CompTIA CySA+ (Exam CS0-003): ITPRO TV Videos, Labs and Practice Tests
R 2501.25
($)
CompTIA CySA+ (Exam CS0-003), ITPRO TV Videos, Labs and Practice Tests
Course Specifications
Course Number: ITP76–025_rev1.0
Course Length: 15 Hours 11 Minutes
Course Description
The skills validated by the CySA+ certification makes it a valuable asset for anyone looking to advance their career in cybersecurity.
Course Content
Cybersecurity Concepts (30 Episodes: 7 Hours 54 Minutes)
Course Overview (3 minutes)
Welcome to the overview episode where Daniel will walk you through what to expect from this course.
Common Log Ingestion Concepts (17 minutes)
To even begin to defend against cyber attacks, one must be able to detect that an attack is occurring. This first line of defense is typically done by logging. In this episode, you'll be introduced to common log ingestion concepts such as time synchronization and logging levels.
Common Operating System Concepts (26 minutes)
A basic knowledge of operating systems is essential for a cybersecurity analyst to understand system architecture, identify vulnerabilities, configure security settings, or to conduct forensic analysis.
Common Infrastructure Concepts (19 minutes)
Many modern organizations incorporate technologies such as Serverless, Virtualization, and Containerization into their network infrastructure. In this episode, we'll define each of them as well as explore their common use cases.
Common IAM Concepts (24 minutes)
IAM concepts are essential for cybersecurity analysts to protect data and assets, manage user identities, enhance compliance, reduce risk, and support incident response efforts. In this episode, we will look IAM implementations such as SSO, FIM, PAM, and CASB.
Common Encryption Concepts (18 minutes)
Encryption is an important tool for cybersecurity analysts in protecting data confidentiality, maintaining data integrity, complying with regulations, mitigating risk, and supporting incident response efforts. In this episode, we will explore using common encryption mechanisms such as PKI and SSL Inspection to increase the security posture of a given system.
Protecting Sensitive Data (11 minutes)
One of the core objectives of a cybersecurity analyst is to protect sensitive data. In this episode, we will explore common types of sensitive data as well as mechanisms to help protect it.
Common Network Architecture (16 minutes)
Network architecture is the design of a computer network. It includes the physical layout of the network, the devices that are used to connect the network, and the protocols that are used to communicate over the network. In this episode, we will discuss the commonly used network architectures employed by many organizations.
Malicious Network Activity (18 minutes)
Today's cybersecurity analyst must have knowledge of network-based malicious activity to detect threats, respond to security incidents, manage risk, implement security controls, and comply with regulatory requirements. In this episode, we will go over common malicious network activities such as bandwidth consumption, beaconing, unusual traffic spikes, and others.
Malicious Host Activity (22minutes)
Another common goal for attackers is to gain access to network hosts like desktops, laptops, and mobile devices. In this episode, we will explore odd host activities such as processor/memory/storage consumption, malicious processes, unauthorized changes, etc that are common after a system compromise.
Malicious Application Activity (18 minutes)
Software apps are what we use to perform our day-to-day business in many ways, but they are not without their security shortcomings. In this episode, we will explore the common malicious activities associated with a compromised application such as unrecognized accounts, unexpected output, unexpected communications, etc.
Other Malicious Activity (14 minutes)
Not all cyber threats are focused on digital systems. In fact, some cyber attacks are aimed directly at the human element. In this episode, we'll take a look at social engineering attacks, so that we can spot attacks against our users using techniques like obfuscated links.
Packet Capture Tools (17 minutes)
For a cybersecurity analyst to spot malicious network activity, they are most likely to utilize a packet capture tool. In this episode, we will explore the 2 most commonly used packet capture tools, Wireshark and TCPDump.
Vulnerability Remediation and Mitigation (21 minutes)
Once vulnerabilities are discovered during an assessment, you'll need to come up with strategies for dealing with them. In this episode, Daniel and Wes explore a few of the common ways in which you could remediate and/or mitigate those pesky vulnerabilities.
Log Analysis Tools (15 minutes)
Because of the use of many and diverse systems in today's networks, it can be very difficult to detect, prioritize, and respond to malicious activity. In this episode, we will look at tools like SIEM and SOAR that were developed to help tackle this common problem.
Endpoint Detection and Response (15 minutes)
Today's cyber threats are becoming more and more sophisticated, especially when it comes to malware. In this episode, we will examine Endpoint Detection and Response tools (aka EDR) that can help the cybersecurity analyst battle these new threats.
DNS and IP Reputation Tools (14 minutes)
It can be difficult to know who is friend and who is a foe in the digital world, but that doesn't mean that we are without help. In this episode, we will 'dig' into DNS and IP reputation tools that can help us scrutinize and even block known or suspicious online entities.
File Analysis Tools (21 minutes)
As a cybersecurity analyst you will need to perform file analysis on possibly suspicious files. In this episode, we will explore a few simple file analysis tools like Strings, hashing tools, and VirusTotal, that can aid us in that pursuit.
Sandboxing Tools (11 minutes)
If you've discovered a possibly malicious or confirmed malicious file, you might not want to immediately delete it. You very well may wish to analyze it to gain further insights into the attack. But how does one analyze a malicious file safely? In this episode, we will look into a couple of Sandboxing tools that will give us a safe and segregated environment for us to perform an analysis on the file(s) in question.
Email Analysis Tools (15 minutes)
Email is a primary attack vector due to its ubiquity and its inherent security weaknesses. In this episode, we will examine security mechanisms such as Sender Policy Framework(SPF), DomainKeys Identified Mail(DKIM), and Domain-based Message Authentication, Reporting, and Conformance(DMARC) that is used to help reduce email from malicious senders.
User and Entity Behavior Analytics (8 minutes)
User and service account breaches can go undetected for very long periods of time, allowing attackers to have their run of our systems for far too long. In this episode, we will investigate the use of User and Entity Behavior Analytics(UEBA) which is very effective and spotting and alerting us to anomalous user activity.
Scripting and Programming (17 minutes)
A very useful skill for discovering malicious activity is automation. In this episode, we will discuss the use of data serialization, scripting, and regular expression to help us quickly and efficiently analyze data.
Threat Actor Types (24 minutes)
If you're not familiar with the common types of threat actors that plague the digital world then you're in luck. In this episode, we will discuss common threat actor types as well as their motivations.
TTPs (10 minutes)
TTPs are crucial in CTI for identifying and tracking cyber threats, attributing attacks to specific threat actors, assessing risk, responding to security incidents, and analyzing trends in cybercriminal behavior. In this episode we define Tactics, Techniques, and Procedures(TTPs) so that the cybersecurity analyst can better protect their networks.
CTI Confidence Levels (14 minutes)
CTI comes from various sources with varying degrees of accuracy and relevancy. In this episode, we will investigate CTI Confidence Levels that will inform the cybersecurity analyst so that they can best plan proper defenses for bot the immediate and long term.
CTI Sources (15 minutes)
Cyber Threat Intelligence is necessary for the cybersecurity analyst to best prepare for likely cyber attacks, but from what sources does one gather CTI? In this episode, we'll take a look at a few common sources for gathering CTI.
CTI Sharing (12 minutes)
Many organizations are doing cybersecurity research and collecting their own Cyber Threat Intelligence(CTI), but how do they share that with the rest of the cybersecurity community? In this episode, we'll explore CTI sharing tools and standards to ease the process of CTI sharing.
Threat Hunting (17 minutes)
They say that the best defense is a good offense, which has led to developing the practice of Threat Hunting. In this episode, we'll explain what Threat Hunting is and how it's being used to reduce the time it takes to discover Indicators of Compromise(IOCs) and mitigate data breaches.
Process Standardization (9 minutes)
The lack of standardization in cybersecurity operations can lead to inefficiencies, mistakes, and chaos. In this episode, we'll explore Process Standardization which looks to implement goals, procedures, and automation to reduce or remove those chaotic elements of our cybersecurity operations.
Streamlining Operations (8 minutes)
One of our goals as cybersecurity professionals is to increase efficiency and automation. We want to remove the human element from mundane tasks as much as possible. In this episode, we discuss combining threat feeds as well as introducing data enrichment so that our automated platforms require less oversight, thus increasing efficiency.
Integrating Tools and Technology into Security Operations (14 minutes)
There are many tools out there that aid us in our cybersecurity tasks and goals, but it's the tools and technologies that provide us with a way to automate and orchestrate which are typically the most useful. In this episode, we'll look at how some tools and technologies incorporate useful features like APIs, Webhooks, and Plugins to enhance the usability of said tools.
Vulnerability Types and Concepts (16 Episodes: 4 Hours 34 Minutes)
Asset Discovery and Mapping (20 minutes)
For a cybersecurity analyst to best secure their environment they first need to know the extent of that environment. In this episode, we'll explore the concepts and practices of asset discovery and mapping, which gives the analyst knowledge of the extent of their network.
Vulnerability Scanning Types and Considerations (25 minutes)
Before a cybersecurity analyst can perform a vulnerability scan they must first know what type of VA scan is suitable for their environments and take any special considerations into account. In this episode, you'll learn about the different types of vulnerability scans, like Internal and External as well as considerations such as sensitivity levels and regulatory compliance.
Vulnerability Scanning Frameworks (17 minutes)
Vulnerability scanning can be a difficult task to undergo, which is why it is beneficial to utilize a framework to help you make sure your scanning time and efforts return the most useful results. In this episode, we'll explore some of the most commonly used vulnerability scanning frameworks such as PCI-DSS, CIS Benchmarks, OWASP, and the ISO-27000 Series.
Analyze Vulnerability Assessment Scanner Output (29 minutes)
Interpreting the output of a vulnerability assessment tool is the key component to mapping the threat surface of systems and/or networks. In this episode, we will examine the output of vulnerability assessment tools such as Burp Suite, OpenVAS, Nessus, Recon-NG, Pacu, and others.
CVSS (24 minutes)
In order to improve the consistency and accuracy of vulnerability assessments, which is critical for effective risk management, a standardized system called the Common Vulnerability Scoring System or CVSS was developed. In this episode, we will learn the fundamentals of the CVSS which will help us decipher the Metrics used and the resulting Score and Scale.
Vulnerability Prioritization (18 minutes)
When it comes to vulnerability assessments and management, a cybersecurity analyst must be adept at prioritizing the discovered vulnerabilities for maximum security. In this episode, we will explore factors such as validation, context, and exploitability that contribute to how an analyst will prioritize one vulnerability over another.
Software Vulnerability Mitigations (26 minutes)
Discovering vulnerabilities is only one part of securing a system or network. Another major part in securing systems is mitigating those vulnerabilities. In this episode, we will examine mitigation tactics and procedures for a variety of vulnerabilities such as Cross-Site Scripting, Buffer Overflows, Injections, and Remote Code/Command Executions and others.
SDLC (12 minutes)
In this episode, you will learn about the critical Software Development Lifecycle (SDLC) that companies use in order to assist with software development. It is important that cyber security analysts be familiar with this process since they are often required to provide guidance for security concerns during the various phases of the SDLC.
Threat Modeling (12 minutes)
In this episode, we are going to examine the art of threat modeling as a way to help secure the network and ensure it is reliable for your future online sales.
Compensating Controls (17 minutes)
In this episode, you will learn about an important cyber security concept called compensating controls. You will also learn about the different types of compensating controls that exist in the industry.
System Maintenance Procedures (10 minutes)
In this episode, you will learn to explain the various concepts around system maintenance procedures. This includes a discussion of patching, maintenance windows, patching systems, and exceptions.
Risk Management Principles (8 minutes)
In this episode, you will learn all about key risk management principles. This includes a discussion of the various risk options common in organizations today. These include accept, transfer, avoid, and mitigate.
Policies, Governance, and SLOs (7 minutes)
In this episode, you will learn about the importance and meaning of policies, governance, and service-level objectives (SLOs). You will be provided with valuable examples of each.
Prioritization and Escalation (12 minutes)
In this episode, you will learn about the important concepts of prioritization and escalation in the cybersecurity IT space.
Attack Surface Management (11 minutes)
In this episode, you will learn about an important cyber security concept called attack surface management
Secure Coding Best Practices (17 minutes)
In this episode, you will learn to help developers implement secure coding best practices.
Managing Cybersecurity Incident Response (5 Episodes: 1 Hours 10 Minutes)
Attack Methodology Frameworks (18 minutes)
In this episode, you will be able to describe various attack methodology frameworks used in modern cybersecurity environments.
Detection and Analysis (20 minutes)
In this episode, you will learn about the detection and analysis phase of a typical incident response. This episode provides specific guidance on what type of activities in your IT environment are often indicators of compromise.
Containment, Eradication, and Recovery (14 minutes)
In this episode, you will learn about the incident response phases of containment, eradication, and recovery. These are key steps in most typical incident response environments.
Preparation Phase (8 minutes)
In this episode, you will learn about the important preparation phase for the incident response plan. This includes a discussion of the tools playbooks, and training that might take place in this phase.
Post-Incident Activity (8 minutes)
In this episode, you will learn about the important post-incident activities that you should consider when running an incident response plan.
Communicating Cybersecurity Findings Effectively (7 Episodes: 1 Hours 32 Minutes)
Communicate Vulnerability Management Reporting (19 minutes)
In this episode, the learner will explore the importance and characteristic that are important to track through reporting and communication to an organization.
Communicate Incident Response Metrics and KPIs (11 minutes)
In this episode, the learner will identify common metrics and KPIs that need to be communicated as a part of incident response reporting.
Communicate Compliance Reporting (12 minutes)
In this episode, the learner will explore the importance of communicating the results of compliance reports to the appropriate audiences.
Communicate Inhibitors to Remediation (8 minutes)
In this episode, the learner will explore how to overcome the barriers or obstacles that inhibit a company's ability to remediate vulnerabilities in information systems through communication.
Communicate Incident Response Reports (17 minutes)
In this episode, the learner will identify common stakeholder in incident response reporting, including the components of the incident response report.
Communicate Root Cause Analysis (13 minutes)
In this episode, the learner will identify the importance post-incident response processes such as root cause analysis and lessons learned.
Communicate Vulnerability Metrics and KPIs (9 minutes)
In this episode, the learner will identify importance communicating metrics and key-performance indictors to stakeholders in a company.
.jpg){kind=logo}
.jpg){kind=logo}
.jpg){kind=logo}
.jpg){kind=logo}
.png){kind=logo}
