CompTIA CySA+ – Cybersecurity Analyst (CS0-002)

  • CompTIA
  • Defensive Cybersecurity
  • Sicurezza
Sicurezza
Defensive Cybersecurity
CompTIA
4 Giorni
it
CySA+
Descrizione del corso

CompTIA Cybersecurity Analyst (CySA+) è una certificazione internazionale per professionisti IT che applica analisi comportamentali a reti e dispositivi per prevenire, rilevare e combattere le minacce alla sicurezza informatica attraverso il monitoraggio continuo della sicurezza. I voucher di esame sono acquistabili separatamente.

Programma

Parts I: Threat Management
• Cybersecurity Analysts
• Cybersecurity Roles and Responsibilities
• Frameworks and Security Controls
• Risk Evaluation
• Penetration Testing Processes
• Reconnaissance Techniques
• The Kill Chain
• Open Source Intelligence
• Social Engineering
• Topology Discovery
• Service Discovery
• OS Fingerprinting

Parts II: Threat Management
• Security Appliances
• Configuring Firewalls
• Intrusion Detection and Prevention
• Configuring IDS
• Malware Threats
• Configuring Anti-Virus Software
• Sysinternals
• Enhanced Mitigation Experience Toolkit
• Logging and Analysis
• Packet Capture
• Packet Capture and Monitoring Tools
• Log Review and SIEM
• SIEM Data Outputs
• SIEM Data Analysis
• Point-in-time Data Analysis

Parts III: Vulnerability Management
• Managing Vulnerabilities
• Vulnerability Management Requirements
• Asset Inventory
• Data Classification
• Vulnerability Management Processes
• Vulnerability Scanners
• Microsoft Baseline Security Analyser
• Vulnerability Feeds and SCAP
• Configuring Vulnerability Scans
• Vulnerability Scanning Criteria
• Exploit Frameworks
• Remediating Vulnerabilities
• Analysing Vulnerability Scans
• Remediation and Change Control
• Remediating Host Vulnerabilities
• Remediating Network Vulnerabilities
• Remediating Virtual Infrastructure Vulnerabilities
• Secure Software Development
• Software Development Life Cycle
• Software Vulnerabilities
• Software Security Testing
• Interception Proxies
• Web Application Firewalls
• Source Authenticity
• Reverse Engineering

Parts IV: Cyber Incident Response
• Incident Response
• Incident Response Processes
• Threat Classification
• Incident Severity and Prioritisation
• Types of Data
• Forensics Tools
• Digital Forensics Investigations
• Documentation and Forms
• Digital Forensics Crime Scenes
• Digital Forensics Kits
• Image Acquisition
• Password Cracking
• Analysis Utilities
• Incident Analysis and Recovery
• Analysis and Recovery Frameworks
• Analysing Network Symptoms
• Analysing Host Symptoms
• Analysing Data Exfiltration
• Analysing Application Symptoms
• Using Sysinternals
• Containment, Eradication, and Validation Techniques
• Corrective Actions

Parts V: Security Architecture
• Secure Network Design
• Network Segmentation
• Blackholes, Sinkholes, and Honeypots
• System Hardening
• Group Policies and MAC
• Endpoint Security
• Managing Identities and Access
• Network Access Control
• Identity Management
• Identity Security Issues
• Identity Repositories
• Context-based Authentication
• Single Sign-On and Federation
• Exploiting Identities
• Exploiting Web Browsers and Applications
• Security Frameworks and Policies
• Frameworks and Compliance
• Reviewing Security Architecture
• Procedures and Compensating Controls
• Verifications and Quality Control
• Security Policies and Procedures
• Personnel Policies and Training


Ad hoc

Cerchi un
corso su misura?
Richiedilo ora

Contatti

Hai bisogno
di aiuto?
Contattaci