CompTIA CySA+ Study Guide, 3rd Edition

CompTIA CySA+ Study Guide, 3rd Edition

by Mike Chapple, David Seidl
Released July 2023
Publisher(s): Sybex
ISBN: 9781394182909

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Book description

Prepare for the CompTIA CySA+ certification exam with the official and updated study guide for Exam CS0-003

In the newly revised third edition of CompTIA CySA+ Study Guide: Exam CS0-003, a team of leading security experts and tech educators delivers comprehensive and accurate coverage of every topic and domain covered on the certification exam. You’ll find clear and concise information on critical security topics presented by way of practical, real-world examples, chapter reviews, and exam highlights.

Prepare for the test and for a new role in cybersecurity with the book’s useful study tools, including:

  • Hands-on lab exercises and an opportunity to create your own cybersecurity toolkit
  • Authoritative discussions of each exam competency, including security operations, vulnerability management, incident response and management, and reporting and communication
  • Complimentary access to Wiley’s proven library of digital resources, including an online test bank, bonus questions, flashcards, glossary, and more

Reduce test anxiety and get a head-start learning the on-the-job skills you’ll need on your first day in a cybersecurity career. Or augment your existing CompTIA Security+ certification with an impressive new credential. Fully updated for the newly released CS0-003 exam, CompTIA CySA+ Study Guide: Exam CS0-003, Third Edition is an essential resource for test takers and cybersecurity professionals alike.

Table of contents

  1. Cover
  2. Title Page
  3. Copyright
  4. Dedication
  5. Acknowledgments
  6. About the Authors
  7. About the Technical Editor
  8. Introduction
    1. CompTIA
    2. The Cybersecurity Analyst+ Exam
    3. Study and Exam Preparation Tips
    4. Taking the Exam
    5. After the Cybersecurity Analyst+ Exam
    6. What Does This Book Cover?
    7. Objectives Map for CompTIA CySA+ Exam CS0-003
    8. Setting Up a Kali and Metasploitable Learning Environment
    9. Assessment Test
    10. Answers to the Assessment Test
  9. DOMAIN I: Security Operations
    1. Chapter 1: Today's Cybersecurity Analyst
      1. Cybersecurity Objectives
      2. Privacy vs. Security
      3. Evaluating Security Risks
      4. Building a Secure Network
      5. Secure Endpoint Management
      6. Penetration Testing
      7. Reverse Engineering
      8. Efficiency and Process Improvement
      9. The Future of Cybersecurity Analytics
      10. Summary
      11. Exam Essentials
      12. Lab Exercises
    2. Chapter 2: System and Network Architecture
      1. Infrastructure Concepts and Design
      2. Operating System Concepts
      3. Logging, Logs, and Log Ingestion
      4. Network Architecture
      5. Identity and Access Management
      6. Encryption and Sensitive Data Protection
      7. Summary
      8. Exam Essentials
      9. Lab Exercises
      10. Review Questions
    3. Chapter 3: Malicious Activity
      1. Analyzing Network Events
      2. Investigating Host-Related Issues
      3. Investigating Service- and Application-Related Issues
      4. Determining Malicious Activity Using Tools and Techniques
      5. Summary
      6. Exam Essentials
      7. Lab Exercises
      8. Review Questions
    4. Chapter 4: Threat Intelligence
      1. Threat Data and Intelligence
      2. Threat Classification
      3. Applying Threat Intelligence Organizationwide
      4. Summary
      5. Exam Essentials
      6. Lab Exercises
      7. Review Questions
    5. Chapter 5: Reconnaissance and Intelligence Gathering
      1. Mapping, Enumeration, and Asset Discovery
      2. Passive Discovery
      3. Summary
      4. Exam Essentials
      5. Lab Exercises
      6. Review Questions
  10. DOMAIN II: Vulnerability Management
    1. Chapter 6: Designing a Vulnerability Management Program
      1. Identifying Vulnerability Management Requirements
      2. Configuring and Executing Vulnerability Scans
      3. Developing a Remediation Workflow
      4. Overcoming Risks of Vulnerability Scanning
      5. Vulnerability Assessment Tools
      6. Summary
      7. Exam Essentials
      8. Lab Exercises
      9. Review Questions
    2. Chapter 7: Analyzing Vulnerability Scans
      1. Reviewing and Interpreting Scan Reports
      2. Validating Scan Results
      3. Common Vulnerabilities
      4. Summary
      5. Exam Essentials
      6. Lab Exercises
      7. Review Questions
    3. Chapter 8: Responding to Vulnerabilities
      1. Analyzing Risk
      2. Managing Risk
      3. Implementing Security Controls
      4. Threat Classification
      5. Managing the Computing Environment
      6. Software Assurance Best Practices
      7. Designing and Coding for Security
      8. Software Security Testing
      9. Policies, Governance, and Service Level Objectives
      10. Summary
      11. Exam Essentials
      12. Lab Exercises
      13. Review Questions
  11. DOMAIN III: Incident Response and Management
    1. Chapter 9: Building an Incident Response Program
      1. Security Incidents
      2. Phases of Incident Response
      3. Building the Foundation for Incident Response
      4. Creating an Incident Response Team
      5. Classifying Incidents
      6. Attack Frameworks
      7. Summary
      8. Exam Essentials
      9. Lab Exercises
      10. Review Questions
    2. Chapter 10: Incident Detection and Analysis
      1. Indicators of Compromise
      2. Investigating IoCs
      3. Evidence Acquisition and Preservation
      4. Summary
      5. Exam Essentials
      6. Lab Exercises
      7. Review Questions
    3. Chapter 11: Containment, Eradication, and Recovery
      1. Containing the Damage
      2. Incident Eradication and Recovery
      3. Validating Data Integrity
      4. Wrapping Up the Response
      5. Summary
      6. Exam Essentials
      7. Lab Exercises
      8. Review Questions
  12. DOMAIN IV: Reporting and Communication
    1. Chapter 12: Reporting and Communication
      1. Vulnerability Management Reporting and Communication
      2. Incident Response Reporting and Communication
      3. Summary
      4. Exam Essentials
      5. Lab Exercises
      6. Review Questions
    2. Chapter 13: Performing Forensic Analysis and  Techniques for Incident Response
      1. Building a Forensics Capability
      2. Understanding Forensic Software
      3. Conducting Endpoint Forensics
      4. Network Forensics
      5. Cloud, Virtual, and Container Forensics
      6. Post-Incident Activity and Evidence Acquisition
      7. Forensic Investigation: An Example
      8. Summary
      9. Exam Essentials
      10. Lab Exercises
      11. Review Questions
  13. Appendix: Answers to Review Questions
    1. Chapter 2: System and Network Architecture
    2. Chapter 3: Malicious Activity
    3. Chapter 4: Threat Intelligence
    4. Chapter 5: Reconnaissance and Intelligence Gathering
    5. Chapter 6: Designing a Vulnerability Management Program
    6. Chapter 7: Analyzing Vulnerability Scans
    7. Chapter 8: Responding to Vulnerabilities
    8. Chapter 9: Building an Incident Response Program
    9. Chapter 10: Incident Detection and Analysis
    10. Chapter 11: Containment, Eradication, and Recovery
    11. Chapter 12: Reporting and Communication
    12. Chapter 13: Performing Forensic Analysis and Techniques for Incident Response
  14. Index
  15. End User License Agreement

Product information

  • Title: CompTIA CySA+ Study Guide, 3rd Edition
  • Author(s): Mike Chapple, David Seidl
  • Release date: July 2023
  • Publisher(s): Sybex
  • ISBN: 9781394182909