TOTAL: CompTIA CySA+ Cybersecurity Analyst (CS0-003)

Khet will discuss logging and how this applies to system and network architecture.

As an analyst, you will be required to understand basic operating functions along with how they interact with different security systems in your network. Understanding the characteristics of these operating system concepts will help you further your CySA knowledge.

In this episode you will learn all about infrastructure concepts.

Network components can be all over the place, both physically and logically. You have to understand how your network nodes are physically connected and logically organized to secure them from attack.

Network components can be all over the place, both physically and logically. You have to understand how your network nodes are physically connected and logically organized to secure them from attack.

You can’t restrict resource access to authorized users unless you can identify valid users. Identity management lets you know who is valid and who is not.

Defensive security isn’t enough to stay safe. You must actively protect sensitive data from attacks instead of just reacting to attacks.

Sensitive information should always be the forefront of your mind as a security analyst. This episode covers the protection of sensitive information, including concepts like PII, PHI, cardholder data, and data loss prevention.

With all of the rapidly changing security data available, the task of making sense of it becomes more and more difficult. Standards and protocols help to build automation tools to carry out many of the repetitive tasks efficiently.

In this episode, you will learn how to streamline operations with SOAR as well as other processes and tasks involving the human element.

Technology and tools are constantly evolving in the realm of cyber security. This episode will give a high level overview of scripting, API's, webhooks, and plugins related to technology and tool integrations.

A lack of understanding of how attacks are carried out makes your environment more vulnerable. Learning common attack frameworks helps to demystify most attacks and makes them easier to thwart.

Learn to find common network symptoms of compromise to enable quick response times.

Learn to use built-in tools to find common host symptoms of compromise.

Discover various tools to pin-point application symptoms of compromise.

Learn what you will need to know about social engineering and how this relates to the CySA exam.

This episode covers pattern recognition and why it's important as a CySA analyst to use pattern recognition.

Learn to use various tools and detection methodologies to detect malicious activities on your network.

As a cybersecurity analyst, your bread and butter will be SIEM and SOAR. Learn about log analysis of these two systems.

Have a sit-down chat with Richard Chapman of CyberNowLabs to talk about a day in the life of a cybersecurity analyst.

Have a sit-down chat with Richard Chapman of CyberNowLabs about the different tools you will find in a security operations center.

In this episode, we will talk about file analysis and how to go through the process of identifying malware and appropriately responding to it.

Learn what the CySA exam wants you to understand about email analysis and how to properly identify emails from suspiscious sources.

Sandboxing is the art of moving something like software into a position where it truly can't communicate with anything else on your system. In this episode, we will talk about how malware can be tested and identified in an environment where it can't cause harm to the rest of your network.

Learn how to look at user behavior analysis and entity behavior analysis. Identifying what users are doing on our networks can help keep you alert for any suspicious behavior that may occur under your watch.

This episode covers the wonderful world of programming languages!

Learn what is required in Wireshark for the CySA exam in a short and condensed package.

Review what you need to understand with WHOIS and AbuseIPDB.

Dive into a demo of Strings, an essential utility of cyber security to analyze binary and executable files for human-readable text.

Learn how to use hashing and how it is utilized in system analysis.

Joe Sandbox is an advanced tool designed to help you analyze files or URLs that you suspect might contain malware or have malicious intent.

No human can manually monitor multiple systems and devices 24/7 to catch attacks from random sources. Automated monitors help to identify threat actors and Indicators of Compromise (IoC). These automated monitors not only make security easier, they also make it possible.

The supply chain is often overlooked when it comes to security. It’s important to evaluate your vendors to ensure there are no vulnerabilities in their systems that could lead to an open backdoor to yours.

Learn how collection tools can be used to expose areas in your network that need to be hardened.

You can’t mount a good defense without understanding the threats that exist. Threat intelligence helps you identify the likely threats to your environment so you can prepare the best defense.

Knowing about threats isn’t enough. You also need to know where to look for threats in your environment and how to identify them before you can protect against them.

A risk is the possibility that a threat may be realized. Understanding risks and how to stop them from being realized is the basis for hardening IT environments.

Being reactive to security can only take you so far. Proactive security activities, such as threat hunting, make it possible to go on the offense to protect your environments.

Haphazard threat hunting won’t yield many good results. Following a well-established process increases the probability of success. Threat hunting is fun, but doesn’t do much good unless results are shared and acted upon. Threat results that trigger action can make environments much more resistant to attack.

Network components can be all over the place, both physically and logically. You have to understand how your network nodes are physically connected and logically organized to secure them from attack.

Learn about the various best practices frameworks available for security implementation.

As a cybersecurity analyst, we often have to deal with aspects of our environment and security that are critical in nature. Understand critical infrastructure, operational technology that corresponds with critical infrastructure, industrial control systems (ICS), and SCADA depending on where you are in the world.

Understanding threats is a good first step, but you need to know the vulnerabilities that could let an attacker into your environment. You have to search for vulnerabilities and mitigate each one to protect the network from potential threats.

All scans are not the same. Understanding the specifics and nuances of a network environment can produce better results while avoiding many common issues.

Learn how about software vulnerability assessment from a cybersecurity analyst perspective.