CompTIA Cybersecurity Analyst (CySA+) CS0-003

CompTIA Cybersecurity Analyst (CySA+) CS0-003

English | MP4 | AVC 1280×720 | AAC 44KHz 2ch | 122 Lessons (10h 21m) | 2.80 GB

Aamir Lakhani is a leading senior blockchain researcher. Mr. Lakhani advises corporations and government entities on blockchain initiatives, applications, and implementation strategies. He has been involved in several initial coin offerings (ICOs) as an advisor. Additionally, Aamir is a leading cyber security researcher and has uncovered vulnerabilities in several blockchain implementations and deployed cyber security blockchain solutions. Aamir has also been heavily involved in the cryptocurrency investments and mining operations. He is an active blogger at the popular site Dr. Chaos ( and has authored several books.

Table of Contents

CompTIA Cybersecurity Analyst (CySA+) CS0-003 Introduction

Lesson 1 Importance of System and Network Architecture Concepts in Security Operations
Learning objectives
Log ingestion–Part 1
Log ingestion–Part 2
Operating system (OS) concepts
Infrastructure concepts
Network architecture
Identity and access management
Sensitive data protection

Lesson 2 Analyze Indicators of Potentially Malicious Activity
Learning objectives

Lesson 3 Tools or Techniques to Determine Malicious Activity
Learning objectives
Tools–Part 2
Common techniques
Common techniques–Part 2
Common techniques–Part 3
Programming languagesscripting

Lesson 4 Threat-Intelligence and Threat-Hunting Concepts
Learning objectives
Threat actors
Threat actors-Part 2
Collection methods and sourcesConfidence levels
Threat hunting

Lesson 5 Importance of Efficiency and Process Improvement in Security Operations
Learning objectives
Standardize processes
Streamline operations
Technology and tool integration

Lesson 6 Implement Vulnerability Scanning Methods and Concepts
Learning objectives
Asset discovery
Special considerations
Internal versus external scanning
Agent versus agentless
Credentialed versus non-credentialed
Passive versus active
Static versus dynamic
Critical infrastructure
Critical infrastructure–Part 2

Lesson 7 Analyze Output from Vulnerability Assessment Tools
Learning objectives
Network scanning and mapping
Web application scanners
Vulnerability scanners
Cloud infrastructure assessment
Secure coding best practices
Input validation
Output encoding
Session management

Lesson 8 Analyze Data to Prioritize Vulnerabilities
Learning objectives
Common Vulnerability Scoring System (CVSS) interpretation
Context awareness
Asset value

Lesson 9 Recommend Controls to Mitigate Attacks and Software Vulnerabilities
Learning objectives
Cross-site scripting
Overflow vulnerabilities
Data poisoning
Broken access control
Cryptographic failures
Injection flaws
Cross-site request forgery
Directory traversal
Insecure design
Security misconfiguration
End-of-life or outdated components
Identification and authentication failures
Server-side request forgery
Remote code execution
Privilege escalation
Local file inclusion (LFI)remote file inclusion (RFI)

Lesson 10 Analyze Data to Prioritize Vulnerabilities
Learning objectives
Compensating controls
Control types
Patching and configuration management
Maintenance windows
Risk management principles
Policies, governance, and service-level objectives (SLOs)
Prioritization and escalation
Attack surface management
Secure coding best practices
Secure software development life cycle (SDLC)
Threat modeling

Lesson 11 Concepts Related to Attack Methodology Frameworks
Learning objectives
Cyber kill chains
Diamond Model of Intrusion Analysis
Open Source Security Testing Methodology Manual (OSS TMM)
OWASP Testing Guide

Lesson 12 Incident Response Activites
Learning objectives
Detection and analysis
Containment, eradication, and recovery

Lesson 13 Preparation and Post-incident Activity Phases of the Incident Management Life Cycle
Learning objectives
Post-incident activity

Lesson 14 Vulnerability Management Reporting and Communication
Learning objectives
Vulnerability management reporting
Compliance reports
Action plans
Inhibitors to remediation
Metrics and key performance indicators (KPIs)
Stakeholder identification and communication

Lesson 15 Preparing for and Taking the CySA+
Learning objectives
Understanding the test
Types of test questions
Increasing your chances for passing the test

Lesson 16 Next Steps
Learning objectives
What I learned

Module 1 Security Operations
Module Introduction

Module 2 Vulnerability Management
Module Introduction

Module 3 Incident Response and Management
Module Introduction

Module 4 Reporting and Communication
Module Introduction

Module 5 Certification Exam
Module Introduction

CompTIA Cybersecurity Analyst (CySA+) CS0-003 Summary