CompTIA CYBERSECURITY ANALYST (CYSA+) TRAINING

  1. Home
  2. /
  3. Courses
  4. /
  5. Cybersecurity
  6. /
  7. CompTIA CYSA+

OVERVIEW

This CompTIA Security+ training course provides the foundational knowledge you need to pass the CompTIA Security+ SY0-601 certification exam, and the skills to ensure compliance and operational security in your organization.

CompTIA Security+ SYO-601 is the latest version of the exam to validate the baseline technical skills required for cybersecurity professionals. The CompTIA Security+ training program aims to provide hands-on knowledge on all the five domains of the SYO-601 exam. The candidates will learn the latest threats, attacks & vulnerabilities, risk mitigation concepts, how-to architecture secure hybrid environment, incidence response and governance, and compliance—the training course aid participants in getting through the Security+ SYO-601 exam in their first attempt. A CompTIA security+ training informs you of all the intricacies involved in the certification as listed below.

HIGHLIGHTES

  • Official CompTIA Lab will be provided
  • Official study material
  • CompTIA eBook
  • In-class presentation
  • Upon successful passing of exam official XIPD Participation Certificate will be provided

TARGET AUDIENCE & PRE-REQUISITES

CompTIA CySA+ certification is aimed at IT professionals such as IT Security Analyst, Security Operations Center (SOC) Analyst, Vulnerability Analyst, Cybersecurity Specialist, Threat Intelligence Analyst, and Security Engineer.
IDEALLY, YOU SHOULD HAVE SUCCESSFULLY COMPLETED:
CompTIA Network+ Certification AND Security+ Certification courses or have equivalent knowledge before attending this training.

LEARNING OUTCOMES

Threat and Vulnerability Management

  • Utilize and apply proactive threat intelligence to support organizational security and perform vulnerability management activities.

Software and Systems Security

  • Apply security solutions for infrastructure management and explain software & hardware assurance best practices

Compliance and Assessment

  • Apply security concepts in support of organizational risk mitigation and understand the importance of frameworks, policies, procedures, and controls

Security Operations and Monitoring

  • Analyze data as part of continuous security monitoring activities and implement configuration changes to existing controls to improve security

Incident Response

Apply the appropriate incident response procedure, analyze potential indicators of compromise, and utilize basic digital forensics techniques

Course Module

Threat Management 1

Cybersecurity Analysts

  • Cybersecurity Roles and Responsibilities
  • Frameworks and Security Controls
  • Risk Evaluation
  • Penetration Testing Processes

Reconnaissance Techniques

  • The Kill Chain
  • Open Source Intelligence
  • Social Engineering
  • Topology Discovery
  • Service Discovery
  • OS Fingerprinting

Threat Management 2

Security Appliances

  • Configuring Firewalls
  • Intrusion Detection and Prevention
  • Configuring IDS
  • Malware Threats
  • Configuring Anti-virus Software
  • Sysinternals
  • Enhanced Mitigation Experience Toolkit

Logging and Analysis

  • Packet Capture
  • Packet Capture Tools
  • Monitoring Tools
  • Log Review and SIEM
  • SIEM Data Outputs
  • SIEM Data Analysis
  • Point-in-Time Data Analysis

Vulnerability Management

Managing Vulnerabilities

  • Vulnerability Management Requirements
  • Asset Inventory
  • Data Classification
  • Vulnerability Management Processes
  • Vulnerability Scanners
  • Microsoft Baseline Security Analyzer
  • Vulnerability Feeds and SCAP
  • Configuring Vulnerability Scans
  • Vulnerability Scanning Criteria
  • Exploit Frameworks

Remediating Vulnerabilities

  • Analyzing Vulnerability Scans
  • Remediation and Change Control
  • Remediating Host Vulnerabilities
  • Remediating Network Vulnerabilities
  • Remediating Virtual Infrastructure Vulnerabilities

Secure Software Development

  • Software Development Lifecycle
  • Software Vulnerabilities
  • Software Security Testing
  • Interception Proxies
  • Web Application Firewalls
  • Source Authenticity
  • Reverse Engineering

Cyber Incident Response

Incident Response

  • Incident Response Processes
  • Threat Classification
  • Incident Severity and Prioritization
  • Types of Data

Forensics Tools

  • Digital Forensics Investigations
  • Documentation and Forms
  • Digital Forensics Crime Scene
  • Digital Forensics Kits
  • Image Acquisition
  • Password Cracking
  • Analysis Utilities

Incident Analysis and Recovery

  • Analysis and Recovery Frameworks
  • Analyzing Network Symptoms
  • Analyzing Host Symptoms
  • Analyzing Data Exfiltration
  • Analyzing Application Symptoms
  • Using Sysinternals
  • Containment Techniques
  • Eradication Techniques
  • Validation Techniques
  • Corrective Actions

Security Architecture

Secure Network Design

  • Network Segmentation
  • Blackholes, Sinkholes, and Honeypots
  • System Hardening
  • Group Policies and MAC
  • Endpoint Security

Managing Identities and Access

  • Network Access Control
  • Identity Management
  • Identity Security Issues
  • Identity Repositories
  • Context-based Authentication
  • Single Sign On and Federations
  • Exploiting Identities
  • Exploiting Web Browsers and Applications

Security Frameworks and Policies

  • Frameworks and Compliance
  • Reviewing Security Architecture
  • Procedures and Compensating Controls
  • Verifications and Quality Control
  • Security Policies and Procedures
  • Personnel Policies and Training

ABOUT THE EXAM

As attackers have learned to evade traditional signature-based solutions, such as firewalls and anti-virus software, an analytics-based approach within the IT security industry is increasingly important for organizations. CompTIA CySA+ applies behavioral analytics to networks to improve the overall state of security through identifying and combating malware and advanced persistent threats (APTs), resulting in an enhanced threat visibility across a broad attack surface. It will validate an IT professional’s ability to proactively defend and continuously improve the security of an organization. CySA+ will verify the successful candidate has the knowledge and skills required to:

  • Leverage intelligence and threat detection techniques
  • Analyze and interpret data
  • Identify and address vulnerabilities
  • Suggest preventative measures
  • Effectively respond to and recover from incidents

CERTIFICATION DETAILS

Exam Code: CS0-002

Launch Date: April 21, 2020

Exam Description: The CompTIA Cybersecurity Analyst (CySA+) certification verifies that successful candidates have the knowledge and skills required to leverage intelligence and threat detection techniques, analyze and interpret data, identify and address vulnerabilities, suggest preventative measures, and effectively respond to and recover from incidents.

No of Questions: Maximum of 85 questions

Type of Questions: Multiple choice and performance-based

Length of Test: 165 minutes

Passing Score: 750 (on a scale of 100-900)