fbpx
course-banner.jpg

CompTIA Cybersecurity Analyst (CySA+)

The Official CompTIA Cybersecurity Analyst (CySA)+ Student Guide has been developed by CompTIA for the CompTIA certification candidate.

5 Days
From £1,500.00 incl. VAT

Live online events

5 days, 09:00 AM GMT - 05:00 PM GMT

Online

  • £1,500.00 incl. VAT

Description

The Official CompTIA Cybersecurity Analyst (CySA)+ Student Guide has been developed by CompTIA for the CompTIA certification candidate. Rigorously evaluated by third party subject matter experts to validate coverage of the Cybersecurity Analyst (CySA)+ exam objectives, The Official CompTIA Cybersecurity Analyst (CySA)+ Student Guide teaches the essential skills and information needed to troubleshoot and problem solve, helps learners understand a wide variety of issues ranging from networking and operating systems to mobile devices and security, and prepares candidates to take the CompTIA Cybersecurity Analyst (CySA)+ certification exam (CS0-002).

Audience Profile

IT Security Professionals must have 3-4 years of hands-on information security or related experience at the level of Security+

Prerequisites

  • 3-4 years of hands-on information security or related experience
  • Network+, Security+, or equivalent knowledge

CySA+ certification is valid for three years; upon which it requires to be renewed.

What's included

  • Study Guide
  • Experienced CySA Instructor
  • Remote access to a virtual lab
  • Exam Voucher (Optional)
  • Certificate on Completion
  • Refreshments (Classroom training)

Exam Details

  • Exam CS0-002

Course Outline

Module 1: Threat Management 1

Lessons:

Cybersecurity Analysts

  • Cybersecurity Roles and Responsibilities
  • Frameworks and Security Controls
  • Risk Evaluation
  • Penetration Testing Processes

Reconnaissance Techniques

  • The Kill Chain
  • Open Source Intelligence
  • Social Engineering
  • Topology Discovery
  • Service Discovery
  • OS Fingerprinting

Module 2: Threat Management 2

Lessons:

Security Appliances

  • Configuring Firewalls
  • Intrusion Detection and Prevention
  • Configuring IDS
  • Malware Threats
  • Configuring Anti-Virus Software
  • Sysinternals
  • Enhanced Mitigation Experience Toolkit

Logging and Analysis

  • Packet Capture
  • Packet Capture Tools
  • Monitoring Tools
  • Log Review and SIEM
  • SIEM Data Outputs
  • SIEM Data Analysis
  • Point-in-Time Data Analysis

Module 3: Vulnerability Management

Lessons:

Managing Vulnerabilities

  • Vulnerability Management Requirements - Asset Inventory
  • Data Classification
  • Vulnerability Management Processes
  • Vulnerability Scanners
  • Microsoft Baseline Security Analyzer
  • Vulnerability Feeds and SCAP
  • Configuring Vulnerability Scans
  • Vulnerability Scanning Criteria
  • Exploit Frameworks

Remediating Vulnerabilities

  • Analyzing Vulnerability Scans
  • Remediation and Change Control
  • Remediating Host Vulnerabilities
  • Remediating Network Vulnerabilities
  • Remediating Virtual Infrastructure Vulnerabilities - Secure

Software Development

  • Software Development Lifecycle
  • Software Vulnerabilities
  • Software Security Testing
  • Interception Proxies
  • Web Application Firewalls
  • Source Authenticity
  • Reverse Engineering

Module 4: Cyber Incident Response

Lessons:

Incident Response

  • Incident Response Processes
  • Threat Classification
  • Incident Severity and Prioritization
  • Types of Data

Forensics Tools

  • Digital Forensics Investigations
  • Documentation and Forms
  • Digital Forensics Crime Scene
  • Digital Forensics Kits
  • Image Acquisition
  • Password Cracking
  • Analysis Utilities

Incident Analysis and Recovery

  • Analysis and Recovery Frameworks
  • Analyzing Network Symptoms
  • Analyzing Host Symptoms
  • Analyzing Data Exfiltration
  • Analyzing Application Symptoms
  • Using Sysinternals
  • Containment Techniques
  • Eradication Techniques
  • Validation Techniques
  • Corrective Actions

Module 5: Security Architecture

Lessons:

Secure Network Design

  • Network Segmentation
  • Blackholes, Sinkholes, and Honeypots
  • System Hardening
  • Group Policies and MAC
  • Endpoint Security

Managing Identities and Access

  • Network Access Control
  • Identity Management
  • Identity Security Issues
  • Identity Repositories
  • Context-based Authentication
  • Single Sign On and Federations
  • Exploiting Identities
  • Exploiting Web Browsers and Applications

Security Frameworks and Policies

  • Frameworks and Compliance
  • Reviewing Security Architecture
  • Procedures and Compensating Controls
  • Verifications and Quality Control
  • Security Policies and Procedures
  • Personnel Policies and Training

Our registered and postal address is:
The Pinnacle, Office 203, 170 Midsummer Boulevard, Milton Keynes, MK9 1BP

ICSI LTD is registered in England No. 8680530