CompTIA CySA+ Study Guide Exam CS0-002, 2nd Edition

Book description

This updated study guide by two security experts will help you prepare for the CompTIA CySA+ certification exam. Position yourself for success with coverage of crucial security topics!

Where can you find 100% coverage of the revised CompTIA Cybersecurity Analyst+ (CySA+) exam objectives? It’s all in the CompTIA CySA+ Study Guide Exam CS0-002, Second Edition! This guide provides clear and concise information on crucial security topics. You’ll be able to gain insight from practical, real-world examples, plus chapter reviews and exam highlights. Turn to this comprehensive resource to gain authoritative coverage of a range of security subject areas.

  • Review threat and vulnerability management topics
  • Expand your knowledge of software and systems security
  • Gain greater understanding of security operations and monitoring
  • Study incident response information
  • Get guidance on compliance and assessment 

The CompTIA CySA+ Study Guide, Second Edition connects you to useful study tools that help you prepare for the exam. Gain confidence by using its interactive online test bank with hundreds of bonus practice questions, electronic flashcards, and a searchable glossary of key cybersecurity terms. You also get access to hands-on labs and have the opportunity to create a cybersecurity toolkit.

Leading security experts, Mike Chapple and David Seidl, wrote this valuable guide to help you prepare to be CompTIA Security+ certified. If you’re an IT professional who has earned your CompTIA Security+ certification, success on the CySA+ (Cybersecurity Analyst) exam stands as an impressive addition to your professional credentials. Preparing and taking the CS0-002exam can also help you plan for advanced certifications, such as the CompTIA Advanced Security Practitioner (CASP+).

Table of contents

  1. Cover
  2. Acknowledgments
  3. About the Authors
  4. About the Technical Editor
  5. Introduction
    1. What Does This Book Cover?
    2. Objectives Map for CompTIA Cybersecurity Analyst (CySA+) Exam CS0-002
    3. Setting Up a Kali and Metasploitable Learning Environment
    4. Assessment Test
    5. Answers to the Assessment Test
  6. Chapter 1: Today's Cybersecurity Analyst
    1. Cybersecurity Objectives
    2. Privacy vs. Security
    3. Evaluating Security Risks
    4. Building a Secure Network
    5. Secure Endpoint Management
    6. Penetration Testing
    7. Reverse Engineering
    8. The Future of Cybersecurity Analytics
    9. Summary
    10. Exam Essentials
    11. Lab Exercises
    12. Review Questions
  7. Chapter 2: Using Threat Intelligence
    1. Threat Data and Intelligence
    2. Threat Classification
    3. Attack Frameworks
    4. Applying Threat Intelligence Organizationwide
    5. Summary
    6. Exam Essentials
    7. Lab Exercises
    8. Review Questions
  8. Chapter 3: Reconnaissance and Intelligence Gathering
    1. Mapping and Enumeration
    2. Passive Footprinting
    3. Gathering Organizational Intelligence
    4. Detecting, Preventing, and Responding to Reconnaissance
    5. Summary
    6. Exam Essentials
    7. Lab Exercises
    8. Review Questions
  9. Chapter 4: Designing a Vulnerability Management Program
    1. Identifying Vulnerability Management Requirements
    2. Configuring and Executing Vulnerability Scans
    3. Developing a Remediation Workflow
    4. Overcoming Risks of Vulnerability Scanning
    5. Vulnerability Scanning Tools
    6. Summary
    7. Exam Essentials
    8. Lab Exercises
    9. Review Questions
  10. Chapter 5: Analyzing Vulnerability Scans
    1. Reviewing and Interpreting Scan Reports
    2. Validating Scan Results
    3. Common Vulnerabilities
    4. Summary
    5. Exam Essentials
    6. Lab Exercises
    7. Review Questions
  11. Chapter 6: Cloud Security
    1. Understanding Cloud Environments
    2. Operating in the Cloud
    3. Cloud Infrastructure Security
    4. Summary
    5. Exam Essentials
    6. Lab Exercises
    7. Review Questions
  12. Chapter 7: Infrastructure Security and Controls
    1. Understanding Defense-in-Depth
    2. Improving Security by Improving Controls
    3. Analyzing Security Architecture
    4. Summary
    5. Exam Essentials
    6. Lab Exercises
    7. Review Questions
  13. Chapter 8: Identity and Access Management Security
    1. Understanding Identity
    2. Threats to Identity and Access
    3. Identity as a Security Layer
    4. Federation and Single Sign-On
    5. Summary
    6. Exam Essentials
    7. Lab Exercises
    8. Review Questions
  14. Chapter 9: Software and Hardware Development Security
    1. Software Assurance Best Practices
    2. Designing and Coding for Security
    3. Software Security Testing
    4. Hardware Assurance Best Practices
    5. Summary
    6. Exam Essentials
    7. Lab Exercises
    8. Review Questions
  15. Chapter 10: Security Operations and Monitoring
    1. Security Monitoring
    2. Summary
    3. Exam Essentials
    4. Lab Exercises
    5. Review Questions
  16. Chapter 11: Building an Incident Response Program
    1. Security Incidents
    2. Phases of Incident Response
    3. Building the Foundation for Incident Response
    4. Creating an Incident Response Team
    5. Coordination and Information Sharing
    6. Classifying Incidents
    7. Summary
    8. Exam Essentials
    9. Lab Exercises
    10. Review Questions
  17. Chapter 12: Analyzing Indicators of Compromise
    1. Analyzing Network Events
    2. Investigating Host-Related Issues
    3. Investigating Service and Application-Related Issues
    4. Summary
    5. Exam Essentials
    6. Lab Exercises
    7. Review Questions
  18. Chapter 13: Performing Forensic Analysis and Techniques
    1. Building a Forensics Capability
    2. Understanding Forensic Software
    3. Conducting Endpoint Forensics
    4. Network Forensics
    5. Cloud, Virtual, and Container Forensics
    6. Conducting a Forensic Investigation
    7. Forensic Investigation: An Example
    8. Summary
    9. Exam Essentials
    10. Lab Exercises
    11. Review Questions
  19. Chapter 14: Containment, Eradication, and Recovery
    1. Containing the Damage
    2. Incident Eradication and Recovery
    3. Wrapping Up the Response
    4. Summary
    5. Exam Essentials
    6. Lab Exercises
    7. Review Questions
  20. Chapter 15: Risk Management
    1. Analyzing Risk
    2. Managing Risk
    3. Security Controls
    4. Summary
    5. Exam Essentials
    6. Lab Exercises
    7. Review Questions
  21. Chapter 16: Policy and Compliance
    1. Understanding Policy Documents
    2. Complying with Laws and Regulations
    3. Adopting a Standard Framework
    4. Implementing Policy-Based Controls
    5. Security Control Verification and Quality Control
    6. Summary
    7. Exam Essentials
    8. Lab Exercises
    9. Review Questions
  22. Appendix A: Practice Exam
    1. Exam Questions
  23. Appendix B: Answers to Review Questions and Practice Exam
    1. Chapter 1: Today's Cybersecurity Analyst
    2. Chapter 2: Using Threat Intelligence
    3. Chapter 3: Reconnaissance and Intelligence Gathering
    4. Chapter 4: Designing a Vulnerability Management Program
    5. Chapter 5: Analyzing Vulnerability Scans
    6. Chapter 6: Cloud Security
    7. Chapter 7: Infrastructure Security and Controls
    8. Chapter 8: Identity and Access Management Security
    9. Chapter 9: Software and Hardware Development Security
    10. Chapter 10: Security Operations and Monitoring
    11. Chapter 11: Building an Incident Response Program
    12. Chapter 12: Analyzing Indicators of Compromise
    13. Chapter 13: Performing Forensic Analysis and Techniques
    14. Chapter 14: Containment, Eradication, and Recovery
    15. Chapter 15: Risk Management
    16. Chapter 16: Policy and Compliance
    17. Practice Exam Answers
  24. Appendix C: Answers to Lab Exercises
    1. Chapter 1: Today's Cybersecurity Analyst
    2. Chapter 2: Using Threat Intelligence
    3. Chapter 3: Reconnaissance and Intelligence Gathering
    4. Chapter 5: Analyzing Vulnerability Scans
    5. Chapter 7: Infrastructure Security and Controls
    6. Chapter 8: Identity and Access Management Security
    7. Chapter 9: Software and Hardware Development Security
    8. Chapter 10: Security Operations and Monitoring
    9. Chapter 11: Building an Incident Response Program
    10. Chapter 12: Analyzing Indicators of Compromise
    11. Chapter 13: Performing Forensic Analysis and Techniques
    12. Chapter 14: Containment, Eradication, and Recovery
    13. Chapter 15: Risk Management
    14. Chapter 16: Policy and Compliance
  25. Index
  26. End User License Agreement

Product information

  • Title: CompTIA CySA+ Study Guide Exam CS0-002, 2nd Edition
  • Author(s): Mike Chapple, David Seidl
  • Release date: July 2020
  • Publisher(s): Sybex
  • ISBN: 9781119684053