CompTIA Cybersecurity Analyst (CySA+)

Assessing Information Security Risk

• TOPIC A: Identify the Importance of Risk Management
• TOPIC B: Assess Risk
• TOPIC C: Mitigate Risk
• TOPIC D: Integrate Documentation into Risk Management
• Summary

Analyzing the Threat Landscape

• TOPIC A: Classify Threats and Threat Profiles
• TOPIC B: Perform Ongoing Threat Research
• Summary

Analyzing Reconnaissance Threats to Computing and Network Environments

• TOPIC A: Implement Threat Modeling
• TOPIC B: Assess the Impact of Reconnaissance Incidents
• TOPIC C: Assess the Impact of Social Engineering
• Summary

Analyzing Attacks on Computing and Network Environments

• TOPIC A: Assess the Impact of System Hacking Attacks
• TOPIC B: Assess the Impact of Web-Based Attacks
• TOPIC C: Assess the Impact of Malware
• TOPIC D: Assess the Impact of Hijacking and Impersonation Attacks
• TOPIC E: Assess the Impact of DoS Incidents
• TOPIC F: Assess the Impact of Threats to Mobile Security
• TOPIC G: Assess the Impact of Threats to Cloud Security
• Summary

Analyzing Post-Attack Techniques

• TOPIC A: Assess Command and Control Techniques
• TOPIC B: Assess Persistence Techniques
• TOPIC C: Assess Lateral Movement and Pivoting Techniques
• TOPIC D: Assess Data Exfiltration Techniques
• TOPIC E: Assess Anti-Forensics Techniques
• Summary

Managing Vulnerabilities in the Organization

• TOPIC A: Implement a Vulnerability Management Plan
• TOPIC B: Assess Common Vulnerabilities
• TOPIC C: Conduct Vulnerability Scans
• Summary

Implementing Penetration Testing to Evaluate Security

• TOPIC A: Conduct Penetration Tests on Network Assets
• TOPIC B: Follow Up on Penetration Testing
• Summary

Collecting Cybersecurity Intelligence

• TOPIC A: Deploy a Security Intelligence Collection and Analysis Platform
• TOPIC B: Collect Data from Network-Based Intelligence Sources
• TOPIC C: Collect Data from Host-Based Intelligence Sources
• Summary

Analyzing Log Data

• TOPIC A: Use Common Tools to Analyze Logs
• TOPIC B: Use SIEM Tools for Analysis
• TOPIC C: Parse Log Files with Regular Expressions
• Summary

Performing Active Asset and Network Analysis

• TOPIC A: Analyze Incidents with Windows-Based Tools
• TOPIC B: Analyze Incidents with Linux-Based Tools
• TOPIC C: Analyze Malware
• TOPIC D: Analyze Indicators of Compromise
• Summary

Responding to Cybersecurity Incidents

• TOPIC A: Deploy an Incident Handling and Response Architecture
• TOPIC B: Mitigate Incidents
• TOPIC C: Prepare for Forensic Investigation as a CSIRT
• Summary

Investigating Cybersecurity Incidents

• TOPIC A: Apply a Forensic Investigation Plan
• TOPIC B: Securely Collect and Analyze Electronic Evidence
• TOPIC C: Follow Up on the Results of an Investigation
• Summary

Addressing Security Architecture Issues

• TOPIC A: Remediate Identity and Access Management Issues
• TOPIC B: Implement Security During the SDLC
• Summary

Appendix A: Mapping Course Content to CyberSec First Responder (Exam CFR-210)

Appendix B: Mapping Course Content to CompTIA® CyberSecurity Analyst+ (Exam CS0-001)

Appendix C: Security Resources

• TOPIC A: List of Security Resources

Appendix D: U.S. Department of Defense Operational Security

• TOPIC A: Summary of U.S. Department of Defense Operational Security Practices