Premium Features

Previous Buy now to get complete version Next
  • Home
uCertify Logo
    • Your cart is empty
    • Continue Shopping
    • View Cart
  • login
  • Signup
    • Help & Support
    • Accessibility
    • Testimonials
  • Powered by uCertify
  • Cart 0
    • Your cart is empty
    • Continue Shopping
    • View Cart
  • Hello GuestLogin or Signup
  • Feedback & Support
    • Support
    • Keyboard Shortcuts
    • Send Feedback
Scroll to top button

CompTIA CySA+ (CS0-002)

(CS0-002.AB1) / ISBN: 978-1-64459-230-4
This course includes
Lessons
TestPrep
LiveLab
Mentoring (Add-on)
CS0-002.AB1 : CompTIA CySA+ (CS0-002)
$150
Buy Now
Exam Voucher
Your exam voucher code will be delivered via email within 24 hours of purchase
Try this course Pre-Assessment and first two Lessons free No credit card required
Are you an instructor? Teach using uCertify products
Request a free evaluation copy

CompTIA CySA+ (CS0-002)

Get certified for the CySA+ CS0-002 exam with the CompTIA Cybersecurity Analyst (CySA+) course and lab. The lab provides a hands-on learning experience in a safe, online environment. The CySA+ study guide covers the CS0-002 exam objectives and provides an understanding of the topics such as firewalls and anti-virus software. The CySA+ practice test will provide you an analytics-based approach within the IT security industry that is increasingly important for organizations.
Here's what you will get

The CompTIA CySA+ certification proves that the candidate has the ability required for identifying and combating malware and advanced persistent threats (APTs), resulting in enhanced threat visibility across a broad attack surface. The CompTIA CySA+ CS0-002 exam enhances the intelligence and threat detection techniques required in the market along with analyzing and interpreting data and identifying and addressing vulnerabilities.

Lessons
  • 22+ Lessons
  • 180+ Quizzes
  • 522+ Flashcards
  • 522+ Glossary of terms
TestPrep
  • 84+ Pre Assessment Questions
  • 2+ Full Length Tests
  • 90+ Post Assessment Questions
  • 173+ Practice Test Questions
LiveLab
  • 37+ LiveLab
  • 37+ Video tutorials
  • 01:43+ Hours
Here's what you will learn
Download Course Outline
Lesson 1: Introduction
  • Goals and Methods
  • Who Should Read This Course?
  • Strategies for Exam Preparation
  • How the Course Is Organized
  • What’s New?
Lesson 2: The Importance of Threat Data and Intelligence
  • Intelligence Sources
  • Indicator Management
  • Threat Classification
  • Threat Actors
  • Intelligence Cycle
  • Commodity Malware
  • Information Sharing and Analysis Communities
  • Review All Key Topics
  • Review Questions
Lesson 3: Utilizing Threat Intelligence to Support Organizational Security
  • Attack Frameworks
  • Threat Research
  • Threat Modeling Methodologies
  • Threat Intelligence Sharing with Supported Functions
  • Review All Key Topics
  • Review Questions
Lesson 4: Vulnerability Management Activities
  • Vulnerability Identification
  • Validation
  • Remediation/Mitigation
  • Scanning Parameters and Criteria
  • Inhibitors to Remediation
  • Review All Key Topics
  • Review Questions
Lesson 5: Analyzing Assessment Output
  • Web Application Scanner
  • Infrastructure Vulnerability Scanner
  • Software Assessment Tools and Techniques
  • Enumeration
  • Wireless Assessment Tools
  • Cloud Infrastructure Assessment Tools
  • Review All Key Topics
  • Review Questions
Lesson 6: Threats and Vulnerabilities Associated with Specialized Technology
  • Mobile
  • Internet of Things (IoT)
  • Embedded Systems
  • Real-Time Operating System (RTOS)
  • System-on-Chip (SoC)
  • Field Programmable Gate Array (FPGA)
  • Physical Access Control
  • Building Automation Systems
  • Vehicles and Drones
  • Workflow and Process Automation Systems
  • Incident Command System (ICS)
  • Supervisory Control and Data Acquisition (SCADA)
  • Review All Key Topics
  • Review Questions
Lesson 7: Threats and Vulnerabilities Associated with Operating in the Cloud
  • Cloud Deployment Models
  • Cloud Service Models
  • Function as a Service (FaaS)/Serverless Architecture
  • Infrastructure as Code (IaC)
  • Insecure Application Programming Interface (API)
  • Improper Key Management
  • Unprotected Storage
  • Logging and Monitoring
  • Review All Key Topics
  • Review Questions
Lesson 8: Implementing Controls to Mitigate Attacks and Software Vulnerabilities
  • Attack Types
  • Vulnerabilities
  • Review All Key Topics
  • Review Questions
Lesson 9: Security Solutions for Infrastructure Management
  • Cloud vs. On-premises
  • Asset Management
  • Segmentation
  • Network Architecture
  • Change Management
  • Virtualization
  • Containerization
  • Identity and Access Management
  • Cloud Access Security Broker (CASB)
  • Honeypot
  • Monitoring and Logging
  • Encryption
  • Certificate Management
  • Active Defense
  • Review All Key Topics
  • Review Questions
Lesson 10: Software Assurance Best Practices
  • Platforms
  • Software Development Life Cycle (SDLC) Integration
  • DevSecOps
  • Software Assessment Methods
  • Secure Coding Best Practices
  • Static Analysis Tools
  • Dynamic Analysis Tools
  • Formal Methods for Verification of Critical Software
  • Service-Oriented Architecture
  • Review All Key Topics
  • Review Questions
Lesson 11: Hardware Assurance Best Practices
  • Hardware Root of Trust
  • eFuse
  • Unified Extensible Firmware Interface (UEFI)
  • Trusted Foundry
  • Secure Processing
  • Anti-Tamper
  • Self-Encrypting Drives
  • Trusted Firmware Updates
  • Measured Boot and Attestation
  • Bus Encryption
  • Review All Key Topics
  • Review Questions
Lesson 12: Analyzing Data as Part of Security Monitoring Activities
  • Heuristics
  • Trend Analysis
  • Endpoint
  • Network
  • Log Review
  • Impact Analysis
  • Security Information and Event Management (SIEM) Review
  • Query Writing
  • E-mail Analysis
  • Review All Key Topics
  • Review Questions
Lesson 13: Implementing Configuration Changes to Existing Controls to Improve Security
  • Permissions
  • Whitelisting and Blacklisting
  • Firewall
  • Intrusion Prevention System (IPS) Rules
  • Data Loss Prevention (DLP)
  • Endpoint Detection and Response (EDR)
  • Network Access Control (NAC)
  • Sinkholing
  • Malware Signatures
  • Sandboxing
  • Port Security
  • Review All Key Topics
  • Review Questions
Lesson 14: The Importance of Proactive Threat Hunting
  • Establishing a Hypothesis
  • Profiling Threat Actors and Activities
  • Threat Hunting Tactics
  • Reducing the Attack Surface Area
  • Bundling Critical Assets
  • Attack Vectors
  • Integrated Intelligence
  • Improving Detection Capabilities
  • Review All Key Topics
  • Review Questions
Lesson 15: Automation Concepts and Technologies
  • Workflow Orchestration
  • Scripting
  • Application Programming Interface (API) Integration
  • Automated Malware Signature Creation
  • Data Enrichment
  • Threat Feed Combination
  • Machine Learning
  • Use of Automation Protocols and Standards
  • Continuous Integration
  • Continuous Deployment/Delivery
  • Review All Key Topics
  • Review Questions
Lesson 16: The Incident Response Process
  • Communication Plan
  • Response Coordination with Relevant Entities
  • Factors Contributing to Data Criticality
  • Review All Key Topics
  • Review Questions
Lesson 17: Applying the Appropriate Incident Response Procedure
  • Preparation
  • Detection and Analysis
  • Containment
  • Eradication and Recovery
  • Post-Incident Activities
  • Review All Key Topics
  • Review Questions
Lesson 18: Analyzing Potential Indicators of Compromise
  • Network-Related Indicators of Compromise
  • Host-Related Indicators of Compromise
  • Application-Related Indicators of Compromise
  • Review All Key Topics
  • Review Questions
Lesson 19: Utilizing Basic Digital Forensics Techniques
  • Network
  • Endpoint
  • Mobile
  • Cloud
  • Virtualization
  • Legal Hold
  • Procedures
  • Hashing
  • Carving
  • Data Acquisition
  • Review All Key Topics
  • Review Questions
Lesson 20: The Importance of Data Privacy and Protection
  • Privacy vs. Security
  • Non-technical Controls
  • Technical Controls
  • Review All Key Topics
  • Review Questions
Lesson 21: Applying Security Concepts in Support of Organizational Risk Mitigation
  • Business Impact Analysis
  • Risk Identification Process
  • Risk Calculation
  • Communication of Risk Factors
  • Risk Prioritization
  • Systems Assessment
  • Documented Compensating Controls
  • Training and Exercises
  • Supply Chain Assessment
  • Review All Key Topics
  • Review Questions
Lesson 22: The Importance of Frameworks, Policies, Procedures, and Controls
  • Frameworks
  • Policies and Procedures
  • Category
  • Control Type
  • Audits and Assessments
  • Review All Key Topics
  • Review Questions

Hands on Activities (Live Labs)

Vulnerability Management Activities

  • Conducting Vulnerability Scanning Using Nessus

Analyzing Assessment Output

  • Using Nikto
  • Using OWASP ZAP
  • Inspecting the Vulnerability in the Echo Server's Source Code
  • Performing Reconnaissance on a Network
  • Using the hping Program
  • Identifying Search Options in Metasploit

Implementing Controls to Mitigate Attacks and Software Vulnerabilities

  • Scanning the Rootkit
  • Configuring DHCP Snooping
  • Performing a MITM Attack
  • Exploiting a Website Using SQL Injection
  • Performing Session Hijacking Using Burp Suite
  • Detecting Rootkits
  • Using Ettercap for ARP Spoofing

Security Solutions for Infrastructure Management

  • Configuring Remote Access VPN
  • Configuring the SSL Port Setting
  • Attacking a Website Using XSS Injection
  • Setting up a Honeypot on Kali Linux
  • Using the MD5 Hash Algorithm
  • Encrypting and Decrypting a File Using AES Crypt

Analyzing Data as Part of Security Monitoring Activities

  • Performing a Memory-Based Attack
  • Using Apktool to Decode and Analyze the apk file
  • Simulating the DDoS Attack
  • Simulating a DoS Attack
  • Scanning the Website using URLVoid
  • Configuring Snort
  • Making Syslog Entries Readable
  • Examining Audited Events
  • Installing Splunk on the Server

Implementing Configuration Changes to Existing Controls to Improve Security

  • Using the iptables Command to Create a Personal Firewall in Linux

The Importance of Proactive Threat Hunting

  • Working with Task Manager

Applying the Appropriate Incident Response Procedure

  • Configuring a Perimeter Firewall

Analyzing Potential Indicators of Compromise

  • Performing the Initial Scan

Utilizing Basic Digital Forensics Techniques

  • Confirming the Spoofing Attack in Wireshark
  • Capturing a Packet Using Wireshark
  • Downloading and Installing Wireshark

The Importance of Frameworks, Policies, Procedures, and Controls

  • Reviewing and Modifying the Policy Items
Exam FAQs
What are the prerequisites for this exam? There is no required prerequisite for CompTIA CS0-001 certification exam, but the candidate should hold CompTIA Network+, Security+ or equivalent knowledge. He or she should have a minimum of 3-4 years of hands-on information security or related experience.
What is the exam registration fee? USD 370
Where do I take the exam?

Pearson VUE

  • Testing Centers
  • Online Testing
What is the format of the exam? Multiple-choice and performance-based
How many questions are asked in the exam? The exam contains 85 questions.
What is the duration of the exam? 165 minutes
What is the passing score? 750

(on a scale of 100-900)

What is the exam's retake policy?

In the event that you fail your first attempt at passing the CySA+ examination, CompTIA's retake policies are:

  1. CompTIA does not require a waiting period between the first and second attempt to pass such examination. However, if you need a third or subsequent attempt to pass the examination, you shall be required to wait for a period of at least 14 calendar days from the date of your last attempt before you can retake the exam.
  2. If a candidate has passed an exam, he/she cannot take it again without prior consent from CompTIA.
  3. A test result found to be in violation of the retake policy will not be processed, which will result in no credit awarded for the test taken. Repeat violators will be banned from participation in the CompTIA Certification Program.
  4. Candidates must pay the exam price each time they attempt the exam. CompTIA does not offer free re-tests or discounts on retakes.
What is the validity of the certification? CompTIA CySA+ certification expires after three years from the date of issue, after which the certification holder will need to renew their certification via CompTIA's Continuing Education Program.
Where can I find more information about this exam? Know more about the CS0-002
What are the career opportunities after passing this exam?
  • Compliance Analyst
  • Threat Intelligence Analyst
  • Application Security Analyst
  • Incident Response or Handler
×
uc logo for app downloadDownload our uCertify App [lms_setting_placeholder: This filed is used to set the LMS settings.

Share with your friends and colleagues

We use cookies to enhance your experience. By continuing to visit this site you agree to our use of cookies. More information
Accept