CompTIA Cybersecurity Analyst (CySA+)
1 – EVALUATING INFORMATION SECURITY RISK
Recognize the Significance of Risk Management
Evaluate Risk
Minimize Risk
Incorporate Documentation into Risk Management
2 – ASSESSING RECONNAISSANCE THREATS TO COMPUTING AND NETWORK ENVIRONMENTS
Evaluate the Impact of Reconnaissance Incidents
Assess the Impact of Social Engineering
3 – ANALYZING ATTACKS ON COMPUTING AND NETWORK ENVIRONMENTS
Evaluate the Impact of System Hacking Attacks
Evaluate the Impact of Web-Based Attacks
Evaluate the Impact of Malware
Evaluate the Impact of Hijacking and Impersonation Attacks
Evaluate the Impact of DoS Incidents
Evaluate the Impact of Threats to Mobile Security
Evaluate the Impact of Threats to Cloud Security
4 – EXAMINING POST-ATTACK TECHNIQUES
Assess Command and Control Techniques
Assess Persistence Techniques
Assess Lateral Movement and Pivoting Techniques
Assess Data Exfiltration Techniques
Assess Anti-Forensics Techniques
5 – OVERSEEING VULNERABILITIES IN THE ORGANIZATION
Implement a Vulnerability Management Plan
Evaluate Common Vulnerabilities
Conduct Vulnerability Scans
Perform Penetration Tests on Network Assets
6 – GATHERING CYBERSECURITY INTELLIGENCE
Implement a Security Intelligence Collection and Analysis Platform
Collect Data from Network-Based Intelligence Sources
Collect Data from Host-Based Intelligence Sources
7 – SCRUTINIZING LOG DATA
Utilize Common Tools to Analyze Logs
Use SIEM Tools for Analysis
8 – CONDUCTING ACTIVE ASSET AND NETWORK ANALYSIS
Analyze Incidents with Windows-Based Tools
Analyze Incidents with Linux-Based Tools
Analyze Malware
Analyze Indicators of Compromise
9 – RESPONDING TO CYBERSECURITY INCIDENTS
Implement an Incident Handling and Response Architecture
Mitigate Incidents
Prepare for Forensic Investigation as a CSIRT
10 – INVESTIGATING CYBERSECURITY INCIDENTS
Execute a Forensic Investigation Plan
Securely Collect and Analyze Electronic Evidence
Follow Up on the Results of an Investigation
11 – TACKLING SECURITY ARCHITECTURE ISSUES
Remediate Identity and Access Management Issues
Implement Security During the Software Development Life Cycle (SDLC)