CompTIA CYBERSECURITY ANALYST (CYSA+) TRAINING

                                          English and Arabic 

5 Days Course

OVERVIEW

This course is intended for those wishing to qualify with CompTIA CySA+ Cybersecurity Analyst Certification. CompTIA’s CySA+ Certification is an intermediate-level certificate for IT professionals with previous experience of working in the field of IT security. The CompTIA CySA+ examination is designed for IT security analysts, vulnerability analysts, or threat intelligence analysts. The exam will certify that the successful candidate has the knowledge and skills required to configure and use threat detection tools, perform data analysis, and interpret the results to identify vulnerabilities, threats, and risks to an organization with the end goal of securing and protecting applications and systems within an organization.

HIGHLIGHTES
  • Official CompTIA Lab will be provided
  • Official study material
  • CompTIA ebook
  • In-class presentation
  • Upon successful passing of exam official XIPD Participation Certificate will be provided

TARGET AUDIENCE & PRE-REQUISITES

CompTIA CySA+ certification is aimed at IT professionals such as IT Security Analyst, Security Operations Center (SOC) Analyst, Vulnerability Analyst, Cybersecurity Specialist, Threat Intelligence Analyst, and Security Engineer.

IDEALLY, YOU SHOULD HAVE SUCCESSFULLY COMPLETED:

CompTIA Network+ Certification AND Security+ Certification courses or have equivalent knowledge before attending this training.

LEARNING OUTCOMES

Threat and Vulnerability Management

  • Utilize and apply proactive threat intelligence to support organizational security and perform vulnerability management activities.

Software and Systems Security

  • Apply security solutions for infrastructure management and explain software & hardware assurance best practices

Compliance and Assessment

  • Apply security concepts in support of organizational risk mitigation and understand the importance of frameworks, policies, procedures, and controls

Security Operations and Monitoring

  • Analyze data as part of continuous security monitoring activities and implement configuration changes to existing controls to improve security

Incident Response

  • Apply the appropriate incident response procedure, analyze potential indicators of compromise, and utilize basic digital forensics techniques
Module – 01

Threat Management 1

Cybersecurity Analysts

  • Cybersecurity Roles and Responsibilities
  • Frameworks and Security Controls
  • Risk Evaluation
  • Penetration Testing Processes

Reconnaissance Techniques

  • The Kill Chain
  • Open Source Intelligence
  • Social Engineering
  • Topology Discovery
  • Service Discovery
  • OS Fingerprinting
Module – 02

Threat Management 2

Security Appliances

  • Configuring Firewalls
  • Intrusion Detection and Prevention
  • Configuring IDS
  • Malware Threats
  • Configuring Anti-virus Software
  • Sysinternals
  • Enhanced Mitigation Experience Toolkit

Logging and Analysis

  • Packet Capture
  • Packet Capture Tools
  • Monitoring Tools
  • Log Review and SIEM
  • SIEM Data Outputs
  • SIEM Data Analysis
  • Point-in-Time Data Analysis
Module – 03

Vulnerability Management

Managing Vulnerabilities

  • Vulnerability Management Requirements
  • Asset Inventory
  • Data Classification
  • Vulnerability Management Processes
  • Vulnerability Scanners
  • Microsoft Baseline Security Analyzer
  • Vulnerability Feeds and SCAP
  • Configuring Vulnerability Scans
  • Vulnerability Scanning Criteria
  • Exploit Frameworks

Remediating Vulnerabilities

  • Analyzing Vulnerability Scans
  • Remediation and Change Control
  • Remediating Host Vulnerabilities
  • Remediating Network Vulnerabilities
  • Remediating Virtual Infrastructure Vulnerabilities

Secure Software Development

  • Software Development Lifecycle
  • Software Vulnerabilities
  • Software Security Testing
  • Interception Proxies
  • Web Application Firewalls
  • Source Authenticity
  • Reverse Engineering
Module – 04

Cyber Incident Response

Incident Response

  • Incident Response Processes
  • Threat Classification
  • Incident Severity and Prioritization
  • Types of Data

Forensics Tools

  • Digital Forensics Investigations
  • Documentation and Forms
  • Digital Forensics Crime Scene
  • Digital Forensics Kits
  • Image Acquisition
  • Password Cracking
  • Analysis Utilities

Incident Analysis and Recovery

  • Analysis and Recovery Frameworks
  • Analyzing Network Symptoms
  • Analyzing Host Symptoms
  • Analyzing Data Exfiltration
  • Analyzing Application Symptoms
  • Using Sysinternals
  • Containment Techniques
  • Eradication Techniques
  • Validation Techniques
  • Corrective Actions
Module – 05

Security Architecture

Secure Network Design

  • Network Segmentation
  • Blackholes, Sinkholes, and Honeypots
  • System Hardening
  • Group Policies and MAC
  • Endpoint Security

Managing Identities and Access

  • Network Access Control
  • Identity Management
  • Identity Security Issues
  • Identity Repositories
  • Context-based Authentication
  • Single Sign On and Federations
  • Exploiting Identities
  • Exploiting Web Browsers and Applications

Security Frameworks and Policies

  • Frameworks and Compliance
  • Reviewing Security Architecture
  • Procedures and Compensating Controls
  • Verifications and Quality Control
  • Security Policies and Procedures
  • Personnel Policies and Training

ABOUT THE EXAM

As attackers have learned to evade traditional signature-based solutions, such as firewalls and anti-virus software, an analytics-based approach within the IT security industry is increasingly important for organizations. CompTIA CySA+ applies behavioral analytics to networks to improve the overall state of security through identifying and combating malware and advanced persistent threats (APTs), resulting in an enhanced threat visibility across a broad attack surface. It will validate an IT professional’s ability to proactively defend and continuously improve the security of an organization. CySA+ will verify the successful candidate has the knowledge and skills required to:

  • Leverage intelligence and threat detection techniques
  • Analyze and interpret data
  • Identify and address vulnerabilities
  • Suggest preventative measures
  • Effectively respond to and recover from incidents

CERTIFICATION DETAILS

Exam Code: CS0-002

Launch Date: April 21, 2020

Exam Description: The CompTIA Cybersecurity Analyst (CySA+) certification verifies that successful candidates have the knowledge and skills required to leverage intelligence and threat detection techniques, analyze and interpret data, identify and address vulnerabilities, suggest preventative measures, and effectively respond to and recover from incidents.

No of Questions: Maximum of 85 questions

Type of Questions: Multiple choice and performance-based

Length of Test: 165 minutes

Passing Score: 750 (on a scale of 100-900)