Live CompTIA CySA+ / SecurityX Certification Training
CompTIA CySA+ / SecurityX
| Course Number: |
#CED-1772 |
| Course Length: |
10 days |
| Number of Exams: |
2 |
| Certifications: |
CompTIA Cybersecurity Analyst (CySA+)
CompTIA Advanced Security Practitioner (CASP+)
DoD Approved 8570: IAT Level II, CSSP Analyst, CSSP Infrastructure Support, CSSP Incident Responder, CSSP Auditor, IAT Level III, IAM Level II, IASAE Level I, IASAE Level II |
Grants (discounts) are available for multiple students for the same or different courses. |
Instructor-Led
- Certified Instructor
- Includes all course materials
Can't travel or you want to stay with your family or business. No problem!
Stay in your own city and save the additional expenses of roundtrip airfare, lodging, transportation, and meals and receive the same great instruction live from our instructors in our Live Instructor-Led Remote Classroom Training.
Remote Classroom Training
Our Remote Classroom Training is a live class with students observing the instructor and listening through your computer speakers.
You will see the instructor's computer, slides, notes, etc., just like in the classroom. You will be following along, doing work, labs, and individual assignments.
CED Solutions Rewards Points Program
"The instructor was great! Always very supportive, I thought I would never be able to accomplish what I did in a boot camp." -Joe McCallum, Grand Prairie, TX
CompTIA Cybersecurity Analyst (CySA+) is an international, vendor-neutral cybersecurity certification that applies behavioral analytics to improve the overall state of IT security. CySA+ validates critical knowledge and skills that are required to prevent, detect and combat cybersecurity threats.
The CompTIA SecurityX is an advanced-level cybersecurity certification for security architects and senior security engineers charged with leading and improving an enterprise's cybersecurity readiness.
CompTIA Cybersecurity Analyst (CySA+)
CompTIA Cybersecurity Analyst (CySA+) is an international, vendor-neutral cybersecurity certification that applies behavioral analytics to improve the overall state of IT security. CySA+ validates critical knowledge and skills that are required to prevent, detect and combat cybersecurity threats.
Overview
As attackers have learned to evade traditional signature-based solutions such as firewalls, an analytics-based approach within the IT security industry is increasingly important for most organizations. The behavioral analytics skills covered by CySA+ identify and combat malware, and advanced persistent threats (APTs), resulting in enhanced threat visibility across a broad attack surface. CompTIA CySA+ is for IT professionals looking to gain the following security analyst skills:
- Configure and use threat detection tools.
- Perform data analysis.
- Interpret the results to identify vulnerabilities, threats and risks to an organization.
CySA+ certified skills are in-demand
Properly trained IT security staff who can analyze, monitor and protect cybersecurity resources are in high demand. The U.S. Bureau of Labor Statistics (BLS) predicts that information security analysts will be the fastest growing overall job category, with 37 percent overall growth between 2012 and 2022.
CySA+ is globally recognized
CompTIA CySA+ is ISO/ANSI 17024 accredited and is awaiting approval by the U.S. Department of Defense (DoD) for directive 8140/8570.01-M requirements.
CySA+ provides substantial earnings potential
A career in information security analysis ranked seventh on U.S. News and World Report's list of the 100 best technology jobs for 2017. According to the Bureau of Labor Statistics, the median pay for an information security analyst is $90,120 per year.
Target Student
The CompTIA CySA+ examination is designed for IT security analysts, vulnerability analysts or threat
intelligence analysts. The exam will certify that the successful candidate has the knowledge
and skills required to configure and use threat detection tools, perform data analysis and
interpret the results to identify vulnerabilities, threats and risks to an organization with the
end goal of securing and protecting applications and systems within an organization.
Prerequisite
The CompTIA CySA+ exam is an internationally targeted validation of intermediate-level security skills and knowledge.
While there is no required prerequisite, the CompTIA CySA+ certification is intended to follow CompTIA
Security+ or equivalent experience and has a technical, "hands-on" focus on IT security analytics.
It is recommended for CompTIA CySA+ certification candidates to have the following:
- 3-4 years of hands-on information security or related experience
- Network+, Security+ or equivalent knowledge
Course Content
Threat Management
- Given a scenario, apply environmental reconnaissance techniques using appropriate tools and processes.
- Given a scenario, analyze the results of a network reconnaissance.
- Given a network-based threat, implement or recommend the appropriate response and countermeasure.
- Explain the purpose of practices used to secure a corporate environment.
Vulnerability Management
- Given a scenario, implement an information security vulnerability management process.
- Given a scenario, analyze the output resulting from a vulnerability scan.
- Compare and contrast common vulnerabilities found in the following targets within an organization.
Cyber Incident Response
- Given a scenario, distinguish threat data or behavior to determine the impact of an incident.
- Given a scenario, prepare a toolkit and use appropriate forensics tools during an investigation.
- Explain the importance of communication during the incident response process.
- Given a scenario, analyze common symptoms to select the best course of action to support incident response.
- Summarize the incident recovery and post-incident response process.
Security Architecture and Tool Sets
- Explain the relationship between frameworks, common policies, controls, and procedures.
- Given a scenario, use data to recommend remediation of security issues related to identity and access management.
- Given a scenario, review security architecture and make recommendations to implement compensating controls.
- Given a scenario, use application security best practices while participating in the Software Development Life Cycle (SDLC).
- Compare and contrast the general purpose and reasons for using various cybersecurity tools and technologies.
[ back to top ]
CompTIA SecurityX
The CompTIA SecurityX (CAS-005) is an advanced-level cybersecurity certification for security architects and senior security engineers charged with leading and improving an enterprise's cybersecurity readiness.
What Skills Will You Gain?
Security Architecture
Analyze security requirements in hybrid networks to work toward an enterprise-wide, zero trust security architecture with advanced secure cloud and virtualization solutions.
Security Operations
Address advanced threat management, vulnerability management, risk mitigation, incident response tactics and digital forensics analysis.
Governance, Risk, and Compliance
Prove an organization's overall cybersecurity resiliency metric and compliance to regulations, such as CMMC, PCI-DSS, SOX, HIPAA, GDPR, FISMA, NIST and CCPA.
Security Engineering and Cryptography
Configurations for endpoint security controls, enterprise mobility, cloud/hybrid environments, and enterprise-wide PKI and cryptographic solutions.
Jobs that use CompTIA SecurityX
- Security Architect
- Senior Security Engineer
- SOC Manager
- Cyber Risk Analyst
- Chief Information Security Officer
Course Content
1.0 Governance, Risk, and Compliance
Given a set of organizational security requirements, implement the appropriate governance components.
- Security program documentation
- Security program management
- Governance frameworks
- Change/configuration management
- Governance risk and compliance (GRC) tools
- Data governance in staging environments
Given a set of organizational security requirements, perform risk management activities.
- Impact analysis
- Risk assessment and management
- Third-party risk management
- Availability risk considerations
- Confidentiality risk considerations
- Integrity risk considerations
- Privacy risk considerations
- Crisis management
- Breach response
Explain how compliance affects information security strategies.
- Awareness of industry-specific compliance
- Industry standards
- Security and reporting frameworks
- Audits vs. assessments vs. certifications
- Privacy regulations
- Awareness of cross-jurisdictional compliance requirements
Given a scenario, perform threat-modeling activities.
- Actor characteristics
- Attack patterns
- Frameworks
- Attack surface determination
- Methods
- Modeling applicability of threats to the organization/environment
Summarize the information security challenges associated with artificial intelligence (AI) adoption.
- Legal and privacy implications
- Threats to the model
- AI-enabled attacks
- Risks of AI usage
- AI-enabled assistants/digital workers
2.0 Security Architecture
Given a scenario, analyze requirements to design resilient systems.
- Component placement and configuration
- Availability and integrity design considerations
Given a scenario, implement security in the early stages of the systems life cycle and throughout subsequent stages.
- Security requirements definition
- Software assurance
- Continuous integration/continuous deployment (CI/CD)
- Supply chain risk management
- Hardware assurance
- End-of-life (EOL) considerations
Given a scenario, integrate appropriate controls in the design of a secure architecture.
- Attack surface management and reduction
- Detection and threat-hunting enablers
- Information and data security design
- DLP
- Hybrid infrastructures
- Third-party integrations
- Control effectiveness
Given a scenario, apply security concepts to the design of access, authentication, and authorization systems.
- Provisioning/deprovisioning
- Federation
- Single sign-on (SSO)
- Conditional access
- Identity provider
- Service provider
- Attestations
- Policy decision and enforcement points
- Access control models
- Logging and auditing
- Public key infrastructure (PKI) architecture
- Access control systems
Given a scenario, securely implement cloud capabilities in an enterprise environment.
- Cloud access security broker (CASB)
- Shadow IT detection
- Shared responsibility model
- CI/CD pipeline
- Terraform
- Ansible
- Package monitoring
- Container security
- Container orchestration
- Serverless
- API security
- Cloud vs. customer-managed
- Cloud data security considerations
- Cloud control strategies
- Customer-to-cloud connectivity
- Cloud service integration
- Cloud service adoption
Given a scenario, integrate Zero Trust concepts into system architecture design.
- Continuous authorization
- Context-based reauthentication
- Network architecture
- API integration and validation
- Asset identification, management, and attestation
- Security boundaries
- Deperimeterization
- Defining subject-object relationships
3.0 Security Engineering
Given a scenario, troubleshoot common issues with identity and access management (IAM) components in an enterprise environment.
- Subject access control
- Biometrics
- Secrets management
- Conditional access
- Attestation
- Cloud IAM access and trust policies
- Logging and monitoring
- Privilege identity management
- Authentication and authorization
Given a scenario, analyze requirements to enhance the security of endpoints and servers.
- Application control
- Endpoint detection response (EDR)
- Event logging and monitoring
- Endpoint privilege management
- Attack surface monitoring and reduction
- Host-based intrusion protection system/ host-based detection system (HIPS/ HIDS)
- Anti-malware
- SELinux
- Host-based firewall
- Browser isolation
- Configuration management
- Mobile device management (MDM) technologies
- Threat-actor tactics, techniques, and procedures (TTPs)
Given a scenario, troubleshoot complex network infrastructure security issues.
- Network misconfigurations
- IPS/IDS issues
- Observability
- Domain Name System (DNS) security
- Email security
- Transport Layer Security (TLS) errors
- Cipher mismatch
- PKI issues
- Issues with cryptographic implementations
- DoS/distributed denial of service (DDoS)
- Resource exhaustion
- Network access control list (ACL) issues
Given a scenario, implement hardware security technologies and techniques.
- Roots of trust
- Security coprocessors
- Virtual hardware
- Host-based encryption
- Self-encrypting drive (SED)
- Secure Boot
- Measured boot
- Self-healing hardware
- Tamper detection and countermeasures
- Threat-actor TTPs
Given a set of requirements, secure specialized and legacy systems against threats.
- Operational technology (OT)
- Internet of Things (IoT)
- System-on-chip (SoC)
- Embedded systems
- Wireless technologies/radio frequency (RF)
- Security and privacy considerations
- Industry-specific challenges
- Characteristics of specialized/legacy systems
Given a scenario, use automation to secure the enterprise.
- Scripting
- Cron/scheduled tasks
- Event-based triggers
- Infrastructure as code (IaC)
- Configuration files
- Cloud APIs/software development kits (SDKs)
- Generative AI
- Containerization
- Automated patching
- Auto-containment
- Security orchestration, automation, and response (SOAR)
- Vulnerability scanning and reporting
- Security Content Automation Protocol (SCAP)
- Workflow automation
Explain the importance of advanced cryptographic concepts.
- Post-quantum cryptography (PQC)
- Key stretching
- Key splitting
- Homomorphic encryption
- Forward secrecy
- Hardware acceleration
- Envelope encryption
- Performance vs. security
- Secure multiparty computation
- Authenticated encryption with associated data (AEAD)
- Mutual authentication
Given a scenario, apply the appropriate cryptographic use case and/or technique.
4.0 Security Operations
Given a scenario, analyze data to enable monitoring and response activities.
- Security information event management (SIEM)
- Aggregate data analysis
- Behavior baselines and analytics
- Incorporating diverse data sources
- Alerting
- Reporting and metrics
Given a scenario, analyze vulnerabilities and attacks, and recommend solutions to reduce the attack surface.
- Vulnerabilities and attacks
- Mitigations
Given a scenario, apply threat-hunting and threat intelligence concepts.
- Internal intelligence sources
- External intelligence sources
- Counterintelligence and operational security
- Threat intelligence platforms (TIPs)
- Indicator of compromise (IoC) sharing
- Rule-based languages
- Indicators of attack
Given a scenario, analyze data and artifacts in support of incident response activities.
- Malware analysis
- Reverse engineering
- Volatile/non-volatile storage analysis
- Network analysis
- Host analysis
- Metadata analysis
- Hardware analysis
- Data recovery and extraction
- Threat response
- Preparedness exercises
- Timeline reconstruction
- Root cause analysis
- Cloud workload protection platform (CWPP)
- Insider threat
[ back to top ]
CED Solutions is your best choice for CompTIA CySA+ SecurityX,
CompTIA CySA+ SecurityX training,
CompTIA CySA+ SecurityX certification,
CompTIA CySA+ SecurityX boot camp,
CompTIA CySA+ SecurityX certification training,
CompTIA CySA+ SecurityX certification course,
CompTIA CySA+ SecurityX course,
CompTIA CySA+ SecurityX class.
|
Follow CED