CompTIA Cybersecurity Analyst (CySA+) (CS0-003) Cert Prep

سرفصل های دوره

Earning the CompTIA Cybersecurity Analyst+ (CySA+) certification demonstrates that you know how to address cybersecurity threats using an analytics-based approach. This course serves as a comprehensive, all-in-one resource for anyone preparing for the CS0-003 exam. Join University of Notre Dame professor and cybersecurity expert Mike Chapple as he shows you the skills you need to know to tackle the official exam. Mike starts with an overview and general information about the exam, and then goes into detail through each domain of the certification test.

01 - Introduction

01 - About the CySA+ exam

02 - Whats new in CS0-003

02 - 1. The CySA+ Exam

01 - Careers in information security

02 - Value of certification

03 - Stackable certifications

03 - 2. Inside the CySA+ Exam

01 - The CySA+ exam

02 - The CySA+ in-person exam environment

03 - At-home testing

04 - CySA+ question types

05 - Passing the CySA+ exam

04 - 3. Preparing for the CySA+ Exam

01 - Study resources

02 - Exam tips

03 - Continuing education requirements

05 - 4. Domain 1 Security Operations

01 - Security Operations

06 - 5. Operating System Security

01 - The goals of information security

02 - Role of the cybersecurity analyst

03 - Operating system security

04 - Windows Registry

05 - Configuration files

06 - System processes

07 - Hardware architecture

07 - 6. Logging

01 - Logging security information

02 - Security information and event management

03 - Tuning and configuring SIEMs

04 - Continuous security monitoring

08 - 7. Infrastructure Concepts

01 - Virtualization

02 - Cloud infrastructure components

03 - Containers

09 - 8. Network Security

01 - Network architecture

02 - Security zones

03 - VLANs and network segmentation

04 - Zero-trust networking

05 - Secure access service edge (SASE)

06 - Software-defined networking (SDN)

10 - 9. Identity and Access Management

01 - Identification, authentication, authorization, and accounting

02 - Usernames and access cards

03 - Biometrics

04 - Authentication factors

05 - Multifactor authentication

06 - Something you have

07 - Password authentication protocols

08 - Single sign-on and federation

09 - Passwordless authentication

10 - Privileged access management

11 - Cloud access security brokers

11 - 10. Encryption

01 - Understanding encryption

02 - Symmetric and asymmetric cryptography

03 - Goals of cryptography

04 - Trust models

05 - PKI and digital certificates

06 - TLS and SSL

12 - 11. Sensitive Data Protection

01 - Data classification

02 - Data loss prevention

13 - 12. Indicators of Malicious Activity

01 - Network symptoms

02 - Rogue access points and evil twins

03 - Endpoint symptoms

04 - Application symptoms

05 - Obfuscated links

06 - Social engineering

14 - 13. Tools and Techniques

01 - Protocol analyzers

02 - DNS and IP reputation

03 - Endpoint monitoring

04 - Malware prevention

05 - Executable analysis

06 - Cuckoo and Joe Sandbox

07 - User account monitoring

15 - 14. Email Analysis

01 - Malicious email content

02 - Digital signatures

03 - DKIM, DMARC, and SPF

04 - Analyzing email headers

16 - 15. Programming and Scripting

01 - Shell and script environments

02 - APIs

03 - Querying logs

17 - 16. Understanding the Cybersecurity Threat

01 - Threat actors

02 - Zero-days and the APT

03 - Supply chain vulnerabilities

04 - Threat classification

18 - 17. Threat Intelligence

01 - Threat intelligence

02 - Managing threat indicators

03 - Intelligence sharing

04 - Threat research

05 - Identifying threats

06 - Automating threat intelligence

07 - Threat hunting

08 - Deception technologies

19 - 18. Efficiency and Process Improvement

01 - Standardizing processes and streamlining operations

02 - Technology and tool integration

20 - 19. Domain 2 Vulnerability Management

01 - Vulnerability Management

21 - 20. Creating a Vulnerability Management Program

01 - What is vulnerability management

02 - Identify scan targets

03 - Scan frequency

22 - 21. Network Mapping

01 - Network scanning

02 - Install Nmap on Windows

03 - Install Nmap on macOS

04 - Run and interpret a simple Nmap scan

05 - Host discovery with Nmap

06 - Operate system fingerprinting

07 - Service version detection

23 - 22. Configuring and Executing Vulnerability Scans

01 - Security baseline scanning

02 - Scan configuration

03 - Scan perspective

04 - Scanner maintenance

05 - Vulnerability scanning tools

06 - Passive vulnerability scanning

24 - 23. Analyzing Scan Results

01 - SCAP

02 - CVSS

03 - Interpret CVSS scores

04 - Analyze scan reports

05 - Correlate scan results

25 - 24. Common Vulnerabilities

01 - Server vulnerabilities

02 - Endpoint vulnerabilities

03 - Network vulnerabilities

26 - 25. Software Security Issues

01 - OWASP Top 10

02 - Prevent SQL injection

03 - Understand cross-site scripting

04 - Request forgery

05 - Privilege escalation

06 - Directory traversal

07 - File inclusion

08 - Overflow attacks

09 - Cookies and attachments

10 - Session hijacking

11 - Race conditions

12 - Memory vulnerabilities

13 - Code execution attacks

14 - Data poisoning

15 - Third-party code

16 - Interception proxies

27 - 26. Specialized Technology Vulnerabilities

01 - Industrial control systems

02 - Internet of Things

03 - Embedded systems

28 - 27. More Cybersecurity Tools

01 - Exploitation frameworks

02 - Cloud auditing tools

03 - Debuggers

04 - Open-source reconnaissance

05 - Control frameworks

29 - 28. Software Development Lifecycle

01 - Software platforms

02 - Development methodologies

03 - Maturity models

04 - Change management

30 - 29. Secure Coding Practices

01 - Input validation

02 - Parameterized queries

03 - Authentication and session management issues

04 - Output encoding

05 - Error and exception handling

06 - Code signing

07 - Database security

08 - Data de-identification

09 - Data obfuscation

31 - 30. Software Quality Assurance

01 - Software testing

02 - Code security tests

03 - Fuzzing

04 - Reverse engineering software

05 - Reverse engineering hardware

32 - 31. Threat Modeling

01 - Threat research

02 - Identify threats

03 - Understand attacks

04 - Threat modeling

05 - Attack surface management

06 - Bug bounty

33 - 32. Security Governance

01 - Align security with the business

02 - Organizational processes

03 - Security roles and responsibilities

04 - Security control selection

34 - 33. Risk Management

01 - Risk assessment

02 - Quantitative risk assessment

03 - Risk treatment options

04 - Risk management frameworks

05 - Risk visibility and reporting

35 - 34. Domain 3 Incident Response and Management

01 - Incident Response and Management

36 - 35. Incident Response Programs

01 - Build an incident response program

02 - Creating an incident response team

03 - Incident communications plan

04 - Incident identification

05 - Escalation and notification

06 - Mitigation

07 - Containment techniques

08 - Incident eradication and recovery

09 - Validation

10 - Post-incident activities

11 - Incident response exercises

37 - 36. Attack Frameworks

01 - MITRE ATT&CK

02 - Diamond model of intrusion analysis

03 - Cyber kill chain analysis

04 - Testing guides

38 - 37. Incident Investigation

01 - Logging security information

02 - Security information and event management

03 - Cloud audits and investigations

39 - 38. Forensic Techniques

01 - Conducting investigations

02 - Evidence types

03 - Introduction to forensics

04 - System and file forensics

05 - File carving

06 - Creating forensic images

07 - Digital forensics toolkit

08 - Operating system analysis

09 - Password forensics

10 - Network forensics

11 - Software forensics

12 - Mobile device forensics

13 - Embedded device forensics

14 - Chain of custody

15 - Ediscovery and evidence production

40 - 39. Business Continuity

01 - Business continuity planning

02 - Business continuity controls

03 - High availability and fault tolerance

41 - 40. Disaster Recovery

01 - Disaster recovery

02 - Backups

03 - Restoring backups

04 - Disaster recovery sites

05 - Testing BCDR plans

06 - After-action reports

42 - 41. Domain 4 Reporting and Communication

01 - Reporting and Communication

43 - 42. Vulnerability Reporting and Communication

01 - Vulnerability communication

02 - Report scan results

03 - Prioritize remediation

04 - Create a remediation workflow

05 - Barriers to vulnerability remediation

06 - Vulnerability metrics

44 - 43. Incident Reporting and Communication

01 - Incident communications plan

02 - Incident identification

03 - Escalation and notification

04 - Post-incident activities

05 - Incident response reports

06 - Incident metrics and KPIs

45 - Conclusion

01 - Continuing your studies

439,000 تومان

افزودن به سبد خرید

خرید دانلودی فوری

در این روش نیاز به افزودن محصول به سبد خرید و تکمیل اطلاعات نیست و شما پس از وارد کردن ایمیل خود و طی کردن مراحل پرداخت لینک های دریافت محصولات را در ایمیل خود دریافت خواهید کرد.

تولید کننده: LinkedIn Learning (Lynda)