CompTIA Cybersecurity Analyst (CySA+) is an IT workforce certification that applies behavioral analytics to networks and devices to prevent, detect and combat cybersecurity threats through continuous security monitoring.

CompTIA CySA+ is the only cybersecurity analyst certification with both hands-on, performance-based questions and multiple-choice questions.

In this training, you will be able to proactively capture, monitor, and respond to network traffic findings. You also learn about application security, automation, threat hunting, and IT regulatory compliance, which affects the daily work of security analysts.

You Will Learn How To

Assess and respond to security threats and operate a systems and network security platform
Collect and use cybersecurity intelligence and threat data
Identify modern cybersecurity threat actors types and tactics, techniques, and procedures
Analyze data collected from security and event logs and network packet captures
Respond to and investigate cybersecurity incidents using forensic analysis techniques
Assess information security risk in computing and network environments
Implement a vulnerability management program
Address security issues with an organization’s network architecture
Understand the importance of data governance controls
Address security issues with an organization’s software development life cycle
Address security issues with an organization‘s use of cloud and service-oriented architecture

Who Should Attend

This course is designed for those who are seeking the CompTIA CySA+ CS0-002 certification and who are aiming for job roles such as:

Security Operations Center Analyst
Vulnerability Analyst
Cybersecurity Specialist
Intelligence Analyst
Security Engineer
Cybersecurity analyst

Prerequisites

At least 2 years experience in network security
Familiarity with TCP/IP protocols such as IP, ARP, ICMP, DNS, DHCP, HTTP, etc
Familiarity with common safeguards in network environments, such as firewalls, IPS, NAC, and VPNs

About the Exam

Maximum of 85 questions
Multiple choice and performance-based
165 minutes
Passing Score: 750 (scale of 100 - 900)
Testing Provider: Pearson Vue Testing Centers or Online Testing

Outline

Explaining the Importance of Security Controls and Security Intelligence

Identify Security Control Types
Explain the Importance of Threat Data and Intelligence

Utilizing Threat Data and Intelligence

Classify Threats and Threat Actor Type
Utilize Attack Frameworks and Indicator Management
Utilize Threat Modeling and Hunting Methodologies

Analyzing Security Monitoring Data

Analyze Network Monitoring Output
Analyze Appliance Monitoring Output
Analyze Endpoint Monitoring Output
Analyze Email Monitoring Output

Collecting and Querying Security Monitoring Data

Configure Log Review and SIEM Tools
Analyze and Query Logs and SIEM Data

Utilizing Digital Forensics and Indicator Analysis Techniques

Identify Digital Forensics Techniques
Analyze Network-related IoCs
Analyze Host-related IoCs
Analyze Application-Related IoCs
Analyze Lateral Movement and Pivot IoCs

Applying Incident Response Procedures

Explain Incident Response Processes
Apply Detection and Containment Processes
Apply Eradication, Recovery, and Post-Incident Processes

Applying Risk Mitigation and Security Frameworks

Apply Risk Identification, Calculation, and Prioritization Processes
Explain Frameworks, Policies, and Procedures

Performing Vulnerability Management

Analyze Output from Enumeration Tools
Configure Infrastructure Vulnerability Scanning Parameters
Analyze Output from Infrastructure Vulnerability Scanners
Mitigate Vulnerability Issues

Applying Security Solutions for Infrastructure Management

Apply Identity and Access Management Security Solutions
Apply Network Architecture and Segmentation Security Solutions
Explain Hardware Assurance Best Practices
Explain Vulnerabilities Associated with Specialized Technology

Understanding Data Privacy and Protection

Identify Non-Technical Data and Privacy Controls
Identify Technical Data and Privacy Controls

Applying Security Solutions for Software Assurance

Mitigate Software Vulnerabilities and Attacks
Mitigate Web Application Vulnerabilities and Attacks
Analyze Output from Application Assessments

Applying Security Solutions for Cloud and Automation

Identify Cloud Service and Deployment Model Vulnerabilities
Explain Service-Oriented Architecture
Analyze Output from Cloud Infrastructure Assessment Tools
Compare Automation Concepts and Technologies

Reviews

Be the first to write a review about this course.

Write a Review

ActiveLearning, Inc. is the Philippines' leading provider of Information Technology and Project Management education, where thousands of students take courses from Application Development to Project Management to Network Security, and much more. Our courses are taught by expert instructors, and learning is enhanced through a blend of in-depth lectures, workshops, and hands-on exercises.

Expert Instructors

Learn from expert instructors who practice what they teach. Our instructors are involved in constant research and development, who constantly apply the lessons they teach, and who know the same technical issues you face every day.

Superior Courseware

Our courseware go through rigorous evaluation before they are released for instruction. By constantly monitoring industry developments, we make sure that you get course materials that are up to date.

Interactivity

More than just classroom lectures, practical, hands-on exercises are carefully developed for you to immediately put in to practice what you learn. By being immersed in a classroom setting, you get to participate, inquire, and be involved - all essential in expediting the learning process. Aspects you won't find in Computer-Based-Training and self-study. ...

View Complete Profile

Information Security