CompTIA Cybersecurity Analyst (CySA+) CS0-002 Cert Guide, 2nd Edition

CompTIA Cybersecurity Analyst (CySA+) CS0-002 Cert Guide, 2nd Edition

by Troy McMillan
Released October 2020
Publisher(s): Pearson IT Certification
ISBN: 9780136747000

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Book description

Learn, prepare, and practice for CompTIA Cybersecurity Analyst (CySA+) CS0-002 exam success with this Cert Guide from Pearson IT certification, a leader in IT certification learning.

This study guide helps you master the CompTIA Cybersecurity Analyst (CySA+) CS0-002 exam topics:

  • Assess your knowledge with chapter-ending quizzes

  • Review key concepts with exam preparation tasks

  • Practice with realistic exam questions

  • Get practical guidance for next steps and more advanced certifications

CompTIA Cybersecurity Analyst (CySA+) CS0-002 Cert Guide is a best-of-breed exam study guide. Leading IT certification instructor Troy McMillan shares preparation hints and test-taking tips, helping you identify areas of weakness and improve both your conceptual knowledge and hands-on skills. Material is presented in a concise manner, focusing on increasing your understanding and retention of exam topics.

The book presents you with an organized test preparation routine through the use of proven series elements and techniques. Exam topic lists make referencing easy. Chapter-ending Exam Preparation Tasks help you drill on key concepts you must know thoroughly. Review questions help you assess your knowledge, and a final preparation chapter guides you through tools and resources to help you craft your final study plan.

The companion website contains the powerful Pearson Test Prep practice test software, complete with exam-realistic questions. The assessment engine offers you a wealth of customization options and reporting features, laying out a complete assessment of your knowledge to help you focus your study where it is needed most. Digital Key Terms Flashcards are included for every term in the glossary and help you master each concept.

Well regarded for its level of detail, assessment features, and challenging review questions and exercises, this study guide helps you master the concepts and techniques that will allow you to succeed on the exam the first time.

This study guide helps you master all the topics on the CompTIA Cybersecurity Analyst (CySA+) CS0-002 exam, including

  • Vulnerability management activities

  • Implementing controls to mitigate attacks and software vulnerabilities

  • Security solutions for infrastructure management

  • Software and hardware assurance best practices

  • Understanding and applying the appropriate incident response

  • Applying security concepts in support of organizational risk mitigation

Companion Website:

The website provides access to several digital assets as two free, complete practice exams.

Includes Exclusive Offer for up to 80% Off Premium Edition eBook and Practice Test

Pearson Test Prep online system requirements:

Browsers: Chrome version 73 and above; Safari version 12 and above; Microsoft Edge 44 and above. Devices: Desktop and laptop computers, tablets running on Android v8.0 and iOS v13, smartphones with a minimum screen size of 4.7". Internet access required.

Pearson Test Prep offline system requirements:

Windows 10, Windows 8.1; Microsoft .NET Framework 4.5 Client; Pentium-class 1 GHz processor (or equivalent); 512 MB RAM; 650 MB disk space plus 50 MB for each downloaded practice exam; access to the Internet to register and download exam databases

.

Table of contents

  1. Cover Page
  2. About This eBook
  3. Title Page
  4. Copyright Page
  5. Contents at a Glance
  6. Table of Contents
  7. About the Author
  8. Dedication
  9. Acknowledgments
  10. About the Technical Reviewer
  11. We Want to Hear from You!
  12. Reader Services
  13. Introduction
    1. Goals and Methods
    2. Who Should Read This Book?
    3. Strategies for Exam Preparation
    4. How the Book Is Organized
    5. Book Features
    6. What’s New?
    7. The Companion Website for Online Content Review
    8. How to Access the Pearson Test Prep Practice Test Software
    9. Customizing Your Exams
  14. Credits
  15. Chapter 1 The Importance of Threat Data and Intelligence
    1. “Do I Know This Already?” Quiz
    2. Foundation Topics
    3. Intelligence Sources
    4. Indicator Management
    5. Threat Classification
    6. Threat Actors
    7. Intelligence Cycle
    8. Commodity Malware
    9. Information Sharing and Analysis Communities
    10. Exam Preparation Tasks
    11. Review All Key Topics
    12. Define Key Terms
    13. Review Questions
  16. Chapter 2 Utilizing Threat Intelligence to Support Organizational Security
    1. “Do I Know This Already?” Quiz
    2. Foundation Topics
    3. Attack Frameworks
    4. Threat Research
    5. Threat Modeling Methodologies
    6. Threat Intelligence Sharing with Supported Functions
    7. Exam Preparation Tasks
    8. Review All Key Topics
    9. Define Key Terms
    10. Review Questions
  17. Chapter 3 Vulnerability Management Activities
    1. “Do I Know This Already?” Quiz
    2. Foundation Topics
    3. Vulnerability Identification
    4. Validation
    5. Remediation/Mitigation
    6. Scanning Parameters and Criteria
    7. Inhibitors to Remediation
    8. Exam Preparation Tasks
    9. Review All Key Topics
    10. Define Key Terms
    11. Review Questions
  18. Chapter 4 Analyzing Assessment Output
    1. “Do I Know This Already?” Quiz
    2. Foundation Topics
    3. Web Application Scanner
    4. Infrastructure Vulnerability Scanner
    5. Software Assessment Tools and Techniques
    6. Enumeration
    7. Wireless Assessment Tools
    8. Cloud Infrastructure Assessment Tools
    9. Exam Preparation Tasks
    10. Review All Key Topics
    11. Define Key Terms
    12. Review Questions
  19. Chapter 5 Threats and Vulnerabilities Associated with Specialized Technology
    1. “Do I Know This Already?” Quiz
    2. Foundation Topics
    3. Mobile
    4. Internet of Things (IoT)
    5. Embedded Systems
    6. Real-Time Operating System (RTOS)
    7. System-on-Chip (SoC)
    8. Field Programmable Gate Array (FPGA)
    9. Physical Access Control
    10. Building Automation Systems
    11. Vehicles and Drones
    12. Workflow and Process Automation Systems
    13. Incident Command System (ICS)
    14. Supervisory Control and Data Acquisition (SCADA)
    15. Exam Preparation Tasks
    16. Review All Key Topics
    17. Define Key Terms
    18. Review Questions
  20. Chapter 6 Threats and Vulnerabilities Associated with Operating in the Cloud
    1. “Do I Know This Already?” Quiz
    2. Foundation Topics
    3. Cloud Deployment Models
    4. Cloud Service Models
    5. Function as a Service (FaaS)/Serverless Architecture
    6. Infrastructure as Code (IaC)
    7. Insecure Application Programming Interface (API)
    8. Improper Key Management
    9. Unprotected Storage
    10. Logging and Monitoring
    11. Exam Preparation Tasks
    12. Review All Key Topics
    13. Define Key Terms
    14. Review Questions
  21. Chapter 7 Implementing Controls to Mitigate Attacks and Software Vulnerabilities
    1. “Do I Know This Already?” Quiz
    2. Foundation Topics
    3. Attack Types
    4. Vulnerabilities
    5. Exam Preparation Tasks
    6. Review All Key Topics
    7. Define Key Terms
    8. Review Questions
  22. Chapter 8 Security Solutions for Infrastructure Management
    1. “Do I Know This Already?” Quiz
    2. Foundation Topics
    3. Cloud vs. On-premises
    4. Asset Management
    5. Segmentation
    6. Network Architecture
    7. Change Management
    8. Virtualization
    9. Containerization
    10. Identity and Access Management
    11. Cloud Access Security Broker (CASB)
    12. Honeypot
    13. Monitoring and Logging
    14. Encryption
    15. Certificate Management
    16. Active Defense
    17. Exam Preparation Tasks
    18. Review All Key Topics
    19. Define Key Terms
    20. Review Questions
  23. Chapter 9 Software Assurance Best Practices
    1. “Do I Know This Already?” Quiz
    2. Foundation Topics
    3. Platforms
    4. Software Development Life Cycle (SDLC) Integration
    5. DevSecOps
    6. Software Assessment Methods
    7. Secure Coding Best Practices
    8. Static Analysis Tools
    9. Dynamic Analysis Tools
    10. Formal Methods for Verification of Critical Software
    11. Service-Oriented Architecture
    12. Exam Preparation Tasks
    13. Review All Key Topics
    14. Define Key Terms
    15. Review Questions
  24. Chapter 10 Hardware Assurance Best Practices
    1. “Do I Know This Already?” Quiz
    2. Foundation Topics
    3. Hardware Root of Trust
    4. eFuse
    5. Unified Extensible Firmware Interface (UEFI)
    6. Trusted Foundry
    7. Secure Processing
    8. Anti-Tamper
    9. Self-Encrypting Drives
    10. Trusted Firmware Updates
    11. Measured Boot and Attestation
    12. Bus Encryption
    13. Exam Preparation Tasks
    14. Review All Key Topics
    15. Define Key Terms
    16. Review Questions
  25. Chapter 11 Analyzing Data as Part of Security Monitoring Activities
    1. “Do I Know This Already?” Quiz
    2. Foundation Topics
    3. Heuristics
    4. Trend Analysis
    5. Endpoint
    6. Network
    7. Log Review
    8. Impact Analysis
    9. Security Information and Event Management (SIEM) Review
    10. Query Writing
    11. E-mail Analysis
    12. Exam Preparation Tasks
    13. Review All Key Topics
    14. Define Key Terms
    15. Review Questions
  26. Chapter 12 Implementing Configuration Changes to Existing Controls to Improve Security
    1. “Do I Know This Already?” Quiz
    2. Foundation Topics
    3. Permissions
    4. Whitelisting and Blacklisting
    5. Firewall
    6. Intrusion Prevention System (IPS) Rules
    7. Data Loss Prevention (DLP)
    8. Endpoint Detection and Response (EDR)
    9. Network Access Control (NAC)
    10. Sinkholing
    11. Malware Signatures
    12. Sandboxing
    13. Port Security
    14. Exam Preparation Tasks
    15. Review All Key Topics
    16. Define Key Terms
    17. Review Questions
  27. Chapter 13 The Importance of Proactive Threat Hunting
    1. “Do I Know This Already?” Quiz
    2. Foundation Topics
    3. Establishing a Hypothesis
    4. Profiling Threat Actors and Activities
    5. Threat Hunting Tactics
    6. Reducing the Attack Surface Area
    7. Bundling Critical Assets
    8. Attack Vectors
    9. Integrated Intelligence
    10. Improving Detection Capabilities
    11. Exam Preparation Tasks
    12. Review All Key Topics
    13. Define Key Terms
    14. Review Questions
  28. Chapter 14 Automation Concepts and Technologies
    1. “Do I Know This Already?” Quiz
    2. Foundation Topics
    3. Workflow Orchestration
    4. Scripting
    5. Application Programming Interface (API) Integration
    6. Automated Malware Signature Creation
    7. Data Enrichment
    8. Threat Feed Combination
    9. Machine Learning
    10. Use of Automation Protocols and Standards
    11. Continuous Integration
    12. Continuous Deployment/Delivery
    13. Exam Preparation Tasks
    14. Review All Key Topics
    15. Define Key Terms
    16. Review Questions
  29. Chapter 15 The Incident Response Process
    1. “Do I Know This Already?” Quiz
    2. Foundation Topics
    3. Communication Plan
    4. Response Coordination with Relevant Entities
    5. Factors Contributing to Data Criticality
    6. Exam Preparation Tasks
    7. Review All Key Topics
    8. Define Key Terms
    9. Review Questions
  30. Chapter 16 Applying the Appropriate Incident Response Procedure
    1. “Do I Know This Already?” Quiz
    2. Foundation Topics
    3. Preparation
    4. Detection and Analysis
    5. Containment
    6. Eradication and Recovery
    7. Post-Incident Activities
    8. Exam Preparation Tasks
    9. Review All Key Topics
    10. Define Key Terms
    11. Review Questions
  31. Chapter 17 Analyzing Potential Indicators of Compromise
    1. “Do I Know This Already?” Quiz
    2. Foundation Topics
    3. Network-Related Indicators of Compromise
    4. Host-Related Indicators of Compromise
    5. Application-Related Indicators of Compromise
    6. Exam Preparation Tasks
    7. Review All Key Topics
    8. Define Key Terms
    9. Review Questions
  32. Chapter 18 Utilizing Basic Digital Forensics Techniques
    1. “Do I Know This Already?” Quiz
    2. Foundation Topics
    3. Network
    4. Endpoint
    5. Mobile
    6. Cloud
    7. Virtualization
    8. Legal Hold
    9. Procedures
    10. Hashing
    11. Carving
    12. Data Acquisition
    13. Exam Preparation Tasks
    14. Review All Key Topics
    15. Define Key Terms
    16. Review Questions
  33. Chapter 19 The Importance of Data Privacy and Protection
    1. “Do I Know This Already?” Quiz
    2. Foundation Topics
    3. Privacy vs. Security
    4. Non-technical Controls
    5. Technical Controls
    6. Exam Preparation Tasks
    7. Review All Key Topics
    8. Define Key Terms
    9. Review Questions
  34. Chapter 20 Applying Security Concepts in Support of Organizational Risk Mitigation
    1. “Do I Know This Already?” Quiz
    2. Foundation Topics
    3. Business Impact Analysis
    4. Risk Identification Process
    5. Risk Calculation
    6. Communication of Risk Factors
    7. Risk Prioritization
    8. Systems Assessment
    9. Documented Compensating Controls
    10. Training and Exercises
    11. Supply Chain Assessment
    12. Exam Preparation Tasks
    13. Review All Key Topics
    14. Define Key Terms
    15. Review Questions
  35. Chapter 21 The Importance of Frameworks, Policies, Procedures, and Controls
    1. “Do I Know This Already?” Quiz
    2. Foundation Topics
    3. Frameworks
    4. Policies and Procedures
    5. Category
    6. Control Type
    7. Audits and Assessments
    8. Exam Preparation Tasks
    9. Review All Key Topics
    10. Define Key Terms
    11. Review Questions
  36. Chapter 22 Final Preparation
    1. Exam Information
    2. Getting Ready
    3. Tools for Final Preparation
    4. Suggested Plan for Final Review/Study
    5. Summary
  37. Appendix A Answers to the “Do I Know This Already?” Quizzes and Review Questions
  38. Appendix B CompTIA Cybersecurity Analyst (CySA+) CS0-002 Cert Guide Exam Updates
    1. Always Get the Latest at the Book’s Product Page
    2. Technical Content
  39. Glossary of Key Terms
  40. Index
  41. Appendix C Memory Tables
  42. Appendix D Memory Tables Answer Key
  43. Appendix E Study Planner
  44. Where are the companion content files? - Register
  45. Inside Front Cover
  46. Inside Back Cover
  47. Code Snippets

Product information

  • Title: CompTIA Cybersecurity Analyst (CySA+) CS0-002 Cert Guide, 2nd Edition
  • Author(s): Troy McMillan
  • Release date: October 2020
  • Publisher(s): Pearson IT Certification
  • ISBN: 9780136747000