CompTIA CySA+ Final Exam Study Notes and Key Concepts
COMPTIA
CySA+
STUDY
NOTES
CompTIA CySA+ Final Exam Study Notes and Key Concepts
, CompTIA CySA+ Final Exam Study Notes and Key Concepts
These study notes are owned and
distributed by Cyber Life. You may
not copy or redistribute these notes
in a commercial capacity without
the express written consent of
Cyber Life.
CompTIA is a registered trademark of CompTIA. You can learn more about
CompTIA trademarks on the USPTO trademark search (TESS) website.
CompTIA CySA+ Final Exam Study Notes and Key Concepts
,CompTIA CySA+ Final Exam Study Notes and Key Concepts
CompTIA CySA+ Final Exam Study Notes and Key Concepts
, CompTIA CySA+ Final Exam Study Notes and Key Concepts
Contents
Explaining the Importance of Security Controls and Security Intelligence..................5
Identify Security Control Types............................................................................... 5
Explain the Importance of Threat Data and Intelligence..........................................6
Utilizing Threat Data and Intelligence.........................................................................7
Classify Threats and Threat Actor Types.................................................................7
Utilize Attack Frameworks and Indicator Management............................................8
Utilize Threat Modeling and Hunting Methodologies................................................9
Analyzing Security Monitoring Data..........................................................................11
Analyze Network Monitoring Output......................................................................11
Analyze Appliance Monitoring Output....................................................................13
Analyze Endpoint Monitoring Output.....................................................................14
Analyze Email Monitoring Output..........................................................................15
Collecting and Querying Security Monitoring Data...................................................17
Configure Log Review and SIEM Tools...................................................................17
Analyze and Query Logs and SIEM Data................................................................18
Utilizing Digital Forensics and Indicato Analysis Techniques....................................19
Identify Digital Forensics Techniques....................................................................19
Analyze Network-related IoCs................................................................................20
Analyze Host-related IoCs...................................................................................... 21
Analyze Application-Related IoCs...........................................................................23
Analyze Lateral Movement and Pivot IoCs.............................................................24
Applying Incident Response Procedures...................................................................25
Explain Incident Response Processes....................................................................25
Apply Detection and Containment Processes........................................................26
Apply Eradication, Recovery, and Post-Incident Processes....................................27
Applying Risk Mitigation and Security Frameworks..................................................28
Apply Risk Identification, Calculation,and Prioritization Processes.........................28
Explain Frameworks, Policies, and Procedures......................................................30
Performing Vulnerability Management......................................................................31
Analyze Output from Enumeration Tools...............................................................31
Configure Infrastructure Vulnerability Scanning Parameters.................................32
Analyze Output from Infrastructure Vulnerability Scanners...................................33
CompTIA CySA+ Final Exam Study Notes and Key Concepts
COMPTIA
CySA+
STUDY
NOTES
CompTIA CySA+ Final Exam Study Notes and Key Concepts
, CompTIA CySA+ Final Exam Study Notes and Key Concepts
These study notes are owned and
distributed by Cyber Life. You may
not copy or redistribute these notes
in a commercial capacity without
the express written consent of
Cyber Life.
CompTIA is a registered trademark of CompTIA. You can learn more about
CompTIA trademarks on the USPTO trademark search (TESS) website.
CompTIA CySA+ Final Exam Study Notes and Key Concepts
,CompTIA CySA+ Final Exam Study Notes and Key Concepts
CompTIA CySA+ Final Exam Study Notes and Key Concepts
, CompTIA CySA+ Final Exam Study Notes and Key Concepts
Contents
Explaining the Importance of Security Controls and Security Intelligence..................5
Identify Security Control Types............................................................................... 5
Explain the Importance of Threat Data and Intelligence..........................................6
Utilizing Threat Data and Intelligence.........................................................................7
Classify Threats and Threat Actor Types.................................................................7
Utilize Attack Frameworks and Indicator Management............................................8
Utilize Threat Modeling and Hunting Methodologies................................................9
Analyzing Security Monitoring Data..........................................................................11
Analyze Network Monitoring Output......................................................................11
Analyze Appliance Monitoring Output....................................................................13
Analyze Endpoint Monitoring Output.....................................................................14
Analyze Email Monitoring Output..........................................................................15
Collecting and Querying Security Monitoring Data...................................................17
Configure Log Review and SIEM Tools...................................................................17
Analyze and Query Logs and SIEM Data................................................................18
Utilizing Digital Forensics and Indicato Analysis Techniques....................................19
Identify Digital Forensics Techniques....................................................................19
Analyze Network-related IoCs................................................................................20
Analyze Host-related IoCs...................................................................................... 21
Analyze Application-Related IoCs...........................................................................23
Analyze Lateral Movement and Pivot IoCs.............................................................24
Applying Incident Response Procedures...................................................................25
Explain Incident Response Processes....................................................................25
Apply Detection and Containment Processes........................................................26
Apply Eradication, Recovery, and Post-Incident Processes....................................27
Applying Risk Mitigation and Security Frameworks..................................................28
Apply Risk Identification, Calculation,and Prioritization Processes.........................28
Explain Frameworks, Policies, and Procedures......................................................30
Performing Vulnerability Management......................................................................31
Analyze Output from Enumeration Tools...............................................................31
Configure Infrastructure Vulnerability Scanning Parameters.................................32
Analyze Output from Infrastructure Vulnerability Scanners...................................33
CompTIA CySA+ Final Exam Study Notes and Key Concepts
