CompTIA CySA+ Study Guide, 3rd Edition (2023)

Page 1 of 16

CompTIA CySA+ Study Guide, 3rd Edition (2023) - Page 1 preview image

ThirdEditionSave10%onCompTIA®ExamVouchersCouponInside!@®CompTIAEXAMCS0-003IncludesoneyearofFREEaccessafteractivationtotheonlinetestbankandstudytools:Custompracticeexam100electronicflashcardsSearchablekeytermglossaryMIKECHAPPLE(=DAVIDSEIDL+study|

Page 2 of 16

CompTIA CySA+ Study Guide, 3rd Edition (2023) - Page 2 preview image

DownloadedfromStudyXY.com®+StudyXYSdYe.o>\|iF’prE\3SStudyAnythingThisContentHasbeenPostedOnStudyXY.comassupplementarylearningmaterial.StudyXYdoesnotendroseanyuniversity,collegeorpublisher.Allmaterialspostedareundertheliabilityofthecontributors.wv8)www.studyxy.com

Page 3 of 16

CompTIA CySA+ Study Guide, 3rd Edition (2023) - Page 3 preview image

Page 4 of 16

CompTIA CySA+ Study Guide, 3rd Edition (2023) - Page 4 preview image

(uptoa$35value)*Somerestrictionsapply.Seewebpagefordetails.Getdetailsatwww.wiley.com/go/sybextestprepTogetthediscountcode,you'llneedtoregisterandlogonthetestbank.ThengotoResources.CusBex

Page 5 of 16

CompTIA CySA+ Study Guide, 3rd Edition (2023) - Page 5 preview image

Page 6 of 16

CompTIA CySA+ Study Guide, 3rd Edition (2023) - Page 6 preview image

CompTIA’CySA+StudyGuideExamCS0-003ThirdEditionETDy=4REDe==aiiMikeChappleDavidSeidl

Page 7 of 16

CompTIA CySA+ Study Guide, 3rd Edition (2023) - Page 7 preview image

Copyright©2023byJohnWiley&Sons,Inc.Allrightsreserved.PublishedbyJohnWiley&Sons,Inc.,Hoboken,NewJersey.PublishedsimultaneouslyinCanadaandtheUnitedKingdom.ISBNs:9781394182909(paperback),9781394182923(ePDF),9781394182916(ePub)Nopartofthispublicationmaybereproduced,storedinaretrievalsystem,ortransmittedinanyformorbyanymeans,electronic,mechanical,photocopying,recording,scanning,orotherwise,exceptaspermittedunderSection107or108ofthe1976UnitedStatesCopyrightAct,withouteitherthepriorwrittenpermissionofthePublisher,orauthorizationthroughpaymentoftheappropriateper-copyfeetotheCopyrightClearanceCenter,Inc.,222RosewoodDrive,Danvers,MA01923,(978)750-8400,fax(978)750-4470,oronthewebatwwcopyright.com.RequeststothePublisherforpermissionshouldbeaddressedtothePermissionsDepartment,JohnWiley&Sons,Inc.,111RiverStreet,Hoboken,NJ07030,(201)748-6011,fax(201)748-6008,oronlineatwww.wiley.com/go/permission.Trademarks:WILEY,theWileylogo,andtheSybexlogoaretrademarksorregisteredtrademarksofJohnWiley&Sons,Inc.and/oritsaffiliates,intheUnitedStatesandothercountries,andmaynotbeusedwithoutwrittenpermission.CompTIAisaregisteredtrademarkofCompTIA,Inc.Allothertrademarksarethepropertyoftheirrespectiveowners.JohnWiley&Sons,Inc.isnorassociatedwithanyproductorvendormentionedinthisbook.LimitofLiability/DisclaimerofWarranty:Whilethepublisherandauthorshaveusedtheirbesteffortsinpreparingthisbook,theymakenorepresentationsorwarrantieswithrespecttotheaccuracyorcompletenessofthecontentsofthisbookandspecificallydisclaimanyimpliedwarrantiesofmerchantabilityorfitnessforaparticularpurpose.Nowarrantymaybecreatedorextendedbysalesrepresentativesorwrittensalesmaterials.Theadviceandstrategiescontainedhereinmaynotbesuitableforyoursituation.Youshouldconsultwithaprofessionalwhereappropriate.Further,readersshouldbeawarethatwebsiteslistedinthisworkmayhavechangedordisappearedbetweenwhenthisworkwaswrittenandwhenitisread.Neitherthepublishernorauthorsshallbeliableforanylossofprofitoranyothercommercialdamages,includingbutnotlimitedtospecial,incidental,consequential,orotherdamages.Forgeneralinformationonourotherproductsandservicesorfortechnicalsupport,pleasecontactourCustomerCareDepartmentwithintheUnitedStatesat(800)762-2974,outsidetheUnitedStatesat(317)572-3993orfax(317)572-4002.Wileyalsopublishesitsbooksinavarietyofelectronicformats.Somecontentthatappearsinprintmaynotbeavailableinelectronicformats.FormoreinformationaboutWileyproducts,visitourwebsiteatwww.wiLey.com.LibraryofCongressControlNumber:2022951784Coverimage:©JeremyWoodhouse/GettyImages,Inc.Coverdesign:WileyStudy

Page 8 of 16

CompTIA CySA+ Study Guide, 3rd Edition (2023) - Page 8 preview image

Idedicatethisbooktomyfather,whowasarolemodelofthevalueofhardwork,commitmenttofamily,andtheimportanceofdoingtherightthing.Restinpeace,Dad.—MikeChappleThisbookisdedicatedtoRicWilliams,myfriend,mentor,andpartnerincrimethroughmyfirstforaysintothecommercialITworld.Thanksformakingmyjobasa“networkjanitor”oneofthebestexperiencesofmylife.—DavidSeidl|\TTStudyXY

Page 9 of 16

CompTIA CySA+ Study Guide, 3rd Edition (2023) - Page 9 preview image

AcknowledgmentsBookslikethisinvolveworkfrommanypeople,andasauthors,wetrulyappreciatethehardworkanddedicationthattheteamatWileyshows.WewouldespeciallyliketothanksenioracquisitionseditorKenyonBrown.WehaveworkedwithKenonmultipleprojectsandcon-sistentlyenjoyourworkwithhim.Wealsogreatlyappreciatedtheeditingandproductionteamforthebook,includingLilyMiller,ourprojecteditor,whobroughtyearsofexperienceandgreattalenttotheproject;ChrisCrayton,ourtechnicaleditor,whoprovidedinsightfuladviceandgavewon-derfulfeedbackthroughoutthebook;ArchanaPragash,ourproductioneditor,whoguidedusthroughlayouts,formatting,andfinalcleanuptoproduceagreatbook;andElizabeth‘Welch,ourcopyeditor,whohelpedthetextflowwell.Wewouldalsoliketothankthemanybehind-the-scenescontributors,includingthegraphics,production,andtechnicalteamswhomakethebookandcompanionmaterialsintoafinishedproduct.Ouragent,CaroleJelenofWatersideProductions,continuestoprovideuswithwonderfulopportunities,advice,andassistancethroughoutourwritingcareers.Finally,wewouldliketothankourfamiliesandsignificantotherswhosupportusthroughthelateevenings,busyweekends,andlonghoursthatabooklikethisrequirestowrite,edit,andgettopress.

Page 10 of 16

CompTIA CySA+ Study Guide, 3rd Edition (2023) - Page 10 preview image

AbouttheAuthorsMikeChapple,Ph.D.,Security+,CySA+,CISSP,isauthorofover50books,includingthebest-sellingCISSP(ISC)?CertifiedInformationSystemsSecurityProfessionalOfficialStudyGuide(Sybex,2021)andtheCISSP(ISC)*OfficialPracticeTests(Sybex,2021).Heisaninformationsecurityprofessionalwithtwodecadesofexperienceinhighereducation,theprivatesector,andgovernment.MikecurrentlyservesasaTeachingProfessorintheIT,Analytics,andOperationsdepartmentattheUniversityofNotreDame’sMendozaCollegeofBusiness,whereheteachesundergraduateandgraduatecoursesoncybersecurity,datamanagement,andbusinessanalytics.BeforereturningtoNotreDame,MikeservedasexecutivevicepresidentandchiefinformationofficeroftheBrandInstitute,aMiami-basedmarketingconsultancy.MikealsospentfouryearsintheinformationsecurityresearchgroupattheNationalSecurityAgencyandservedasanactivedutyintelligenceofficerintheU.S.AirForce.MikeearnedbothhisB.S.andPh.D.degreesfromNotreDameincomputerscienceandengineering.MikealsoholdsanM.S.incomputersciencefromtheUniversityofIdahoandanMBAfromAuburnUniversity.MikeholdscertificationsinCybersecurityAnalyst+(CySA+),Security+,CertifiedInformationSecurityManager(CISM),CertifiedCloudSecurityProfessional(CCSP),andCertifiedInformationSystemsSecurityProfessional(CISSP).HeprovidessecuritycertificationresourcesonhiswebsiteatCertMike.com.DavidSeidl,CySA+,CISSP,PenTest+,isVicePresidentforInformationTechnologyandCIOatMiamiUniversity.DuringhisITcareer,hehasservedinavarietyoftechnicalandinformationsecurityroles,includingservingastheSeniorDirectorforCampusTechnologyServicesattheUniversityofNotreDamewhereheco-ledNotreDame’smovetothecloudandoversawcloudoperations,ERP,databases,identitymanagement,andabroadrangeofothertechnologiesandservice.HealsoservedasNotreDame’sDirectorofInformationSecurityandledNotreDame’sinformationsecurityprogram.HehastaughtinformationsecurityandnetworkingundergraduatecoursesasaninstructorforNotreDame’sMen-dozaCollegeofBusiness,andhehaswritten18booksonsecuritycertificationandcyber-warfare,includingco-authoringCISSP(ISC)>OfficialPracticeTests(Sybex,2021)aswellasthepreviouseditionsofboththisbookandthecompanionCompTIACySA+PracticeTests(Sybex,2020,2018).Davidholdsabachelor’sdegreeincommunicationtechnologyandamaster’sdegreeininformationsecurityfromEasternMichiganUniversity,aswellascertificationsinCISSP,CySA+,Pentest+,GPEN,andGCIH.

Page 11 of 16

CompTIA CySA+ Study Guide, 3rd Edition (2023) - Page 11 preview image

AbouttheTechnicalEditorChrisCrayton,MCSE,CISSP,CASP,CySA+,A+,N+,S+,isatechnicalconsultant,trainer,author,andindustry-leadingtechnicaleditor.Hehasworkedasacomputertechnologyandnetworkinginstructor,informationsecuritydirector,networkadministrator,networkengineer,andPCspecialist.Chrishasservedastechnicaleditorandcontentcontributoronnumeroustechnicaltitlesforseveraloftheleadingpublishingcompanies.Hehasalsobeenrecognizedwithmanyprofessionalandteachingawards.|veT=StudyXY

Page 12 of 16

CompTIA CySA+ Study Guide, 3rd Edition (2023) - Page 12 preview image

ContentsataGlanceIntroductionxxiAssessmentTestxxXxXVDomain|SecurityOperations1Chapter1Today'sCybersecurityAnalyst3Chapter2SystemandNetworkArchitecture37Chapter3MaliciousActivity77Chapter4ThreatIntelligence135Chapter5ReconnaissanceandIntelligenceGathering159DomainIIVulnerabilityManagement201Chapter6DesigningaVulnerabilityManagementProgram203Chapter7AnalyzingVulnerabilityScans245Chapter8RespondingtoVulnerabilities293DomainIllIncidentResponseandManagement341Chapter9BuildinganIncidentResponseProgram343Chapter10IncidentDetectionandAnalysis377Chapter11Containment,Eradication,andRecovery397DomainIVReportingandCommunication421Chapter12ReportingandCommunication423Chapter13PerformingForensicAnalysisandTechniquesforIncidentResponse447AppendixAnswerstoReviewQuestions489Index513|v1StudyXY

Page 13 of 16

CompTIA CySA+ Study Guide, 3rd Edition (2023) - Page 13 preview image

Page 14 of 16

CompTIA CySA+ Study Guide, 3rd Edition (2023) - Page 14 preview image

ContentsIntroductionxxiAssessmentTestxxXxXVDomain|SecurityOperations1Chapter1Today'sCybersecurityAnalyst3CybersecurityObjectives4Privacyvs.Security5EvaluatingSecurityRisks6IdentifyThreats9IdentifyVulnerabilities10DetermineLikelihood,Impact,andRisk10ReviewingControls12BuildingaSecureNetwork12NetworkAccessControl12FirewallsandNetworkPerimeterSecurity14NetworkSegmentation17DefenseThroughDeception18SecureEndpointManagement19HardeningSystemConfigurations19PatchManagement19GroupPolicies20EndpointSecuritySoftware20PenetrationTesting21PlanningaPenetrationTest22ConductingDiscovery23ExecutingaPenetrationTest23CommunicatingPenetrationTestResults24TrainingandExercises24ReverseEngineering25IsolationandSandboxing25ReverseEngineeringSoftware25ReverseEngineeringHardware26EfficiencyandProcessImprovement27StandardizeProcessesandStreamlineOperations28CybersecurityAutomation28TechnologyandToolIntegration29BringingEfficiencytoIncidentResponse29

Page 15 of 16

CompTIA CySA+ Study Guide, 3rd Edition (2023) - Page 15 preview image

xiiContentsTheFutureofCybersecurityAnalytics31Summary31ExamEssentials32LabExercises33Activity1.1:CreateanInboundFirewallRule33Activity1.2:CreateaGroupPolicyObject34Activity1.3:WriteaPenetrationTestingPlan35Activity1.4:RecognizeSecurityTools36Chapter2SystemandNetworkArchitecture37InfrastructureConceptsandDesign38Serverless38Virtualization39Containerization39OperatingSystemConcepts41SystemHardening41TheWindowsRegistry42FileStructureandFileLocations43SystemProcesses44HardwareArchitecture45Logging,Logs,andLogIngestion45TimeSynchronization45LoggingLevels46NetworkArchitecture47On-Premises47Cloud48Hybrid49NetworkSegmentation49Software-DefinedNetworking51ZeroTrust52SecureAccessServiceEdge52IdentityandAccessManagement53MultifactorAuthentication(MFA)54Passwordless55SingleSign-On(SSO)5sFederation56FederatedIdentitySecurityConsiderations57FederatedIdentityDesignChoices59FederatedIdentityTechnologies61PrivilegedAccessManagement(PAM)64CloudAccessSecurityBroker(CASB)65EncryptionandSensitiveDataProtection65PublicKeyInfrastructure(PKI)66SecureSocketsLayer(SSL)Inspection67

Page 16 of 16

CompTIA CySA+ Study Guide, 3rd Edition (2023) - Page 16 preview image

ContentsxiiiDataLossPrevention(DLP)68PersonallyIdentifiableInformation(PII)68CardholderData(CHD)68Summary68ExamEssentials70LabExercises70Activity2.1:SetUpVirtualMachinesforExercises70Activity2.2:ExploretheWindowsRegistry71Activity2.3:ReviewSystemHardeningGuidelines72ReviewQuestions73Chapter3MaliciousActivity77AnalyzingNetworkEvents78CapturingNetwork-RelatedEvents79DetectingCommonNetworkIssues82DetectingScansandSweeps86DetectingDenial-of-ServiceandDistributedDenial-of-ServiceAttacks87DetectingOtherNetworkAttacks88DetectingandFindingRogueDevices88InvestigatingHost-RelatedIssues91SystemResources91Malware,MaliciousProcesses,andUnauthorizedSoftware~~95UnauthorizedAccess,Changes,andPrivileges97SocialEngineering99InvestigatingService-andApplication-RelatedIssues100ApplicationandServiceMonitoring100DeterminingMaliciousActivityUsingToolsandTechniques~~104Logs,LogAnalysis,andCorrelation105Logs105SecurityAppliancesandTools110PacketCapture111DNSandWhoisReputationServices112CommonTechniques114ProtectingandAnalyzingEmail115FileAnalysis119Sandboxing120UserBehaviorAnalysis121DataFormats121Summary126ExamEssentials127LabExercises128Activity3.1:IdentifyaNetworkScan128

Preview Mode

This document has 579 pages. Sign in to access the full document!

Report

Learning Tools

Writing Tools

Browse Resources

CompTIA CySA+ Study Guide, 3rd Edition (2023) - Page 1

Study Now!

Document Details

Related Documents

CompTIA DataSys+ Study Guide : Exam DS0-001 (2023)

CompTIA Security+ Practice Tests: Exam SY0-701 (2024)

CompTIA CySA+ Practice Tests: Exam CS0-003 (2023)

CompTIA DataX Study Guide: Exam DY0-001 (2024)

CompTIA CySA+ Cybersecurity Analyst Certification All-in-One Exam Guide (Exam CS0-003) (2024)

CompTIA Network+ Practice Tests: Exam N10-009 (2024)

CompTIA Tech+ CertMike Exam FC0-U71 (2024)

CompTIA Security+ Study Guide with over 500 Practice Test Questions : Exam SY0-701 (2023)

CompTIA Network+ Study Guide: Exam N10-009 (2024)

Professor Messer's CompTIA A+ 220-901 and 220-902 Course Notes (2015)

Company

Explore

Study Tools