COURSE OBJECTIVE:
After completing this course, you should be able to:
• Proactively Monitor and Detect. Demonstrate your skills in detecting and analyzing indicators of malicious activity using the most up-to-date methods and tools, such as threat intelligence, security information and event management (SIEM), endpoint detection and response (EDR) and extended detection and response (XDR).
• Respond to Threats, Attacks and Vulnerabilities. Prove your knowledge of incident response and vulnerability management processes and highlight the communication skills critical to security analysis and compliance.
• Demonstrate Competency of Current Trends. Valuable team members can show knowledge of current trends that affect the daily work of security analysts, such as cloud and hybrid environments.
TARGET AUDIENCE:
The course is aimed at Security Analysts, Security Operations Center (SOC) Analysts, Incident Response Analysts, Vulnerability Management Analysts and Security Engineers.
COURSE PREREQUISITES:
Recommended Experience:
• Network+, Security+ or equivalent knowledge.
• Minimum of 4 years of hands-on experience as an incident response analyst or security operations center (SOC) analyst, or equivalent experience.
COURSE CONTENT:
CySA+ is a global, vendor-neutral certification covering intermediate-level knowledge and skills required by information security analyst job roles. It helps identify a cybersecurity professional's ability to proactively defend an organization using secure monitoring, threat identification, incident response and teamwork. The CompTIA CySA+ CS0-003 course and certification exam ensures the candidate has the knowledge and skills required to:
• Detect and analyze indicators of malicious activity
• Understand threat hunting and threat intelligence concepts
• Use appropriate tools and methods to manage, prioritize and respond to attacks and vulnerabilities
• Perform incident response processes
• Understand reporting and communication concepts related to vulnerability management and incident response activities
Technical Skills covered in the certification and training:
Security Operations
• Explain the importance of system and network architecture concepts in security operations.
• Analyze indicators of potentially malicious activity.
• Use appropriate tools or techniques to determine malicious activity.
• Compare and contrast threat-intelligence and threat-hunting concepts.
• Explain the importance of efficiency and process improvement in security operations.
Vulnerability Management
• Implement vulnerability scanning methods and concepts.
• Analyze output from vulnerability assessment tools.
• Analyze data to prioritize vulnerabilities.
• Recommend controls to mitigate attacks and software vulnerabilities.
• Explain concepts related to vulnerability response, handling and management.
Incident Response Management
• Explain concepts related to attack methodology frameworks.
• Perform incident response activities.
• Explain the preparation and post-incident activity phases of the incident management lifecycle.
Reporting and Communication
• Explain the importance of vulnerability management reporting and communication.
• Explain the importance of incident response reporting and communication.
FOLLOW ON COURSES:
Not available. Please contact.