CompTIA Cybersecurity Analyst+ (CySA+) (CS0-003): 1 Security Operations
4h 25mAdvanced2023-06-07
Authors

Mike Chapple
Teaching Professor at the University of Notre Dame
Course details
As cybersecurity threats become more sophisticated and pervasive, the need for IT professionals with security analytics expertise has grown exponentially. Earning the CompTIA Cybersecurity Analyst (CySA+) certification shows potential employers that you understand how to tackle cybersecurity threats using a behavioral analytics-based approach. In this course—the first installment in the CompTIA Cybersecurity Analyst+ CySA+ (CS0-003) certification prep series, instructor Mike Chapple covers the topics covered in the Security Operations domain of the exam. Mike details topics concerning operating system security, logging, key infrastructure concepts, network security, identity and access management, and encryption.
Skills covered
Incident ResponseCybersecurityCert Prep
Concepts
0. Introduction
- 01 - Security operations
- 02 - What you should know
- 03 - Study resources
- 04 - The goals of information security
- 05 - Role of the cybersecurity analyst
1. Operating System Security
- 06 - Operating system security
- 07 - Windows Registry
- 08 - Configuration files
- 09 - System processes
- 10 - Hardware architecture
2. Logging
- 11 - Logging security information
- 12 - Security information and event management
- 13 - Tuning and configuring SIEMs
- 14 - Continuous security monitoring
3. Infrastructure Concepts
- 15 - Virtualization
- 16 - Cloud infrastructure components
- 17 - Containers
4. Network Security
- 18 - Network architecture
- 19 - Security zones
- 20 - VLANs and network segmentation
- 21 - Zero trust networking
- 22 - Secure access service edge (SASE)
- 23 - Software-defined networking (SDN)
5. Identity and Access Management
- 24 - Identification, authentication, authorization, and accounting
- 25 - Usernames and access cards
- 26 - Biometrics
- 27 - Authentication factors
- 28 - Multifactor authentication
- 29 - Something you have
- 30 - Password authentication protocols
- 31 - Single sign-on and federation
- 32 - Passwordless authentication
- 33 - Privileged access management
- 34 - Cloud access security brokers
6. Encryption
- 35 - Understanding encryption
- 36 - Symmetric and asymmetric cryptography
- 37 - Goals of cryptography
- 38 - Trust models
- 39 - PKI and digital certificates
- 40 - TLS and SSL
7. Sensitive Data Protection
- 41 - Data classification
- 42 - Data loss prevention
8. Indicators of Malicious Activity
- 43 - Network symptoms
- 44 - Rogue access points and evil twins
- 45 - Endpoint symptoms
- 46 - Application symptoms
- 47 - Obfuscated links
- 48 - Social engineering
9. Tools and Techniques
- 49 - Protocol analyzers
- 50 - DNS and IP reputation
- 51 - Endpoint monitoring
- 52 - Malware prevention
- 53 - Executable analysis
- 54 - Cuckoo and Joe Sandbox
- 55 - User account monitoring
10. Email Analysis
- 56 - Malicious email content
- 57 - Digital signatures
- 58 - DKIM, DMARC, and SPF
- 59 - Analyzing email headers
11. Programming and Scripting
- 60 - Shell and script environments
- 61 - APIs
- 62 - Querying logs
12. Understanding the Cybersecurity Threat
- 63 - Threat actors
- 64 - Zero-days and the APT
- 65 - Supply chain vulnerabilities
- 66 - Threat classification
13. Threat Intelligence
- 67 - Threat intelligence
- 68 - Managing threat indicators
- 69 - Intelligence sharing
- 70 - Threat research
- 71 - Identifying threats
- 72 - Automating threat intelligence
- 73 - Threat hunting
- 74 - Deception technologies
14. Efficiency and Process Improvement
- 75 - Standardizing processes and streamlining operations
- 76 - Technology and tool integration
Conclusion
- 77 - Continuing your studies
Related courses
- CompTIA Cybersecurity Analyst+ (CySA+) (CS0-003): 3 Incident Response and Management
- CompTIA Cybersecurity Analyst (CySA+) (CS0-003) Cert Prep (2024)
- CompTIA Cybersecurity Analyst+ (CySA+) (CS0-003): 2 Vulnerability Management
- Exam Tips: CompTIA Cybersecurity Analyst+ (CySA+) (CS0-003)
- CompTIA Cybersecurity Analyst+ (CySA+) (CS0-003): 4 Reporting and Communication
- Exam Tips: CompTIA CySA+ (CS0-002)
- CompTIA CySA+ (CS0-002) Cert Prep: 2 Vulnerability Management (2020)
- CompTIA CySA+ (CS0-002) Cert Prep: 5 Security Operations and Monitoring
Related learn paths
- Prepare for the CompTIA Cybersecurity Analyst (CySA+) (CS0-003) Certification
- Prepare for the CompTIA Cybersecurity Analyst + (CySA+) (CS0-002) Certification Exam
- Prepare for the CompTIA Server+ (SK0-004) Exam
- Prepare for the CompTIA IT Fundamentals+ (ITF+) (FC0-U61) Exam
- Prepare for the CompTIA Security+ (SY0-701) Certification
- Prepare for the CompTIA PenTest+ (PT0-002) Certification Exam
- Prepare for the CompTIA Advanced Security Practitioner (CASP+) (CAS-004) Exam
- Prepare for the CompTIA Security+ (SY0-601) Certification Exam