CompTIA Cybersecurity Analyst CYSA+

Duration : 5 days

© AFI Expertise inc.

• This course teaches you the knowledge and skills required to perform a host of tasks related to securing and protecting applications and systems within an organisation.
• Our experienced instructors will teach you to configure threat detection tools, perform data analysis and interpret the results to identify vulnerabilities, threats and risks to an organisation.
• Cyber security analytics vastly improves your threat visibility by focusing on network behaviour, including an organisation’s interior network. These threats are better detected through analytics.

Audience

• IT Security Analyst
• Security Operations Center (SOC) Analyst
• Vulnerability Analyst
• Cybersecurity Specialist
• Threat Intelligence Analyst
• Security Engineer

Prerequisites

• At least two years (recommended) of experience in computer network security technology or a related field.
• The ability to recognize information security vulnerabilities and threats in the context of risk management.
• Foundation-level operational skills with some of the common operating systems for computing environments.
• Foundational knowledge of the concepts and operational framework of common assurance safeguards in computing environments. Safeguards include, but are not limited to, basic authentication and authorization, resource permissions, and anti-malware mechanisms.
• Foundation-level understanding of some of the common concepts for network environments, such as routing and switching.
• Foundational knowledge of major TCP/IP networking protocols including, but not limited to, TCP, IP, UDP, DNS, HTTP, ARP, ICMP, and DHCP.
• Foundational knowledge of the concepts and operational framework of common assurance safeguards in network environments. Safeguards include, but are not limited to, firewalls, intrusion prevention systems, and VPNs.

Objectives

CySA+ course you will focus on the following four cyber security domains:

• Threat Management
• Vulnerability Management
• Cyber Incident Response
• Security Architecture and Tool Sets

Contents

Threat Management

• Given a scenario, apply environmental reconnaissance techniques using appropriate tools and processes
• Given a scenario, analyse the results of a network reconnaissance
• Given a network-based threat, implement or recommend the appropriate response and countermeasure
• Explain the purpose of practices used to secure a corporate environment

Vulnerability Management

• Given a scenario, implement an information security vulnerability management process
• Given a scenario, analyse the output resulting from a vulnerability scan
• Compare and contrast common vulnerabilities found in the following targets

Cyber Incident Response

• Given a scenario, distinguish threat data or behaviour to determine the impact of an incident
• Given a scenario, prepare a toolkit and use appropriate forensics tools during an investigation
• Explain the importance of communication during the incident response process
• Given a scenario, analyse common symptoms to select the best course of action to support incident response
• Summarise the incident recovery and post-incident response process

Security Architecture and Tool Sets

• Explain the relationship between frameworks, common policies, Given a scenario, use data to recommend remediation of security issues related to identity and access management
• Given a scenario, review security architecture and make recommendations to implement compensating controls
• Given a scenario, use application security best practices while participating in the Software Development Life Cycle (SDLC)
• Compare and contrast the general purpose and reasons for using various cybersecurity tools and technologies