CompTIA Cybersecurity Analyst CySA+ (CS0-001)

CompTIA Cybersecurity Analyst CySA+ (CS0-001)

by Aamir Lakhan / Joseph Muniz
Released October 2017
Publisher(s): Pearson
ISBN: 0134772067

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Video description

The second edition of this video title is available. Please go to CompTIA Cybersecurity Analyst (CySA+) CS0-002 https://learning.oreilly.com/videos/comptia-cybersecurity-analyst/9780137432110/.

Over 21 hours of deep-dive training covering every objective in the CompTIA Cybersecurity Analyst CySA+ (CS0-001) exam

The CompTIA Cybersecurity Analyst CySA+ (CS0-001) Complete Video Course is an engaging, self-paced video training solution that provides learners with over 21 hours of personal, visual instruction from two cybersecurity expert trainers. Through the use of topic-focused instructional videos, you will gain an in-depth understanding of each objective in the CompTIA CySA+ exam as well as a deeper understanding of cyber security foundations and principles.

CompTIA Cybersecurity Analyst CySA+ (CS0-001) Complete Video Course contains over 21 hours of training with content divided into 4 modules with 17 content targeted content lessons. This title covers every objective in the CompTIA CySA+ exam and includes two full practice exams, so you have everything you need to learn all of the cyber security principles that appear on the test; but more than that, you will learn the fundamentals of preventing, detecting and combatting cybersecurity threats. Full of live trainer discussions, hands-on demos, whiteboard work, and deep dive discussions, this course covers cyber security fundamentals in a way that is easy to access and even fun.

The video lessons in this course review each exam objective, so you can use it as a complete study tool for taking the CompTIA CySA+ exam.

Skill Level

  • Intermediate

What You Will Learn

  • Every objective on the CompTIA Cybersecurity Analystic CySA+ exam
  • Tips to prepare for and pass the exam
  • Real-world cyber security configuration and detection skills
  • How to perform data analysis and interpret results to identify vulnerabilities, threats and risks

Who Should Take This Course

Primary audience: Anyone preparing for the CompTIA Cybersecurity Analyst CySA+ examination.
Secondary audience: Anyone interested in learning cyber security fundamentals.

Course Requirements

While there is no required prerequisite, CySA+ is intended to follow CompTIA Security+ or equivalent experience and has a technical, hands-on focus.

About LiveLessons Video Training

Pearson’s LiveLessons video training series publishes the industry’s leading video tutorials for IT pros, developers, sys admins, devops, network engineers, and certification candidates. LiveLessons feature the highest-quality professional skills training led by recognized author instructors published by Addison-Wesley, Cisco Press, Pearson IT Certification, Prentice Hall, Sams, and Que. Topics include IT certification, programming, development, networking, software skills for the home, office, and business, and more. Your purchase provides you with lifetime online access to the content.
http://www.pearsonitcertification.com/livelessons

Table of contents

  1. Introduction
    1. CompTIA Cybersecurity Analyst CySA+ (CS0-001): Introduction
  2. Module 1: Threat Management
    1. Module Introduction
  3. Lesson 1: Reconnaissance Techniques
    1. Learning objectives
    2. 1.1 Introduction to Reconnaissance Techniques
    3. 1.2 Reconnaissance Techniques
    4. 1.3 Techniques of OS Fingerprinting
    5. 1.4 Understanding Advanced NMAP Techniques
    6. 1.5 Introducing NMAP
    7. 1.6 Reconnaissance Techniques Using Packet Captures, Log Reviews, Firewall Reviews, ACL Reviews
    8. 1.7 Discovering your Targets through Social Media Profiling and Engineering
    9. 1.8 Digging Deeper into Social Engineering
    10. 1.9 Email Harvesting, DNS Harvesting, and Phishing Techniques
    11. 1.10 FOCA Demo
    12. 1.11 Examining Virtual and Physical Environments
    13. 1.12 Examining Internal, External, On-Premise, and Cloud Connections
    14. 1.13 Using NMAP for Host, Service, and Network Scanning
    15. 1.14 Reading Firewall Rule-based and Logs
    16. 1.15 Reconnaissance Techniques Using Vulnerability Scanners
    17. 1.16 OpenVAS Lab
    18. Summary
  4. Lesson 2: Network Reconnaissance
    1. Learning objectives
    2. 2.1 Understanding Point-in-time Data Analysis
    3. 2.2 NetFlow Analysis
    4. 2.3 Traffic and NetFlow Analysis
    5. 2.4 Wireless Analysis Techniques
    6. 2.5 Anomaly, Trend, and Behavioral Analysis Techniques
    7. 2.6 Examining Logs, Packet Captures, NMAP Results, Event Logs, and Syslog Data
    8. 2.7 Reconnaissance Discovery Using SIEMs and Packet Analyzers
    9. Summary
  5. Lesson 3: Response and Counter Measures
    1. Learning objectives
    2. 3.1 Introduction to Response and Counter Measures
    3. 3.2 Countermeasure Techniques Using Network Isolation, System Isolation, and Jump Boxes
    4. 3.3 Honeypots, Endpoint Security, and Group Policies as Countermeasures
    5. 3.4 Understanding Sinkholes
    6. 3.5 Hardening Systems to Deter Reconnaissance Attacks
    7. 3.6 Mitigating Risks through Network Access Control (NAC)
    8. Summary
  6. Lesson 4: Securing Corporate Environments
    1. Learning objectives
    2. 4.1 Penetration Testing Concepts and Objectives
    3. 4.2 Having Rules of Engagement and Proper Authorization
    4. 4.3 Understanding Red Team vs. Blue Team Concepts
    5. Summary
  7. Module 2: Vulnerability Management
    1. Module Introduction
  8. Lesson 5: Implementing the Information Security Vulnerability Management Process
    1. Learning objectives
    2. 5.1 Identifying Industry, Corporate, and Regulatory Requirements
    3. 5.2 Establishing Appropriate Scanning Frequencies
    4. 5.3 Configuring Tools with the Appropriate Options
    5. 5.4 Generating and Creating Reports
    6. 5.5 How to Remediate and Prioritize Vulnerabilities
    7. 5.6 Determining Vulnerabilities Using a Sandbox
    8. 5.7 Risks and Inhibitors to Remediation
    9. Summary
  9. Lesson 6: Analyze Output of Vulnerability Scan
    1. Learning objectives
    2. 6.1 Analyzing Vulnerability Scan Reports
    3. 6.2 How to Identify False Positives
    4. 6.3 Validating Scan Results and Correlating Data Points
    5. 6.4 Determining Best Practices, Trends, and Needs from Results
    6. 6.5 Vulnerability Scan Output Demo
    7. Summary
  10. Lesson 7: Compare and Contrast Common Vulnerabilities
    1. Learning objectives
    2. 7.1 Understanding Common Vulnerabilities
    3. 7.2 Virtual Infrastructure Risks and Vulnerabilities for an Organization
    4. 7.3 Vulnerabilities in Modern Industrial Controls Systems (ICSs) and SCADA Devices
    5. 7.4 Email Headers and Honeypots
    6. 7.5 Windows Services and Logs
    7. 7.6 Ingress / Egress Filtering and Virtual Environment Risks
    8. Summary
  11. Module 3: Cyber Incident Response
    1. Module Introduction
  12. Lesson 8: Determine Impact of an Incident
    1. Learning objectives
    2. 8.1 Determining Impact of an Incident
    3. 8.2 Determining Threat Classification (Part 1)
    4. 8.3 Determining Threat Classification (Part 2)
    5. 8.4 Determining Incident Severity for Threats (Part 1)
    6. 8.5 Determining Incident Severity for Threats (Part 2)
    7. 8.6 Understanding the Importance of Data Classification when Determining Threats
    8. Summary
  13. Lesson 9: Forensics Tools and Investigation
    1. Learning objectives
    2. 9.1 Forensics Tools and Investigation
    3. 9.2 Introduction to Forensics
    4. 9.3 Using the Chain of Custody
    5. 9.4 Using Common Forensic Tools
    6. 9.5 Overview of Forensic Procedures
    7. 9.6 Acquiring Data
    8. Summary
  14. Lesson 10: Incident Reporting and Communications
    1. Learning objectives
    2. 10.1 Incident Reporting and Communications
    3. 10.2 Stakeholder and Shareholder Communications Procedures during a Breach
    4. 10.3 Establishing a Communications Chain
    5. 10.4 Information Disclosure, Legal, and Regulatory Requirements
    6. 10.5 Roles and Responsibilities for Effective Communications during a Breach
    7. Summary
  15. Lesson 11: Analyzing Incident Response Symptoms and Recovery Techniques
    1. Learning objectives
    2. 11.1 Incident Response Symptoms and Recovery Techniques
    3. 11.2 Analyzing Computer- and Hardware-related Symptoms
    4. 11.3 Symptom Examples
    5. 11.4 Exfiltration
    6. 11.5 Host Remediation Options
    7. 11.6 Analyzing and Working Network- and Traffic-related Symptoms
    8. 11.7 Baselines
    9. 11.8 Irregular Communication
    10. 11.9 Rogue Devices and Reconnaissance
    11. 11.10 Port Scanning and Exploitation
    12. 11.11 Analyzing Application-related Symptoms
    13. 11.12 Analyzing Injection and XXS
    14. 11.13 Broken Authentication and Patching Challenges
    15. 11.14 Denial of Service (Part 1)
    16. 11.15 Denial of Service (Part 2)
    17. Summary
  16. Lesson 12: Post-Incident Response Process
    1. Learning objectives
    2. 12.1 Post-Incident Response Process
    3. 12.2 Containing an Incident
    4. 12.3 Access Control Demonstration with Cisco Identity Services Engine
    5. 12.4 Access Control Technology Details
    6. 12.5 Reading Authentication Log
    7. 12.6 Corrective Actions (Part 1)
    8. 12.7 Attack Lifecycle Example
    9. 12.8 Corrective Actions (Part 2)
    10. 12.9 Writing an Incident Report
    11. Summary
  17. Module 4: Security Architecture and Tool Sets
    1. Module Introduction
  18. Lesson 13: Frameworks, Common Policies, Controls, and Procedures
    1. Learning objectives
    2. 13.1 Introduction to Frameworks, Common Policies, Controls, and Procedures
    3. 13.2 Frameworks, Common Policies, Controls, and Procedures
    4. 13.3 Understanding Regulatory Compliance and Common Frameworks (Part 1)
    5. 13.4 Understanding Regulatory Compliance and Common Frameworks (Part 2)
    6. 13.5 Policies (Part 1)
    7. 13.6 Policies (Part 2)
    8. 13.7 Implementing Security Controls and Procedures
    9. 13.8 Security Controls
    10. 13.9 Procedures and Monitoring
    11. 13.10 Testing and Remediation
    12. 13.11 Testing Policies (Part 1)
    13. 13.12 Testing Policies (Part 2)
    14. Summary
  19. Lesson 14: Access Control and Access Management Remediation
    1. Learning objectives
    2. 14.1 Introduction to Access Control and Access Management Remediation
    3. 14.2 Access Control and Access Management Remediation
    4. 14.3 Understanding Risks with Context-based Authentication Methods
    5. 14.4 Security Solutions Based on Identities and Identity Repositories
    6. 14.5 Risks and Rewards with Single Sign-on
    7. 14.6 Understanding and Reviewing Identification Exploits and Hacks
    8. Summary
  20. Lesson 15: Reviewing Security Architectures
    1. Learning objectives
    2. 15.1 Introduction to Reviewing Security Architectures
    3. 15.2 Reviewing Security Architectures
    4. 15.3 Understanding Security Data Analytics
    5. 15.4 Reviewing Log Files (Part 1)
    6. 15.5 Reviewing Log Files (Part 2)
    7. 15.6 Defense in Depth (Part 1): Personal
    8. 15.7 Defense in Depth (Part 2): Processes
    9. Summary
  21. Lesson 16: Software Development Life Cycle (SDLC) Best Practices
    1. Learning objectives
    2. 16.1 Introduction to Software Development Life Cycle (SDLC) Best Practices
    3. 16.2 Software Development Life Cycle (SDLC) Best Practices
    4. 16.3 Best Practices during Software Development Phase
    5. 16.4 Testing Applications for Vulnerabilities
    6. 16.5 Implementing a Peer Review and Stress Testing Process
    7. 16.6 Best Practices for Secure Coding, OWASP, and SANS
    8. Summary
  22. Lesson 17: Cybersecurity Tools and Technologies
    1. Learning objectives
    2. 17.1 Cybersecurity Tools and Technologies
    3. 17.2 Preventive Technologies: Firewalls
    4. 17.3 Preventive Technologies: Proxy and Application Layer Firewall
    5. 17.4 Comparing Proxies and Application Firewalls
    6. 17.5 Selecting a Firewall
    7. 17.6 Prevention Technologies: IPS (Part 1)
    8. 17.7 Detecting Bruteforce with Wireshark and IPS
    9. 17.8 Detecting Files with Wireshark and IPS
    10. 17.9 Prevention Technologies: IPS (Part 2)
    11. 17.10 Cisco Breach Detection Demo
    12. 17.11 SIEM Core Concepts
    13. 17.12 Understanding and Selecting a SIEM
    14. 17.13 Vulnerability Scanners Overview
    15. 17.14 Vulnerability Scanner Concepts
    16. 17.15 NetFlow and Packet Capture Concepts
    17. 17.16 Cisco StealthWatch NetFlow Example
    18. 17.17 Command Line and OpenSSL
    19. 17.18 Exploitation Technologies
    20. Test Taking Strategies
    21. Summary
  23. Summary
    1. CompTIA Cybersecurity Analyst CySA+ (CS0-001): Summary

Product information

  • Title: CompTIA Cybersecurity Analyst CySA+ (CS0-001)
  • Author(s): Aamir Lakhan / Joseph Muniz
  • Release date: October 2017
  • Publisher(s): Pearson
  • ISBN: 0134772067