A security analyst has discovered that an outbound SFTP process is occurring at the same time of day for the past several days. At the time this was discovered, large amounts of business critical data were delivered. The authentication for this process occurred using a service account with proper credentials. The security analyst investigated the destination IP for this transfer and discovered that this new process is not documented in the change management log. Which of the following would be the BEST course of action for the analyst to take?

The exam objectives for the CompTIA CySA+ certification exam includes threat management, cyber incident response, vulnerability, and security architecture and tool sets.. The CompTIA CySA+ exam is meant to be combined with PenTest+ to bridge the gap between the CompTIA Security+ exam, which is more generalized and a step-down, and the CompTIA Advanced Security Practitioner (CASP+), which is the highest-level certification that CompTIA offers within the Cybersecurity pathway.  The CompTIA CySA+ is more affordable, in-depth and hands-on than the CEH. The CEH, however, is more well-known and... Show more

The exam objectives for the CompTIA CySA+ certification exam includes threat management, cyber incident response, vulnerability, and security architecture and tool sets..

The CompTIA CySA+ exam is meant to be combined with PenTest+ to bridge the gap between the CompTIA Security+ exam, which is more generalized and a step-down, and the CompTIA Advanced Security Practitioner (CASP+), which is the highest-level certification that CompTIA offers within the Cybersecurity pathway. 

The CompTIA CySA+ is more affordable, in-depth and hands-on than the CEH. The CEH, however, is more well-known and respected by employers. While both exams share similar exam objectives, the CySA+ has some hands-on simulations/problems where the CEH is multiple choice.

Show less