CompTIA CySA+ Cybersecurity Analyst Certification Bundle (Exam CS0-001)
1st Edition
126045326X
·
9781260453263
© 2019 | Published: December 11, 2018
Prepare for the challenging CySA+ certification exam with this money-saving, comprehensive study packageDesigned as a complete self-study program, this collection offers a variety of proven resources to use in preparation for the CompTIA Cybersecurit…
Read More
Request Review Copy
Download file to PC or Mac desktops or laptops
Step 1. Download Adobe Digital Editions Both PC and Mac users will need to download Adobe Digital Editions to access their eBook. You can download Adobe Digital Editions at Adobe's website here.
Step 2. Register an Adobe ID if you do not already have one. (This step is optional, but allows you to open the file on multiple devices) Visit account.Adobe.com to register your Adobe account.
Step 3: Authorize Adobe Digital Editions using your Adobe ID. In Adobe Digital Editions, go to the Help menu. Choose “Authorize Computer.”
Step 4: Open your file with Adobe Digital Editions. Once you’ve linked your Adobe Digital Editions with your Adobe ID, you should be able to access your eBook on any device which supports Adobe Digital Editions and is authorized with your ID. If your eBook does not open in Adobe Digital Editions upon download, please contact customer service
Introduction
Part I Threat Management
Chapter 1 Applying Reconnaissance Techniques
Open Source Intelligence
Google
Internet Registries
Job Sites
Social Media
Active Reconnaissance
Scanning
Capturing Packets
Special Considerations
Wired Network Considerations
Wireless Network Considerations
Virtualization Technologies
Cloud Computing
Defending Against Reconnaissance
Tools of the Trade
nmap
Nikto
OWASP Zed Attack Proxy
Nessus
netstat
tcpdump
Wireshark/TShark
Intrusion Detection and Prevention Systems
Chapter Review
Questions
Answers
Chapter 2 Analyzing the Results of Reconnaissance
Data Sources
Firewall Logs
Intrusion Detection/Prevention Systems
Packet Captures
System Logs
nmap Scan Results
Point-in-Time Analysis
Packet Analysis
Protocol Analysis
Traffic Analysis
NetFlow Analysis
Wireless Analysis
Correlation Analysis
Anomaly Analysis
Behavioral Analysis
Trend Analysis
Availability Analysis
Heuristics
Tools of the Trade
Security Information and Event Management Systems
Packet Analyzers
Intrusion Detection Systems
Resource-Monitoring Tools
NetFlow Analyzers
Chapter Review
Questions
Answers
Chapter 3 Responding to Network-Based Threats
Network Segmentation
System Isolation
Jump Box
Honeypots and Honeynets
ACLs
File System ACLs
Network ACLs
Black Hole
DNS Sinkhole
Endpoint Security
Detect and Block
Sandbox
Cloud-Connected Protection
Group Policies
Device Hardening
Discretionary Access Control (DAC)
Mandatory Access Control (MAC)
Role-Based Access Control (RBAC)
Compensating Controls
Blocking Unused Ports/Services
Patching
Network Access Control
Time Based
Rule Based
Role Based
Location Based
Chapter Review
Questions
Answers
Chapter 4 Securing a Corporate Network
Penetration Testing
Rules of Engagement
Reverse Engineering
Hardware
Software/Malware
Isolation/Sandboxing
Training and Exercises
Types of Exercises
Red Team
Blue Team
White Team
Risk Evaluation
Impact and Likelihood
Technical Control Review
Operational Control Review
Chapter Review
Questions
Answers
Part II Vulnerability Management
Chapter 5 Implementing Vulnerability Management Processes
Vulnerability Management Requirements
Regulatory Environments
Corporate Security Policy
Data Classification
Asset Inventory
Common Vulnerabilities
Servers
Endpoints
Network Infrastructure
Virtual Infrastructure
Mobile Devices
Interconnected Networks
Virtual Private Networks
Industrial Control Systems
SCADA Devices
Frequency of Vulnerability Scans
Risk Appetite
Regulatory Requirements
Technical Constraints
Workflow
Tool Configuration
Scanning Criteria
Tool Updates and Plug-Ins
SCAP
Permissions and Access
Chapter Review
Questions
Answers
Chapter 6 Vulnerability Scanning
Execute Scanning
Nessus
OpenVAS
Nikto
Generate Reports
Automated vs. Manual Distribution
Remediation
Prioritizing
Communication/Change Control
Sandboxing/Testing
Inhibitors to Remediation
Ongoing Scanning and Continuous Monitoring
Analyze Reports from a Vulnerability Scan
Review and Interpret Scan Results
Validate Results and Correlate Other Data Points
Compare to Best Practices or Compliance
Reconcile Results
Review Related Logs and/or Other Data Sources
Determine Trends
Chapter Review
Questions
Answers
Part III Cyber Incident Response
Chapter 7 The Incident Response Process
A Cast of Characters
Key Roles
Stakeholders
Response Techniques
Containment
Eradication
Valid
Part I Threat Management
Chapter 1 Applying Reconnaissance Techniques
Open Source Intelligence
Internet Registries
Job Sites
Social Media
Active Reconnaissance
Scanning
Capturing Packets
Special Considerations
Wired Network Considerations
Wireless Network Considerations
Virtualization Technologies
Cloud Computing
Defending Against Reconnaissance
Tools of the Trade
nmap
Nikto
OWASP Zed Attack Proxy
Nessus
netstat
tcpdump
Wireshark/TShark
Intrusion Detection and Prevention Systems
Chapter Review
Questions
Answers
Chapter 2 Analyzing the Results of Reconnaissance
Data Sources
Firewall Logs
Intrusion Detection/Prevention Systems
Packet Captures
System Logs
nmap Scan Results
Point-in-Time Analysis
Packet Analysis
Protocol Analysis
Traffic Analysis
NetFlow Analysis
Wireless Analysis
Correlation Analysis
Anomaly Analysis
Behavioral Analysis
Trend Analysis
Availability Analysis
Heuristics
Tools of the Trade
Security Information and Event Management Systems
Packet Analyzers
Intrusion Detection Systems
Resource-Monitoring Tools
NetFlow Analyzers
Chapter Review
Questions
Answers
Chapter 3 Responding to Network-Based Threats
Network Segmentation
System Isolation
Jump Box
Honeypots and Honeynets
ACLs
File System ACLs
Network ACLs
Black Hole
DNS Sinkhole
Endpoint Security
Detect and Block
Sandbox
Cloud-Connected Protection
Group Policies
Device Hardening
Discretionary Access Control (DAC)
Mandatory Access Control (MAC)
Role-Based Access Control (RBAC)
Compensating Controls
Blocking Unused Ports/Services
Patching
Network Access Control
Time Based
Rule Based
Role Based
Location Based
Chapter Review
Questions
Answers
Chapter 4 Securing a Corporate Network
Penetration Testing
Rules of Engagement
Reverse Engineering
Hardware
Software/Malware
Isolation/Sandboxing
Training and Exercises
Types of Exercises
Red Team
Blue Team
White Team
Risk Evaluation
Impact and Likelihood
Technical Control Review
Operational Control Review
Chapter Review
Questions
Answers
Part II Vulnerability Management
Chapter 5 Implementing Vulnerability Management Processes
Vulnerability Management Requirements
Regulatory Environments
Corporate Security Policy
Data Classification
Asset Inventory
Common Vulnerabilities
Servers
Endpoints
Network Infrastructure
Virtual Infrastructure
Mobile Devices
Interconnected Networks
Virtual Private Networks
Industrial Control Systems
SCADA Devices
Frequency of Vulnerability Scans
Risk Appetite
Regulatory Requirements
Technical Constraints
Workflow
Tool Configuration
Scanning Criteria
Tool Updates and Plug-Ins
SCAP
Permissions and Access
Chapter Review
Questions
Answers
Chapter 6 Vulnerability Scanning
Execute Scanning
Nessus
OpenVAS
Nikto
Generate Reports
Automated vs. Manual Distribution
Remediation
Prioritizing
Communication/Change Control
Sandboxing/Testing
Inhibitors to Remediation
Ongoing Scanning and Continuous Monitoring
Analyze Reports from a Vulnerability Scan
Review and Interpret Scan Results
Validate Results and Correlate Other Data Points
Compare to Best Practices or Compliance
Reconcile Results
Review Related Logs and/or Other Data Sources
Determine Trends
Chapter Review
Questions
Answers
Part III Cyber Incident Response
Chapter 7 The Incident Response Process
A Cast of Characters
Key Roles
Stakeholders
Response Techniques
Containment
Eradication
Valid
Prepare for the challenging CySA+ certification exam with this money-saving, comprehensive study package
Designed as a complete self-study program, this collection offers a variety of proven resources to use in preparation for the CompTIA Cybersecurity Analyst (CySA+) certification exam. Comprised of CompTIA CySA+ Cybersecurity Analyst Certification All-In-One Exam Guide (CS0-001) and CompTIA CySA+ Cybersecurity Analyst Certification Practice Exams (Exam CS0-001), this bundle thoroughly covers every topic on the exam.
CompTIA CySA+ Cybersecurity Analyst Certification Bundle contains more than 800 practice questions that match those on the live exam in content, difficulty, tone, and format. The set includes detailed coverage of performance-based questions. You will get exam-focused “Tip,” “Note,” and “Caution” elements as well as end of chapter reviews. This authoritative, cost-effective bundle serves both as a study tool AND a valuable on-the-job reference for computer security professionals. • This bundle is 25% cheaper than purchasing the books individually and includes a 10% off the exam voucher• Written by a team of computer security experts• Electronic content includes 800+ practice exam questions and secured PDF copies of both books
Designed as a complete self-study program, this collection offers a variety of proven resources to use in preparation for the CompTIA Cybersecurity Analyst (CySA+) certification exam. Comprised of CompTIA CySA+ Cybersecurity Analyst Certification All-In-One Exam Guide (CS0-001) and CompTIA CySA+ Cybersecurity Analyst Certification Practice Exams (Exam CS0-001), this bundle thoroughly covers every topic on the exam.
CompTIA CySA+ Cybersecurity Analyst Certification Bundle contains more than 800 practice questions that match those on the live exam in content, difficulty, tone, and format. The set includes detailed coverage of performance-based questions. You will get exam-focused “Tip,” “Note,” and “Caution” elements as well as end of chapter reviews. This authoritative, cost-effective bundle serves both as a study tool AND a valuable on-the-job reference for computer security professionals. • This bundle is 25% cheaper than purchasing the books individually and includes a 10% off the exam voucher• Written by a team of computer security experts• Electronic content includes 800+ practice exam questions and secured PDF copies of both books