Learn how to keep the security and overall health of your systems in check as you prepare for the CySA+ (CS0-002) exam.
CompTIA CySA+ (CS0-002) Cert Prep: 5 Security Operations and Monitoring
Overview
Syllabus
Introduction
- Security operations and monitoring
- What you should know
- Study resources
- Monitoring Log Files
- Correlating security event information
- Continuous security monitoring
- Syslog
- Network traffic analysis
- Endpoint monitoring
- Malware prevention
- File system integrity monitoring
- Network monitoring
- Protocol analyzers
- DNS harvesting
- Intrusion detection and prevention
- Web security tools
- Impact analysis
- Querying logs
- Malicious email content
- Digital signatures
- DKIM, DMARC, and SPF
- Analyzing email headers
- Restricting network access
- Network Access Control
- Firewall rule management
- Router configuration security
- Switch configuration security
- Data loss prevention
- Operating system security
- Application management
- Host-based network security
- File permissions
- Process analysis with SysInternals
- Executable analysis
- Workflow orchestration
- Automating threat intelligence
- Continuous integration and delivery
- What's next
Taught by
Mike Chapple
