CompTIA

Cybersecurity Analyst

About the CompTIA Cybersecurity Analyst Course

The CompTIA Cybersecurity Analyst (CySA+) course is an international, vendor-neutral cybersecurity certification that applies behavioural analytics to improve the overall state of IT security. The CySA+ course validates knowledge and skills that are required to prevent, detect and combat cybersecurity threats. In addition, this course covers the duties of those who are responsible for monitoring and detecting security incidents in information systems and networks, and for executing a proper response to such incidents. Depending on the size of the organization, this individual may act alone or may be a member of a cybersecurity incident response team (CSIRT). The course introduces delegates to tools and tactics to manage cybersecurity risks, identify various types of common threats, evaluate the organization’s security, collect and analyse cybersecurity intelligence, and handle incidents as they occur. Ultimately, the course promotes a comprehensive approach to security aimed towards those on the front lines of defence.

Audience profile:

This course is designed primarily for cybersecurity practitioners who perform job functions related to protecting information systems by ensuring their availability, integrity, authentication, confidentiality, and non-repudiation. This course focuses on the knowledge, ability, and skills necessary to provide for the defence of those information systems in a cybersecurity context, including protection, detection, analysis, investigation, and response processes. In addition, the course ensures that all members of an IT team, from help desk staff to the Chief Information Officer, understand their role in these security processes.

Course objectives:

CompTIA CySA+ will teach you the fundamental principles of using threat and vulnerability analysis tools plus digital forensics tools. It will prepare you to take the CompTIA CySA+ CS0-002 exam by providing 100% coverage of the objectives and content examples listed on the syllabus. After completing the CompTIA CySA+ course, delegates will have the skills and knowledge to:

  • Leverage intelligence and threat detection techniques

  • Analyse and interpret data

  • Identify and address vulnerabilities

  • Suggest preventative measures

  • Effectively respond to and recover from incidents

     

Associated certifications and exam:

The CompTIA Cybersecurity Analyst (CySA+) certification verifies that successful candidates have the knowledge and skills required to leverage intelligence and threat detection techniques, analyse and interpret data, identify and address vulnerabilities, suggest preventative measures, and effectively respond to and recover from incidents.

This course is designed to prepare students to take the CompTIA CS0-003 international examination. Successfully passing this exam will result in the achievement of the CompTIA Cybersecurity Analyst (CySA+) certification.

 
Comptia cybersecurity analyst

To get the most out of the CompTIA CySA+ Study Guide and be able to prepare for your exam you should have successfully earned the CompTIA Network+ certification and CompTIA Security+ certification or have equivalent knowledge. Specifically, it is recommended that you have the following skills and knowledge before starting this course:

  • Know basic network terminology and functions (such as OSI Model, Topology, Ethernet, Wi-Fi, switches, routers).

  • Understand TCP/IP addressing, core protocols, and troubleshooting tools

  • Identify network attack strategies and defences.

  • Know the technologies and uses of cryptographic standards and products

  • Identify network- and host-based security technologies and practices.

  • Describe the standards and products used to enforce security on web and communications technologies.

5 Days

Online/Instructor Led

CySA+

Modules

  • Identify Security Control Types
  • Explain the Importance of Threat Data and Intelligence
  • Classify Threats & Threat Actor Types
  • Utilise Attack Frameworks & Indicator Management
  • Utilise Threat Modelling & Hunting Methodologies
  • Analyse Network Monitoring Output
  • Analyse Appliance Monitoring Output
  • Analyse Endpoint Monitoring Output
  • Analyse Email Monitoring Output
  • Configure Log Review and SIEM Tools
  • Analyse and Query Logs and SIEM Data
  • Identify Digital Forensics Techniques
  • Analyse Network-related IoCs
  • Analyse Host-related IoCs
  • Analyse Application-Related IoCs
  • Analyse Lateral Movement and Pivot IoCs
  • Explain Incident Response Processes
  • Apply Detection and Containment Processes
  • Apply Eradication, Recovery, and Post Incident Processes
  • Apply Risk Identification, Calculation, and Prioritisation Processes
  • Explain Frameworks, Policies, and Procedures
  • Analyse Output from Enumeration Tools
  • Configure Infrastructure Vulnerability Scanning Parameters
  • Analyse Output from Infrastructure Vulnerability Scanners
  • Mitigate Vulnerability Issues
  • Apply Identity and Access Management Security Solutions
  • Apply Network Architecture and Segmentation Security Solutions
  • Explain Hardware Assurance Best Practices
  • Explain Vulnerabilities Associated with Specialised Technology
  • Identify Non-Technical Data and Privacy Controls
  • Identify Technical Data and Privacy Controls