About CompTIA CySA+ Practice Exam

The CompTIA Cybersecurity Analyst (CySA+) exam has been built to assess the skills of the candidate needed to handle tasks including -

• Implementing intelligence and threat detection techniques

• Examining and interpreting data

• Observing and addressing vulnerabilities

• Recommend preventative measures

• Ability to effectively respond and recover from incidents.

  
  

CompTIA CySA+ Course Outline

The CompTIA CySA+ (CS0-002) Exam develops skills on topics -

DOMAIN 1 - Describe Threat and Vulnerability Management - 22%

1.1 Understand the importance of threat data and intelligence.

• Learn Intelligence sources

• Learn Confidence levels

• Learn Indicator management

• Learn Threat classification and factors

• Learn Intelligence cycle

• Learn Commodity malware

• Learn Information sharing and analysis communities

1.2 Learn to utilize threat intelligence for supporting organizational security.

• Understand the Attack frameworks

• Overview of Threat research

• Learn about Threat modeling methodologies

• Overview of Threat intelligence sharing

• Understanding the concept of Validation

• Explain Remediation/mitigation

• Understanding Scanning parameters and scenario

• Learn about Inhibitors to remediation

1.3 Understand and examine the output from common vulnerability assessment tools.

• Lean Web application scanner

• Learn Infrastructure vulnerability scanner

• Overview of Software assessment tools and techniques

• Understanding the concept of Enumeration

• Learn about Wireless assessment tools

• Understanding Cloud infrastructure assessment tools

1.4 Understanding threats and vulnerabilities with specialized technology.

• Understanding Internet of Things (IoT)

• Overview of Real-time operating system (RTOS)
  

• Overview of System-on-Chip (SoC)

• Understanding Field programmable gate array (FPGA)

• Understand Physical access control

• Learn and build automation systems

• Overview of Vehicles and drones

• Learning Workflow and process automation systems

• Understanding industrial control system

• Overview of SCADA - Supervisory Control and Data Acquisition (SCADA)

1.5 Understand threats and vulnerabilities with operating in the cloud.

• Overview of Cloud service models

• Understanding cloud deployment models

• Learn Function as a Service (FaaS)/serverless architecture

• Overview of Infrastructure as code (IaC)

• Describe Insecure application programming interface (API)

• Understand improper key management

• Learn about Unprotected storage

• Overview of Logging and monitoring

1.6 Learn to execute controls to mitigate attacks and software vulnerabilities.

• Understanding types of Attack

• Learning about vulnerabilities

DOMAIN 2 - Software and Systems Security

2.1 Learn to implement security solutions for infrastructure management.

• Overview of Cloud vs. on-premises

• Understanding Asset management

• Understanding Network architecture

• Describe Change management

• Learn concepts of Virtualization and Containerization

• Overview of Identity and access management

• Understanding Cloud access security broker (CASB)

2.2 Understanding software assurance best practices.

• Understanding Platforms

• Overview of Software development life cycle (SDLC) integration

• Understanding DevSecOps

• Learn about Software assessment methods

• Learn Secure coding best practices

• Understand Static analysis tools

• Overview of Dynamic analysis tools

• Learn about methods for verification of critical software

• Understanding Service-oriented architecture

2.3 Explain hardware assurance best practices.

• Understanding Hardware root of trust

• Overview of eFuse

• Describe Unified Extensible Firmware Interface (UEFI)

• Understanding Trusted foundry

• Overview of Secure processing

• Overview of Anti-tamper

• Understanding Self-encrypting drive

• Overview of Trusted firmware

• Understanding measured boot and attestation

DOMAIN 3 - Describe Security Operations and Monitoring - 25%

3.1 Examine data as part of security monitoring activities.

• Learning Heuristics and Trend analysis

• Overview of Endpoint and Network

• Describe Log reviews

• Conducting Impact analysis

• Overview of Query writing concept

• Understanding E-mail analysis

3.2 Learn to examine configuration changes to existing controls.

• Understanding Permissions

• Overview of Whitelisting

• Describe Blacklisting

• Overview of Firewall

• Define Intrusion prevention system (IPS) rules

• Learning about Data loss prevention (DLP)

• Overview of Endpoint detection and response (EDR)

• Understanding Network access control (NAC)

• Overview Sinkholing

• Understanding Malware signatures

• Learn about Sandboxing and Port security

3.3 Understanding the significance of proactive threat hunting.

• Learn about establishing a hypothesis

• Overview of profiling threat actors and activities

• Understanding Threat hunting tactics

• Understanding the attack surface area

• Overview of bundling critical assets

• Understanding Attack vectors

• Overview of Integrated intelligence

• Learning about detection capabilities

3.4 Understand automation concepts and technologies.

• Understanding Workflow orchestration

• Overview of Scripting

• Learning about application programming interface (API) integration

• Creating Automated malware signature

• Overview of Data enrichment

• Understanding threat feed combination

• Understanding Machine learning

• Learning automation protocols and standards

3.5 Describe Security Content Automation Protocol (SCAP)

• Learning continuous integration

• Overview of continuous deployment/delivery

DOMAIN 4 - Describe Incident Response - 22%

4.1 Understand the significance of the incident response process.

• Understanding Communication plan

• Learn about Response coordination

• Understanding Factors contributing to data criticality

4.2 Learn to implement incident response procedure.

• Understanding Preparation

• Learn about Detection and analysis

• Learn about Containment

• Overview of Eradication and recovery

• Understanding Post-incident activities

4.3 Learn to examine potential indicators of compromise.

• Overview of Network-related

• Overview f Host-related

• Understanding Application-related

4.4 Understand and Implement basic digital forensics techniques.

• Overview of Network

• Overview of Endpoint

• Learning about Mobile

• Overview of Cloud

• Learn about Virtualization

• Understand Legal hold

• Learn Procedures of Hashing

• Understanding Data acquisition

DOMAIN 5 - Describe Compliance and Assessment - 13%

5.1 Explain the significance of data privacy and protection.

• Overview of Privacy vs. security

• Understanding Non-technical controls

• Learn about Technical controls

5.2 Understand and Implement security concepts in support of organizational risk mitigation.

• Understanding Business impact analysis

• Overview of a risk identification process and risk calculation

• Overview of risk factors and Risk prioritization

• Understanding systems assessment

• Learning documented compensating controls

• Learn about Supply chain assessment

• Understanding Control type

• Learn concepts of audits and assessments

•