CompTIA Cybersecurity Analyst (CSA+) 

Start the course

Map network hardware and software to the OSI model

Identify when to use specific network hardware

Understand ipv4 settings

Understand ipv6 settings

Understand transport protocols

Understand which Windows tools to use when configuring and troubleshooting TCP/IP

Understand which Linux tools to use when configuring and troubleshooting TCP/IP

Configure and scan for service ports

Configure network services securely

Explain common wired and wireless network concepts

Scan for wireless networks and understand the returned results

Determine placement of network devices

Explain the purpose of cloud computing

Recognize the use of cloud service models

Recognize the role of virtualization in cloud computing

Identify cloud security options

Explain how to discover network devices

Use logs to learn about the network environment

Use packet capturing tools for network traffic analysis

Capture and interpret FTP and HTTP traffic

Discover network configurations

Explain harvesting techniques

Recognize social engineering techniques

Identify details within acceptable use policies

Identify details within data ownership and retention policies

Identify details within data classification policies

Identify details within a password policy

Recognize various network configurations and perform network reconnaissance

Start the course

Identify assets and related threats

Recognize known, unknown persistent, and zero-day threats

Identify what constitutes PII

Explain payment card data

Identify intellectual property

Control how valuable data is used

Configure group policy to prevent data leakage

Determine the effect of negative incidents

Identify stakeholders related to incident response

Recognize incident response roles

Describe incident disclosure options

Analyze host symptoms to determine the best response

Analyze network symptoms to determine the best response

Analyze application symptoms to determine the best response

Contain negative incidents

Thoroughly remove data

Identify positive learned outcomes resulting from incidents

Identify how OEM documentation can be used to reverse engineering products

Recognize the relevance of up-to-date network documentation

Recognize the ongoing maintenance of incident response plans

Create proper incident forms

Protect the integrity of collected evidence

Implement changes to processes resulting from lessons learned

Determine which type of report provides the best data for a specific situation

Determine if SLA details are aligned with business needs

Explain the purpose of a MOU

Use existing inventory to drive decisions related to security

Recognize threat impact and design an incident response plan

Start the course

Identify SDLC phases

Apply secure coding practices

Properly test technology solutions for security

Reduce the attack surface of a network host

Recognize the importance of keeping hardware and software up to date

Apply patches properly to secure network hosts

Set the correct access to file systems while adhering to the principle of least privilege

Recognize the purpose of controlling network access with NAC

Recognize the purpose of network segregation using vlans

Identify various conditions that control access to resources

Recognize the purpose of intentionally creating vulnerable hosts to monitor malicious use

Recognize the purpose of a jump box

Explain how proper IT governance results in secured IT resources

Recognize how regulatory compliance can influence security controls

Apply NIST's Cybersecurity Framework to your digital assets

Apply ISO security standards to harden your environment

Recognize how the TOGAF enterprise IT architecture can increase efficiency of security controls

Recognize how to assess risk and apply effective security controls to mitigate that risk

Recognize how to apply ITIL to increase the efficiency of IT service delivery

Identify physical security controls

Identify logical security controls

Configure router ACL rules to block ICMP traffic

Identify administrative security controls

Identify compensating security controls

Recognize the importance of continuous monitoring

Explain how firmware must be accredited before universal trust is established

Identify factors related to conducting penetration tests

List categories of security controls and threat mitigations

Start the course

Recognize how crypto is used to secure data in the enterprise

Differentiate symmetric from asymmetric encryption

Differentiate asymmetric from symmetric encryption

Identify the PKI hierarchy

Request a security certificate from a CA

Encrypt files on a Windows system using EFS

Explain how file integrity can be maintained

Enable file integrity using Linux

Enable file integrity using Windows

Recognize authentication methods used to prove one's identity

Require VPN connections to use MFA

Recognize how resource access gets authorized

Configure centralized authentication using RADIUS

Describe what user provisioning entails

Describe how identity federation differs from traditional authentication

Identify security weaknesses in server oss

Identify security weaknesses on endpoint devices

Identify security weaknesses at the network level

Identify security weaknesses on mobile devices

Recognize the overall process of scanning for vulnerabilities

Configure appropriate vulnerability scanning settings

Explain how the SCAP standard is used to measure vulnerability issues and compliance

Conduct a vulnerability scan using Nessus

Distinguish various vulnerability scanning tools from one another

Conduct a vulnerability scan using MBSA

Understand vulnerability scan results

Put controls in place to mitigate threats

Reduce vulnerabilities that can be exploited

Start the course

Recognize the purpose of various firewall types

Recognize how firewall rules are created based on what type of traffic should or should not be allowed

Recognize how packet filters work

Configure a packet filtering firewall

Explain the purpose of a proxy server

Explain the purpose of a security appliance

Recognize the unique capabilities of web application firewalls

Explain the importance of intrusion detection and prevention

Recognize when to use HIDS

Recognize when to use NIDS

Recognize when to use NIPS

Identify different types of malware

Identify viruses

Identify worms

Identity spyware and adware

Explain how ransomware works

Mitigate malware using antimalware solutions

Explain why user training and awareness is one of the most important security defenses

Describe digital forensics

Determine which forensic hardware is best suited for a specific situation

Determine which forensic software is best suited for a specific situation

Explain how forensic tools can be used against data stored on media

Distinguish common forensic tools from one another

Explain the sequence of steps that should be followed when conducting mobile device forensics

Create a memory dump

Retrieve and view deleted files

Prevent threat materialization and follow proper forensic procedures

Start the course

Recognize proper hiring practices

Provision new user accounts in accordance with organizational security policies

Apply personnel management best practices

Distinguish the difference between threats, vulnerabilities, and exploits

Explain the concept of spoofing

Craft forged packets using free tools

Recognize how impersonation can be used to gain unauthorized access

Recognize CSS attacks

Recognize root kits

Explain the concept of privilege escalation

Distinguish the difference between common exploit tools

Use Metasploit tools to further understand the attacker toolset

Use Kali Linux tools to further understand the attacker toolset

Crack passwords

Recognize the importance of continuous monitoring of various systems

Distinguish the difference between common monitoring tools

Monitor the Linux OS

Monitor the Windows OS

Configure Windows event log forwarding

Identify where SIEM is used

Identify where SCADA and ICS are used in different industries

View network utilization

Analyze timestamped data from various sources

Identify trends in network usage

Identify events from specific types of logs

Describe the difference between vulnerabilities and exploits as well as use various reporting tools