Pass the CompTIA Cybersecurity Analyst+ (CS0-001) exam on your 1st attempt, includes CySA+ (CSA+) practice exam!
About This Video
This course provides full coverage of the four domains of the CSA+ (CySA+) exam:
In Detail
This course provides everything you need in order to study for the CompTIA …
Pass the CompTIA Cybersecurity Analyst+ (CS0-001) exam on your 1st attempt, includes CySA+ (CSA+) practice exam!
About This Video
This course provides full coverage of the four domains of the CSA+ (CySA+) exam:
In Detail
This course provides everything you need in order to study for the CompTIA Cybersecurity Analyst+ (CSA+, CySA+) exam, including downloadable PDFs of every lecture, 12 quizzes to check your knowledge as you progress through the videos, and a full-length practice exam to test your knowledge before test day! Taught by an expert in information technology and cybersecurity with over 20 years of experience, this course is a fun way to learn what you need to know to pass the CompTIA Cybersecurity Analyst+ (CSA+,CySA+) exam or to better prepare yourself to serve on your organization's cyber defense team. The CompTIA CSA+ (Cybersecurity Analyst+) certification is a vendor-neutral certification that validates your knowledge and ability to conduct intermediate-level cyber security skills. The CompTIA CSA+ (CySA+) exam is focused on the technical, hands-on details of the cybersecurity field, including not only cyber threats, secure network architecture, and risk management, but also the ability to perform log analysis, configuration assessments, and more. Each video comes with a downloadable PDF of all the lecture notes
Chapter 1 : Welcome and Introduction
Welcome to the Course
Exam Foundations
Chapter 2 : Domain 1: Threat Management (27%)
Domain 1: Threat Management
CIA Triad
Risk Consideration
Risk Assessment
Identify Threats
Identify Vulnerabilities
Likelihood, Impact, and Risk
Qualitative and Quantitative Assessments
Reviewing Controls
Network Perimeter Security
Network Segmentation
Network Access Control
Defense Deception Methods
Secure Endpoint Management
Penetration Testing
Security Exercises and Training
Reverse Engineering
Reconnaissance and Intelligence
Footprinting the Network
Network Mapping
Port Scanning
Other Port Scanners
NMAP - Demonstration of the world’s most popular port scanning tool
Passive Reconnaissance
Passive Recon - Network Devices
Passive Recon – Netstat
DHCP Logs and Configs
Firewall Logs and Configs
System and Host Log Files
DNS Harvesting
Domain Names and IP Ranges
DNS Zone Transfers
Whois and Host Commands
Information Gathering and Aggregation
Organizational Intelligence
Detecting, Preventing, and Responding to Reconnaissance
Chapter 3 : Domain 2: Vulnerability Management (26%)
Domain 2: Vulnerability Management
Regulatory Requirements
Corporate Requirements
Scanning Tools
Scoping Scans
Configuring Scans
Scanning Sensitivity
Scanning Perspective
Authenticated Scanning
Maintaining Scanners
Standardizing Vulnerabilities
Workflow for Remediation
Vulnerability Reporting
Remediation Priority
Implementing and Testing
Nessus Vulnerability Scanner: A Walkthrough
Interpreting Scan Results
Interpreting CVSS
Calculating the CVSS Score
CVSS Temporal Score
Validation of Results
Common Vulnerabilities
Server and Host Vulnerabilities
Network Vulnerabilities
Virtualization Vulnerabilities
Web Application Vulnerabilities
Internet of Things (IoT) Vulnerabilities
Chapter 4 : Domain 3: Cyber Incident Response (23%)
Domain 3: Cyber Incident Response
Security Incidents
Incident Response Teams
Incident Response Phases
Incident Response Policy and Procedures
Communication and Info Sharing
Incident Classification
Network Event Monitoring
Network Monitoring Tools
Detecting Network Events
Network Probes and Attacks
Server and Host Events
Service and Application Events
Digital Forensics
Forensic Toolkit Components
Mobile Forensic Toolkits
Forensic Software
Training and Certification
Forensic Investigation Process
Disk Imaging
Disk Imaging Using dd
Disk Imaging Using FTK Imager
Incident Containment
Eradication and Recovery
Finishing the Response
Chapter 5 : Domain 4: Security Architecture and Toolsets (24%)
Domain 4: Security Architecture and Tool Sets
Policy Documents
Standard Frameworks
Policy-based Controls
Audits and Assessments
Laws and Regulations
Defence in Depth
Types of Controls
Layered Network Defence
Layered Host Security
Data Analytics
Personnel Security
Outsourcing Concerns
User Awareness Training
Analyzing Secure Architectures
What Is Identity?
Identity Systems
Threats to Identity Systems
Attacking AAA Protocols and Systems
Targeting Account Lifecycle
Identity Exploits
Credential Theft
Securing Authentication and Authorization System
Identity as a Service (IDaaS)
Detecting Identity Attacks
Federated Identity Systems
Software Development Life Cycle (SDLC)
Software Development Models
Coding for Security
Testing Application Security
Finding Security Flaws
Web Application Vulnerability Scanners
Chapter 6 : Conclusion
Conclusion