CompTIA Cybersecurity Analyst (CySA+)
(pearson-cysa-plus-complete) / ISBN : 978-1-61691-993-1
About This Course
Gain hands-on experience to pass the CompTIA CySA+ CS0-001 certification exam with the CompTIA Cybersecurity Analyst (CySA+) course and lab. The lab is cloud-based, device-enabled, and can be easily integrated with an LMS. Interactive chapters comprehensively cover CompTIA CySA+ CS0-001 certification exam objectives and teach you how to configure and use threat detection tools; perform data analysis, and interpret the interpret the reports to protect an organization by identifying vulnerabilities, threats, and risks.
Skills You’ll Get
The CompTIA Cybersecurity Analyst (CySA+) certification is an internationally acknowledged vendor-neutral credential that applies behavioral analytics to improve the overall state of IT security. CompTIA CySA+ CS0-001 exam validates the critical knowledge and skills that are required to prevent, detect, and combat cybersecurity threats. The CS0-001 exam is also designed for IT security analysts, vulnerability analysts, or threat intelligence analysts.
Get the support you need. Enroll in our Instructor-Led Course.
Interactive Lessons
16+ Interactive Lessons | 227+ Quizzes | 543+ Flashcards | 543+ Glossary of terms
Gamified TestPrep
85+ Pre Assessment Questions | 2+ Full Length Tests | 85+ Post Assessment Questions | 170+ Practice Test Questions
Hands-On Labs
34+ LiveLab | 21+ Video tutorials | 38+ Minutes
Video Lessons
223+ Videos | 10:44+ Hours
Introduction
- Goals and Methods
- Who Should Read This Book?
- Strategies for Exam Preparation
Applying Environmental Reconnaissance Techniques
- Procedures/Common Tasks
- Variables
- Tools
- Review All Key Topics
Analyzing the Results of Network Reconnaissance
- Point-in-Time Data Analysis
- Data Correlation and Analytics
- Data Output
- Tools
- Review All Key Topics
Recommending and Implementing the Appropriate Response and Countermeasure
- Network Segmentation
- Honeypot
- Endpoint Security
- Group Policies
- ACLs
- Hardening
- Network Access Control
- Review All Key Topics
Practices Used to Secure a Corporate Environment
- Penetration Testing
- Reverse Engineering
- Training and Exercises
- Risk Evaluation
- Review All Key Topics
Implementing an Information Security Vulnerability Management Process
- Identification of Requirements
- Establish Scanning Frequency
- Configure Tools to Perform Scans According to Specification
- Execute Scanning
- Generate Reports
- Remediation
- Ongoing Scanning and Continuous Monitoring
- Review All Key Topics
Analyzing Scan Output and Identifying Common Vulnerabilities
- Analyzing Output Resulting from a Vulnerability Scan
- Common Vulnerabilities Found in Targets Within an Organization
- Review All Key Topics
Identifying Incident Impact and Assembling a Forensic Toolkit
- Threat Classification
- Factors Contributing to Incident Severity and Prioritization
- Forensics Kit
- Forensic Investigation Suite
- Review All Key Topics
The Incident Response Process
- Stakeholders
- Purpose of Communication Processes
- Role-Based Responsibilities
- Using Common Symptoms to Select the Best Course of Action to Support Incident Response
- Review All Key Topics
Incident Recovery and Post-Incident Response
- Containment Techniques
- Eradication Techniques
- Validation
- Corrective Actions
- Incident Summary Report
- Review All Key Topics
Frameworks, Policies, Controls, and Procedures
- Regulatory Compliance
- Frameworks
- Policies
- Controls
- Procedures
- Verifications and Quality Control
- Review All Key Topics
Remediating Security Issues Related to Identity and Access Management
- Security Issues Associated with Context-Based Authentication
- Security Issues Associated with Identities
- Security Issues Associated with Identity Repositories
- Security Issues Associated with Federation and Single Sign-on
- Exploits
- Review All Key Topics
Security Architecture and Implementing Compensating Controls
- Security Data Analytics
- Manual Review
- Defense in Depth
- Review All Key Topics
Application Security Best Practices
- Best Practices During Software Development
- Secure Coding Best Practices
- Review All Key Topics
Using Cybersecurity Tools and Technologies
- Preventative Tools
- Collective Tools
- Analytical Tools
- Exploit Tools
- Forensics Tools
- Review All Key Topics
Appendix: Conclusion
Applying Environmental Reconnaissance Techniques
- Performing Reconnaissance on a Network
- Scanning the Rootkit
Practices Used to Secure a Corporate Environment
- Assessing the impact of malware
Implementing an Information Security Vulnerability Management Process
- Consulting a Vulnerability Database
The Incident Response Process
- Initiating an SSH Session from your Windows 10 Client to your Windows Server
Frameworks, Policies, Controls, and Procedures
- Opening the Policy Template and Setting the Company Name
- Reviewing and Modifying the Policy Items
- Adding Revision to the Revision History
Remediating Security Issues Related to Identity and Access Management
- Identifying security apps available for Android
- Accessing remotely the DT_Watch folder to generate audit logs
- Acquiring the Trojan horse simulator
- Uploading the Trojan horse simulator to VirusTotal
- Uploading the Trojan horse simulator to Malware
- Identifying a suspicious account on the System User Groups
- Enabling auditing of the DT_Watch folder
- Enabling logging for audited objects
- Examining the Audited Events
Security Architecture and Implementing Compensating Controls
- Making Syslog Entries Readable
Application Security Best Practices
- Inspecting the Vulnerability in the echo Server's Source Code
Using Cybersecurity Tools and Technologies
- Collecting network-based security intelligence
- Confirming the Spoofing Attack in Wireshark
- Generating Network Traffic and Using Filters
- Downloading and Installing Wireshark and WinPcap
- Working with Wireshark's Interface
- Analyzing the Capture File to Find the Attack(s)
- Examining the traffic between client and server
- Conducting Vulnerability Scans
- Installing Splunk on the Server
- Manipulating Kali Linux VM's network interfaces
- Starting a Live Packet Capture
- Using the Process Explorer to View Specific Details About Running Processes on the System
- Examining the ipconfig options and creating the activity log
- Identifying Search Options in Metasploit
- Performing the Initial Scan
Why Do Learners Love This Course?
Any questions?Check out the FAQs
Still have unanswered questions and need to get in touch?
Contact Us NowThere is no required prerequisite for CompTIA CS0-001 certification exam, but the candidate should hold CompTIA Network+, Security+ or equivalent knowledge. Candidate should have a minimum of 3-4 years of hands-on information security or related experience.
USD 346
Pricing and taxes may vary from country to country.
Multiple-choice and performance-based
The exam contains 85 questions.
165 minutes
750
(on a scale of 100-900)
In the event that you fail your first attempt at passing the CySA+ examination, CompTIA's retake policies are:
- CompTIA does not require a waiting period between the first and second attempt to pass such examination. However, if you need a third or subsequent attempt to pass the examination, you shall be required to wait for a period of at least 14 calendar days from the date of your last attempt before you can retake the exam.
- If a candidate has passed an exam, he/she cannot take it again without prior consent from CompTIA.
- A test result found to be in violation of the retake policy will not be processed, which will result in no credit awarded for the test taken. Repeat violators will be banned from participation in the CompTIA Certification Program.
- Candidates must pay the exam price each time they attempt the exam. CompTIA does not offer free re-tests or discounts on retakes.
CompTIA CySA+ certification expires after three years from the date of issue, after which the certification holder will need to renew their certification via CompTIA's Continuing Education Program.