CS0-003 CompTIA Cybersecurity Analist CySA+ (CS0-003) Active Learning

CompTIA Cybersecurity Analyst (CySA+) is an IT workforce certification that applies behavioral analytics to networks and devices to prevent, detect and combat cybersecurity threats through continuous security monitoring.

As attackers have learned to evade traditional signature-based solutions, such as firewalls and anti-virus software, an analytics-based approach within the IT security industry is increasingly important for organizations. CompTIA CySA+ applies behavioral analytics to networks to improve the overall state of security through identifying and combating malware and advanced persistent threats (APTs), resulting in an enhanced threat visibility across a broad attack surface. It will validate an IT professional’s ability to proactively defend and continuously improve the security of an organization. CySA+ will verify the successful candidate has the knowledge and skills required to:

• Leverage intelligence and threat detection techniques
• Analyze and interpret data
• Identify and address vulnerabilities
• Suggest preventative measures
• Effectively respond to and recover from incidents

Lesmethode

Bij Master IT train je met onze unieke lesmethode Active Learning, hiermee leer je aantoonbaar effectiever!

Wij zjn er namelijk van overtuigd dat je slimmer en met meer plezier leert als je actief met je lesstof omgaat. Onze klassen zijn gevuld met maximaal 8 cursisten. Hierbij luister je niet passief naar een trainer, maar ga je interactief en 1-op-1 met de trainer aan de slag om ervoor te zorgen dat jouw leerdoelen behaald worden. De theorie maak je je zoveel mogelijk zelf eigen, de nadruk van de begeleiding ligt op het begrijpen en toepassen van die theorie in de praktijk. Zo leer je alleen datgene wat je echt nodig hebt.

• Je bepaalt zelf je leertempo.
• De trainer coacht je bij het definiëren van jouw leertraject.
• Je onthoudt en begrijpt je nieuwe kennis beter.
• Alles draait om toepassing van de stof in jouw praktijk.

Om alle beschikbare trainingsdata in te zien, bekijk dan onze eigen website

Doelgroep

Jobs that use CompTIA CySA+:

• Security analyst
• Threat intelligence analyst
• Security engineer
• Application security analyst
• Incident response or handler
• Compliance analyst
• Threat hunter

Voorkennis

Network+, Security+ or equivalent knowledge. Minimum of 4 years of hands-on information security or related experience. 

Onderdelen

Het lesmateriaal van deze CompTIA training is zeer uitgebreid en aangevuld met extra materiaal, zoals een pre-assesment, flashcards en oefenexamens. Dit betekent dat je niet al het materiaal tijdens je lesdagen zult behandelen. Wil je je goed voorbereiden op het examen, dan is er veel extra materiaal beschikbaar zodat je je thuis optimaal kunt klaarmaken voor het examen.  Threat Management 27%

• Procedures/common tasks
• Variables
• Tools
• Point-in-time data analysis
• Data correlation and analytics
• Data output
• Tools
• Network segmentation
• Honeypot
• Endpoint security
• Group policies
• ACLs
• Hardening
• Network Access Control (NAC)
• Penetration testing
• Reverse engineering
• Training and exercises
• Risk evaluation

Vulnerability Management 26%

• Identification of requirements
• Establish scanning frequency
• Configure tools to perform scans according to specification
• Execute scanning
• Generate reports
• Remediation
• Ongoing scanning and continuous monitoring
• Analyze reports from a vulnerability scan
• Validate results and correlate other data points
• Servers
• Endpoints
• Network infrastructure
• Network appliances
• Virtual infrastructure
• Mobile devices
• Interconnected networks
• Virtual Private Networks (VPNs)
• Industrial Control Systems (ICSs)
• SCADA devices

Cyber Incident Response 23%

• Threat classification
• Factors contributing to incident severity and prioritization
• Forensics kit
• Forensic investigation suite
• Stakeholders
• Purpose of communication processes
• Role-based responsibilities
• Common network-related symptoms
• Common host-related symptoms
• Common application-related symptoms
• Containment techniques
• Eradication techniques
• Validation
• Corrective actions
• Incident summary report

Security Architecture and Tool Sets 24%

• Regulatory compliance
• Frameworks
• Policies
• Controls
• Procedures
• Verifications and quality control
• Security issues associated with context-based authentication
• Security issues associated with identities
• Security issues associated with identity repositories
• Security issues associated with federation and single sign-on
• Exploits
• Security data analytics
• Manual review
• Defense in depth
• Best practices during software development
• Secure coding best practices
• Preventative
• Collective
• Analytical
• Exploit
• Forensics