CompTIA Cybersecurity Analyst (CySA+) is an IT workforce certification that applies behavioral analytics to networks and devices to prevent, detect and combat cybersecurity threats through continuous security monitoring.
Why is it different?
CompTIA CySA+ is the only intermediate high-stakes cybersecurity analyst certification with both hands-on, performance-based questions and multiple-choice questions.
CySA+ focuses on the candidates ability to not only proactively capture, monitor, and respond to network traffic findings, but also emphasizes software and application security, automation, threat hunting, and IT regulatory compliance, which affects the daily work of security analysts.
CySA+ covers the most up-to-date core security analyst skills and upcoming job skills used by threat intelligence analysts, application security analysts, compliance analysts, incident responders/handlers, and threat hunters, bringing new techniques for combating threats inside and outside of the Security Operations Center (SOC)
About the exam
New CompTIA CySA+ (CS0-002) exam available April 21!
The beta exam has ended.
If you took the CompTIA CySA+ certification beta exam, thank you! You will be receiving an email from Certmetrics in the near future which will contain important information and detailed instructions regarding how to download your PDF beta score report.
As attackers have learned to evade traditional signature-based solutions, such as firewalls and anti-virus software, an analytics-based approach within the IT security industry is increasingly important for organizations. CompTIA CySA+ applies behavioral analytics to networks to improve the overall state of security through identifying and combating malware and advanced persistent threats (APTs), resulting in an enhanced threat visibility across a broad attack surface. It will validate an IT professional’s ability to proactively defend and continuously improve the security of an organization. CySA+ will verify the successful candidate has the knowledge and skills required to:
Leverage intelligence and threat detection techniques
Analyze and interpret data
Identify and address vulnerabilities
Suggest preventative measures
Effectively respond to and recover from incidents
CompTIA CySA+ meets the ISO 17024 standard and is approved by U.S. Department of Defense to fulfill Directive 8570.01-M requirements. It is compliant with government regulations under the Federal Information Security Management Act (FISMA). Regulators and government rely on ANSI accreditation because it provides confidence and trust in the outputs of an accredited program. Over 2.3 million CompTIA ISO/ANSI-accredited exams have been delivered since January 1, 2011.
What Skills Will You Learn?
Threat and Vulnerability Management
Utilize and apply proactive threat intelligence to support organizational security and perform vulnerability management activities
Security Operations and Monitoring
Analyze data as part of continuous security monitoring activities and implement configuration changes to existing controls to improve security
Software and Systems Security
Apply security solutions for infrastructure management and explain software & hardware assurance best practices
Incident Response
Apply the appropriate incident response procedure, analyze potential indicators of compromise, and utilize basic digital forensics techniques
Compliance and Assessment
Apply security concepts in support of organizational risk mitigation and understand the importance of frameworks, policies, procedures, and controls
Jobs that use CompTIA CySA+
Security analyst
-Tier II SOC analyst
-Security monitoring
Threat intelligence analyst
Security engineer
Application security analyst
Incident response or handler
Compliance analyst
Threat hunter
The new exam has been updated to address industry changes, as well as the need for security analysts to focus on software security and be more proactive with their defense and threat intelligence. Security Analysts must also ensure their tasks comply to IT regulatory standards that affect their daily work. With the end goal of proactively defending and continuously improving the security of an organization, CySA+ will verify the successful candidate has the knowledge and skills required to:
Leverage intelligence and threat detection techniques
Analyze and interpret data
Identify and address vulnerabilities
Suggest preventative measures
Effectively respond to and recover from incidents
QUESTION 1
An analyst is performing penetration testing and vulnerability assessment activities against a new vehicle automation platform.
Which of the following is MOST likely an attack vector that is being utilized as part of the testing and assessment?
A. FaaS
B. RTOS
C. SoC
D. GPS
E. CAN bus
Correct Answer: B
Explanation:
IoT devices also often run real-time operating systems (RTOS). These are either special purpose operating
systems or variants of standard operating systems designed to process data rapidly as it arrives from sensors
or other IoT components.
QUESTION 2
An information security analyst observes anomalous behavior on the SCADA devices in a power plant. This
behavior results in the industrial generators overheating and destabilizing the power supply.
Which of the following would BEST identify potential indicators of compromise?
A. Use Burp Suite to capture packets to the SCADA device’s IP.
B. Use tcpdump to capture packets from the SCADA device IP.
C. Use Wireshark to capture packets between SCADA devices and the management system.
D. Use Nmap to capture packets from the management system to the SCADA devices.
Correct Answer: C
QUESTION 3
Which of the following would MOST likely be included in the incident response procedure after a security breach of customer PII?
A. Human resources
B. Public relations
C. Marketing
D. Internal network operations center
Correct Answer: B
Actualkey CompTIA CySA+ CS0-002 exam pdf, Certkingdom CompTIA CySA+ CS0-002 PDF
Best CompTIA CySA+ CS0-002 Certification, CompTIA CySA+ CS0-002 Training at certkingdom.com