CompTIA CySA+ (CS0-002)

CompTIA Cyber Security Analyst

4.50 (1 reviews)
Udemy
platform
English
language
IT Certification
category
21
students
11.5 hours
content
May 2022
last update
$59.99
regular price

What you will learn

Learn to manage threats and vulnerabilities by understanding attack frameworks like MITRE ATT&CK

Learn about attack kill chain and identify vulnerabilities using assessment tools

Perform remediation and mitigation of threats and vulnerabilities

Learn about threats and vulnerabilities for cloud environments and software

Manage security infrastructure and learn about network security solutions

Implement identity and access management

Get to know advanced techniques like cryptography

Ensure hardware security and learn about software assurance methods and best practices

Learn the concepts of monitoring, logging, aggregating and analyzing security related data

Implement security changes and manage security configuration

Understand the importance of incident response and learn about incident response cycle

Utilize digital forensic techniques

Analyze indicators of compromise (IoCs)

Perform compliance checks and assessments

Analyze business impact and perform risk assessment

Description

The CompTIA Cyber Security Analyst course is an intermediate level certification that assesses both practical performance as well as theoretical knowledge of the candidates in the field of cyber security. Due to the increased exposure of data, applications and critical resources of any organization, cyber security is rapidly taking the center stage in every organization’s vision, mission and roadmap. The CompTIA CySA+ certification prepares the candidates to use artificial intelligence and threat detection techniques, analyze and interpret sensitive and critical data, pinpoint and fix vulnerabilities, suggest preventative measures to effectively respond to and recover from data breach and intrusion incidents. This set of skills helps the candidates to stand out and enhance job prospects in the competitive field of cyber security as well as related fields like information security, network security and systems security.

The CompTIA CySA+ (Cyber Security Analyst) course is an ideal course for information security professionals who are looking for career progression in this ever growing and always changing field. During the last decade, cyber security’s importance has increased exponentially and with this, the job openings have also multiplied several folds. On the other hand, the inflow of trained and certified cyber security professionals has not been able to match the demand, hence resulting in higher salaries for the trained professionals. The CompTIA CySA+ certification, being an intermediate level certification, provides an excellent opportunity to candidates to step foot in the cyber security and information security job market and excel from there. As a starting point for cyber security related certification, the training you will receive in this course, will help you to be prepared for the exam contents and successfully clear the CompTIA CySA+ exam.

Content

Chapter 1 - Managing Threats and Vulnerabilities

Instructor Introduction
Course Introduction
Managing Threats and Vulnerabilities
Topic A: Threat Data and Intelligence
Importance of Threat Data
Open-Source Intelligence
Proprietary / Closed Source Intelligence
Intelligence Characteristics
Demo - Threat Data
Indicator Management
STIX Domain Objects
Trusted Automated Exchange of Indicator Information (TAXII)
OpenIoC
Threat Classification
Threat Classification
Intelligence Cycle
Information Sharing
Topic B: Utilizing Threat Intelligence
Threat Intelligence and Operational Security
Attack Frameworks
MITRE ATT&CK
MITRE ATT&CK (cont.)
The Diamond Model of Intrusion Analysis
Kill Chain
Threat Research
Threat Modeling
Threat Intelligence Sharing with Supported Functions
Topic C: Vulnerability Management
Introduction to Vulnerability Management
Vulnerability Identification
Validation Options
Remediation and Mitigation
Understanding Scanning
Additional Scanning Considerations
Inhibitors to Remediation
Topic D: Using Vulnerability Assessment Tools
Web Application Scanners
Infrastructure Scanners
Demo - Infrastructure Scanners
Software Assessments
Enumeration
Demo - Enumeration
Wireless Assessments
Cloud Assessment
Chapter 1 Review
Chapter 1 Quiz

Chapter 2 - Specialized Threats and Vulnerabilities

Specialized Threats and Vulnerabilities
Topic A: Threats and Vulnerabilities with Specialized Technology
Common Vulnerabilities
App Vulnerabilities
Internet of Things (IoT)
Other Specialized Devices
Other Specialized Devices (cont.)
Topic B: Threats and Vulnerabilities for Cloud Environments
Cloud Services Models
Software as a Service (SaaS)
Platform as a Service (PaaS)
Infrastructure as a Service (IaaS)
Cloud Deployment Models
Additional Cloud Concepts
Insecure Application Programming Interface (API)
Additional Cloud Vulnerabilities
Demo - Identifying Azure Security Vulnerabilities
Chapter 2 Review
Chapter 2 Quiz

Chapter 3 - Attacks and Software Vulnerability Mitigation

Attacks and Software Vulnerability Mitigation
Topic A: Understanding Attack Types
Injection Attacks
Injection Attacks (cont.)
Directory Traversal
Buffer Overflow Attacks
Privilege Escalation
Authentication Attacks
Topic B: Software Vulnerabilities
Improper Error Handling
Dereferencing
Insecure Object Reference
Race Conditions
Sensitive Data Exposure
Additional Vulnerabilities
Chapter 3 Review
Chapter 3 Quiz

Chapter 4 - Infrastructure Management

Infrastructure Management
Topic A: Network Security Solutions
Network Architecture
Physical Network
Software-Defined Network
Virtual Private Cloud Network
Virtual Private Network
Virtualization Solutions
Network Segmentation
Demo - Virtual Network Segmentation
Demo - Data Collector Sets
Topic B: Identity and Access Management
IAM Concepts
Privilege Management
Multifactor Authentication
Demo - MFA Implementation
Identity Federation
Access Control Types
Demo - Access Control
Cloud Access Security Broker
Topic C: Additional Solutions
Monitoring and Logging
Cryptography
Demo - Encrypting File System and Certification Management
Chapter 4 Review
Chapter 4 Quiz

Chapter 5 - Hardware and Software Assurance

Hardware and Software Assurance
Topic A: Hardware Assurance Best Practices
Hardware Root of Trust
Trusted Platform Module
Demo - BitLocker Drive Encryption
Hardware Security Module
eFuse
Unified Extensible Firmware Interface (UEFI)
Measured Boot and Attestation
Additional Hardware Options
Topic B: Software Assurance Best Practices
Platforms and Software Architecture
Service-Oriented Architecture
Software Development Lifecycle
Software Assessment Methods
Secure Coding
Chapter 5 Review
Chapter 5 Quiz

Chapter 6 - Monitoring Security Options

Monitoring Security Options
Topic A: Security Data Analytics
Monitoring Fundamentals
Aggregating Data
Data Analysis
Topic B: Endpoint and Network Analysis
Endpoint Security
Network Analysis
Log Review
Demo - Logging and Monitoring
Impact Analysis
Topic C: Email Analysis
Social Engineering
Anti-SPAM
Demo - Configuring Anti-Spam Options in Exchange Online
Chapter 6 Review
Chapter 6 Quiz

Chapter 7 - Implementing Security Changes

Implementing Security Changes
Topic A: Security Configuration Management
Fundamental Identity Configuration
Software Controls
Firewalls
Intrusion Detection Systems (IDS)
Data Loss Prevention
Endpoint Detection and Response
Network Access Control
Additional Techniques
Topic B: Threat Hunting
Understanding Threat Hunting
Threat Hunting Process
Establishing Hypothesis
Profiling Threat Actors
Threat Hunting Tactics
Attack Surface Reduction
Topic C: Automating Security
Security Automation Concepts
Workflow Orchestration
Orchestration Playbooks
Scripting
API Integration
REST Principles
Security Content Automation Protocol
Software Engineering
Chapter 7 Review
Chapter 7 Quiz

Chapter 8 - Incident Response

Incident Response
Topic A: Importance of Incident Response
Incident Response Process
Establishing Communications Processes
Internal Communications
External Communications
Identifying Critical Data
Topic B: Incident Response Procedures
Incident Response Cycle
Preparation Phase
Detection and Analysis
Containment
Containment Types
Eradication and Recovery
Eradication and Recovery (cont.)
Post-Incident Activities
Topic C: Analyzing Indicators of Compromise
Network-related Indicators
Host-related Indicators
Application-related Indicators
Demo - Analyzing IoCs
Topic D: Utilizing Digital Forensics Techniques
Digital Forensics
Using Network Tools
Demo - Using Wireshark
Capturing Endpoint Systems
Additional Forensics Situations
Building a Forensics Kit
Chapter 8 Review
Chapter 8 Quiz

Chapter 9 - Compliance and Assessment

Compliance and Assessment
Topic A: Data Privacy and Protection
Security vs. Privacy
Data Types
Legal Requirements
Nontechnical Controls
Data Retention Standards
Technical Controls
Data Loss Prevention
Demo - Implementing DLP
Topic B: Risk Mitigation
Business Impact Analysis
BIA Steps
Risk Assessment
Risk Identification Process
Risk Calculation
Risk Prioritization
Security Controls
Training and Exercises
Topic C: Policies and Procedures
Code of Conduct
Control Types
Audits and Assessment
Chapter 9 Review
Chapter 9 Quiz
Course Closure

Screenshots

CompTIA CySA+ (CS0-002) - Screenshot_01CompTIA CySA+ (CS0-002) - Screenshot_02CompTIA CySA+ (CS0-002) - Screenshot_03CompTIA CySA+ (CS0-002) - Screenshot_04

Charts

Price

CompTIA CySA+ (CS0-002) - Price chart

Rating

CompTIA CySA+ (CS0-002) - Ratings chart

Enrollment distribution

CompTIA CySA+ (CS0-002) - Distribution chart

Related Topics

4663260
udemy ID
4/28/2022
course created date
5/10/2022
course indexed date
Bot
course submited by