CompTIA Cybersecurity Analyst (CySA+)

CompTIA Cybersecurity Analyst (CySA+) is a certification for cyber professionals tasked with incident detection, prevention, and response through continuous security monitoring. This course introduces tools and tactics to manage cybersecurity risks, identify various types of common threats, evaluate the organization's security, collect, and analyse cybersecurity intelligence, and handle incidents as they occur. This course includes the CySA+ (CS0-003) exam voucher, taken post class.

• Detect and analyse indicators of malicious activity.
• Understand threat hunting and threat intelligence concepts.
• Use appropriate tools and methods to manage, prioritize and respond to attacks and vulnerabilities.
• Perform incident response processes.
• Understand reporting and communication concepts related to vulnerability management and incident response activities.

• Ideally prior to this course, although not essential you will have taken CompTIA Network+ and CompTIA Security+ courses or have the equivalent knowledge.
• This course is suited to Security Analyst Security Operations Center (SOC) Analyst, Incident Response Analyst, Vulnerability Management Analyst, Security Engineer

Module 1: UNDERSTANDING VULNERABILITY RESPONSE, HANDLING, AND MANAGEMENT

• Understanding Cybersecurity Leadership Concepts
• Exploring Control Types and Methods
• Explaining Patch Management Concepts

Module 2: EXPLORING THREAT INTELLIGENCE AND THREAT HUNTING CONCEPTS

• Exploring Threat Actor Concepts
• Identifying Active Threats
• Exploring Threat-Hunting Concepts

Module 3: EXPLAINING IMPORTANT SYSTEM AND NETWORK ARCHITECTURE CONCEPTS

• Reviewing System and Network Architecture Concepts
• Exploring Identity and Access Management (IAM)
• Maintaining Operational Visibility

Module 4: UNDERSTANDING PROCESS IMPROVEMENT IN SECURITY OPERATIONS

• Exploring Leadership in Security Operations
• Understanding Technology for Security Operations

Module 5: IMPLEMENTING VULNERABILITY SCANNING METHODS

• Explaining Compliance Requirements
• Understanding Vulnerability Scanning Methods
• Exploring Special Considerations in Vulnerability Scanning

Module 6: PERFORMING VULNERABILITY ANALYSIS

• Understanding Vulnerability Scoring Concepts
• Exploring Vulnerability Context Considerations

Module 7: COMMUNICATING VULNERABILITY INFORMATION

• Explaining Effective Communication Concepts
• Understanding Vulnerability Reporting Outcomes and Action Plans

Module 8: EXPLAINING INCIDENT RESPONSE ACTIVITIES

• Exploring Incident Response Planning
• Performing Incident Response Activities

Module 9: DEMONSTRATING INCIDENT RESPONSE COMMUNICATION

• Understanding Incident Response Communication
• Analysing Incident Response Activities

Module 10: APPLYING TOOLS TO IDENTIFY MALICIOUS ACTIVITY

• Identifying Malicious Activity
• Explaining Attack Methodology Frameworks
• Explaining Techniques for Identifying Malicious Activity

Module 11: ANALYSING POTENTIALLY MALICIOUS ACTIVITY

• Exploring Network Attack Indicators
• Exploring Host Attack Indicators
• Exploring Vulnerability Assessment Tools

Module 12: UNDERSTANDING APPLICATION VULNERABILITY ASSESSMENT

• Analysing Web Vulnerabilities
• Analysing Cloud Vulnerabilities

Module 13: EXPLORING SCRIPTING TOOLS AND ANALYSIS CONCEPTS

• Understanding Scripting Languages
• Identifying Malicious Activity Through Analysis

Module 14: UNDERSTANDING APPLICATION SECURITY AND ATTACK MITIGATION BEST PRACTICES

• Exploring Secure Software Development Practices
• Recommending Controls to Mitigate Successful Application Attacks
• Implementing Controls to Prevent Attacks