As attackers have learned to evade traditional signature-based solutions, such as firewalls and anti-virus software, an analytics-based approach within the IT security industry is increasingly important for organizations. CompTIA CySA+ applies behavioral analytics to networks to improve the overall state of security through identifying and combating malware and advanced persistent threats (APTs), resulting in an enhanced threat visibility across a broad attack surface. It will validate an IT professional’s ability to proactively defend and continuously improve the security of an organization. CySA+ will verify the successful candidate has the knowledge and skills required to:

• • Leverage intelligence and threat detection techniques
  • Analyze and interpret data
  • Identify and address vulnerabilities
  • Suggest preventative measures
  • Effectively respond to and recover from incidents

CompTIA CySA+ meets the ISO 17024 standard and is approved by U.S. Department of Defense to fulfill Directive 8570.01-M requirements. It is compliant with government regulations under the Federal Information Security Management Act (FISMA). Regulators and government rely on ANSI accreditation because it provides confidence and trust in the outputs of an accredited program. Over 2.3 million CompTIA ISO/ANSI-accredited exams have been delivered since January 1, 2011.

Threat and Vulnerability Management

• • Utilize and apply proactive threat intelligence to support organizational security and perform vulnerability management activities

Software and Systems Security

• • Apply security solutions for infrastructure management and explain software & hardware assurance best practices

Compliance and Assessment

• • Apply security concepts in support of organizational risk mitigation and understand the importance of frameworks, policies, procedures, and controls

Security Operations and Monitoring

• • Analyze data as part of continuous security monitoring activities and implement configuration changes to existing controls to improve security

Incident Response

• • Apply the appropriate incident response procedure, analyze potential indicators of compromise, and utilize basic digital forensics techniques

• • Module 01: Explaining the Importance of Security Controls and Security Intelligence
  • Module 02: Utilizing Threat Data and Intelligence
  • Module 03: Analyzing Security Monitoring Data
  • Module 04: Collecting and Querying Security Monitoring Data
  • Module 05: Utilizing Digital Forensics and Indicator Analysis Techniques
  • Module 06: Applying Incident Response Procedures
  • Module 07: Applying Risk Mitigation and Security Frameworks
  • Module 08: Performing Vulnerability Management
  • Module 09: Applying Security Solutions for Infrastructure Management
  • Module 10: Understanding Data Privacy and Protection
  • Module 11: Applying Security Solutions for Software Assurance
  • Module 12: Applying Security Solutions for Cloud and Automation