CompTIA Cybersecurity Analyst (CySA+)

Provided by

Overview

CompTIA Cybersecurity Analyst (CySA+) is a certification for cyber professionals tasked with incident detection, prevention, and response through continuous security monitoring. This course introduces tools and tactics to manage cybersecurity risks, identify various types of common threats, evaluate the organization's security, collect, and analyse cybersecurity intelligence, and handle incidents as they occur. This course includes the CySA+ (CS0-003) exam voucher, taken post class.

Prerequisites
  • Ideally prior to this course, although not essential you will have taken CompTIA Network+ and CompTIA Security+ courses or have the equivalent knowledge.
  • This course is suited to Security Analyst Security Operations Center (SOC) Analyst, Incident Response Analyst, Vulnerability Management Analyst, Security Engineer
Delegates will learn how to
  • Detect and analyse indicators of malicious activity.
  • Understand threat hunting and threat intelligence concepts.
  • Use appropriate tools and methods to manage, prioritize and respond to attacks and vulnerabilities.
  • Perform incident response processes.
  • Understand reporting and communication concepts related to vulnerability management and incident response activities.
Outline

Module 1: UNDERSTANDING VULNERABILITY RESPONSE, HANDLING, AND MANAGEMENT
  • Understanding Cybersecurity Leadership Concepts
  • Exploring Control Types and Methods
  • Explaining Patch Management Concepts
Module 2: EXPLORING THREAT INTELLIGENCE AND THREAT HUNTING CONCEPTS
  • Exploring Threat Actor Concepts
  • Identifying Active Threats
  • Exploring Threat-Hunting Concepts
Module 3: EXPLAINING IMPORTANT SYSTEM AND NETWORK ARCHITECTURE CONCEPTS
  • Reviewing System and Network Architecture Concepts
  • Exploring Identity and Access Management (IAM)
  • Maintaining Operational Visibility
Module 4: UNDERSTANDING PROCESS IMPROVEMENT IN SECURITY OPERATIONS
  • Exploring Leadership in Security Operations
  • Understanding Technology for Security Operations
Module 5: IMPLEMENTING VULNERABILITY SCANNING METHODS
  • Explaining Compliance Requirements
  • Understanding Vulnerability Scanning Methods
  • Exploring Special Considerations in Vulnerability Scanning
Module 6: PERFORMING VULNERABILITY ANALYSIS
  • Understanding Vulnerability Scoring Concepts
  • Exploring Vulnerability Context Considerations
Module 7: COMMUNICATING VULNERABILITY INFORMATION
  • Explaining Effective Communication Concepts
  • Understanding Vulnerability Reporting Outcomes and Action Plans
Module 8: EXPLAINING INCIDENT RESPONSE ACTIVITIES
  • Exploring Incident Response Planning
  • Performing Incident Response Activities
Module 9: DEMONSTRATING INCIDENT RESPONSE COMMUNICATION
  • Understanding Incident Response Communication
  • Analysing Incident Response Activities
Module 10: APPLYING TOOLS TO IDENTIFY MALICIOUS ACTIVITY
  • Identifying Malicious Activity
  • Explaining Attack Methodology Frameworks
  • Explaining Techniques for Identifying Malicious Activity
Module 11: ANALYSING POTENTIALLY MALICIOUS ACTIVITY
  • Exploring Network Attack Indicators
  • Exploring Host Attack Indicators
  • Exploring Vulnerability Assessment Tools
Module 12: UNDERSTANDING APPLICATION VULNERABILITY ASSESSMENT
  • Analysing Web Vulnerabilities
  • Analysing Cloud Vulnerabilities
Module 13: EXPLORING SCRIPTING TOOLS AND ANALYSIS CONCEPTS
  • Understanding Scripting Languages
  • Identifying Malicious Activity Through Analysis
Module 14: UNDERSTANDING APPLICATION SECURITY AND ATTACK MITIGATION BEST PRACTICES
  • Exploring Secure Software Development Practices
  • Recommending Controls to Mitigate Successful Application Attacks
  • Implementing Controls to Prevent Attacks

Related article

The Cyber Pulse is QA's new portal to free Cyber content, including on-demand webinars, articles written by leading experts,