CompTIA CySA+ applies behavioral analytics to networks to improve the overall state of security through identifying and combating malware and advanced persistent threats (APTs), resulting in an enhanced threat visibility across a broad attack surface.
A CySA+ Cybersecurity Analyst Certification will verify the successful candidate has the knowledge and skills required to:
CompTIA CySA+ meets the ISO 17024 standard and is approved by U.S. Department of Defense to fulfill Directive 8570.01-M requirements. It is compliant with government regulations under the Federal Information Security Management Act (FISMA). Regulators and government rely on ANSI accreditation because it provides confidence and trust in the outputs of an accredited program.
Number of Questions Maximum of 85 questions Type of Questions Multiple choice and performance-based Length of Test 165 minutes Passing Score 750 (on a scale of 100-900) Recommended Experience Network+, Security+ or equivalent knowledge. Minimum of 4 years of hands-on information security or related experience.
Skills Covered:
1. Threat and Vulnerability Management Utilize and apply proactive threat intelligence to support organizational security and perform vulnerability management activities
2. Software and Systems Security Apply security solutions for infrastructure management and explain software & hardware assurance best practices
3. Compliance and Assessment Apply security concepts in support of organizational risk mitigation and understand the importance of frameworks, policies, procedures, and controls
4. Security Operations and Monitoring Analyze data as part of continuous security monitoring activities and implement configuration changes to existing controls to improve security
5. Incident Response Apply the appropriate incident response procedure, analyze potential indicators of compromise, and utilize basic digital forensics techniques
Syllabus:
Module 1 – Threat Management 1: Social Engineering Topology Discovery Service Discovery OS Fingerprinting
Module 2 – Threat Management 2: Security Appliances Configuring Firewalls Intrusion Detection and Prevention Configuring IDS Malware Threats Configuring Anti-virus Software Sysinternals Enhanced Mitigation Experience Toolkit Logging and Analysis Packet Capture Packet Capture Tools Monitoring Tools Log Review and SIEM SIEM Data Outputs SIEM Data Analysis Point-in-Time Data Analysis
Module 3 – Vulnerability Management: Managing Vulnerabilities Vulnerability Management Requirements Asset Inventory Data Classification Vulnerability Management Processes Vulnerability Scanners Microsoft Baseline Security Analyzer Vulnerability Feeds and SCAP Configuring Vulnerability Scans Vulnerability Scanning Criteria Exploit Frameworks Remediating Vulnerabilities Remediation and Change Control Remediating Host Vulnerabilities Remediating Network Vulnerabilities Remediating Virtual Infrastructure Vulnerabilities Secure Software Development Software Development Lifecycle Software Vulnerabilities Software Security Testing Interception Proxies Web Application Firewalls Source Authenticity Reverse Engineering
Module 4 – Cyber Incident Response: Incident Response Incident Response Processes Threat Classification Incident Severity and Prioritization Types of Data Forensics Tools Digital Forensics Investigations Documentation and Forms Digital Forensics Crime Scene Digital Forensics Kits Image Acquisition Password Cracking Analysis Utilities Incident Analysis and Recovery Using Sysinternals Containment Techniques Eradication Techniques Validation Techniques Corrective Actions
Module 5 – Security Architecture: Secure Network Design Network Segmentation Blackholes, Sinkholes, and Honeypots System Hardening Group Policies and MAC Endpoint Security Managing Identities and Access Network Access Control Identity Management Identity Security Issues Identity Repositories Context-based Authentication Single Sign On and Federations Exploiting Identities Exploiting Web Browsers and Applications Security Frameworks and Policies Frameworks and Compliance Reviewing Security Architecture Procedures and Compensating Controls Verifications and Quality Control Security Policies and Procedures Personnel Policies and Training
Join 4M+ learners. Unlock unlimited quizzes, wrong-answer tracking, flashcards + reminders, study guides, and 1-on-1 challenges.