CompTIA CySA+

Course Details : CompTIA CySA+

Overview

Through continuous security monitoring, the Security Operation Center (SOC) and Cyber Ops certification apply behavioral analytics to networks and devices to avoid, identify, and battle cybersecurity threats. This stresses the applicants' capacity to not only proactively capture, monitor, and respond to network traffic findings, but also software and application security, automation, threat hunting, and IT regulatory compliance, all of which affect security analysts' day-to-day work.
After completion, students can sit for Global Certification exam: CompTIA Cyber Security Analyst (CySA+).


Virtual Classroom
12:00 AM
Online

Course Fee

$600

Apply Now

Schedule

What you will learn

  • Threat and Vulnerability Management: Utilize and apply proactive threat intelligence to support organizational security and perform vulnerability management activities

  • Software and Systems Security: Apply security solutions for infrastructure management and explain software & hardware assurance best practices

  • Compliance and Assessment: Apply security concepts in support of organizational risk mitigation and understand the importance of frameworks, policies, procedures, and controls

  • Security Operations and Monitoring: Analyze data as part of continuous security monitoring activities and implement configuration changes to existing controls to improve security

  • Incident Response: Apply the appropriate incident response procedure, analyze potential indicators of compromise, and utilize basic digital forensics techniques

Outline

Lesson 1: Explaining the Importance of Security Controls and Security Intelligence

  • Investigating Threat Data and intelligence Sources


Lesson 2: Utilizing Threat Data and Intelligence

  • Developing Network Threat Model


Lesson 3: Analyzing Security Monitoring Data

  • Analyzing Packets
  • Analyzing Protocols
  • Analyzing Uniform Resource Locator (URL)
  • Reviewing Firewall Logs
  • Reviewing Proxy Logs
  • Deploying IDS/IPS
  • Developing Custom Rule
  • Analyzing Endpoint Monitoring Output
  • Analyzing Email Headers
  • Analyzing SMTP Logs


Lesson 4: Collecting and Querying Security Monitoring Data

  • Configuring SIEM Agents
  • Using SIEM Dashboards
  • Reviewing Query Logs
  • Analyzing, Filtering and Searching Event Logs


Lesson 5: Utilizing Digital Forensics and Indicator Analysis Techniques

  • Acquiring and Validating a Disk Image
  • Collecting and Validating Digital Evidence
  • Irregular Peer-to-Peer Communication Intrusion IOCs
  • Analyzing Beaconing Traffic
  • Recording Performance Traces
  • Analyzing Host and Application IoCs
  • Pass the Hash Attack
  • Golden Ticket Attack Video is attached
  • Other Lateral Movement Techniques
  • Pivoting Techniques Video is attached


Lesson 6: Applying Incident Response Procedures

  • The OODA Loop
  • Containment


Lesson 7: Applying Risk Mitigation and Security Frameworks

Lesson 8: Performing Vulnerability Management

  • Analyzing Output from Topology and Host Enumeration Tools
  • Analyzing Output from Fingerprinting Scans
  • Testing Credential Security
  • Configuring Vulnerability Scanning
  • Analyzing Vulnerability Scanning Sensitivity and Risks Video is attached
  • Configuring Vulnerability Feed
  • Assessing Vulnerability Scan Outputs Video is attached


Lesson 9: Applying Security Solutions for Infrastructure Management

  • IAM Auditing, Monitoring, and Logging
  • Configuring Network Segmentation


Lesson 10: Understanding Data Privacy and Protection

  • Configuring and Analyzing Share Permissions Video is attached

Lesson 11: Applying Security Solutions for Software Assurance

  • Mitigate Software Vulnerabilities and Attacks
  • Mitigate Web Application Vulnerabilities and Attacks
  • Analyzing Nikto Output
  • Analyzing Burp Suite Output Video is attached


Lesson 12: Applying Security Solutions for Cloud and Automation

  • Security Assertions Markup Language (SAML)
  • Cloud Threats and Vulnerabilities Video is attached
  • Analyzing ScoutSuite Output

Prerequisites

  • CCNA, Network+, Security+ or equivalent knowledge.
  • Course Completion of CompTIA Network+, Security+, Pentest+ is advantageous
  • Minimum of 4 years of hands-on information security or related experience. 

Class lab

  1. Analyzing Output from Network Security Monitoring Tools
  2. Discovering the Lab Environment
  3. Analyzing Output from Security Appliance Logs
  4. Analyzing Output from Endpoint Security Monitoring Tools
  5. Analyzing Email Headers
  6. Configuring SIEM Agents and Collectors
  7. Analyzing, Filtering, and Searching Event Log and syslog Output
  8. Collecting and Validating Digital Evidence
  9. Analyzing Network-related IoCs
  10. Analyzing Host and Application IoCs
  11. Observing IoCs during a Security Incident
  12. Analyzing Output from Topology and Host Enumeration Tools
  13. Testing Credential Security
  14. Configuring Vulnerability Scanning and Analyzing Outputs
  15. Assessing Vulnerability Scan Outputs
  16. Assessing the Impact of Regulation on Vulnerability Management
  17. Performing Account and Permissions Audits
  18. Configuring Network Segmentation and Security
  19. Configuring and Analyzing Share Permissions
  20. Assessing the Impact of Web Application Vulnerabilities
  21. Analyzing Output from Web Application Assessment Tools
  22. Analyzing Output from Cloud Infrastructure Assessment Tools

Certification

CompTIA CySA+

Who should attend

This course is designed for:

  • Industry Experienced Cybersecurity Professionals
  • Penetration Tester
  • Security Consultant
  • Cloud Penetration Tester
  • Web App Penetration Tester
  • Cloud Security Specialist
  • Network & Security Specialist
  • Certified Ethical Hacker