CompTIA Cybersecurity Analyst (CySA+) is an IT workforce certification that applies behavioral analytics to networks and devices to prevent, detect and combat cybersecurity threats through continuous security monitoring.
Why is CySA+ Different?
- CompTIA CySA+ is the only intermediate high-stakes cybersecurity analyst certification with both hands-on, performance-based questions and multiple-choice questions.
- CySA+ focuses on the candidates ability to not only proactively capture, monitor, and respond to network traffic findings, but also emphasizes software and application security, automation, threat hunting, and IT regulatory compliance, which affects the daily work of security analysts.
- CySA+ covers the most up-to-date core security analyst skills and upcoming job skills used by threat intelligence analysts, application security analysts, compliance analysts, incident responders/handlers, and threat hunters, bringing new techniques for combating threats inside and outside of the Security Operations Center (SOC).
About the Exam
As attackers have learned to evade traditional signature-based solutions, such as firewalls and anti-virus software, an analytics-based approach within the IT security industry is increasingly important for organizations. CompTIA CySA+ applies behavioral analytics to networks to improve the overall state of security through identifying and combating malware and advanced persistent threats (APTs), resulting in an enhanced threat visibility across a broad attack surface. It will validate an IT professional’s ability to proactively defend and continuously improve the security of an organization. CySA+ will verify the successful candidate has the knowledge and skills required to:
- Leverage intelligence and threat detection techniques
- Analyze and interpret data
- Identify and address vulnerabilities
- Suggest preventative measures
- Effectively respond to and recover from incidents
CompTIA CySA+ meets the ISO 17024 standard and is approved by U.S. Department of Defense to fulfill Directive 8570.01-M requirements. It is compliant with government regulations under the Federal Information Security Management Act (FISMA). Regulators and government rely on ANSI accreditation because it provides confidence and trust in the outputs of an accredited program. Over 2.3 million CompTIA ISO/ANSI-accredited exams have been delivered since January 1, 2011.
What Skills Will You Learn?
Threat and Vulnerability Management
Utilize and apply proactive threat intelligence to support organizational security and perform vulnerability management activities
Software and Systems Security
Apply security solutions for infrastructure management and explain software & hardware assurance best practices
Compliance and Assessment
Apply security concepts in support of organizational risk mitigation and understand the importance of frameworks, policies, procedures, and controls
Security Operations and Monitoring
Analyze data as part of continuous security monitoring activities and implement configuration changes to existing controls to improve security
Apply the appropriate incident response procedure, analyze potential indicators of compromise, and utilize basic digital forensics techniques
Jobs that use CompTIA CySA+
-Tier II SOC Analyst
Threat Intelligence Analyst
Application Security Analyst
Incident Response or Handler
CySA+ Exam Prepration
The Official CompTIA Cybersecurity Analyst (CySA+) Student Guide has been developed by CompTIA for the CompTIA certification candidate. Rigorously evaluated by third party subject matter experts to validate coverage of the Cybersecurity Analyst (CySA+) exam objectives, The Official CompTIA Cybersecurity Analyst (CySA+) Student Guide teaches the essential skills and information needed to troubleshoot and problem solve, helps learners understand a wide variety of issues ranging from networking and operating systems to mobile devices and security, and prepares candidates to take the CompTIA Cybersecurity Analyst (CySA+) certification exam (CS0-002).
- Content mapped to Cybersecurity Analyst (CySA+) exam objectives (Exam CS0-002)
- Hands-on Activities designed to put knowledge into practice
- Videos developed exclusively for CompTIA by ITPro.TV
- Practice questions that check for understanding
- PowerPoint slides
- Access to the CompTIA Learning Center
Table of Contents
Lesson 1: Explaining the Importance of Security Controls and Security Intelligence
Lesson 2: Utilizing Threat Data and Intelligence
Lesson 3: Analyzing Security Monitoring Data
Lesson 4: Collecting and Querying Security Monitoring Data
Lesson 5: Utilizing Digital Forensics and Indicator Analysis Techniques
Lesson 6: Applying Incident Response Procedures
Lesson 7: Applying Risk Mitigation and Security Frameworks
Lesson 8: Performing Vulnerability Management
Lesson 9: Applying Security Solutions for Infrastructure Management
Lesson 10: Understanding Data Privacy and Protection
Lesson 11: Applying Security Solutions for Software Assurance
Lesson 12: Applying Security Solutions for Cloud and Automation
Appendix A: Mapping Course Content to CompTIA Cybersecurity Analyst+ (Exam CS0-002)
Appendix B: Security Resources
To receive physical copy of Text Book:
Accessing the Course Materials
Print books are shipped within 2 business days.
Along with the print, you will also have access to the CompTIA Learning Center, the online platform what you can access an eBook version of the text with digital materials as described above. An access key and instructions for acessing the CompTIA Learning Center are emailed within 3-4 hours of purchase. The eBook is provided in a interactive online version, along with a downloadable PDF.
An access key and instructions for accessing the CompTIA Learning Center, the onlineplatform through which the eBook and all digital material, will be delivered, by email. The eBook is provided in an interactive online version, along with a a downloadable PDF.