CompTIA Cybersecurity Analyst (CySA+)

(pearson-cysa-plus-complete)/ISBN:978-1-61691-993-1

This course includes
Lessons
TestPrep
Hand-on Lab
Video Lessons (Add-on)

We have an updated version of this course, please check out the latest CompTIA Cybersecurity Analyst (CySA+) course!

Gain hands-on experience to pass the CompTIA CySA+ CS0-001 certification exam with the CompTIA Cybersecurity Analyst (CySA+) course and lab. The lab is cloud-based, device-enabled, and can be easily integrated with an LMS. Interactive chapters comprehensively cover CompTIA CySA+ CS0-001 certification exam objectives and teach you how to configure and use threat detection tools; perform data analysis, and interpret the interpret the reports to protect an organization by identifying vulnerabilities, threats, and risks.

Here's what you will get

The CompTIA Cybersecurity Analyst (CySA+) certification is an internationally acknowledged vendor-neutral credential that applies behavioral analytics to improve the overall state of IT security. CompTIA CySA+ CS0-001 exam validates the critical knowledge and skills that are required to prevent, detect, and combat cybersecurity threats. The CS0-001 exam is also designed for IT security analysts, vulnerability analysts, or threat intelligence analysts.

Lessons

16+ Lessons | 227+ Quizzes | 543+ Flashcards | 543+ Glossary of terms

TestPrep

85+ Pre Assessment Questions | 2+ Full Length Tests | 85+ Post Assessment Questions | 170+ Practice Test Questions

Hand on lab

34+ LiveLab | 21+ Video tutorials | 38+ Minutes

Video Lessons

223+ Videos | 10:44+ Hours

Here's what you will learn

Download Course Outline

Lessons 1: Introduction

  • Goals and Methods
  • Who Should Read This Book?
  • Strategies for Exam Preparation

Lessons 2: Applying Environmental Reconnaissance Techniques

  • Procedures/Common Tasks
  • Variables
  • Tools
  • Review All Key Topics

Lessons 3: Analyzing the Results of Network Reconnaissance

  • Point-in-Time Data Analysis
  • Data Correlation and Analytics
  • Data Output
  • Tools
  • Review All Key Topics

Lessons 4: Recommending and Implementing the Appropriate Response and Countermeasure

  • Network Segmentation
  • Honeypot
  • Endpoint Security
  • Group Policies
  • ACLs
  • Hardening
  • Network Access Control
  • Review All Key Topics

Lessons 5: Practices Used to Secure a Corporate Environment

  • Penetration Testing
  • Reverse Engineering
  • Training and Exercises
  • Risk Evaluation
  • Review All Key Topics

Lessons 6: Implementing an Information Security Vulnerability Management Process

  • Identification of Requirements
  • Establish Scanning Frequency
  • Configure Tools to Perform Scans According to Specification
  • Execute Scanning
  • Generate Reports
  • Remediation
  • Ongoing Scanning and Continuous Monitoring
  • Review All Key Topics

Lessons 7: Analyzing Scan Output and Identifying Common Vulnerabilities

  • Analyzing Output Resulting from a Vulnerability Scan
  • Common Vulnerabilities Found in Targets Within an Organization
  • Review All Key Topics

Lessons 8: Identifying Incident Impact and Assembling a Forensic Toolkit

  • Threat Classification
  • Factors Contributing to Incident Severity and Prioritization
  • Forensics Kit
  • Forensic Investigation Suite
  • Review All Key Topics

Lessons 9: The Incident Response Process

  • Stakeholders
  • Purpose of Communication Processes
  • Role-Based Responsibilities
  • Using Common Symptoms to Select the Best Course of Action to Support Incident Response
  • Review All Key Topics

Lessons 10: Incident Recovery and Post-Incident Response

  • Containment Techniques
  • Eradication Techniques
  • Validation
  • Corrective Actions
  • Incident Summary Report
  • Review All Key Topics

Lessons 11: Frameworks, Policies, Controls, and Procedures

  • Regulatory Compliance
  • Frameworks
  • Policies
  • Controls
  • Procedures
  • Verifications and Quality Control
  • Review All Key Topics

Lessons 12: Remediating Security Issues Related to Identity and Access Management

  • Security Issues Associated with Context-Based Authentication
  • Security Issues Associated with Identities
  • Security Issues Associated with Identity Repositories
  • Security Issues Associated with Federation and Single Sign-on
  • Exploits
  • Review All Key Topics

Lessons 13: Security Architecture and Implementing Compensating Controls

  • Security Data Analytics
  • Manual Review
  • Defense in Depth
  • Review All Key Topics

Lessons 14: Application Security Best Practices

  • Best Practices During Software Development
  • Secure Coding Best Practices
  • Review All Key Topics

Lessons 15: Using Cybersecurity Tools and Technologies

  • Preventative Tools
  • Collective Tools
  • Analytical Tools
  • Exploit Tools
  • Forensics Tools
  • Review All Key Topics

Appendix: Conclusion

Hands-on LAB Activities

Applying Environmental Reconnaissance Techniques

  • Performing Reconnaissance on a Network
  • Scanning the Rootkit

Practices Used to Secure a Corporate Environment

  • Assessing the impact of malware

Implementing an Information Security Vulnerability Management Process

  • Consulting a Vulnerability Database

The Incident Response Process

  • Initiating an SSH Session from your Windows 10 Client to your Windows Server

Frameworks, Policies, Controls, and Procedures

  • Opening the Policy Template and Setting the Company Name
  • Reviewing and Modifying the Policy Items
  • Adding Revision to the Revision History

Remediating Security Issues Related to Identity and Access Management

  • Identifying security apps available for Android
  • Accessing remotely the DT_Watch folder to generate audit logs
  • Acquiring the Trojan horse simulator
  • Uploading the Trojan horse simulator to VirusTotal
  • Uploading the Trojan horse simulator to Malware
  • Identifying a suspicious account on the System User Groups
  • Enabling auditing of the DT_Watch folder
  • Enabling logging for audited objects
  • Examining the Audited Events

Security Architecture and Implementing Compensating Controls

  • Making Syslog Entries Readable

Application Security Best Practices

  • Inspecting the Vulnerability in the echo Server's Source Code

Using Cybersecurity Tools and Technologies

  • Collecting network-based security intelligence
  • Confirming the Spoofing Attack in Wireshark
  • Generating Network Traffic and Using Filters
  • Downloading and Installing Wireshark and WinPcap
  • Working with Wireshark's Interface
  • Analyzing the Capture File to Find the Attack(s)
  • Examining the traffic between client and server
  • Conducting Vulnerability Scans
  • Installing Splunk on the Server
  • Manipulating Kali Linux VM's network interfaces
  • Starting a Live Packet Capture
  • Using the Process Explorer to View Specific Details About Running Processes on the System
  • Examining the ipconfig options and creating the activity log
  • Identifying Search Options in Metasploit
  • Performing the Initial Scan

Exam FAQs

There is no required prerequisite for CompTIA CS0-001 certification exam, but the candidate should hold CompTIA Network+, Security+ or equivalent knowledge. Candidate should have a minimum of 3-4 years of hands-on information security or related experience.

USD 346

Pricing and taxes may vary from country to country.

Multiple-choice and performance-based

The exam contains 85 questions.

165 minutes

750

(on a scale of 100-900)

In the event that you fail your first attempt at passing the CySA+ examination, CompTIA's retake policies are:

  1. CompTIA does not require a waiting period between the first and second attempt to pass such examination. However, if you need a third or subsequent attempt to pass the examination, you shall be required to wait for a period of at least 14 calendar days from the date of your last attempt before you can retake the exam.
  2. If a candidate has passed an exam, he/she cannot take it again without prior consent from CompTIA.
  3. A test result found to be in violation of the retake policy will not be processed, which will result in no credit awarded for the test taken. Repeat violators will be banned from participation in the CompTIA Certification Program.
  4. Candidates must pay the exam price each time they attempt the exam. CompTIA does not offer free re-tests or discounts on retakes.

CompTIA CySA+ certification expires after three years from the date of issue, after which the certification holder will need to renew their certification via CompTIA's Continuing Education Program.

Customer Review

uCertify training program for CompTIA Cybersecurity Analyst (CySA+). At first, I was skeptical since there was a lot of reading and not so much instructor videos. After reading a few chapters I found myself more involved and enjoying myself learning. Ucertify has found a perfect balance with just enough reading and then challenging you with quizzes and labs

I always received my study materials and support in time and we never had hiccup regarding my studies. The course has offered me a huge growing range of high-quality e-learning solutions. uCertify is a top-notch institution that provides high quality IT certification practicing study material. You'll not only pass your exam but also get a profound understanding of the respective subject.

I have just completed the uCertify CompTIA Cybersecurity Analyst (CySA+) course. The course had complete and authentic information about the curriculum and also formulated as per the learning objectives. It is also proven to be a swiss knife for my future references.