CompTIA CYSA+ Training Course
Course Duration
5 Days
Audience
Employees of federal, state and local governments; and businesses working with the government.
Prerequisites
To ensure your success in this course, you should meet the following requirements: At least two years (recommended) of experience in computer network security technology or a related field. The ability to recognize information security vulnerabilities and threats in the context of risk management. Foundation-level operational skills with some of the common operating systems for computing environments. Foundational knowledge of the concepts and operational framework of common assurance safeguards in computing environments. Safeguards include, but are not limited to, basic authentication and authorization, resource permissions, and anti-malware mechanisms. Foundation-level understanding of some of the common concepts for network environments, such as routing and switching. Foundational knowledge of major TCP/IP networking protocols including, but not limited to, TCP, IP, UDP, DNS, HTTP, ARP, ICMP, and DHCP. Foundational knowledge of the concepts and operational framework of common assurance safeguards in network environments. Safeguards include, but are not limited to, firewalls, intrusion prevention systems, and VPNs.
Course Description
Learn about the duties of cybersecurity analysts who are responsible for monitoring and detecting security incidents in information systems and networks and for executing a proper response to such incidents. Depending on the size of the organization, this individual may act alone or may be a member of a cybersecurity incident response team (CSIRT). Gain the tools and tactics to manage cybersecurity risks, identify various types of common threats, evaluate an organization's security, collect and analyze cybersecurity intelligence, and handle incidents as they occur. This is a comprehensive approach to security aimed toward those on the front lines of defense. In addition, this course can help students who are looking to fulfill DoD directive 8570.01 for information assurance (IA) training. This program is designed for personnel performing IA functions, establishing IA policies, and implementing security measures and procedures for the Department of Defense and affiliated information systems and networks. (CompTIA Cybersecurity Analyst Plus).
Course Outline
Threat and Vulnerability Management
- Explain the importance of threat data and intelligence
- Utilize threat intelligence to support organizational security
- Perform vulnerability management activities
- Analyze the output from vulnerability assessment tools
- Explain the threats and vulnerabilities associated with specialized technology
Software and Systems Security
- Apply security solutions for infrastructure management
- Explain software assurance best practices
- Explain hardware assurance best practices
Security Operations and Monitoring
- Analyze data as part of security monitoring activities
- Implement configuration changes to existing controls to improve security
- Explain the importance of proactive threat hunting
- Compare and contrast automation concepts and technologies
Incident Response
- Explain the importance of the incident response process
- Apply the appropriate incident response procedure
- Analyze potential indicators of compromise
- Utilize basic digital forensics techniques
Compliance and Assessment
- Understand the importance of data privacy and protection
- Apply security concepts in support of organizational risk mitigation
- Explain the importance of frameworks, policies, procedures, and controls