trainocate-comptia-training-b
Home > Vendors > comptia > ct-cysa+

CT-CYSA+ - CompTIA® Cybersecurity Analyst

Overview

Duration: 5.0 days

This CompTIA CyberSecurity Analyst certification course covers the duties of cybersecurity analysts who are responsible for monitoring and detecting security incidents in information systems and networks, and for executing a proper response to such incidents. Depending on the size of the organization, this individual may act alone or may be a member of a cybersecurity incident response team (CSIRT).

The course introduces tools and tactics to manage cybersecurity risks, identify various types of common threats, evaluate the organization’s security, collect and analyze cybersecurity intelligence, and handle incidents as they occur. Ultimately, the course promotes a comprehensive approach to security aimed toward those on the front lines of defense. In addition, this course can help students who are looking to fulfill DoD directive 8570.01 for information assurance (IA) training.

This program is designed for personnel performing IA functions, establishing IA policies, and implementing security measures and procedures for the Department of Defense and affiliated information systems and networks.

Objectives

In this course, you will assess and respond to security threats and operate a systems and network security analysis platform.

You will:

  • Assess information security risk in computing and network environments.
  • Analyze reconnaissance threats to computing and network environments.
  • Analyze attacks on computing and network environments.
  • Analyze post-attack techniques on computing and network environments.
  • Implement a vulnerability management program.
  • Collect cybersecurity intelligence.
  • Analyze data collected from security and event logs.
  • Perform active analysis on assets and networks.
  • Respond to cybersecurity incidents.
  • Investigate cybersecurity incidents.
  • Address security issues with the organization's technology architecture.

Content

Module 1: Understanding Vulnerability Response, Handling, and Management

  • Topic 1A: Understanding Cybersecurity Leadership Concepts
  • Exam objectives covered: 2.5 Explain concepts related to vulnerability response, handling, and management.
  • Topic 1B: Exploring Control Types and Methods
  • Exam objectives covered: 2.5 Explain concepts related to vulnerability response, handling, and management.
  • Topic 1C: Explaining Patch Management Concepts
  • Exam objectives covered: 2.5 Explain concepts related to vulnerability response, handling, and management.

Module 2: Exploring Threat Intelligence and Threat Hunting Concepts

  • Topic 2A: Exploring Threat Actor Concepts
  • Exam objectives covered: 1.4 Compare and contrast threat intelligence and threat-hunting concepts
  • Topic 2B: Identifying Active Threats
  • Exam objectives covered: 1.4 Compare and contrast threat intelligence and threat-hunting concepts.
  • Topic 2C: Exploring Threat-Hunting Concepts
  • Exam objectives covered: 1.4 Compare and contrast threat intelligence and threat-hunting concepts

Module 3: Explaining Important System and Network Architecture Concepts

  • Topic 3A: Reviewing System and Network Architecture Concepts
  • Exam objectives covered: 1.1 Explain them importance of system and network architecture concepts in security operations
  • Topic 3B: Exploring Identity and Access Management (IAM)
  • Exam objectives covered: 1.1 Explain the importance of system and network architecture concepts in security operations.
  • Topic 3C: Maintaining Operational Visibility
  • Exam objectives covered: 1.1 Explain the importance of system and network architecture concepts in security operations.

Module 4: Understanding Process Improvement in Security Operations

  • Topic 4A: Exploring Leadership in Security Operations
  • Exam objectives covered: 1.5 Explain the importance of efficiency and process improvement in security operations
  • Topic 4B: Understanding Technology for Security Operations
  • Exam objectives covered: 1.5 Explain the importance of efficiency and process improvement in security operations

Module 5: Implementing Vulnerability Scanning Methods

  • Topic 5A: Explaining Compliance Requirements
  • Exam objectives covered: 2.1 Given a scenario, implement vulnerability scanning methods and concepts
  • Topic 5B: Understanding Vulnerability Scanning Methods
  • Exam objectives covered: 3.3 Given a scenario, deploy cloud networking solutions
  • Topic 5C: Exploring Special Considerations in Vulnerability Scanning
  • Exam objectives covered: 2.1 Given a scenario, implement vulnerability scanning methods and concepts

Module 6: Performing Vulnerability Analysis

  • Topic 6A: Understanding Vulnerability Scoring Concepts
  • Exam objectives covered: 2.3 Given a scenario, analyze data to prioritize vulnerabilities
  • Topic 6B: Exploring Vulnerability Context Considerations
  • Exam objectives covered: 2.3 Given a scenario, analyze data to prioritize vulnerabilities.

Module 7: Communicating Vulnerability Information

  • Topic 7A: Explaining Effective Communication Concepts
  • Exam objectives covered: 4.1 Explain the importance of vulnerability management reporting and communication.
  • Topic 7B: Understanding Vulnerability Reporting Outcomes and Action Plans
  • Exam objectives covered: 2.5 Explain concepts related to vulnerability response, handling, and management. 4.1 Explain the importance of vulnerability management reporting and communication.

Module 8: Explaining Incident Response Activities

  • Topic 8A: Exploring Incident Response Planning
  • Exam objectives covered: 3.2 Given a scenario, perform incident response activities.
  • 3 Explain the preparation and postincident activity phases of the incident management life cycle. 4.2 Explain the importance of incident response reporting and communication.
  • Topic 8B: Performing Incident Response Activities
  • Exam objectives covered: 3.2 Given a scenario, perform incident response activities

Module 9: Demonstrating Incident Response Communication

  • Topic 9A: Understanding Incident Response Communication
  • Exam objectives covered: 4.2 Explain the importance of incident response reporting and communication
  • Topic 9B: Analyzing Incident Response Activities
  • Exam objectives covered: 3.2 Given a scenario, perform incident response activities.

4.2 Explain the importance of incident response reporting and communication

Module 10: Applying Tools to Identify Malicious Activity

  • Topic 10A: Identifying Malicious Activity
  • Exam objectives covered: 1.3 Given a scenario, use appropriate tools or techniques to determine malicious activity
  • Topic 10B: Explaining Attack Methodology Frameworks
  • Exam objectives covered: 3.1 Explain concepts related to attack methodology frameworks.
  • Topic 10C: Explaining Techniques for Identifying Malicious Activity
  • Exam objectives covered: 1.3 Given a scenario, use appropriate tools or techniques to determine malicious activity.

Module 11: Analyzing Potentially Malicious Activity

  • Topic 11A: Exploring Network Attack Indicators
  • Exam objectives covered: 1.2 Given a scenario, analyze indicators of potentially malicious activity.
  • Topic 11B: Exploring Host Attack Indicators
  • Exam objectives covered: 1.2 Given a scenario, analyze indicators of potentially malicious activity.
  • Topic 11C: Exploring Vulnerability Assessment Tools
  • Exam objectives covered: 1.2 Given a scenario, analyze indicators of potentially malicious activity. 2.2 Given a scenario, analyze output from vulnerability assessment tools.

Module 12: Understanding Application Vulnerability Assessment

  • Topic 12A: Analyzing Web Vulnerabilities
  • Exam objectives covered: 2.2 Given a scenario, analyze output from vulnerability assessment tools.
  • Topic 12B: Analyzing Cloud Vulnerabilities
  • Exam objectives covered: 2.2 Given a scenario, analyze output from vulnerability assessment tools.

Module 13: Exploring Scripting Tools and Analysis Concepts

  • Topic 13A: Understanding Scripting Languages
  • Exam objectives covered: 1.2 Given a scenario, analyze indicators of potentially malicious activity. 1.3 Given a scenario, use appropriate tools or techniques to determine malicious activity.
  • Topic 13B: Identifying Malicious Activity Through Analysis
  • Exam objectives covered: 1.2 Given a scenario, analyze indicators of potentially malicious activity. 1.3 Given a scenario, use appropriate tools or techniques to determine malicious activity

Module 14: Understanding Application Security and Attack Mitigation Best Practices

  • Topic 14A: Exploring Secure Software Development Practices
  • Exam objectives covered: 2.5 Explain concepts related to vulnerability response, handling, and management. 3.1 Explain concepts related to attack methodology frameworks
  • Topic 14B: Recommending Controls to Mitigate Successful Application Attacks
  • Exam objectives covered: 2.4 Given a scenario, recommend controls to mitigate attacks and software vulnerabilities. 2.5 Explain concepts related to vulnerability response, handling, and management.

Audience

This course is designed primarily for cybersecurity practitioners who perform job functions related to protecting information systems by ensuring their availability, integrity, authentication, confidentiality, and non-repudiation. This course focuses on the knowledge, ability, and skills necessary to provide for the defense of those information systems in a cybersecurity context, including protection, detection, analysis, investigation, and response processes.

In addition, the course ensures that all members of an IT team— everyone from help desk staff to the Chief Information Officer—understand their role in these security processes.

Prerequisites

To ensure your success in this course, you should meet the following requirements:

  • At least two years (recommended) of experience in computer network security technology or a related field.
  • The ability to recognize information security vulnerabilities and threats in the context of risk management.
  • Foundation-level operational skills with some of the common operating systems for computing environments.
  • Foundation knowledge of the concepts and operational framework of common assurance safeguards in computing environments. Safeguards include, but are not limited to, basic authentication and authorization, resource permissions, and anti-malware mechanisms.
  • Foundation-level understanding of some of the common concepts for network environments, such as routing and switching.
  • Foundational knowledge of major TCP/IP networking protocols, including, but not limited to, TCP, IP, UDP, DNS, HTTP, ARP, ICMP, and DHCP.
  • Foundational knowledge of the concepts and operational framework of common assurance safeguards in network environments. Safeguards include, but are not limited to, firewalls, intrusion prevention systems, and VPNs.

Certification

This course is designed to assist students in preparing for the CompTIA® Cybersecurity Analyst (CySA+®) (Exam CS0-002) certification examination. What you learn and practice in this course can be a significant part of your preparation.

Schedule




Enquire Now
 
 
 
 
x449Nr
By clicking "Submit", I agree to the Terms Of Use and Privacy Policy