- 13 - ADDRESSING SECURITY ARCHITECTURE ISSUES
- Identify the Importance of Risk Management
- Assess Risk
- Mitigate Risk
- Integrate Documentation into Risk Management
- Classify Threats and Threat Profiles
- Perform Ongoing Threat Research
- Implement Threat Modeling
- Assess the Impact of Reconnaissance Incidents
- Assess the Impact of Social Engineering
- Assess the Impact of System Hacking Attacks
- Assess the Impact of Web-Based Attacks
- Assess the Impact of Malware
- Assess the Impact of Hijacking and Impersonation Attacks
- Assess the Impact of DoS Incidents
- Assess the Impact of Threats to Mobile Security
- Assess the Impact of Threats to Cloud Security
- Assess Command and Control Techniques
- Assess Persistence Techniques
- Assess Lateral Movement and Pivoting Techniques
- Assess Data Exfiltration Techniques
- Assess Anti-Forensics Techniques
- Implement a Vulnerability Management Plan
- Assess Common Vulnerabilities
- Conduct Vulnerability Scans
- Conduct Penetration Tests on Network Assets
- Follow Up on Penetration Testing
- Deploy a Security Intelligence Collection and Analysis Platform
- Collect Data from Network-Based Intelligence Sources
- Collect Data from Host-Based Intelligence Sources
- Use Common Tools to Analyse Logs
- Use SIEM Tools for Analysis
- Parse Log Files with Regular Expressions
- Analyse Incidents with Windows-Based Tools
- Analyse Incidents with Linux-Based Tools
- Analyse Malware
- Analyse Indicators of Compromise
- Deploy an Incident Handling and Response Architecture
- Mitigate Incidents
- Prepare for Forensic Investigation as a CSIRT
- Apply Forensic Investigation Plan
- Securely Collect and Analyse Electronic Evidence
- Follow Up on the Results of an Investigation
- Remedies Identity and Access Management Issues
- Implement Security During the SDLC
Interested in our CompTIA Cybersecurity Analyst (CySA+) certification training? WhatsApp us or fill in form today!