CompTIA Cybersecurity Analyst (CySA+) is a certification for cyber professionals tasked with incident detection, prevention and response through continuous security monitoring. This course introduces tools and tactics to manage cybersecurity risks, identify various types of common threats, evaluate the organization's security, collect and analyze cybersecurity intelligence, and handle incidents as they occur. This course may earn a Credly Badge.

With completion of this course you will be prepared to:

• Explain concepts related to system and network architecture in security operations.
• Analyze indicators of potential malicious activity in various scenarios.
• Use tools to determine malicious activity effectively.
• Understand threat intelligence and threat-hunting concepts.
• Implement appropriate vulnerability scanning methods based on scenarios.
• Analyze output from vulnerability assessment tools to identify risks.
• Summarize the incident response process and methodologies.
• Apply incident response techniques in practical scenarios.
• Emphasize the importance of reporting and communication in vulnerability management.
• Recognize the role of AI in enhancing security operations efficiency.

Identifying Security Operations Fundamentals

• Cybersecurity Foundations
• Governance, Policies, and Controls
• Introduction to Incident Response in the SOC

Applying Risk Management Strategies

• Risk Concepts
• Threat Modeling Frameworks

Managing System Security and Configurations

• Attack Surface Management
• System Hardening

Comparing System Architectures

• Infrastructure and System Architecture
• Modern Network Architectures
• Critical Infrastructure and Industrial Controls

Applying Access Management

• Identity and Access Management
• Device and Endpoint Management
• Data Protection and Cryptography

Threat Intelligence and Threat Hunting

• Threat Actor Concepts
• Threat Intelligence Sources
• Threat Hunting

Assessing Network Vulnerabilities

• Vulnerability Scanning Foundations
• Vulnerability Scan Types
• Select Vulnerability Tools
• Vulnerability Analysis and Prioritization
• Vulnerability and Incident Reporting

Managing Incident Response and Communication

• Manage Logs
• Incident Escalation
• Post-Incident Actions
• Incident Response Metrics

Executing Incident Response Plans

• Attack Methodology Frameworks
• The Incident Response Process
• Incident Response Techniques

Analyzing Malicious Activity

• Threat Detection and Analysis Tools
• Host Indicators of Compromise
• Network Indicators of Compromise
• Application and Web-based Indicators

Automating Data Analysis

• Scripting Fundamentals
• Scripting Languages
• Security Analytics and Pattern Recognition
• Technology and Tool Integration

Improving Processes with Automation

• Standardization and Team Coordination
• Automation, Orchestration, and Enrichment
• AI Risks and Governance
• AI in Security Operations

Assessing Application Vulnerabilities

• Web and Application Vulnerability Analysis
• Cloud Vulnerability Assessment

Securing Applications

• Secure Software Development and Testing
• Application Attack Identification and Mitigation

• Cybersecurity Analysts
• Security Operations Center (SOC) Analysts
• Incident Responders
• Vulnerability Assessment Specialists
• Threat Intelligence Analysts
• Information Security Managers
• Network Security Engineers
• IT Auditors
• Risk Management Professionals
• Cybersecurity Consultants
• System Administrators
• Compliance Analysts
• Security Software Developers
• IT Support Specialists with cybersecurity responsibilities
• Network Architects focusing on secure designs

To successfully undertake the CompTIA Cybersecurity Analyst (CySA+) CS0-004 course, it is recommended that students meet the following minimum prerequisites:

• A foundational understanding of IT concepts, particularly in networking, security, and operating systems.
• Familiarity with basic system administration tasks and concepts.
• Prior experience or knowledge of cybersecurity principles and best practices.
• Completion of CompTIA Security+ certification or equivalent knowledge is highly recommended, as it provides a strong base for understanding the material in this course.