CompTIA CySA+ Study Guide
eBook - ePub

CompTIA CySA+ Study Guide

  1. English
  2. ePUB (mobile friendly)
  3. Available on iOS & Android
eBook - ePub

CompTIA CySA+ Study Guide

About this book

This updated study guide by two security experts will help you prepare for the CompTIA CySA+ certification exam. Position yourself for success with coverage of crucial security topics!

Where can you find 100% coverage of the revised CompTIA Cybersecurity Analyst+ (CySA+) exam objectives? It's all in the CompTIA CySA+ Study Guide Exam CS0-002, Second Edition! This guide provides clear and concise information on crucial security topics. You'll be able to gain insight from practical, real-world examples, plus chapter reviews and exam highlights. Turn to this comprehensive resource to gain authoritative coverage of a range of security subject areas.

  • Review threat and vulnerability management topics
  • Expand your knowledge of software and systems security
  • Gain greater understanding of security operations and monitoring
  • Study incident response information
  • Get guidance on compliance and assessment

The CompTIA CySA+ Study Guide, Second Edition connects you to useful study tools that help you prepare for the exam. Gain confidence by using its interactive online test bank with hundreds of bonus practice questions, electronic flashcards, and a searchable glossary of key cybersecurity terms. You also get access to hands-on labs and have the opportunity to create a cybersecurity toolkit.

Leading security experts, Mike Chapple and David Seidl, wrote this valuable guide to help you prepare to be CompTIA Security+ certified. If you're an IT professional who has earned your CompTIA Security+ certification, success on the CySA+ (Cybersecurity Analyst) exam stands as an impressive addition to your professional credentials. Preparing and taking the CS0-002exam can also help you plan for advanced certifications, such as the CompTIA Advanced Security Practitioner (CASP+).

Frequently asked questions

Yes, you can cancel anytime from the Subscription tab in your account settings on the Perlego website. Your subscription will stay active until the end of your current billing period. Learn how to cancel your subscription.
No, books cannot be downloaded as external files, such as PDFs, for use outside of Perlego. However, you can download books within the Perlego app for offline reading on mobile or tablet. Learn more here.
Perlego offers two plans: Essential and Complete
  • Essential is ideal for learners and professionals who enjoy exploring a wide range of subjects. Access the Essential Library with 800,000+ trusted titles and best-sellers across business, personal growth, and the humanities. Includes unlimited reading time and Standard Read Aloud voice.
  • Complete: Perfect for advanced learners and researchers needing full, unrestricted access. Unlock 1.4M+ books across hundreds of subjects, including academic and specialized titles. The Complete Plan also includes advanced features like Premium Read Aloud and Research Assistant.
Both plans are available with monthly, semester, or annual billing cycles.
We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1 million books across 1000+ topics, we’ve got you covered! Learn more here.
Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more here.
Yes! You can use the Perlego app on both iOS or Android devices to read anytime, anywhere — even offline. Perfect for commutes or when you’re on the go.
Please note we cannot support devices running on iOS 13 and Android 7 or earlier. Learn more about using the app.
Yes, you can access CompTIA CySA+ Study Guide by Mike Chapple,David Seidl in PDF and/or ePUB format, as well as other popular books in Computer Science & Certification Guides in Computer Science. We have over one million books available in our catalogue for you to explore.

Chapter 1
Today's Cybersecurity Analyst

THE COMPTIA CYBERSECURITY ANALYST (CYSA+) EXAM OBJECTIVES COVERED IN THIS CHAPTER INCLUDE:
  • Domain 3.0: Security Operations and Monitoring
    • 3.4 Compare and contrast automation concepts and technologies.
      • Machine Learning
  • Domain 5.0: Compliance and Assessment
    • 5.1 Understand the importance of data privacy and protection.
      • Privacy vs. Security
Cybersecurity analysts are responsible for protecting the confidentiality, integrity, and availability of information and information systems used by their organizations. Fulfilling this responsibility requires a commitment to a defense-in-depth approach to information security that uses multiple, overlapping security controls to achieve each cybersecurity objective. It also requires that analysts have a strong understanding of the threat environment facing their organization in order to develop a set of controls capable of rising to the occasion and answering those threats.
In the first section of this chapter, you will learn how to assess the cybersecurity threats facing your organization and determine the risk that they pose to the confidentiality, integrity, and availability of your operations. In the sections that follow, you will learn about controls that you can put in place to secure networks and endpoints and evaluate the effectiveness of those controls over time.

Cybersecurity Objectives

When most people think of cybersecurity, they imagine hackers trying to break into an organization's system and steal sensitive information, ranging from Social Security numbers and credit cards to top-secret military information. Although protecting sensitive information from unauthorized disclosure is certainly one element of a cybersecurity program, it is important to understand that cybersecurity actually has three complementary objectives, as shown in Figure 1.1.
Pyramid chart depicts the three key objectives of cyber security programs which are confidentiality, integrity, and availability.
FIGURE 1.1 The three key objectives of cybersecurity programs are confidentiality, integrity, and availability.
Confidentiality ensures that unauthorized individuals are not able to gain access to sensitive information. Cybersecurity professionals develop and implement security controls, including firewalls, access control lists, and encryption, to prevent unauthorized access to information. Attackers may seek to undermine confidentiality controls to achieve one of their goals: the unauthorized disclosure of sensitive information.
Integrity ensures that there are no unauthorized modifications to information or systems, either intentionally or unintentionally. Integrity controls, such as hashing and integrity monitoring solutions, seek to enforce this requirement. Integrity threats may come from attackers seeking the alteration of information without authorization or nonmalicious sources, such as a power spike causing the corruption of information.
Availability ensures that information and systems are ready to meet the needs of legitimate users at the time those users request them. Availability controls, such as fault tolerance, clustering, and backups, seek to ensure that legitimate users may gain access as needed. Similar to integrity threats, availability threats may come either from attackers seeking the disruption of access or nonmalicious sources, such as a fire destroying a datacenter that contains valuable information or services.
Cybersecurity analysts often refer to these three goals, known as the CIA Triad, when performing their work. They often characterize risks, attacks, and security controls as meeting one or more of the three CIA Triad goals when describing them.

Privacy vs. Security

Privacy and security are closely related concepts. We just discussed the three major components of security: confidentiality, integrity, and availability. These goals are all focused on the ways that an organization can protect its own data. Confidentiality protects data from unauthorized disclosure. Integrity protects data from unauthorized modification. Availability protects data from unauthorized denial of access.
Privacy controls have a different focus. Instead of focusing on ways that an organization can protect its own information, privacy focuses on the ways that an organization can use and share information that it has collected about individuals. This data, known as personally identifiable information (PII), is often protected by regulatory standards and is always governed by ethical considerations. Organizations seek to protect the security of private information and may do so using the same security controls that they use to protect other categories of sensitive information, but privacy obligations extend beyond just security. Privacy extends to include the ways that an organization uses and shares the information that it collects and maintains with others.
note

Exam Note

Remember that privacy and security are complementary and overlapping, but they have different objectives. This is an important concept on the exam.
The Generally Accepted Privacy Principles (GAPP) outline 10 privacy practices that organizations should strive to follow:
  • Management says that the organization should document its privacy practices in a privacy policy and related documents.
  • Notice says that the organization should notify individuals about its privacy practices and inform individuals of the type of information that it collects and how that information is used.
  • Choice and consent says that the organization should obtain the direct consent of individuals for the storage, use, and sharing of PII.
  • Collection says that the organization should collect PII only for the purposes identified in the notice and consented to by the individual.
  • Use, retention, and disposal says that the organization should only use information for identified purposes and may not use information collected for one stated purpose for any other nondisclosed purpose.
  • Access says that the organizatio...

Table of contents

  1. Cover
  2. Table of Contents
  3. Acknowledgments
  4. About the Authors
  5. About the Technical Editor
  6. Introduction
  7. Chapter 1: Today's Cybersecurity Analyst
  8. Chapter 2: Using Threat Intelligence
  9. Chapter 3: Reconnaissance and Intelligence Gathering
  10. Chapter 4: Designing a Vulnerability Management Program
  11. Chapter 5: Analyzing Vulnerability Scans
  12. Chapter 6: Cloud Security
  13. Chapter 7: Infrastructure Security and Controls
  14. Chapter 8: Identity and Access Management Security
  15. Chapter 9: Software and Hardware Development Security
  16. Chapter 10: Security Operations and Monitoring
  17. Chapter 11: Building an Incident Response Program
  18. Chapter 12: Analyzing Indicators of Compromise
  19. Chapter 13: Performing Forensic Analysis and Techniques
  20. Chapter 14: Containment, Eradication, and Recovery
  21. Chapter 15: Risk Management
  22. Chapter 16: Policy and Compliance
  23. Appendix A: Practice Exam
  24. Appendix B: Answers to Review Questions and Practice Exam
  25. Appendix C: Answers to Lab Exercises
  26. Index
  27. End User License Agreement