CompTIA Cybersecurity Analyst (CySA+) (CS0-003) Cert Prep
Offered By: LinkedIn Learning
Course Description
Overview
A comprehensive, all-in-one resource for those preparing for the CySA+ (CS0-003) certification exam
Syllabus
Introduction
- About the CySA+ exam
- What's new in CS0-003?
- Careers in information security
- Value of certification
- Stackable certifications
- The CySA+ exam
- The CySA+ in-person exam environment
- At-home testing
- CySA+ question types
- Passing the CySA+ exam
- Study resources
- Exam tips
- Continuing education requirements
- Security Operations
- The goals of information security
- Role of the cybersecurity analyst
- Operating system security
- Windows Registry
- Configuration files
- System processes
- Hardware architecture
- Logging security information
- Security information and event management
- Tuning and configuring SIEMs
- Continuous security monitoring
- Virtualization
- Cloud infrastructure components
- Containers
- Network architecture
- Security zones
- VLANs and network segmentation
- Zero-trust networking
- Secure access service edge (SASE)
- Software-defined networking (SDN)
- Identification, authentication, authorization, and accounting
- Usernames and access cards
- Biometrics
- Authentication factors
- Multifactor authentication
- Something you have
- Password authentication protocols
- Single sign-on and federation
- Passwordless authentication
- Privileged access management
- Cloud access security brokers
- Understanding encryption
- Symmetric and asymmetric cryptography
- Goals of cryptography
- Trust models
- PKI and digital certificates
- TLS and SSL
- Data classification
- Data loss prevention
- Network symptoms
- Rogue access points and evil twins
- Endpoint symptoms
- Application symptoms
- Obfuscated links
- Social engineering
- Protocol analyzers
- DNS and IP reputation
- Endpoint monitoring
- Malware prevention
- Executable analysis
- Cuckoo and Joe Sandbox
- User account monitoring
- Malicious email content
- Digital signatures
- DKIM, DMARC, and SPF
- Analyzing email headers
- Shell and script environments
- APIs
- Querying logs
- Threat actors
- Zero-days and the APT
- Supply chain vulnerabilities
- Threat classification
- Threat intelligence
- Managing threat indicators
- Intelligence sharing
- Threat research
- Identifying threats
- Automating threat intelligence
- Threat hunting
- Deception technologies
- Standardizing processes and streamlining operations
- Technology and tool integration
- Vulnerability Management
- What is vulnerability management?
- Identify scan targets
- Scan frequency
- Network scanning
- Install Nmap on Windows
- Install Nmap on macOS
- Run and interpret a simple Nmap scan
- Host discovery with Nmap
- Operate system fingerprinting
- Service version detection
- Security baseline scanning
- Scan configuration
- Scan perspective
- Scanner maintenance
- Vulnerability scanning tools
- Passive vulnerability scanning
- SCAP
- CVSS
- Interpret CVSS scores
- Analyze scan reports
- Correlate scan results
- Server vulnerabilities
- Endpoint vulnerabilities
- Network vulnerabilities
- OWASP Top 10
- Prevent SQL injection
- Understand cross-site scripting
- Request forgery
- Privilege escalation
- Directory traversal
- File inclusion
- Overflow attacks
- Cookies and attachments
- Session hijacking
- Race conditions
- Memory vulnerabilities
- Code execution attacks
- Data poisoning
- Third-party code
- Interception proxies
- Industrial control systems
- Internet of Things
- Embedded systems
- Exploitation frameworks
- Cloud auditing tools
- Debuggers
- Open-source reconnaissance
- Control frameworks
- Software platforms
- Development methodologies
- Maturity models
- Change management
- Input validation
- Parameterized queries
- Authentication and session management issues
- Output encoding
- Error and exception handling
- Code signing
- Database security
- Data de-identification
- Data obfuscation
- Software testing
- Code security tests
- Fuzzing
- Reverse engineering software
- Reverse engineering hardware
- Threat research
- Identify threats
- Understand attacks
- Threat modeling
- Attack surface management
- Bug bounty
- Align security with the business
- Organizational processes
- Security roles and responsibilities
- Security control selection
- Risk assessment
- Quantitative risk assessment
- Risk treatment options
- Risk management frameworks
- Risk visibility and reporting
- Incident Response and Management
- Build an incident response program
- Creating an incident response team
- Incident communications plan
- Incident identification
- Escalation and notification
- Mitigation
- Containment techniques
- Incident eradication and recovery
- Validation
- Post-incident activities
- Incident response exercises
- MITRE ATT&CK
- Diamond model of intrusion analysis
- Cyber kill chain analysis
- Testing guides
- Logging security information
- Security information and event management
- Cloud audits and investigations
- Conducting investigations
- Evidence types
- Introduction to forensics
- System and file forensics
- File carving
- Creating forensic images
- Digital forensics toolkit
- Operating system analysis
- Password forensics
- Network forensics
- Software forensics
- Mobile device forensics
- Embedded device forensics
- Chain of custody
- Ediscovery and evidence production
- Business continuity planning
- Business continuity controls
- High availability and fault tolerance
- Disaster recovery
- Backups
- Restoring backups
- Disaster recovery sites
- Testing BC/DR plans
- After-action reports
- Reporting and Communication
- Vulnerability communication
- Report scan results
- Prioritize remediation
- Create a remediation workflow
- Barriers to vulnerability remediation
- Vulnerability metrics
- Incident communications plan
- Incident identification
- Escalation and notification
- Post-incident activities
- Incident response reports
- Incident metrics and KPIs
- Continuing your studies
Taught by
Mike Chapple
Related Courses
An Introduction to Computer NetworksStanford University via Independent Computer Networks
University of Washington via Coursera Computer Networking
Georgia Institute of Technology via Udacity Cybersecurity and Its Ten Domains
University System of Georgia via Coursera Model Building and Validation
AT&T via Udacity