CompTIA CySA+ (CS0-002)

Name: CompTIA CySA+ (CS0-002)
Rating: 4.9 (2 reviews)

CompTIA Cyber Security Analyst

Created byStone River eLearning

Last updated 5/2022

English

What you'll learn

Learn to manage threats and vulnerabilities by understanding attack frameworks like MITRE ATT&CK
Learn about attack kill chain and identify vulnerabilities using assessment tools
Perform remediation and mitigation of threats and vulnerabilities
Learn about threats and vulnerabilities for cloud environments and software
Manage security infrastructure and learn about network security solutions
Implement identity and access management
Get to know advanced techniques like cryptography
Ensure hardware security and learn about software assurance methods and best practices
Learn the concepts of monitoring, logging, aggregating and analyzing security related data
Implement security changes and manage security configuration
Understand the importance of incident response and learn about incident response cycle
Utilize digital forensic techniques
Analyze indicators of compromise (IoCs)
Perform compliance checks and assessments
Analyze business impact and perform risk assessment

Course content

9 sections • 218 lectures • 11h 30m total length

Instructor Introduction2:56
Course Introduction3:33
Managing Threats and Vulnerabilities1:34
Topic A: Threat Data and Intelligence0:36
Importance of Threat Data2:20
Open-Source Intelligence9:27
Proprietary / Closed Source Intelligence2:51
Intelligence Characteristics3:21
Demo - Threat Data4:40
Indicator Management1:23
STIX Domain Objects7:53
Trusted Automated Exchange of Indicator Information (TAXII)2:38
OpenIoC1:36
Threat Classification5:03
Threat Classification6:08
Intelligence Cycle4:26
Information Sharing1:36
Topic B: Utilizing Threat Intelligence0:32
Threat Intelligence and Operational Security2:17
Attack Frameworks0:47
MITRE ATT&CK1:27
MITRE ATT&CK (cont.)2:36
The Diamond Model of Intrusion Analysis1:43
Kill Chain5:43
Threat Research4:25
Threat Modeling4:06
Threat Intelligence Sharing with Supported Functions4:26
Topic C: Vulnerability Management0:30
Introduction to Vulnerability Management1:14
Vulnerability Identification3:38
Validation Options3:25
Remediation and Mitigation4:00
Understanding Scanning7:01
Additional Scanning Considerations3:12
Inhibitors to Remediation3:48
Topic D: Using Vulnerability Assessment Tools0:44
Web Application Scanners3:36
Infrastructure Scanners2:37
Demo - Infrastructure Scanners10:56
Software Assessments3:15
Enumeration3:43
Demo - Enumeration8:46
Wireless Assessments4:03
Cloud Assessment2:00
Chapter 1 Review0:47
Chapter 1 Quiz

Specialized Threats and Vulnerabilities0:47
Topic A: Threats and Vulnerabilities with Specialized Technology0:24
Common Vulnerabilities6:52
App Vulnerabilities3:44
Internet of Things (IoT)3:12
Other Specialized Devices3:15
Other Specialized Devices (cont.)6:40
Topic B: Threats and Vulnerabilities for Cloud Environments1:11
Cloud Services Models2:29
Software as a Service (SaaS)2:35
Platform as a Service (PaaS)1:30
Infrastructure as a Service (IaaS)1:35
Cloud Deployment Models3:12
Additional Cloud Concepts3:23
Insecure Application Programming Interface (API)3:54
Additional Cloud Vulnerabilities2:20
Demo - Identifying Azure Security Vulnerabilities7:30
Chapter 2 Review0:30
Chapter 2 Quiz

Attacks and Software Vulnerability Mitigation1:17
Topic A: Understanding Attack Types0:31
Injection Attacks3:14
Injection Attacks (cont.)2:48
Directory Traversal1:00
Buffer Overflow Attacks2:18
Privilege Escalation1:14
Authentication Attacks6:19
Topic B: Software Vulnerabilities1:10
Improper Error Handling1:19
Dereferencing0:44
Insecure Object Reference0:56
Race Conditions1:05
Sensitive Data Exposure0:59
Additional Vulnerabilities3:07
Chapter 3 Review0:24
Chapter 3 Quiz

Infrastructure Management1:10
Topic A: Network Security Solutions0:32
Network Architecture1:09
Physical Network0:56
Software-Defined Network0:45
Virtual Private Cloud Network1:00
Virtual Private Network2:06
Virtualization Solutions5:07
Network Segmentation4:16
Demo - Virtual Network Segmentation9:30
Demo - Data Collector Sets10:17
Topic B: Identity and Access Management0:44
IAM Concepts2:04
Privilege Management3:44
Multifactor Authentication2:39
Demo - MFA Implementation12:03
Identity Federation3:46
Access Control Types3:22
Demo - Access Control9:05
Cloud Access Security Broker2:18
Topic C: Additional Solutions0:10
Monitoring and Logging3:17
Cryptography5:31
Demo - Encrypting File System and Certification Management4:50
Chapter 4 Review0:31
Chapter 4 Quiz

Hardware and Software Assurance0:59
Topic A: Hardware Assurance Best Practices0:18
Hardware Root of Trust3:36
Trusted Platform Module2:15
Demo - BitLocker Drive Encryption8:13
Hardware Security Module1:05
eFuse1:27
Unified Extensible Firmware Interface (UEFI)4:29
Measured Boot and Attestation1:17
Additional Hardware Options8:59
Topic B: Software Assurance Best Practices0:58
Platforms and Software Architecture7:22
Service-Oriented Architecture4:59
Software Development Lifecycle4:30
Software Assessment Methods4:59
Secure Coding5:25
Chapter 5 Review0:32
Chapter 5 Quiz

Monitoring Security Options1:04
Topic A: Security Data Analytics0:20
Monitoring Fundamentals1:13
Aggregating Data2:43
Data Analysis6:18
Topic B: Endpoint and Network Analysis0:26
Endpoint Security6:52
Network Analysis6:54
Log Review6:37
Demo - Logging and Monitoring6:27
Impact Analysis1:13
Topic C: Email Analysis0:25
Social Engineering0:50
Anti-SPAM3:10
Demo - Configuring Anti-Spam Options in Exchange Online4:18
Chapter 6 Review0:39
Chapter 6 Quiz

Implementing Security Changes1:21
Topic A: Security Configuration Management1:02
Fundamental Identity Configuration6:56
Software Controls3:50
Firewalls4:17
Intrusion Detection Systems (IDS)2:36
Data Loss Prevention2:36
Endpoint Detection and Response1:45
Network Access Control4:55
Additional Techniques1:58
Topic B: Threat Hunting0:56
Understanding Threat Hunting2:08
Threat Hunting Process3:32
Establishing Hypothesis1:17
Profiling Threat Actors1:56
Threat Hunting Tactics6:44
Attack Surface Reduction0:54
Topic C: Automating Security0:58
Security Automation Concepts0:50
Workflow Orchestration1:39
Orchestration Playbooks2:34
Scripting1:50
API Integration1:22
REST Principles2:55
Security Content Automation Protocol1:43
Software Engineering1:39
Chapter 7 Review0:37
Chapter 7 Quiz

Incident Response1:40
Topic A: Importance of Incident Response0:29
Incident Response Process1:09
Establishing Communications Processes3:45
Internal Communications1:33
External Communications3:57
Identifying Critical Data6:10
Topic B: Incident Response Procedures0:51
Incident Response Cycle1:15
Preparation Phase6:18
Detection and Analysis8:28
Containment1:35
Containment Types4:44
Eradication and Recovery5:08
Eradication and Recovery (cont.)2:29
Post-Incident Activities3:36
Topic C: Analyzing Indicators of Compromise0:56
Network-related Indicators10:39
Host-related Indicators11:42
Application-related Indicators5:16
Demo - Analyzing IoCs13:45
Topic D: Utilizing Digital Forensics Techniques0:26
Digital Forensics2:59
Using Network Tools2:40
Demo - Using Wireshark3:00
Capturing Endpoint Systems3:20
Additional Forensics Situations2:47
Building a Forensics Kit3:25
Chapter 8 Review0:47
Chapter 8 Quiz

Compliance and Assessment1:11
Topic A: Data Privacy and Protection0:05
Security vs. Privacy1:23
Data Types0:52
Legal Requirements2:20
Nontechnical Controls4:32
Data Retention Standards1:56
Technical Controls6:25
Data Loss Prevention3:50
Demo - Implementing DLP8:35
Topic B: Risk Mitigation1:04
Business Impact Analysis1:59
BIA Steps0:57
Risk Assessment1:14
Risk Identification Process1:34
Risk Calculation2:24
Risk Prioritization2:14
Security Controls2:52
Training and Exercises4:26
Topic C: Policies and Procedures0:33
Code of Conduct7:20
Control Types2:26
Audits and Assessment3:54
Chapter 9 Review0:49
Chapter 9 Quiz
Course Closure3:00

Requirements

The course is ideal for the candidates already having some exposure and basic knowledge of cyber security. The candidates are expected to have a personal computer along with hands-on experience of using multiple operating systems like Windows, Linux and Ubuntu etc.

Description

The CompTIA Cyber Security Analyst course is an intermediate level certification that assesses both practical performance as well as theoretical knowledge of the candidates in the field of cyber security. Due to the increased exposure of data, applications and critical resources of any organization, cyber security is rapidly taking the center stage in every organization’s vision, mission and roadmap. The CompTIA CySA+ certification prepares the candidates to use artificial intelligence and threat detection techniques, analyze and interpret sensitive and critical data, pinpoint and fix vulnerabilities, suggest preventative measures to effectively respond to and recover from data breach and intrusion incidents. This set of skills helps the candidates to stand out and enhance job prospects in the competitive field of cyber security as well as related fields like information security, network security and systems security.

The CompTIA CySA+ (Cyber Security Analyst) course is an ideal course for information security professionals who are looking for career progression in this ever growing and always changing field. During the last decade, cyber security’s importance has increased exponentially and with this, the job openings have also multiplied several folds. On the other hand, the inflow of trained and certified cyber security professionals has not been able to match the demand, hence resulting in higher salaries for the trained professionals. The CompTIA CySA+ certification, being an intermediate level certification, provides an excellent opportunity to candidates to step foot in the cyber security and information security job market and excel from there. As a starting point for cyber security related certification, the training you will receive in this course, will help you to be prepared for the exam contents and successfully clear the CompTIA CySA+ exam.

Who this course is for:

Security analysts working in any organization
Threat intelligence analysts
Information security manager
Security engineer
Application security analyst
Incident responder or handler
Compliance analyst
Threat hunter
Information security officer

CompTIA CySA+ (CS0-002)

What you'll learn

Explore related topics

Course content

Chapter 1 - Managing Threats and Vulnerabilities45 lectures • 2hr 37min

Chapter 2 - Specialized Threats and Vulnerabilities18 lectures • 55min

Chapter 3 - Attacks and Software Vulnerability Mitigation16 lectures • 28min

Chapter 4 - Infrastructure Management25 lectures • 1hr 31min

Chapter 5 - Hardware and Software Assurance17 lectures • 1hr 1min

Chapter 6 - Monitoring Security Options16 lectures • 49min

Chapter 7 - Implementing Security Changes27 lectures • 1hr 5min

Chapter 8 - Incident Response29 lectures • 1hr 55min

Chapter 9 - Compliance and Assessment25 lectures • 1hr 8min

Requirements

Description

Who this course is for: