About the course
CompTIA Cybersecurity Analyst (CySA+)
About this Course
Tech Type Performance Plus
Course Code COMCYSA
Duration 4 Days
Designed specifically for experienced information security professionals preparing to take the CySA+ exam, this course can help you prepare for the CompTIA CySA+ certification exam with hands-on, scenario-based training, so you'll be ready to meet Advanced Persistent Threats (APTs) head on.
Prepare for and pass the Cybersecurity Analyst (CySA+) exam;
Identify tools and techniques used to perform environmental reconnaissance of a target network or security system
Use network host and web application vulnerability assessment tools and interpret the results to provide effective mitigation
Participate in a senior role within an incident response team and use forensic tools to identify the source of an attack
Understand the use of frameworks, policies, and procedures, and report on security architecture with recommendations for effective compensating controls
QA offers more benefits. Here is what's included with this course:
Individuals should have information security or related experience at the foundation level of cyber security.
It is recommended that you have the following skills and knowledge before starting this course:
- Knowledge of basic network terminology and functions (such as OSI Model, Topology, Ethernet, Wi-Fi, switches, routers)
- Understanding of TCP/IP addressing, core protocols, and troubleshooting tools
- Network attack strategies and defenses
- Knowledge of the technologies and uses of cryptographic standards and products
- Network- and host-based security technologies and practices
- Standards and products used to enforce security on web and communications technologies
- Alternativley, the Foundation Certificate in Cyber Security (QAFCCS) may be more appropriate.
Delegates will learn how to
Using the QA 'Learn by Doing' approach, you will learn to configure threat detection tools, perform data analysis and interpret the results to identify vulnerabilities, threats and risks to an organisation.
Cyber security analytics vastly improves your threat visibility by focusing on network behaviour, including an organisation’s interior network. These threats are better detected through analytics.
This CySA+ course you will focus on the following four cyber security domains:
- Threat Management
- Vulnerability Management
- Cyber Incident Response
- Security Architecture and Tool Sets
- This course is aimed at cyber security professionals with on-the-job experience.
The training incorporates hands-on practical work in the form of virtual labs and software tools. This approach will accelerate your learning and will help retain your new found knowledge.
Module 1 Threat Management
- Given a scenario, apply environmental reconnaissance techniques using appropriate tools and processes.
- Given a scenario, analyse the results of a network reconnaissance.
- Given a network-based threat, implement or recommend the appropriate response and countermeasure.
- Explain the purpose of practices used to secure a corporate environment.
Module 2 Vulnerability Management
- Given a scenario, implement an information security vulnerability management process.
- Given a scenario, analyse the output resulting from a vulnerability scan.
- Compare and contrast common vulnerabilities found in the following targets
Module 3 Cyber Incident Response
- Given a scenario, distinguish threat data or behaviour to determine the impact of an incident
- Given a scenario, prepare a toolkit and use appropriate forensics tools during an investigation.
- Explain the importance of communication during the incident response process.
- Given a scenario, analyse common symptoms to select the best course of action to support incident response.
- Summarise the incident recovery and post-incident response process.
Module 4 Security Architecture and Tool Sets
- Explain the relationship between frameworks, common policies, controls, and procedures.
- Given a scenario, use data to recommend remediation of security issues related to identity and access management.
- Given a scenario, review security architecture and make recommendations to implement compensating controls.
- Given a scenario, use application security best practices while participating in the Software Development Life Cycle (SDLC).
- Compare and contrast the general purpose and reasons for using various cybersecurity tools and technologies.