CompTIA CySA+ (CS0-002)
(CS0-002.AB1)
/ ISBN: 978-1-64459-230-4
This course includes
Lessons
TestPrep
LiveLab
Mentoring (Add-on)
$150
Exam Voucher
Your exam voucher code will be delivered via email within 24 hours of purchase
CompTIA CySA+ (CS0-002)
Get certified for the CySA+ CS0-002 exam with the CompTIA Cybersecurity Analyst (CySA+) course and lab. The lab provides a hands-on learning experience in a safe, online environment. The CySA+ study guide covers the CS0-002 exam objectives and provides an understanding of the topics such as firewalls and anti-virus software. The CySA+ practice test will provide you an analytics-based approach within the IT security industry that is increasingly important for organizations.
The CompTIA CySA+ certification proves that the candidate has the ability required for identifying and combating malware and advanced persistent threats (APTs), resulting in enhanced threat visibility across a broad attack surface. The CompTIA CySA+ CS0-002 exam enhances the intelligence and threat detection techniques required in the market along with analyzing and interpreting data and identifying and addressing vulnerabilities.
Lessons
-
22+ Lessons
-
180+ Quizzes
-
522+ Flashcards
-
522+ Glossary of terms
TestPrep
-
84+ Pre Assessment Questions
-
2+ Full Length Tests
-
90+ Post Assessment Questions
-
173+ Practice Test Questions
LiveLab
-
37+ LiveLab
-
37+ Video tutorials
-
01:43+ Hours
- Goals and Methods
- Who Should Read This Course?
- Strategies for Exam Preparation
- How the Course Is Organized
- What’s New?
- Intelligence Sources
- Indicator Management
- Threat Classification
- Threat Actors
- Intelligence Cycle
- Commodity Malware
- Information Sharing and Analysis Communities
- Review All Key Topics
- Review Questions
- Attack Frameworks
- Threat Research
- Threat Modeling Methodologies
- Threat Intelligence Sharing with Supported Functions
- Review All Key Topics
- Review Questions
- Vulnerability Identification
- Validation
- Remediation/Mitigation
- Scanning Parameters and Criteria
- Inhibitors to Remediation
- Review All Key Topics
- Review Questions
- Web Application Scanner
- Infrastructure Vulnerability Scanner
- Software Assessment Tools and Techniques
- Enumeration
- Wireless Assessment Tools
- Cloud Infrastructure Assessment Tools
- Review All Key Topics
- Review Questions
- Mobile
- Internet of Things (IoT)
- Embedded Systems
- Real-Time Operating System (RTOS)
- System-on-Chip (SoC)
- Field Programmable Gate Array (FPGA)
- Physical Access Control
- Building Automation Systems
- Vehicles and Drones
- Workflow and Process Automation Systems
- Incident Command System (ICS)
- Supervisory Control and Data Acquisition (SCADA)
- Review All Key Topics
- Review Questions
- Cloud Deployment Models
- Cloud Service Models
- Function as a Service (FaaS)/Serverless Architecture
- Infrastructure as Code (IaC)
- Insecure Application Programming Interface (API)
- Improper Key Management
- Unprotected Storage
- Logging and Monitoring
- Review All Key Topics
- Review Questions
- Attack Types
- Vulnerabilities
- Review All Key Topics
- Review Questions
- Cloud vs. On-premises
- Asset Management
- Segmentation
- Network Architecture
- Change Management
- Virtualization
- Containerization
- Identity and Access Management
- Cloud Access Security Broker (CASB)
- Honeypot
- Monitoring and Logging
- Encryption
- Certificate Management
- Active Defense
- Review All Key Topics
- Review Questions
- Platforms
- Software Development Life Cycle (SDLC) Integration
- DevSecOps
- Software Assessment Methods
- Secure Coding Best Practices
- Static Analysis Tools
- Dynamic Analysis Tools
- Formal Methods for Verification of Critical Software
- Service-Oriented Architecture
- Review All Key Topics
- Review Questions
- Hardware Root of Trust
- eFuse
- Unified Extensible Firmware Interface (UEFI)
- Trusted Foundry
- Secure Processing
- Anti-Tamper
- Self-Encrypting Drives
- Trusted Firmware Updates
- Measured Boot and Attestation
- Bus Encryption
- Review All Key Topics
- Review Questions
- Heuristics
- Trend Analysis
- Endpoint
- Network
- Log Review
- Impact Analysis
- Security Information and Event Management (SIEM) Review
- Query Writing
- E-mail Analysis
- Review All Key Topics
- Review Questions
- Permissions
- Whitelisting and Blacklisting
- Firewall
- Intrusion Prevention System (IPS) Rules
- Data Loss Prevention (DLP)
- Endpoint Detection and Response (EDR)
- Network Access Control (NAC)
- Sinkholing
- Malware Signatures
- Sandboxing
- Port Security
- Review All Key Topics
- Review Questions
- Establishing a Hypothesis
- Profiling Threat Actors and Activities
- Threat Hunting Tactics
- Reducing the Attack Surface Area
- Bundling Critical Assets
- Attack Vectors
- Integrated Intelligence
- Improving Detection Capabilities
- Review All Key Topics
- Review Questions
- Workflow Orchestration
- Scripting
- Application Programming Interface (API) Integration
- Automated Malware Signature Creation
- Data Enrichment
- Threat Feed Combination
- Machine Learning
- Use of Automation Protocols and Standards
- Continuous Integration
- Continuous Deployment/Delivery
- Review All Key Topics
- Review Questions
- Communication Plan
- Response Coordination with Relevant Entities
- Factors Contributing to Data Criticality
- Review All Key Topics
- Review Questions
- Preparation
- Detection and Analysis
- Containment
- Eradication and Recovery
- Post-Incident Activities
- Review All Key Topics
- Review Questions
- Network-Related Indicators of Compromise
- Host-Related Indicators of Compromise
- Application-Related Indicators of Compromise
- Review All Key Topics
- Review Questions
- Network
- Endpoint
- Mobile
- Cloud
- Virtualization
- Legal Hold
- Procedures
- Hashing
- Carving
- Data Acquisition
- Review All Key Topics
- Review Questions
- Privacy vs. Security
- Non-technical Controls
- Technical Controls
- Review All Key Topics
- Review Questions
- Business Impact Analysis
- Risk Identification Process
- Risk Calculation
- Communication of Risk Factors
- Risk Prioritization
- Systems Assessment
- Documented Compensating Controls
- Training and Exercises
- Supply Chain Assessment
- Review All Key Topics
- Review Questions
- Frameworks
- Policies and Procedures
- Category
- Control Type
- Audits and Assessments
- Review All Key Topics
- Review Questions
Hands on Activities (Live Labs)
- Conducting Vulnerability Scanning Using Nessus
- Using Nikto
- Using OWASP ZAP
- Inspecting the Vulnerability in the Echo Server's Source Code
- Performing Reconnaissance on a Network
- Using the hping Program
- Identifying Search Options in Metasploit
- Scanning the Rootkit
- Configuring DHCP Snooping
- Performing a MITM Attack
- Exploiting a Website Using SQL Injection
- Performing Session Hijacking Using Burp Suite
- Detecting Rootkits
- Using Ettercap for ARP Spoofing
- Configuring Remote Access VPN
- Configuring the SSL Port Setting
- Attacking a Website Using XSS Injection
- Setting up a Honeypot on Kali Linux
- Using the MD5 Hash Algorithm
- Encrypting and Decrypting a File Using AES Crypt
- Performing a Memory-Based Attack
- Using Apktool to Decode and Analyze the apk file
- Simulating the DDoS Attack
- Simulating a DoS Attack
- Scanning the Website using URLVoid
- Configuring Snort
- Making Syslog Entries Readable
- Examining Audited Events
- Installing Splunk on the Server
- Using the iptables Command to Create a Personal Firewall in Linux
- Working with Task Manager
- Configuring a Perimeter Firewall
- Performing the Initial Scan
- Confirming the Spoofing Attack in Wireshark
- Capturing a Packet Using Wireshark
- Downloading and Installing Wireshark
- Reviewing and Modifying the Policy Items
| What are the prerequisites for this exam? | There is no required prerequisite for CompTIA CS0-001 certification exam, but the candidate should hold CompTIA Network+, Security+ or equivalent knowledge. He or she should have a minimum of 3-4 years of hands-on information security or related experience. |
|---|---|
| What is the exam registration fee? | USD 370 |
| Where do I take the exam? | Pearson VUE |
| What is the format of the exam? | Multiple-choice and performance-based |
| How many questions are asked in the exam? | The exam contains 85 questions. |
| What is the duration of the exam? | 165 minutes |
| What is the passing score? | 750 (on a scale of 100-900) |
| What is the exam's retake policy? | In the event that you fail your first attempt at passing the CySA+ examination, CompTIA's retake policies are:
|
| What is the validity of the certification? | CompTIA CySA+ certification expires after three years from the date of issue, after which the certification holder will need to renew their certification via CompTIA's Continuing Education Program. |
| Where can I find more information about this exam? | Know more about the CS0-002 |
| What are the career opportunities after passing this exam? |
|
×
