CompTIA Cyber Security Analyst follows on from the CompTIA S+ course and focuses on frameworks and technologies that delegates can use to harden and protect their IT systems.
Book your virtual training
- More info
- Date and time to suit you
- VenueWe will train your team
wherever they are based
- CostContact us for price
- Fill in the form and we'll be in touch
within a working day.
Book your place
- Date11 Oct 2021
- VenueVirtual Classroom Learning
- Book Now
CompTIA Cyber Security Analyst (CySA+) is an IT workforce certification that applies behavioural analytics to networks and devices to prevent, detect and combat cyber security threats.
Delegates looking to expand their cyber security knowledge or to obtain the CYSA+ qualification.
- Identify tools and techniques to use to perform an environmental reconnaissance of a target network or security system.
- Collect, analyse, and interpret security data from multiple log and monitoring sources.
- Use network host and web application vulnerability assessment tools and interpret the results to provide effective mitigation.
- Understand and remediate identity management, authentication, and access control issues.
- Participate in a senior role within an incident response team and use forensic tools to identify the source of an attack.
- Understand the use of frameworks, policies, and procedures and report on security architecture with recommendations for effective compensating controls.
Having well trained cyber security analysts to help prevent attacks to your organisation through their expertise and knowledge of databases, networks, hardware, firewalls and encryption, is vital in today's ever connected technological world.
As a cyber security analyst CySA+ is a great way to demonstrate your capability and shows you have a rounded and sought after skill set.
- Cyber Security Analysts
- Cyber Security Roles and Responsibilities
- Frameworks and Security Controls
- Risk Evaluation
- Penetration Testing Processes
- Reconnaissance Techniques
- The Kill Chain
- Open Source Intelligence
- Social Engineering
- Topology Discovery
- Service Discovery
- OS Fingerprinting
- Managing Vulnerabilities
- Vulnerability Management Requirements
- Asset Inventory
- Data Classification
- Vulnerability Management Processes
- Vulnerability Scanners
- Microsoft Baseline Security Analyser
- Vulnerability Feeds and SCAP
- Configuring Vulnerability Scans
- Vulnerability Scanning Criteria
- Exploit Frameworks
- Remediating Vulnerabilities
- Analysing Vulnerability Scans
- Remediation and Change Control
- Remediating Host Vulnerabilities
- Remediating Network Vulnerabilities
- Remediating Virtual Infrastructure Vulnerabilities
- Secure Software Development
- Software Development Lifecycle
- Software Vulnerabilities
- Software Security Testing
- Interception Proxies
- Web Application Firewalls
- Source Authenticity
- Reverse Engineering
- Security Appliances
- Configuring Firewalls
- Intrusion Detection and Prevention
- Configuring IDS
- Malware Threats
- Configuring Anti-Virus Software
- Enhanced Mitigation Experience Toolkit
- Logging and Analysis
- Packet Capture
- Packet Capture Tools
- Monitoring Tools
- Log Review and SIEM
- SIEM Data Outputs
- SIEM Data Analysis
- Point-in-Time Data Analysis
- Incident Response
- Incident Response Processes
- Threat Classification
- Incident Severity and Prioritisation
- Types of Data
- Forensics Tools
- Digital Forensics Investigations
- Documentation and Forms
- Digital Forensics Crime Scenes
- Digital Forensics Kits
- Image Acquisition
- Password Cracking
- Analysis Utilities
- Incident Analysis and Recovery
- Analysis and Recovery Frameworks
- Analysing Network Symptoms
- Analysing Host Symptoms
- Analysing Data Exfiltration
- Analysing Application Symptoms
- Using Sysinternals
- Containment Techniques
- Eradication Techniques
- Validation Techniques
- Corrective Actions
- Secure Network Design
- Network Segmentation
- Blackholes, Sinkholes, and Honeypots
- System Hardening
- Group Policies and MAC
- Endpoint Security
- Managing Identities and Access
- Network Access Control
- Identity Management
- Identity Security Issues
- Identity Repositories
- Context-based Authentication
- Single Sign-on and Federation
- Exploiting Identities
- Exploiting Web Browsers and Applications
- Security Frameworks and Policies
- Frameworks and Compliance
- Reviewing Security Architecture
- Procedures and Compensating Controls
- Verifications and Quality Control
- Security Policies and Procedures
- Personnel Policies and Training
Delegates should have attended the CompTIA S+ course or have equivalent knowledge before attending this course.
The CompTIA CySA+ (CS0-002) exam is entirely optional.
If you decide to purchase the exam as part of your course booking then you will receive an exam voucher after your course which is valid for 12 months and also access to CertMaster Practice, CompTIA's online knowledge assessment and certification exam practice and preparation system.
We highly recommend that you continue with post course self-study and utilise CertMaster Practice before you sit the examination.