5-Days Instructor Led
CompTIA Cybersecurity Analyst (CySA+) is a certification for cyber professionals tasked with incident detection, prevention and response through continuous security monitoring. This course introduces tools and tactics to manage cybersecurity risks, identify various types of common threats, evaluate the organization’s security, collect and analyze cybersecurity intelligence, and handle incidents as they occur.
Learning Objectives
This course will prepare students for the CompTIA CySA+ (CSO-003) exam and verify the successful candidate has the knowledge and skills required to:
- Detect and analyze indicators of malicious activity
- Understand threat hunting and threat intelligence concepts
- Use appropriate tools and methods to manage, prioritize and respond to attacks and vulnerabilities
- Perform incident response processes
- Understand reporting and communication concepts related to vulnerability management and incident response activities
Audience
This course is suited to:
- Security Analyst
- Security Operations Center (SOC) Analyst
- Incident Response Analyst
- Vulnerability Management Analyst
- Security Engineer.
Prerequisites
Prior to this course you should have taken the CompTIA Network+ and CompTIA Security+ courses or have the equivalent knowledge.
A minimum of 4 years of hands-on information security or related experience is recommended.
Course Outline
- Understanding Vulnerability Response, Handling, And Management
- Understanding Cybersecurity Leadership Concepts
- Exploring Control Types and Methods
- Explaining Patch Management Concepts
- Exploring Threat Intelligence And Threat Hunting Concepts
- Exploring Threat Actor Concepts
- Identifying Active Threats
- Exploring Threat-Hunting Concepts
- Explaining Important System And Network Architecture Concepts
- Reviewing System and Network Architecture Concepts
- Exploring Identity and Access Management (IAM)
- Maintaining Operational Visibility
- Understanding Process Improvement In Security Operations
- Exploring Leadership in Security Operations
- Understanding Technology for Security Operations
- Implementing Vulnerability Scanning Methods
- Explaining Compliance Requirements
- Understanding Vulnerability Scanning Methods
- Exploring Special Considerations in Vulnerability Scanning
- Performing Vulnerability Analysis
- Understanding Vulnerability Scoring Concepts
- Exploring Vulnerability Context Considerations
- Communicating Vulnerability Information
- Explaining Effective Communication Concepts
- Understanding Vulnerability Reporting Outcomes and Action Plans
- Explaining Incident Response Activities
- Exploring Incident Response Planning
- Performing Incident Response Activities
- Demonstrating Incident Response Communication
- Understanding Incident Response Communication
- Analyzing Incident Response Activities
- Applying Tools To Identify Malicious Activity
- Identifying Malicious Activity
- Explaining Attack Methodology Frameworks
- Explaining Techniques for Identifying Malicious Activity
- Analyzing Potentially Malicious Activity
- Exploring Network Attack Indicators
- Exploring Host Attack Indicators
- Exploring Vulnerability Assessment Tools
- Understanding Application Vulnerability Assessment
- Analyzing Web Vulnerabilities
- Analyzing Cloud Vulnerabilities
- Exploring Scripting Tools And Analysis Concepts
- Understanding Scripting Languages
- Identifying Malicious Activity Through Analysis
- Understanding Application Security And Attack Mitigation Best Practices
- Exploring Secure Software Development Practices
- Recommending Controls to Mitigate Successful Application Attacks
- Implementing Controls to Prevent Attacks