Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

LinkedIn Learning

CompTIA Cybersecurity Analyst (CySA+) (CS0-003) Cert Prep

via LinkedIn Learning

Overview

A comprehensive, all-in-one resource for those preparing for the CySA+ (CS0-003) certification exam

Syllabus

Introduction
  • About the CySA+ exam
  • What's new in CS0-003?
1. The CySA+ Exam
  • Careers in information security
  • Value of certification
  • Stackable certifications
2. Inside the CySA+ Exam
  • The CySA+ exam
  • The CySA+ in-person exam environment
  • At-home testing
  • CySA+ question types
  • Passing the CySA+ exam
3. Preparing for the CySA+ Exam
  • Study resources
  • Exam tips
  • Continuing education requirements
4. Domain 1: Security Operations
  • Security Operations
5. Operating System Security
  • The goals of information security
  • Role of the cybersecurity analyst
  • Operating system security
  • Windows Registry
  • Configuration files
  • System processes
  • Hardware architecture
6. Logging
  • Logging security information
  • Security information and event management
  • Tuning and configuring SIEMs
  • Continuous security monitoring
7. Infrastructure Concepts
  • Virtualization
  • Cloud infrastructure components
  • Containers
8. Network Security
  • Network architecture
  • Security zones
  • VLANs and network segmentation
  • Zero-trust networking
  • Secure access service edge (SASE)
  • Software-defined networking (SDN)
9. Identity and Access Management
  • Identification, authentication, authorization, and accounting
  • Usernames and access cards
  • Biometrics
  • Authentication factors
  • Multifactor authentication
  • Something you have
  • Password authentication protocols
  • Single sign-on and federation
  • Passwordless authentication
  • Privileged access management
  • Cloud access security brokers
10. Encryption
  • Understanding encryption
  • Symmetric and asymmetric cryptography
  • Goals of cryptography
  • Trust models
  • PKI and digital certificates
  • TLS and SSL
11. Sensitive Data Protection
  • Data classification
  • Data loss prevention
12. Indicators of Malicious Activity
  • Network symptoms
  • Rogue access points and evil twins
  • Endpoint symptoms
  • Application symptoms
  • Obfuscated links
  • Social engineering
13. Tools and Techniques
  • Protocol analyzers
  • DNS and IP reputation
  • Endpoint monitoring
  • Malware prevention
  • Executable analysis
  • Cuckoo and Joe Sandbox
  • User account monitoring
14. Email Analysis
  • Malicious email content
  • Digital signatures
  • DKIM, DMARC, and SPF
  • Analyzing email headers
15. Programming and Scripting
  • Shell and script environments
  • APIs
  • Querying logs
16. Understanding the Cybersecurity Threat
  • Threat actors
  • Zero-days and the APT
  • Supply chain vulnerabilities
  • Threat classification
17. Threat Intelligence
  • Threat intelligence
  • Managing threat indicators
  • Intelligence sharing
  • Threat research
  • Identifying threats
  • Automating threat intelligence
  • Threat hunting
  • Deception technologies
18. Efficiency and Process Improvement
  • Standardizing processes and streamlining operations
  • Technology and tool integration
19. Domain 2: Vulnerability Management
  • Vulnerability Management
20. Creating a Vulnerability Management Program
  • What is vulnerability management?
  • Identify scan targets
  • Scan frequency
21. Network Mapping
  • Network scanning
  • Install Nmap on Windows
  • Install Nmap on macOS
  • Run and interpret a simple Nmap scan
  • Host discovery with Nmap
  • Operate system fingerprinting
  • Service version detection
22. Configuring and Executing Vulnerability Scans
  • Security baseline scanning
  • Scan configuration
  • Scan perspective
  • Scanner maintenance
  • Vulnerability scanning tools
  • Passive vulnerability scanning
23. Analyzing Scan Results
  • SCAP
  • CVSS
  • Interpret CVSS scores
  • Analyze scan reports
  • Correlate scan results
24. Common Vulnerabilities
  • Server vulnerabilities
  • Endpoint vulnerabilities
  • Network vulnerabilities
25. Software Security Issues
  • OWASP Top 10
  • Prevent SQL injection
  • Understand cross-site scripting
  • Request forgery
  • Privilege escalation
  • Directory traversal
  • File inclusion
  • Overflow attacks
  • Cookies and attachments
  • Session hijacking
  • Race conditions
  • Memory vulnerabilities
  • Code execution attacks
  • Data poisoning
  • Third-party code
  • Interception proxies
26. Specialized Technology Vulnerabilities
  • Industrial control systems
  • Internet of Things
  • Embedded systems
27. More Cybersecurity Tools
  • Exploitation frameworks
  • Cloud auditing tools
  • Debuggers
  • Open-source reconnaissance
  • Control frameworks
28. Software Development Lifecycle
  • Software platforms
  • Development methodologies
  • Maturity models
  • Change management
29. Secure Coding Practices
  • Input validation
  • Parameterized queries
  • Authentication and session management issues
  • Output encoding
  • Error and exception handling
  • Code signing
  • Database security
  • Data de-identification
  • Data obfuscation
30. Software Quality Assurance
  • Software testing
  • Code security tests
  • Fuzzing
  • Reverse engineering software
  • Reverse engineering hardware
31. Threat Modeling
  • Threat research
  • Identify threats
  • Understand attacks
  • Threat modeling
  • Attack surface management
  • Bug bounty
32. Security Governance
  • Align security with the business
  • Organizational processes
  • Security roles and responsibilities
  • Security control selection
33. Risk Management
  • Risk assessment
  • Quantitative risk assessment
  • Risk treatment options
  • Risk management frameworks
  • Risk visibility and reporting
34. Domain 3: Incident Response and Management
  • Incident Response and Management
35. Incident Response Programs
  • Build an incident response program
  • Creating an incident response team
  • Incident communications plan
  • Incident identification
  • Escalation and notification
  • Mitigation
  • Containment techniques
  • Incident eradication and recovery
  • Validation
  • Post-incident activities
  • Incident response exercises
36. Attack Frameworks
  • MITRE ATT&CK
  • Diamond model of intrusion analysis
  • Cyber kill chain analysis
  • Testing guides
37. Incident Investigation
  • Logging security information
  • Security information and event management
  • Cloud audits and investigations
38. Forensic Techniques
  • Conducting investigations
  • Evidence types
  • Introduction to forensics
  • System and file forensics
  • File carving
  • Creating forensic images
  • Digital forensics toolkit
  • Operating system analysis
  • Password forensics
  • Network forensics
  • Software forensics
  • Mobile device forensics
  • Embedded device forensics
  • Chain of custody
  • Ediscovery and evidence production
39. Business Continuity
  • Business continuity planning
  • Business continuity controls
  • High availability and fault tolerance
40. Disaster Recovery
  • Disaster recovery
  • Backups
  • Restoring backups
  • Disaster recovery sites
  • Testing BC/DR plans
  • After-action reports
41. Domain 4: Reporting and Communication
  • Reporting and Communication
42. Vulnerability Reporting and Communication
  • Vulnerability communication
  • Report scan results
  • Prioritize remediation
  • Create a remediation workflow
  • Barriers to vulnerability remediation
  • Vulnerability metrics
43. Incident Reporting and Communication
  • Incident communications plan
  • Incident identification
  • Escalation and notification
  • Post-incident activities
  • Incident response reports
  • Incident metrics and KPIs
Conclusion
  • Continuing your studies

Taught by

Mike Chapple

Reviews

5 rating at LinkedIn Learning based on 1 rating

Start your review of CompTIA Cybersecurity Analyst (CySA+) (CS0-003) Cert Prep

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.