CompTIA CySA+ Cybersecurity Analyst Certification CS0-002 All-in-One Exam Guide (2021)

Page 1 of 31

CompTIA CySA+ Cybersecurity Analyst Certification CS0-002 All-in-One Exam Guide (2021) - Page 1 preview image

Page 2 of 31

CompTIA CySA+ Cybersecurity Analyst Certification CS0-002 All-in-One Exam Guide (2021) - Page 2 preview image

DownloadedfromStudyXY.com[=Ww+StudyXYoias.Za\Rr'BE\StudyAnythingThisContentHasbeenPostedOnStudyXY.comassupplementarylearningmaterial.StudyXYdoesnotendroseanyuniversity,collegeorpublisher.Allmaterialspostedareundertheliabilityofthecontributors.|8)www.studyxy.com

Page 3 of 31

CompTIA CySA+ Cybersecurity Analyst Certification CS0-002 All-in-One Exam Guide (2021) - Page 3 preview image

Page 4 of 31

CompTIA CySA+ Cybersecurity Analyst Certification CS0-002 All-in-One Exam Guide (2021) - Page 4 preview image

Page 5 of 31

CompTIA CySA+ Cybersecurity Analyst Certification CS0-002 All-in-One Exam Guide (2021) - Page 5 preview image

ABOUTTHEAUTHORSBrentChapman,GCIH,GCFA,GCTI,CISSP,CySA+,isaninformationsecurityengineerwithmorethan15yearsofexperienceininformationtechnologyandcybersecurity.HeisaformercyberoperationsofficerintheUnitedStatesArmyandhasheldanumberofuniqueassignments,includingresearcherattheArmyCyberInstitute,instructorintheDepartmentofElectricalEngineeringandComputerScienceattheUSMilitaryAcademyatWestPoint,andprojectmanagerattheDefenseInnovationUnitinSiliconValley.HeisaprofessionalmemberoftheAssociationofComputingMachinery,FCCAmateurRadiolicenseholder,andcontributortoseveraltechnicalandmaker-themedpublications.FernandoJ.Maymi,PhD,CISSP,isaconsultant,educator,andauthorwithmorethan25yearsofexperienceininformationsecurity.Hecurrentlyleadsteamsofcybersecurityconsultants,analysts,andredteamersinprovidingservicesaroundtheworld.FernandowasthefoundingdeputydirectoroftheArmyCyberInstitute,agovernmentthinktankhehelpedcreatefortheSecretaryoftheArmytosolvefuturecyberspaceoperationsproblemsaffectingthewholecountry.Hehasservedasadvisortocongressionalleaders,corporateexecutives,andforeigngovernmentsoncyberspaceissues.FernandotaughtcomputerscienceandcybersecurityattheUSMilitaryAcademyatWestPointfor12years.Fernandohaswrittenextensivelyandistheco-authoroftheeightheditionofthebestsellingCISSPAll-in-OneExamGuide.AbouttheTechnicalEditorandContributorBobbyE.Rogersisacybersecurityprofessionalwithover30yearsintheinformationtechnologyandcybersecurityfields.HecurrentlyworksforamajorengineeringcompanyinHuntsville,Alabama,asacontractorfor

Page 6 of 31

CompTIA CySA+ Cybersecurity Analyst Certification CS0-002 All-in-One Exam Guide (2021) - Page 6 preview image

DepartmentofDefenseagencies,helpingtosecure,certify,andaccredittheirinformationsystems.Bobby’sspecialtiesarecybersecurityengineering,securitycompliance,andcyberriskmanagement,buthehasworkedinalmosteveryareaofcybersecurity,includingnetworkdefense,computerforensics,incidentresponse,andpenetrationtesting.HeisaretiredMasterSergeantfromtheUSAirForce,havingservedforover21years.BobbyhasbuiltandsecurednetworksintheUnitedStates,Chad,Uganda,SouthAfrica,Germany,SaudiArabia,Pakistan,Afghanistan,andseveralothercountriesallovertheworld.HeholdsaMasterofSciencedegreeinInformationAssuranceandiscurrentlywritinghisdissertationforadoctoraldegreeincybersecurity.HismanycertificationsincludeCISSP-ISSEP,CRISC,andCySA+.Hehasnarratedandproducedover30computersecuritytrainingvideosforseveraltrainingcompanies,andisalsotheauthorofCompTIAMobility+CertificationAll-In-OneExamGuide(ExamMB0-001),CRISCCertifiedinRiskandInformationSystemsControlAll-In-OneExamGuide,MikeMeyers’CompTIASecurity+CertificationGuide(ExamSY0-401),andcontributingauthor/technicaleditorforthepopularCISSPAll-In-OneExamGuide,EighthEdition,allfromMcGrawHill.

Page 7 of 31

CompTIA CySA+ Cybersecurity Analyst Certification CS0-002 All-in-One Exam Guide (2021) - Page 7 preview image

Page 8 of 31

CompTIA CySA+ Cybersecurity Analyst Certification CS0-002 All-in-One Exam Guide (2021) - Page 8 preview image

Page 9 of 31

CompTIA CySA+ Cybersecurity Analyst Certification CS0-002 All-in-One Exam Guide (2021) - Page 9 preview image

Copyright©2021byMcGrawHill.Allrightsreserved.ExceptaspermittedundertheUnitedStatesCopyrightActof1976,nopartofthispublicationmaybereproducedordistributedinanyformorbyanymeans,orstoredinadatabaseorretrievalsystem,withoutthepriorwrittenpermissionofthepublisher.ISBN:978-1-26-046431-3MHID:~~1-26-046431-8ThematerialinthiseBookalsoappearsintheprintversionofthistitle:ISBN:978-1-26-046430-6,MHID:1-26-046430-X.eBookconversionbycodeMantraVersion1.0Alltrademarksaretrademarksoftheirrespectiveowners.Ratherthanputatrademarksymbolaftereveryoccurrenceofatrademarkedname,weusenamesinaneditorialfashiononly,andtothebenefitofthetrademarkowner,withnointentionofinfringementofthetrademark.Wheresuchdesignationsappearinthisbook,theyhavebeenprintedwithinitialcaps.McGraw-HillEducationeBooksareavailableatspecialquantitydiscountstouseaspremiumsandsalespromotionsorforuseincorporatetrainingprograms.Tocontactarepresentative,pleasevisittheContactUspageatwww.mhprofessional.com.InformationhasbeenobtainedbyMcGrawHillfromsourcesbelievedtobereliable.However,becauseofthepossibilityofhumanormechanicalerrorbyoursources,McGrawHill,orothers,McGrawHilldoesnotguaranteetheaccuracy,adequacy,orcompletenessofanyinformationandisnotresponsibleforanyerrorsoromissionsortheresultsobtainedfromtheuseofsuchinformation.TERMSOFUSEThisisacopyrightedworkandMcGraw-HillEducationanditslicensorsreserveallrightsinandtothework.Useofthisworkissubjecttothese

Page 10 of 31

CompTIA CySA+ Cybersecurity Analyst Certification CS0-002 All-in-One Exam Guide (2021) - Page 10 preview image

terms.ExceptaspermittedundertheCopyrightActof1976andtherighttostoreandretrieveonecopyofthework,youmaynotdecompile,disassemble,reverseengineer,reproduce,modify,createderivativeworksbasedupon,transmit,distribute,disseminate,sell,publishorsublicensetheworkoranypartofitwithoutMcGraw-HillEducation’spriorconsent.Youmayusetheworkforyourownnoncommercialandpersonaluse;anyotheruseoftheworkisstrictlyprohibited.Yourrighttousetheworkmaybeterminatedifyoufailtocomplywiththeseterms.THEWORKISPROVIDED“ASIS.”McGRAW-HILLEDUCATIONANDITSLICENSORSMAKENOGUARANTEESORWARRANTIESASTOTHEACCURACY,ADEQUACYORCOMPLETENESSOFORRESULTSTOBEOBTAINEDFROMUSINGTHEWORK,INCLUDINGANYINFORMATIONTHATCANBEACCESSEDTHROUGHTHEWORKVIAHYPERLINKOROTHERWISE,ANDEXPRESSLYDISCLAIMANYWARRANTY,EXPRESSORIMPLIED,INCLUDINGBUTNOTLIMITEDTOIMPLIEDWARRANTIESOFMERCHANTABILITYORFITNESSFORAPARTICULARPURPOSE.McGraw-HillEducationanditslicensorsdonotwarrantorguaranteethatthefunctionscontainedintheworkwillmeetyourrequirementsorthatitsoperationwillbeuninterruptedorerrorfree.NeitherMcGraw-HillEducationnoritslicensorsshallbeliabletoyouoranyoneelseforanyinaccuracy,errororomission,regardlessofcause,intheworkorforanydamagesresultingtherefrom.McGraw-HillEducationhasnoresponsibilityforthecontentofanyinformationaccessedthroughthework.UndernocircumstancesshallMcGraw-HillEducationand/oritslicensorsbeliableforanyindirect,incidental,special,punitive,consequentialorsimilardamagesthatresultfromtheuseoforinabilitytousethework,evenifanyofthemhasbeenadvisedofthepossibilityofsuchdamages.Thislimitationofliabilityshallapplytoanyclaimorcausewhatsoeverwhethersuchclaimorcausearisesincontract,tortorotherwise.

Page 11 of 31

CompTIA CySA+ Cybersecurity Analyst Certification CS0-002 All-in-One Exam Guide (2021) - Page 11 preview image

ToGinaandCarol,forbeingpatient,supportive,andloving,andforremindingusofwhatreallymattersinlife.

Page 12 of 31

CompTIA CySA+ Cybersecurity Analyst Certification CS0-002 All-in-One Exam Guide (2021) - Page 12 preview image

CONTENTSATAGLANCEPartIThreatandVulnerabilityManagementChapter1TheImportanceofThreatDataandIntelligenceChapter2ThreatIntelligenceinSupportofOrganizationalSecurityChapter3VulnerabilityManagementActivitiesChapter4VulnerabilityAssessmentToolsChapter5ThreatsandVulnerabilitiesAssociatedwithSpecializedTechnologyChapter6ThreatsandVulnerabilitiesAssociatedwithOperatingintheCloudChapter7MitigatingControlsforAttacksandSoftwareVulnerabilitiesPartIISoftwareandSystemsSecurityChapter8SecuritySolutionsforInfrastructureManagementChapter9SoftwareAssuranceBestPracticesChapter10HardwareAssuranceBestPracticesPartIIISecurityOperationsandMonitoringChapter11DataAnalysisinSecurityMonitoringActivitiesChapter12ImplementConfigurationChangestoExistingControlstoImproveSecurityChapter13TheImportanceofProactiveThreatHuntingChapter14AutomationConceptsandTechnologies

Page 13 of 31

CompTIA CySA+ Cybersecurity Analyst Certification CS0-002 All-in-One Exam Guide (2021) - Page 13 preview image

PartIVIncidentResponseChapter15TheImportanceoftheIncidentResponseProcessChapter16AppropriateIncidentResponseProceduresChapter17AnalyzePotentialIndicatorsofCompromiseChapter18UtilizeBasicDigitalForensicsTechniquesPartVComplianceandAssessmentChapter19TheImportanceofDataPrivacyandProtectionChapter20SecurityConceptsinSupportofOrganizationalRiskMitigationChapter21TheImportanceofFrameworks,Policies,Procedures,andControlsPartVIAppendixesandGlossaryAppendixAObjectiveMapAppendixBAbouttheOnlineContentGlossaryIndex

Page 14 of 31

CompTIA CySA+ Cybersecurity Analyst Certification CS0-002 All-in-One Exam Guide (2021) - Page 14 preview image

CONTENTSAcknowledgmentsIntroductionPartIThreatandVulnerabilityManagementChapter1TheImportanceofThreatDataandIntelligenceFoundationsofIntelligenceIntelligenceSourcesOpenSourceIntelligenceProprietary/ClosedSourceIntelligenceCharacteristicsofIntelligenceSourceDataConfidenceLevelsIndicatorManagementIndicatorLifecycleStructuredThreatInformationExpressionTrustedAutomatedExchangeofIndicatorInformationOpenlOCThreatClassificationKnownThreatsvs.UnknownThreatsZeroDayAdvancedPersistentThreatThreatActorsNation-StateThreatActorsHacktivistsOrganizedCrimeInsiderThreatActorsIntelligenceCycle

Page 15 of 31

CompTIA CySA+ Cybersecurity Analyst Certification CS0-002 All-in-One Exam Guide (2021) - Page 15 preview image

RequirementsCollectionAnalysisDisseminationFeedbackCommodityMalwareInformationSharingandAnalysisCommunitiesChapterReviewQuestionsAnswersChapter2ThreatIntelligenceinSupportofOrganizationalSecurityLevelsofIntelligenceAttackFrameworksMITREATT&CKTheDiamondModelofIntrusionAnalysisKillChainThreatResearchReputationalBehavioralIndicatorofCompromiseCommonVulnerabilityScoringSystemThreatModelingMethodologiesAdversaryCapabilityTotalAttackSurfaceAttackVectorImpactLikelihoodSTRIDEPASTAThreatIntelligenceSharingwithSupportedFunctionsIncidentResponseVulnerabilityManagementRiskManagementSecurityEngineering

Page 16 of 31

CompTIA CySA+ Cybersecurity Analyst Certification CS0-002 All-in-One Exam Guide (2021) - Page 16 preview image

DetectionandMonitoringChapterReviewQuestionsAnswersChapter3VulnerabilityManagementActivitiesVulnerabilityIdentificationRegulatoryEnvironmentsCorporateSecurityPolicyDataClassificationAssetInventoryActivevs.PassiveScanningScanningParametersandCriteriaRisksAssociatedwithScanningActivitiesRegulatoryRequirementsTechnicalConstraintsWorkflowSensitivityLevelsVulnerabilityFeedScopeNoncredentialedvs.CredentialedServerBasedvs.AgentBasedInternalvs.ExternalTypesofDataToolUpdatesandPlug-InsSCAPSpecialConsiderationsIntrusionPreventionSystem,IntrusionDetectionSystem,andFirewallSettingsGeneratingReportsAutomatedvs.ManualDistributionValidationTruePositivesFalsePositivesTrueNegatives

Page 17 of 31

CompTIA CySA+ Cybersecurity Analyst Certification CS0-002 All-in-One Exam Guide (2021) - Page 17 preview image

FalseNegativesRemediationPatchingPrioritizingHardeningCompensatingControlsRiskAcceptanceVerificationofMitigationInhibitorstoRemediationMemorandumofUnderstandingServiceLevelAgreementOrganizationalGovernanceBusinessProcessInterruptionDegradingFunctionalityLegacyandProprietarySystemsOngoingScanningandContinuousMonitoringChapterReviewQuestionsAnswersChapter4VulnerabilityAssessmentToolsWebApplicationScannersOWASPZedAttackProxyBurpSuiteNiktoArachniInfrastructureVulnerabilityScannersNessusOpenVASQualysSoftwareAssessmentToolsandTechniquesStaticAnalysisDynamicAnalysisReverseEngineeringFuzzing

Page 18 of 31

CompTIA CySA+ Cybersecurity Analyst Certification CS0-002 All-in-One Exam Guide (2021) - Page 18 preview image

EnumerationToolsandTechniquesnmaphpingPassivevs.ActiveEnumerationTechniquesresponderWirelessAssessmentToolsAircrack-ngReaveroclHashcatCloudInfrastructureAssessmentToolsScoutSuiteProwlerPacuChapterReviewQuestionsAnswersChapter5ThreatsandVulnerabilitiesAssociatedwithSpecializedTechnologyAccessPointsVirtualPrivateNetworksMobileDevicesNetworkVulnerabilitiesDeviceVulnerabilitiesOperatingSystemVulnerabilitiesAppVulnerabilitiesInternetofThingsTheMiraiBotnetEmbeddedSystemsReal-TimeOperatingSystemsSystemonaChipFieldProgrammableGateArrayPhysicalAccessControlConnectedVehiclesCANBus

Page 19 of 31

CompTIA CySA+ Cybersecurity Analyst Certification CS0-002 All-in-One Exam Guide (2021) - Page 19 preview image

DronesHardwareSecurityCommunicationsChannelsSecurityWebPortalSecurityIndustrialControlSystemsSCADADevicesModbusProcessAutomationSystemsChapterReviewQuestionsAnswersChapter6ThreatsandVulnerabilitiesAssociatedwithOperatingintheCloudCloudServiceModelsSharedResponsibilityModelSoftwareasaServicePlatformasaServiceInfrastructureasaServiceCloudDeploymentModelsPublicPrivateCommunityHybridServerlessArchitectureFunctionasaServiceInfrastructureasCodeInsecureApplicationProgrammingInterfaceBrokenObjectLevelAuthorizationBrokenUserAuthenticationExcessiveDataExposureLackofResourcesandRateLimitingBrokenFunctionLevelAuthorizationMassAssignmentSecurityMisconfiguration

Page 20 of 31

CompTIA CySA+ Cybersecurity Analyst Certification CS0-002 All-in-One Exam Guide (2021) - Page 20 preview image

InjectionImproperAssetManagementInsufficientLoggingandMonitoringImproperKeyManagementUnprotectedStorageLoggingandMonitoringChapterReviewQuestionsAnswersChapter7MitigatingControlsforAttacksandSoftwareVulnerabilitiesAttackTypesInjectionAttacksBufferOverflowAttacksPrivilegeEscalationAuthenticationAttacksRootkitsVulnerabilitiesImproperErrorHandlingDereferencingInsecureObjectReferenceRaceConditionSensitiveDataExposureInsecureComponentsInsufficientLoggingandMonitoringWeakorDefaultConfigurationsUseofInsecureFunctionsChapterReviewQuestionsAnswersPartIISoftwareandSystemsSecurityChapter8SecuritySolutionsforInfrastructureManagementCloudvs.On-PremisesSolutionsNetworkArchitecture

Page 21 of 31

CompTIA CySA+ Cybersecurity Analyst Certification CS0-002 All-in-One Exam Guide (2021) - Page 21 preview image

PhysicalNetworkSoftware-DefinedNetworkVirtualPrivateCloudNetworkVirtualPrivateNetworkServerlessNetworkVirtualizationHypervisorsVirtualDesktopInfrastructureContainerizationNetworkSegmentationVirtualLocalAreaNetworksPhysicalSegmentationJumpBoxesSystemIsolationHoneypotsandHoneynetsAssetManagementAssetInventoryAssetTaggingChangeManagementIdentityandAccessManagementPrivilegeManagementMultifactorAuthenticationSingleSign-OnIdentityFederationRole-BasedAccessControlAttribute-BasedAccessControlMandatoryAccessControlManualReviewCloudAccessSecurityBrokerMonitoringandLoggingEncryptionSymmetricCryptographyAsymmetricCryptographySymmetricvs.AsymmetricCryptography

Page 22 of 31

CompTIA CySA+ Cybersecurity Analyst Certification CS0-002 All-in-One Exam Guide (2021) - Page 22 preview image

CertificateManagementActiveDefenseChapterReviewQuestionsAnswersChapter9SoftwareAssuranceBestPracticesPlatformsandSoftwareArchitecturesClient/ServerWebApplicationMobileEmbeddedSystemonaChipFirmwareService-OrientedArchitectureSimpleObjectAccessProtocolRepresentationalStateTransferMicroservicesSecurityAssertionsMarkupLanguageTheSoftwareDevelopmentLifecycleRequirementsDevelopmentImplementationOperationandMaintenanceDevOpsandDevSecOpsSoftwareAssessmentMethodsUserAcceptanceTestingStressTestingSecurityRegressionTestingCodeReviewsStaticAnalysisToolsDynamicAnalysisToolsFormalMethodsofVerifyingCriticalSoftwareSecureCodingBestPracticesInputValidation

Page 23 of 31

CompTIA CySA+ Cybersecurity Analyst Certification CS0-002 All-in-One Exam Guide (2021) - Page 23 preview image

OutputEncodingSessionManagementAuthenticationDataProtectionParameterizedQueriesChapterReviewQuestionsAnswersChapter10HardwareAssuranceBestPracticesHardwareRootofTrustTrustedPlatformModuleHardwareSecurityModuleeFuseFirmwareUnifiedExtensibleFirmwareInterfaceMeasuredBootandAttestationTrustedFirmwareUpdatesSelf-EncryptingDriveBusEncryptionSecureProcessingTrustedExecutionEnvironmentProcessorSecurityExtensionsAtomicExecutionTrustedFoundryAnti-TamperTechniquesChapterReviewQuestionsAnswersPartIIISecurityOperationsandMonitoringChapter11DataAnalysisinSecurityMonitoringActivitiesSecurityDataAnalyticsDataAggregationandCorrelationDataAnalysis

Page 24 of 31

CompTIA CySA+ Cybersecurity Analyst Certification CS0-002 All-in-One Exam Guide (2021) - Page 24 preview image

TrendAnalysisHistoricalAnalysisBehavioralAnalysisHeuristicsAnomalyAnalysisEndpointSecurityMalwareDetectandBlockFilelessMalwareSandboxCloud-ConnectedProtectionUserandEntityBehaviorAnalyticsNetworkDomainNameSystemAnalysisDomainGenerationAlgorithmsFlowAnalysisPacketAnalysisMalwareLogReviewPacketCapturesSystemLogsFirewallLogsIntrusionDetection/PreventionSystemsAuthenticationLogsImpactAnalysisAvailabilityAnalysisSecurityInformationandEventManagementReviewQueryWritingE-mailAnalysisMaliciousPayloadDomainKeysIdentifiedMailSenderPolicyFrameworkDomain-BasedMessageAuthentication,Reporting,andConformance

Page 25 of 31

CompTIA CySA+ Cybersecurity Analyst Certification CS0-002 All-in-One Exam Guide (2021) - Page 25 preview image

HeaderPhishingForwardingDigitalSignaturesandEncryptionEmbeddedLinksImpersonationChapterReviewQuestionsAnswersChapter12ImplementConfigurationChangestoExistingControlstoImproveSecurityPermissionsUsersGroupsBlacklistingWhitelistingFirewallsWebProxiesWebApplicationFirewallsOperatingSystemFirewallsIntrusionPreventionSystemRulesSnortRuleBuildingZeekLogsSuricataRule-BuildingHost-BasedIntrusionPreventionSystemsDataLossPreventionEndpointDetectionandResponseNetworkAccessControlTime-BasedSolutionRule-BasedSolutionRole-BasedSolutionLocation-BasedSolutionSinkholingMalwareSignatures

Page 26 of 31

CompTIA CySA+ Cybersecurity Analyst Certification CS0-002 All-in-One Exam Guide (2021) - Page 26 preview image

SandboxingPortSecurityChapterReviewQuestionsAnswersChapter13TheImportanceofProactiveThreatHuntingEstablishingaHypothesisProfilingThreatActorsandActivitiesThreat-HuntingTacticsHigh-ImpactTTPsDeliveringResultsDocumentingtheProcessReducingtheAttackSurfaceAreaandBundlingCriticalAssetsAttackVectorsIntegratedIntelligenceImprovingDetectionCapabilitiesChapterReviewQuestionsAnswersChapter14AutomationConceptsandTechnologiesWorkflowOrchestrationSecurityOrchestration,Automation,andResponsePlatformsOrchestrationPlaybooksDataEnrichmentScriptingPythonScriptingPowerShellScriptingApplicationProgrammingInterfaceIntegrationRepresentationalStateTransferAutomatingAPICallsAutomatedMalwareSignatureCreationThreatFeedCombination

Page 27 of 31

CompTIA CySA+ Cybersecurity Analyst Certification CS0-002 All-in-One Exam Guide (2021) - Page 27 preview image

MachineLearningUseofAutomationProtocolsandStandardsSecurityContentAutomationProtocolSoftwareEngineeringContinuousIntegrationContinuousDeliveryContinuousDeploymentChapterReviewQuestionsAnswersPartIVIncidentResponseChapter15TheImportanceoftheIncidentResponseProcessEstablishingaCommunicationProcessInternalCommunicationsExternalCommunicationsResponseCoordinationwithRelevantEntitiesFactorsContributingtoDataCriticalityPersonallyIdentifiableInformationPersonalHealthInformationHigh-ValueAssetsPaymentCardInformationIntellectualPropertyCorporateConfidentialInformationChapterReviewQuestionsAnswersChapter16AppropriateIncidentResponseProceduresPreparationTrainingTestingDocumentationDetectionandAnalysisCharacteristicsofSeverityLevelClassification

Page 28 of 31

CompTIA CySA+ Cybersecurity Analyst Certification CS0-002 All-in-One Exam Guide (2021) - Page 28 preview image

ReverseEngineeringContainmentSegmentationIsolationRemovalEradicationandRecoveryVulnerabilityMitigationSanitizationReconstructionSecureDisposalPatchingRestorationofPermissionsRestorationofServicesandVerificationofLoggingPost-IncidentActivitiesLessons-LearnedReportChangeControlProcessUpdatestoResponsePlanSummaryReportIndicatorofCompromiseGenerationMonitoringChapterReviewQuestionsAnswersChapter17AnalyzePotentialIndicatorsofCompromiseNetwork-RelatedIndicatorsBandwidthUtilizationBeaconingIrregularPeer-to-PeerCommunicationRogueDevicesontheNetworkScanSweepsCommonProtocoloveraNonstandardPortHost-RelatedIndicatorsCapacityConsumptionUnauthorizedSoftware

Page 29 of 31

CompTIA CySA+ Cybersecurity Analyst Certification CS0-002 All-in-One Exam Guide (2021) - Page 29 preview image

MaliciousProcessesMemoryContentsUnauthorizedChangesUnauthorizedPrivilegesDataExfiltrationRegistryChangeorAnomalyUnauthorizedScheduledTaskApplication-RelatedIndicatorsAnomalousActivityIntroductionofNewAccountsUnexpectedOutputUnexpectedOutboundCommunicationServiceInterruptionMemoryOverflowsApplicationLogsChapterReviewQuestionsAnswersChapter18UtilizeBasicDigitalForensicsTechniquesPhasesofanInvestigationSeizureDataAcquisitionAnalysisReportingNetworkNetworkTapHubSwitchesWireshark/TSharktcpdumpEndpointsServersOSandProcessAnalysisMobileDeviceForensics

Page 30 of 31

CompTIA CySA+ Cybersecurity Analyst Certification CS0-002 All-in-One Exam Guide (2021) - Page 30 preview image

VirtualizationandtheCloudProceduresBuildingYourForensicKitCryptographyToolsAcquisitionUtilitiesForensicDuplicatorsPasswordCrackersHashingUtilitiesForensicSuitesFileCarvingChapterReviewQuestionsAnswersPartVComplianceandAssessmentChapter19TheImportanceofDataPrivacyandProtectionPrivacyvs.SecurityTypesofDataLegalRequirementsforDataNontechnicalControlsDataOwnershipDataClassificationDataConfidentialityDataSovereigntyDataMinimizationDataPurposeLimitationDataRetentionTechnicalControlsAccessControlsEncryptionSharingDataWhilePreservingPrivacyDigitalRightsManagementDataLossPreventionChapterReview

Page 31 of 31

CompTIA CySA+ Cybersecurity Analyst Certification CS0-002 All-in-One Exam Guide (2021) - Page 31 preview image

QuestionsAnswersChapter20SecurityConceptsinSupportofOrganizationalRiskMitigationBusinessImpactAnalysisRiskAssessmentRiskIdentificationProcessRiskCalculationCommunicationofRiskFactorsRiskPrioritizationSecurityControlsEngineeringTradeoffsDocumentedCompensatingControlsSystemsAssessmentSupplyChainRiskAssessmentVendorDueDiligenceHardwareSourceAuthenticityTrainingandExercisesTypesofExercisesRedTeamBlueTeamWhiteTeamChapterReviewQuestionsAnswersChapter21TheImportanceofFrameworks,Policies,Procedures,andControlsSecurityFrameworksNISTISO/IEC27000SeriesCenterforInternetSecurityControlsPoliciesandProceduresEthicsandCodesofConductAcceptableUsePolicyPasswordPolicy

Preview Mode

This document has 821 pages. Sign in to access the full document!

Report

Learning Tools

Writing Tools

Browse Resources

CompTIA CySA+ Cybersecurity Analyst Certification CS0-002 All-in-One Exam Guide (2021) - Page 1

Study Now!

Document Details

Related Documents

CompTIA Security+ Practice Tests: Exam SY0-701 (2024)

CompTIA CySA+ Study Guide, 3rd Edition (2023)

CompTIA CySA+ Practice Tests: Exam CS0-003 (2023)

CompTIA DataX Study Guide: Exam DY0-001 (2024)

CompTIA CySA+ Cybersecurity Analyst Certification All-in-One Exam Guide (Exam CS0-003) (2024)

CompTIA Network+ Practice Tests: Exam N10-009 (2024)

CompTIA Tech+ CertMike Exam FC0-U71 (2024)

CompTIA Security+ Study Guide with over 500 Practice Test Questions : Exam SY0-701 (2023)

CompTIA Network+ Study Guide: Exam N10-009 (2024)

CompTIA DataSys+ Study Guide : Exam DS0-001 (2023)

Company

Explore

Study Tools