Official CompTIA CySA+ Cyber Security Analyst (CS0-002 Cyber Security Series) Certification

CompTIA CySA

• The Importance of Threat Data and Intelligence.
• Utilising Threat Intelligence to Support Organisational Security.
• Vulnerability Management Activities.
• Analysing Assessment Output.
• Threats and Vulnerabilities Associated with Specialised Technology.
• Threats and Vulnerabilities Associated with Operating in the Cloud.
• Implementing Controls to Mitigate Attacks and Software Vulnerabilities.
• Security Solutions for Infrastructure Management.
• Software Assurance Best Practices.
• Hardware Assurance Best Practices.
• Analysing Data as Part of Security Monitoring Activities.
• Implementing Configuration Changes to Existing Controls to Improve Security.
• The Importance of Proactive Threat Hunting.
• Automation Concepts and Technologies.
• The Incident Response Process.
• Applying the Appropriate Incident Response Procedure.
• Analysing Potential Indicators of Compromise.
• Utilising Basic Digital Forensics Techniques.
• The Importance of Data Privacy and Protection.
• Applying Security Concepts in Support of Organisational Risk Mitigation.
• The Importance of Frameworks, Policies, Procedures, and Controls.

Threat Management

• Learn to apply environmental reconnaissance techniques using appropriate tools and processes.
• Be able to analyse the results of a network reconnaissance.
• Implement or recommend the appropriate response and countermeasure.
• Explain the purpose of practices used to secure a corporate environment.

Vulnerability Management

• Know how to implement an information security vulnerability management process.
• Understand how to analyse the output resulting from a vulnerability scan.
• Compare and contrast common vulnerabilities found in the following targets.

Cyber Incident Response

• Be able to distinguish threat data or behaviour to determine the impact of an incident.
• Learn how to prepare a toolkit and use appropriate forensics tools during an investigation.
• Explain the importance of communication during the incident response process.
• Understand how to analyse common symptoms to select the best course of action to support incident response.
• Summarise the incident recovery and post-incident response process.

Security Architecture and Tool Sets

• Be able to explain the relationship between frameworks, common policies, controls, and procedures.
• Know how to use data to recommend remediation of security issues related to identity and access management.
• Understand how to review security architecture and make recommendations to implement compensating controls.
• Use application security best practices while participating in the Software Development Life Cycle (SDLC).
• Compare and contrast the general purpose and reasons for using various cybersecurity tools and technologies.