Overview

Gear up for course excellence and success on the latest CompTIA Cybersecurity Analyst certification exam with the advanced knowledge and essential cybersecurity skills offered in Ciampa's COMPTIA CYSA+ GUIDE TO CYBERSECURITY ANALYST, 3rd Edition. Stay ahead with updated content directly aligned to the CySA+ CS0-003 certification exam, gaining expertise in threat intelligence data analysis, internal and external vulnerability identification and mitigation and effective cyber incident response. Immerse yourself in new case projects and real-world examples that will take you on a captivating journey through actual on-the-job tasks and procedures, including hands-on experience with controls, monitoring, incident response and compliance. Further boost your understanding and performance with MindTap's interactive tools, empowering you to excel in the cybersecurity profession.

Full Product Details

Author:   Mark Ciampa (Western Kentucky University)
Publisher:   Cengage Learning, Inc
Imprint:   Course Technology Inc
Edition:   3rd edition
Weight:   0.839kg
ISBN:  

9798214011479

Pages:   976
Publication Date:   28 May 2024
Audience:   College/higher education ,  Tertiary & Higher Education
Format:   Paperback
Publisher's Status:   Active
Availability:   Available To Order  
We have confirmation that this item is in stock with the supplier. It will be ordered in for you and dispatched immediately.

Table of Contents

Part 1: CYBERSECURITY FOUNDATIONS. 1. Technology Underpinnings. a. Infrastructures and Architectures. i. Infrastructure Concepts. ii. Network Architectures. iii. Operational Technology. b. Software. i. Operating System Fundamentals. ii. Coding (1.3c). 2. Threat Actors and Their Threats. a. Who Are the Threat Actors? i. Script Kiddie. ii. Organized Crime. iii. Insider Threat. iv. Hacktivists. v. Nation-state Actors. vi. Others. b. Threat Actor Actions. i. Tactics, Techniques, and Procedures (TTP). ii. Known and Unknown Threats. c. Types of Attacks. i. Web Server Application Attacks. ii. Remote Code Execution. iii. Data Poisoning. iv. Obfuscated Links. d. Vulnerabilities. i. Programming Vulnerabilities. ii. Broken Access Control. iii. Cryptographic Failures. iv. Dated Components. v. Identification and Authentication Failures. 3. Cybersecurity Substrata. a. Identity and Access Management (IAM). i. Identity. ii. Access. b. Encryption. i. Public Key Infrastructure (PKI). ii. Secure Sockets Layer (SSL) Inspection. c. Secure Coding. i. Secure Software Development Life Cycle (SDLC). ii. Secure Coding Best Practices. d. Networking (1.1d). i. Zero Trust. ii. Secure Access Service Edge (SASE). Part 2: SECURITY OPERATIONS. 4. Identifying Indicators of Attack (IOA). a. Cybersecurity Indicators. i. Indicators of Attack (IOA). ii. Indicators of Compromise (IOC) (1.4f). b. Network IOA. i. Abnormal Network Traffic. ii. Stealth Transmissions. iii. Scan/Sweeps. iv. Rogue Devices on a Network. c. Endpoint IOA. i. High-Volume Consumption of Resources. ii. Operating System Evidence. iii. Software-Related Evidence. iv. Data Exfiltration. d. Application IOA. i. Unusual Activity. ii. New Account Creation. iii. Unexpected Outbound Communications. iv. Application Logs. 5. Analyzing Indicators of Compromise (IOC). a. Common Techniques for Investigating IOC. i. Diagnose Malware. ii. Analyze Email. iii. User Behavior Analysis (UBA). b. Tools for IOC Analysis. i. File Analysis Tools. ii. Tools for Analyzing Network IOC iii. Reputation Tools. iv. Log Correlation and Analysis Tools. 6. Threat Detection and Process Improvement. a. Threat Intelligence. i. What is Threat Intelligence (TI)? ii. Threat Intelligence Versus Threat Data. iii. The Intelligence Cycle. iv. Threat Intelligence Sources. v. Confidence Levels. b. Threat Hunting. i. What is Threat Hunting? ii. Hunters and Hunting. iii. Threat Hunting Methodologies. iv. Steps in Threat Hunting. c. Improving Security Operation Processes. i. Standardize Processes. ii. Streamline Operations. iii. Tool Automation and Integration. Part 3: VULNERABILITY ASSESSMENT AND MANAGEMENT. 7. Vulnerability Scanning and Assessment Tools. a. Industry Frameworks. i. Payment Card Industry Data Security Standard (PCI DSS). ii. Center for Internet Security (CIS) Benchmarks. iii. Open Web Application Security Project (OWASP). iv. International Organization for Standardization (ISO) 27000 Series. b. Vulnerability Scanning Methods. i. Asset Discovery. ii. Special Considerations. iii. Types of Scanning. c. Vulnerability Assessment Tools. i. Network Scanning and Mapping. ii. Web Application Scanners. iii. Vulnerability Scanners. iv. Debuggers. v. Multipurpose. vi. Cloud Infrastructure Assessment Tools. 8. Addressing Vulnerabilities. a. Prioritizing Vulnerabilities. i. Common Vulnerability Scoring System (CVSS) Interpretation. ii. Validation. iii. Context Awareness. iv. Exploitability/Weaponization. v. Asset Value. vi. Zero-day. b. Managing Vulnerabilities. i. Using Controls. ii. Patching and Configuration Management. iii. Maintenance Windows. iv. Exceptions. v. Policies, Governance, and Service-level Objectives (SLOs). vi. Prioritization and Escalation. vii. Attack Surface Management. viii. Threat Modeling. 9. Vulnerability Management Reporting and Communication. a. Reporting Vulnerabilities. b. Compliance Reports. c. Action Plans. d. Inhibitors to Remediation i. Memorandum of Understanding (MOU). ii. Service-level Agreement (SLA). iii. Organizational Governance. iv. Business Process Interruption. v. Degrading Functionality. vi. Legacy Systems. vii. Proprietary Systems. e. Metrics and Key Performance Indicators (KPIs). i. Trends. ii. Top 10. iii. Critical Vulnerabilities and Zero-days. iv. SLOs. f. Stakeholder Identification and Communication. Part 4: INCIDENT RESPONSE. 10. Incident Response Planning. a. Attack Methodology Frameworks. i. Cyber Kill Chains. ii. Diamond Model of Intrusion Analysis. iii. MITRE ATT&CK. iv. Open Source Security Testing Methodology Manual (OSS TMM). v. OWASP Testing Guide. b. Incident Response Procedures. i. Preparation. c. Reporting and Communication. i. Stakeholder Identification and Communication. ii. Incident Declaration and Escalation. iii. Incident Response Reporting. iv. Communications. v. Root Cause Analysis. vi. Lessons Learned. vii. Metrics and KPIs. 11. Responding to a Cyber Incident. a. Detecting an Incident. i. IOC. ii. Evidence Acquisitions. iii. Data and Log Analysis. b. Controlling an Incident. i. Scope. ii. Impact. iii. Isolation. c. Recovering From an Incident. i. Remediation. ii. Re-imaging. iii. Compensating Controls. d. Post-incident Analysis. i. Forensic Analysis. ii. Root Cause Analysis. iii. Lessons Learned. iv. Adjusting Risk Thresholds. 12. Data Protection and Utilization. a. Sensitive Data Protection. i. Data Loss Prevention (DLP). ii. Personally Identifiable Information (PII). iii. Cardholder Data (CHD). b. Utilizing Data for Cybersecurity. i. Data Analytics. ii. Artificial Intelligence (AI).

Reviews

Author Information

Dr. Mark Ciampa is a professor of information systems in the Gordon Ford College of Business at Western Kentucky University in Bowling Green, Kentucky. Prior to this current role, he served as an associate professor and the director of academic computing at Volunteer State Community College in Gallatin, Tennessee, for 20 years. Dr. Ciampa has worked in the IT industry as a computer consultant for businesses, government agencies and educational institutions. He has published more than 20 articles in peer-reviewed journals and has written more than 25 technology textbooks, including CompTIA CySA+ Guide to Cybersecurity Analyst, Security+ Guide to Network Security Fundamentals, Security Awareness: Applying Practical Security in Your World, CWNA Guide to Wireless LANS, and Guide to Wireless Communications. Dr. Ciampa holds a Ph.D. in technology management with a specialization in digital communication systems from Indiana State University and has certifications in security and healthcare.

Tab Content 6

Author Website:  

Customer Reviews

Recent Reviews

No review item found!

Add your own review!

Countries Available

All regions