CompTIA Cybersecurity Analyst+

Schedule

Start	End	Duration	Location	Details

Course Details

CompTIA Cybersecurity Analyst+

Course Code: CySA+

Duration: 5 Days

Prerequisite:

To ensure your success in this course, you should meet the following requirements:

• At least two years’ experience in computer network security technology or a related field
• The ability to recognize information security vulnerabilities and threats in the context of risk management
• Foundation-level operational skills with the common operating systems for PCs, mobile devices, and servers
• Foundation-level understanding of some of the common concepts for network environments, such as routing and switching
• Foundational knowledge of TCP/IP networking protocols, including IP, ARP, ICMP, TCP, UDP, DNS, DHCP, HTTP/HTTPS, SMTP, and POP3/IMAP
• Foundational knowledge of the concepts and operational framework of common assurance safeguards in computing environments. Safeguards include authentication and authorization, resource permissions, and antimalware mechanisms.
• Foundational knowledge of the concepts and operational framework of common assurance safeguards in network environments, such as firewalls, IPS, NAC, and VPNs

You can obtain this level of skill and knowledge by taking the following Official CompTIA courses:
• The Official CompTIA Network+ (Exam N10-007)
• The Official CompTIA Security+

Course Description:

The Official CompTIA Cybersecurity Analyst (CySA+) has been developed by CompTIA for the CompTIA certification candidate. Rigorously evaluated by third party subject matter experts to validate coverage of the Cybersecurity Analyst (CySA+) exam objectives, The Official CompTIA Cybersecurity Analyst (CySA+) teaches the essential skills and information needed to troubleshoot and problem solve, helps learners understand a wide variety of issues ranging from networking and operating systems to mobile devices and security, and prepares candidates to take the CompTIA Cybersecurity Analyst (CySA+) certification exam (CS0-002).

Course Outline:

Lesson 1: Explaining the Importance of Security Controls and Security Intelligence

Lesson 2: Utilizing Threat Data and Intelligence

Lesson 3: Analyzing Security Monitoring Data

Lesson 4: Collecting and Querying Security Monitoring Data

Lesson 5: Utilizing Digital Forensics and Indicator Analysis Techniques

Lesson 6: Applying Incident Response Procedures

Lesson 7: Applying Risk Mitigation and Security Frameworks

Lesson 8: Performing Vulnerability Management

Lesson 9: Applying Security Solutions for Infrastructure Management

Lesson 10: Understanding Data Privacy and Protection

Lesson 11: Applying Security Solutions for Software Assurance

Lesson 12: Applying Security Solutions for Cloud and Automation

Labs:

Analyzing Output from Network Security Monitoring Tools
Discovering the Lab Environment
Analyzing Output from Security Appliance Logs
Analyzing Output from Endpoint Security Monitoring Tools
Analyzing Email Headers
Configuring SIEM Agents and Collectors
Analyzing, Filtering, and Searching Event Log and syslog Output
Collecting and Validating Digital Evidence
Analyzing Network-related IoCs
Analyzing Host and Application IoCs
Observing IoCs during a Security Incident
Analyzing Output from Topology and Host Enumeration Tools
Testing Credential Security
Configuring Vulnerability Scanning and Analyzing Outputs
Assessing Vulnerability Scan Outputs
Assessing the Impact of Regulation on Vulnerability Management
Performing Account and Permissions Audits
Configuring Network Segmentation and Security
Configuring and Analyzing Share Permissions
Assessing the Impact of Web Application Vulnerabilities
Analyzing Output from Web Application Assessment Tools
Analyzing Output from Cloud Infrastructure Assessment Tools