Learn the detailed information you need to prepare for the Security Operations domain of the Cybersecurity Analyst+ (CySA+) exam.
Overview
Syllabus
Introduction
- Security operations
- What you should know
- Study resources
- The goals of information security
- Role of the cybersecurity analyst
- Operating system security
- Windows Registry
- Configuration files
- System processes
- Hardware architecture
- Logging security information
- Security information and event management
- Tuning and configuring SIEMs
- Continuous security monitoring
- Virtualization
- Cloud infrastructure components
- Containers
- Network architecture
- Security zones
- VLANs and network segmentation
- Zero trust networking
- Secure access service edge (SASE)
- Software-defined networking (SDN)
- Identification, authentication, authorization, and accounting
- Usernames and access cards
- Biometrics
- Authentication factors
- Multifactor authentication
- Something you have
- Password authentication protocols
- Single sign-on and federation
- Passwordless authentication
- Privileged access management
- Cloud access security brokers
- Understanding encryption
- Symmetric and asymmetric cryptography
- Goals of cryptography
- Trust models
- PKI and digital certificates
- TLS and SSL
- Data classification
- Data loss prevention
- Network symptoms
- Rogue access points and evil twins
- Endpoint symptoms
- Application symptoms
- Obfuscated links
- Social engineering
- Protocol analyzers
- DNS and IP reputation
- Endpoint monitoring
- Malware prevention
- Executable analysis
- Cuckoo and Joe Sandbox
- User account monitoring
- Malicious email content
- Digital signatures
- DKIM, DMARC, and SPF
- Analyzing email headers
- Shell and script environments
- APIs
- Querying logs
- Threat actors
- Zero-days and the APT
- Supply chain vulnerabilities
- Threat classification
- Threat intelligence
- Managing threat indicators
- Intelligence sharing
- Threat research
- Identifying threats
- Automating threat intelligence
- Threat hunting
- Deception technologies
- Standardizing processes and streamlining operations
- Technology and tool integration
- Continuing your studies
Taught by
Mike Chapple