O'Reilly logo

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

CompTIA CySA+ (CS0-001): Complete Course and Practice Exam

Video Description

Pass the CompTIA Cybersecurity Analyst+ (CS0-001) exam on your 1st attempt, includes CySA+ (CSA+) practice exam!

About This Video

This course provides full coverage of the four domains of the CSA+ (CySA+) exam:

  • 27%: Threat Management
  • 26%: Vulnerability Management
  • 23%: Cyber Incident Response
  • 24%: Security Architecture and Tool Sets

In Detail

This course provides everything you need in order to study for the CompTIA Cybersecurity Analyst+ (CSA+, CySA+) exam, including downloadable PDFs of every lecture, 12 quizzes to check your knowledge as you progress through the videos, and a full-length practice exam to test your knowledge before test day! Taught by an expert in information technology and cybersecurity with over 20 years of experience, this course is a fun way to learn what you need to know to pass the CompTIA Cybersecurity Analyst+ (CSA+,CySA+) exam or to better prepare yourself to serve on your organization's cyber defense team. The CompTIA CSA+ (Cybersecurity Analyst+) certification is a vendor-neutral certification that validates your knowledge and ability to conduct intermediate-level cyber security skills. The CompTIA CSA+ (CySA+) exam is focused on the technical, hands-on details of the cybersecurity field, including not only cyber threats, secure network architecture, and risk management, but also the ability to perform log analysis, configuration assessments, and more. Each video comes with a downloadable PDF of all the lecture notes

Table of Contents

  1. Chapter 1 : Welcome and Introduction
    1. Welcome to the Course 00:03:36
    2. Exam Foundations 00:03:57
  2. Chapter 2 : Domain 1: Threat Management (27%)
    1. Domain 1: Threat Management 00:01:05
    2. CIA Triad 00:08:00
    3. Risk Consideration 00:05:31
    4. Risk Assessment 00:03:16
    5. Identify Threats 00:06:27
    6. Identify Vulnerabilities 00:02:22
    7. Likelihood, Impact, and Risk 00:02:47
    8. Qualitative and Quantitative Assessments 00:05:19
    9. Reviewing Controls 00:06:55
    10. Network Perimeter Security 00:07:37
    11. Network Segmentation 00:02:38
    12. Network Access Control 00:05:49
    13. Defense Deception Methods 00:03:26
    14. Secure Endpoint Management 00:07:00
    15. Penetration Testing 00:07:29
    16. Security Exercises and Training 00:02:56
    17. Reverse Engineering 00:06:03
    18. Reconnaissance and Intelligence 00:01:06
    19. Footprinting the Network 00:02:54
    20. Network Mapping 00:03:54
    21. Port Scanning 00:05:18
    22. Other Port Scanners 00:02:00
    23. NMAP - Demonstration of the world's most popular port scanning tool 00:06:06
    24. Passive Reconnaissance 00:04:10
    25. Passive Recon - Network Devices 00:07:48
    26. Passive Recon – Netstat 00:04:29
    27. DHCP Logs and Configs 00:03:00
    28. Firewall Logs and Configs 00:03:42
    29. System and Host Log Files 00:02:24
    30. DNS Harvesting 00:03:22
    31. Domain Names and IP Ranges 00:02:37
    32. DNS Zone Transfers 00:03:26
    33. Whois and Host Commands 00:03:01
    34. Information Gathering and Aggregation 00:04:10
    35. Organizational Intelligence 00:07:46
    36. Detecting, Preventing, and Responding to Reconnaissance 00:06:46
  3. Chapter 3 : Domain 2: Vulnerability Management (26%)
    1. Domain 2: Vulnerability Management 00:02:33
    2. Regulatory Requirements 00:07:05
    3. Corporate Requirements 00:07:00
    4. Scanning Tools 00:03:34
    5. Scoping Scans 00:03:30
    6. Configuring Scans 00:00:34
    7. Scanning Sensitivity 00:03:17
    8. Scanning Perspective 00:01:23
    9. Authenticated Scanning 00:03:42
    10. Maintaining Scanners 00:03:20
    11. Standardizing Vulnerabilities 00:03:21
    12. Workflow for Remediation 00:02:46
    13. Vulnerability Reporting 00:04:13
    14. Remediation Priority 00:04:14
    15. Implementing and Testing 00:05:30
    16. Nessus Vulnerability Scanner: A Walkthrough 00:09:48
    17. Interpreting Scan Results 00:08:18
    18. Interpreting CVSS 00:06:13
    19. Calculating the CVSS Score 00:04:02
    20. CVSS Temporal Score 00:03:35
    21. Validation of Results 00:06:22
    22. Common Vulnerabilities 00:02:42
    23. Server and Host Vulnerabilities 00:06:32
    24. Network Vulnerabilities 00:06:03
    25. Virtualization Vulnerabilities 00:04:18
    26. Web Application Vulnerabilities 00:05:11
    27. Internet of Things (IoT) Vulnerabilities 00:03:28
  4. Chapter 4 : Domain 3: Cyber Incident Response (23%)
    1. Domain 3: Cyber Incident Response 00:01:39
    2. Security Incidents 00:03:44
    3. Incident Response Teams 00:08:33
    4. Incident Response Phases 00:10:57
    5. Incident Response Policy and Procedures 00:04:36
    6. Communication and Info Sharing 00:04:25
    7. Incident Classification 00:08:14
    8. Network Event Monitoring 00:07:38
    9. Network Monitoring Tools 00:04:42
    10. Detecting Network Events 00:06:13
    11. Network Probes and Attacks 00:05:53
    12. Server and Host Events 00:05:18
    13. Service and Application Events 00:05:05
    14. Digital Forensics 00:02:39
    15. Forensic Toolkit Components 00:08:16
    16. Mobile Forensic Toolkits 00:02:56
    17. Forensic Software 00:06:50
    18. Training and Certification 00:02:22
    19. Forensic Investigation Process 00:05:01
    20. Disk Imaging 00:04:50
    21. Disk Imaging Using dd 00:02:59
    22. Disk Imaging Using FTK Imager 00:06:32
    23. Incident Containment 00:06:55
    24. Eradication and Recovery 00:06:37
    25. Finishing the Response 00:05:01
  5. Chapter 5 : Domain 4: Security Architecture and Toolsets (24%)
    1. Domain 4: Security Architecture and Tool Sets 00:00:40
    2. Policy Documents 00:07:06
    3. Standard Frameworks 00:07:49
    4. Policy-based Controls 00:03:33
    5. Audits and Assessments 00:02:10
    6. Laws and Regulations 00:05:04
    7. Defence in Depth 00:05:20
    8. Types of Controls 00:04:42
    9. Layered Network Defence 00:04:37
    10. Layered Host Security 00:03:07
    11. Data Analytics 00:04:06
    12. Personnel Security 00:05:59
    13. Outsourcing Concerns 00:03:04
    14. User Awareness Training 00:03:51
    15. Analyzing Secure Architectures 00:08:10
    16. What Is Identity? 00:04:56
    17. Identity Systems 00:11:32
    18. Threats to Identity Systems 00:03:13
    19. Attacking AAA Protocols and Systems 00:09:06
    20. Targeting Account Lifecycle 00:03:32
    21. Identity Exploits 00:03:02
    22. Credential Theft 00:03:22
    23. Securing Authentication and Authorization System 00:06:06
    24. Identity as a Service (IDaaS) 00:02:18
    25. Detecting Identity Attacks 00:01:37
    26. Federated Identity Systems 00:10:35
    27. Software Development Life Cycle (SDLC) 00:08:16
    28. Software Development Models 00:10:44
    29. Coding for Security 00:07:13
    30. Testing Application Security 00:05:34
    31. Finding Security Flaws 00:06:42
    32. Web Application Vulnerability Scanners 00:05:47
  6. Chapter 6 : Conclusion
    1. Conclusion 00:01:57