CompTIA Cybersecurity Analyst (CSA+)
CompTIA CSA+
CompTIA Cybersecurity Analyst+ CS0-001: Investigate Security Incidents
CompTIA Cybersecurity Analyst+ CS0-001: Monitoring for Security Issues
CompTIA Cybersecurity Analyst+ CS0-001: Network Architecture and Reconnaissance
CompTIA Cybersecurity Analyst+ CS0-001: Reducing Vulnerabilities
CompTIA Cybersecurity Analyst+ CS0-001: Threat Identification
CompTIA Cybersecurity Analyst+ CS0-001: Threat Mitigation
Mentoring CS0-001 CompTIA Cybersecurity Analyst+

CompTIA Cybersecurity Analyst+ CS0-001: Investigate Security Incidents

Course Number:
cs_cybs_a05_it_enus
Lesson Objectives

CompTIA Cybersecurity Analyst+ CS0-001: Investigate Security Incidents

  • start the course
  • recognize the purpose of various firewall types
  • recognize how firewall rules are created based on what type of traffic should or should not be allowed
  • recognize how packet filters work
  • configure a packet filtering firewall
  • explain the purpose of a proxy server
  • explain the purpose of a security appliance
  • recognize the unique capabilities of web application firewalls
  • explain the importance of intrusion detection and prevention
  • recognize when to use HIDS
  • recognize when to use NIDS
  • recognize when to use NIPS
  • identify different types of malware
  • identify viruses
  • identify worms
  • identity spyware and adware
  • explain how ransomware works
  • mitigate malware using antimalware solutions
  • explain why user training and awareness is one of the most important security defenses
  • describe digital forensics
  • determine which forensic hardware is best suited for a specific situation
  • determine which forensic software is best suited for a specific situation
  • explain how forensic tools can be used against data stored on media
  • distinguish common forensic tools from one another
  • explain the sequence of steps that should be followed when conducting mobile device forensics
  • create a memory dump
  • retrieve and view deleted files
  • prevent threat materialization and follow proper forensic procedures

Overview/Description
Firewalls are one layer of defense against unauthorized access to networks and hosts. Intrusion detection and prevention can be used to increase security at both the host and network levels. In this course, you'll learn about these security mitigations as well as malware and how to use digital forensic tools.

Target Audience
IT specialists who will be responsible for securing and analyzing IT assets at the hardware and software levels

CompTIA Cybersecurity Analyst+ CS0-001: Monitoring for Security Issues

Course Number:
cs_cybs_a06_it_enus
Lesson Objectives

CompTIA Cybersecurity Analyst+ CS0-001: Monitoring for Security Issues

  • start the course
  • recognize proper hiring practices
  • provision new user accounts in accordance with organizational security policies
  • apply personnel management best practices
  • distinguish the difference between threats, vulnerabilities, and exploits
  • explain the concept of spoofing
  • craft forged packets using free tools
  • recognize how impersonation can be used to gain unauthorized access
  • recognize CSS attacks
  • recognize root kits
  • explain the concept of privilege escalation
  • distinguish the difference between common exploit tools
  • use Metasploit tools to further understand the attacker toolset
  • use Kali Linux tools to further understand the attacker toolset
  • crack passwords
  • recognize the importance of continuous monitoring of various systems
  • distinguish the difference between common monitoring tools
  • monitor the Linux OS
  • monitor the Windows OS
  • configure Windows event log forwarding
  • identify where SIEM is used
  • identify where SCADA and ICS are used in different industries
  • view network utilization
  • analyze timestamped data from various sources
  • identify trends in network usage
  • identify events from specific types of logs
  • describe the difference between vulnerabilities and exploits as well as use various reporting tools

Overview/Description
Hiring trustworthy and competent personnel is often overlooked when discussing IT security. Exploits take form not only as technical entities, but also as employee workplace violations. In this course, you'll also learn how to monitor and analyze various types of systems for audit and security purposes.

Target Audience
IT specialists who will be responsible for securing and analyzing IT assets at the hardware and software levels

CompTIA Cybersecurity Analyst+ CS0-001: Network Architecture and Reconnaissance

Course Number:
cs_cybs_a01_it_enus
Lesson Objectives

CompTIA Cybersecurity Analyst+ CS0-001: Network Architecture and Reconnaissance

  • start the course
  • map network hardware and software to the OSI model
  • identify when to use specific network hardware
  • understand IPv4 settings
  • understand IPv6 settings
  • understand transport protocols
  • understand which Windows tools to use when configuring and troubleshooting TCP/IP
  • understand which Linux tools to use when configuring and troubleshooting TCP/IP
  • configure and scan for service ports
  • configure network services securely
  • explain common wired and wireless network concepts
  • scan for wireless networks and understand the returned results
  • determine placement of network devices
  • explain the purpose of cloud computing
  • recognize the use of cloud service models
  • recognize the role of virtualization in cloud computing
  • identify cloud security options
  • explain how to discover network devices
  • use logs to learn about the network environment
  • use packet capturing tools for network traffic analysis
  • capture and interpret FTP and HTTP traffic
  • discover network configurations
  • explain harvesting techniques
  • recognize social engineering techniques
  • identify details within acceptable use policies
  • identify details within data ownership and retention policies
  • identify details within data classification policies
  • identify details within a password policy
  • recognize various network configurations and perform network reconnaissance

Overview/Description
IT security analysis builds upon a solid understanding of underlying network and cloud technologies. Existing IT system implementations must be understood before security controls can be recommended.

Target Audience
IT specialists who will be responsible for securing and analyzing IT assets at the hardware and software levels

CompTIA Cybersecurity Analyst+ CS0-001: Reducing Vulnerabilities

Course Number:
cs_cybs_a04_it_enus
Lesson Objectives

CompTIA Cybersecurity Analyst+ CS0-001: Reducing Vulnerabilities

  • start the course
  • recognize how crypto is used to secure data in the enterprise
  • differentiate symmetric from asymmetric encryption
  • differentiate asymmetric from symmetric encryption
  • identify the PKI hierarchy
  • request a security certificate from a CA
  • encrypt files on a Windows system using EFS
  • explain how file integrity can be maintained
  • enable file integrity using Linux
  • enable file integrity using Windows
  • recognize authentication methods used to prove one's identity
  • require VPN connections to use MFA
  • recognize how resource access gets authorized
  • configure centralized authentication using RADIUS
  • describe what user provisioning entails
  • describe how identity federation differs from traditional authentication
  • identify security weaknesses in server OSs
  • identify security weaknesses on endpoint devices
  • identify security weaknesses at the network level
  • identify security weaknesses on mobile devices
  • recognize the overall process of scanning for vulnerabilities
  • configure appropriate vulnerability scanning settings
  • explain how the SCAP standard is used to measure vulnerability issues and compliance
  • conduct a vulnerability scan using Nessus
  • distinguish various vulnerability scanning tools from one another
  • conduct a vulnerability scan using MBSA
  • understand vulnerability scan results
  • put controls in place to mitigate threats
  • reduce vulnerabilities that can be exploited

Overview/Description
Authentication controls who gets access to resources. Stronger authentication means greater control over resource access. In this course, you will identify weaknesses including conducting vulnerability scans in order to protect IT assets.

Target Audience
IT specialists who will be responsible for securing and analyzing IT assets at the hardware and software levels

CompTIA Cybersecurity Analyst+ CS0-001: Threat Identification

Course Number:
cs_cybs_a02_it_enus
Lesson Objectives

CompTIA Cybersecurity Analyst+ CS0-001: Threat Identification

  • start the course
  • identify assets and related threats
  • recognize known, unknown persistent, and zero-day threats
  • identify what constitutes PII
  • explain payment card data
  • identify intellectual property
  • control how valuable data is used
  • configure group policy to prevent data leakage
  • determine the effect of negative incidents
  • identify stakeholders related to incident response
  • recognize incident response roles
  • describe incident disclosure options
  • analyze host symptoms to determine the best response
  • analyze network symptoms to determine the best response
  • analyze application symptoms to determine the best response
  • contain negative incidents
  • thoroughly remove data
  • identify positive learned outcomes resulting from incidents
  • identify how OEM documentation can be used to reverse engineering products
  • recognize the relevance of up-to-date network documentation
  • recognize the ongoing maintenance of incident response plans
  • create proper incident forms
  • protect the integrity of collected evidence
  • implement changes to processes resulting from lessons learned
  • determine which type of report provides the best data for a specific situation
  • determine if SLA details are aligned with business needs
  • explain the purpose of a MOU
  • use existing inventory to drive decisions related to security
  • recognize threat impact and design an incident response plan

Overview/Description
Assets must be identified before they can be protected. This can come from documentation or IT inventories. Proactive planning streamlines incident response to minimize negative impacts to the organization.

Target Audience
IT specialists who will be responsible for securing and analyzing IT assets at the hardware and software levels

CompTIA Cybersecurity Analyst+ CS0-001: Threat Mitigation

Course Number:
cs_cybs_a03_it_enus
Lesson Objectives

CompTIA Cybersecurity Analyst+ CS0-001: Threat Mitigation

  • start the course
  • identify SDLC phases
  • apply secure coding practices
  • properly test technology solutions for security
  • reduce the attack surface of a network host
  • recognize the importance of keeping hardware and software up to date
  • apply patches properly to secure network hosts
  • set the correct access to file systems while adhering to the principle of least privilege
  • recognize the purpose of controlling network access with NAC
  • recognize the purpose of network segregation using VLANs
  • identify various conditions that control access to resources
  • recognize the purpose of intentionally creating vulnerable hosts to monitor malicious use
  • recognize the purpose of a jump box
  • explain how proper IT governance results in secured IT resources
  • recognize how regulatory compliance can influence security controls
  • apply NIST's Cybersecurity Framework to your digital assets
  • apply ISO security standards to harden your environment
  • recognize how the TOGAF enterprise IT architecture can increase efficiency of security controls
  • recognize how to assess risk and apply effective security controls to mitigate that risk
  • recognize how to apply ITIL to increase the efficiency of IT service delivery
  • identify physical security controls
  • identify logical security controls
  • configure router ACL rules to block ICMP traffic
  • identify administrative security controls
  • identify compensating security controls
  • recognize the importance of continuous monitoring
  • explain how firmware must be accredited before universal trust is established
  • identify factors related to conducting penetration tests
  • list categories of security controls and threat mitigations

Overview/Description
Applying security best practices to IT system creation and deployment can go a long way in reducing the attack surface. In this course, you will learn about the SDLC, penetration testing, how to mitigate threats, and the security frameworks on which these countermeasure are based.

Target Audience
IT specialists who will be responsible for securing and analyzing IT assets at the hardware and software levels

Mentoring CS0-001 CompTIA Cybersecurity Analyst+

Lesson Objectives

Mentoring CS0-001 CompTIA Cybersecurity Analyst+

  • Threat Management
  • Vulnerability Management
  • Cyber Incident Response
  • Security Architecture and Tool Sets

Overview/Description
Skillsoft Mentors are available to help students with their studies for exam CS0-001 CompTIA Cybersecurity Analyst+. You can reach them by entering a Mentored Chat Room or by using the Email My Mentor service.

Target Audience
Individuals who are studying the associated Skillsoft content in preparation for, or to become familiar with, the skills and competencies being measured by the actual certification exam.

Close Chat Live