CS0-001 : CompTIA Cybersecurity Analyst (CySA+) Course & Labs

Coming Soon:

This product will be available from 31-Oct-2018

Kick start your prep for the CompTIA CySA CS0-001 certification exam with the CompTIA Cybersecurity Analyst (CySA+) course and performance-based labs. Performance-based labs simulate real-world, hardware, software & command line interface environments and can be mapped to any text-book, course & training. The study guide provides complete coverage of the CS0-001 exam objectives and includes topics such as policy and compliance, forensic analysis, vulnerability scans, identity and access management security, and many more. CompTIA Cybersecurity Analyst CS0-001 certification exam is designed for IT security analysts, vulnerability analysts, or threat intelligence analysts.

Here's what you will get

The CompTIA Cybersecurity Analyst (CySA+) is an international, vendor-neutral credential that applies behavioral analytics to improve the overall state of IT security. CompTIA CySA+ certification exam validates critical knowledge and skills that are required to prevent, detect, and combat cybersecurity threats. The exam validates the expertise of professional to configure and use threat detection tools; perform data analysis; and interpret the results to identify vulnerabilities, and much more.

Exam FAQs
What are the prerequisites for this exam? There is no required prerequisite for CompTIA CS0-001 certification exam, but the candidate should hold CompTIA Network+, Security+ or equivalent knowledge. He or she should have a minimum of 3-4 years of hands-on information security or related experience.
What is the exam registration fee? USD 346
Where do I take the exam? Pearson VUE
What is the format of the exam? Multiple-choice and performance-based
How many questions are asked in the exam? The exam contains 85 questions.
What is the duration of the exam? 165 minutes
What is the passing score? 750

(on a scale of 100-900)

What is the exam's retake policy?

Here are the retake policies:

  • If a candidate has passed an exam (or multiple exams) and achieved a certification, he/she cannot take the exam again, using the same exam code, without prior consent from CompTIA.
  • CompTIA beta examinations may only be taken one (1) time by each candidate.
  • A test found to be in violation of the retake policy will be invalidated and the candidate may be subject to a suspension period. Repeat violators will be permanently banned from participation in the CompTIA Certification Program.
  • Candidates must pay the exam price each time they attempt the exam. CompTIA does not offer any free re-tests or discounts on retakes.
What is the validity of the certification? CompTIA CySA+ certification expires after three years from the date of issue, after which the certification holder will need to renew their certification via CompTIA's Continuing Education Program.
Where can I find more information about this exam? To know more about the CySA-plus, click here.
Which certification covers this exam?
What are the career opportunities after passing this exam?
  • Security Analyst
  • Vulnerability Analyst
  • Cybersecurity Specialist
  • Threat Intelligence Analyst
  • Security Operations Center (SOC) Analyst

Here's what you will learn

  • What Does This Book Cover?
  • Setting Up a Kali and Metasploitable Learning Environment
  • Setting Up Your Environment
  • Objectives Map for CompTIA Cybersecurity Analyst (CySA+) Exam CS0-001
  • Cybersecurity Objectives
  • Evaluating Security Risks
  • Building a Secure Network
  • Secure Endpoint Management
  • Penetration Testing
  • Reverse Engineering
  • Summary
  • Exam Essentials
  • Lab Exercises
  • Footprinting
  • Passive Footprinting
  • Gathering Organizational Intelligence
  • Detecting, Preventing, and Responding to Reconnaissance
  • Summary
  • Exam Essentials
  • Lab Exercises
  • Identifying Vulnerability Management Requirements
  • Configuring and Executing Vulnerability Scans
  • Developing a Remediation Workflow
  • Overcoming Barriers to Vulnerability Scanning
  • Summary
  • Exam Essentials
  • Lab Exercises
  • Reviewing and Interpreting Scan Reports
  • Validating Scan Results
  • Common Vulnerabilities
  • Summary
  • Exam Essentials
  • Lab Exercises
  • Security Incidents
  • Phases of Incident Response
  • Building the Foundation for Incident Response
  • Creating an Incident Response Team
  • Coordination and Information Sharing
  • Classifying Incidents
  • Summary
  • Exam Essentials
  • Lab Exercises
  • Analyzing Network Events
  • Handling Network Probes and Attacks
  • Investigating Host Issues
  • Investigating Service and Application Issues
  • Summary
  • Exam Essentials
  • Lab Exercises
  • Building a Forensics Capability
  • Understanding Forensic Software
  • Conducting a Forensic Investigation
  • Forensic Investigation: An Example
  • Summary
  • Exam Essentials
  • Lab Exercises
  • Containing the Damage
  • Incident Eradication and Recovery
  • Wrapping Up the Response
  • Summary
  • Exam Essentials
  • Lab Exercises
  • Understanding Policy Documents
  • Complying with Laws and Regulations
  • Adopting a Standard Framework
  • Implementing Policy-Based Controls
  • Security Control Verification and Quality Control
  • Summary
  • Exam Essentials
  • Lab Exercises
  • Understanding Defense in Depth
  • Implementing Defense in Depth
  • Analyzing Security Architecture
  • Summary
  • Exam Essentials
  • Lab Exercises
  • Understanding Identity
  • Threats to Identity and Access
  • Identity as a Security Layer
  • Understanding Federated Identity and Single Sign-On
  • Lab Exercises
  • Understanding the Software Development Life Cycle
  • Designing and Coding for Security
  • Software Security Testing
  • Summary
  • Exam Essentials
  • Lab Exercises
  • Host Security Tools
  • Monitoring and Analysis Tools
  • Scanning and Testing Tools
  • Network Security Tools
  • Web Application Security Tools
  • Forensics Tools
  • Summary

Hands on Activities (Labs)

  • Performing reconnaissance on a network
  • Identifying search options in Metasploit
  • Performing initial scan
  • Initiating an SSH session from your Windows 10 client to your Windows Server
  • Conducting vulnerability scans
  • Consulting a vulnerability database
  • Examining the DDOS_Attack.pcap file
  • Retrieving a real-time list of running processes
  • Examining the audited events
  • Adding revision to the revision history
  • Viewing and downloading the policy templates
  • Opening the policy template and setting the company name
  • Reviewing and modifying the policy items
  • Implementing security during the SDLC
  • Using Process Explorer to view specific details about running processes on the system
  • Making syslog entries readable
  • Installing Splunk on the server
  • Downloading and running scanning tools
  • Acquainting yourself with Wireshark's interface
  • Analyzing the capture file to find the attack(s)
  • Generating network traffic and using filter
  • Confirming the spoofing attack in Wireshark
  • Starting a live packet capture
CySA-plus CySA-plus
CySA-plus
CompTIA Cybersecurity Analyst (CySA+) Course & Labs
ISBN : 9781616910259