CompTIA CySA+ (CS0-002) Cert Prep: 5 Security Operations and Monitoring

Offered By: LinkedIn Learning

Tags

CompTIA CySA+ (Plus) Courses Information Security Certifications Courses Endpoint Security Courses Data Loss Prevention Courses Security Operations Courses Security Automation Courses

Course Description

Overview

Learn how to keep the security and overall health of your systems in check as you prepare for the CySA+ (CS0-002) exam.

Syllabus

Introduction

Security operations and monitoring
What you should know
Study resources

1. Security Monitoring

Monitoring Log Files
Correlating security event information
Continuous security monitoring
Syslog
Network traffic analysis

2. Monitoring System Components

Endpoint monitoring
Malware prevention
File system integrity monitoring
Network monitoring
Protocol analyzers
DNS harvesting
Intrusion detection and prevention
Web security tools
Impact analysis
Querying logs

3. Email Analysis

Malicious email content
Digital signatures
DKIM, DMARC, and SPF
Analyzing email headers

4. Network Security Techniques

Restricting network access
Network Access Control
Firewall rule management
Router configuration security
Switch configuration security
Data loss prevention

5. Endpoint Security

Operating system security
Application management
Host-based network security
File permissions
Process analysis with SysInternals
Executable analysis

6. Security Automation

Workflow orchestration
Automating threat intelligence
Continuous integration and delivery

Conclusion

What's next

Taught by

Mike Chapple

Related Courses

Managing Microsoft Azure Security
Pluralsight Implementing and Administering Azure Sentinel
LinkedIn Learning AWS Certified DevOps Engineer: Get 3 Certifications 2023
Udemy Automating Cisco ASA and Firepower Policies Using APIs
Pluralsight SC-200: Mitigate threats using Microsoft Defender for Endpoint
Microsoft via Microsoft Learn