What do you think?
Rate this book
CompTIA CySA+ Cybersecurity Analyst Certification All-in-One Exam Guide, Second Edition
Publisher's Note: Products purchased from Third Party sellers are not guaranteed by the publisher for quality, authenticity, or access to any online entitlements included with the product.
Prepare for the CompTIA CySA+ certification exam with this fully updated self-study resource
This highly effective self-study system provides complete coverage of every objective for the challenging CompTIA CySA+ Cybersecurity Analyst exam. You’ll find learning objectives at the beginning of each chapter, exam tips, in-depth explanations, and practice exam questions. All questions closely mirror those on the actual test in content, format, and tone. Designed to help you pass the CS0-002 exam with ease, this definitive guide also serves as an essential on-the-job reference.
Covers all exam topics, including:
Online content includes:
Prepare for the CompTIA CySA+ certification exam with this fully updated self-study resource
This highly effective self-study system provides complete coverage of every objective for the challenging CompTIA CySA+ Cybersecurity Analyst exam. You’ll find learning objectives at the beginning of each chapter, exam tips, in-depth explanations, and practice exam questions. All questions closely mirror those on the actual test in content, format, and tone. Designed to help you pass the CS0-002 exam with ease, this definitive guide also serves as an essential on-the-job reference.
Covers all exam topics, including:
Online content includes:
608 pages, Paperback
Published November 30, 2020
30 people are currently reading
10 people want to read
Ratings & Reviews
Friends & Following
Create a free account to discover what your friends think of this book!
Community Reviews
Displaying 1 - 3 of 3 reviews
November 29, 2023
The whole purpose of the book was to prepare me for the CompTIA CySA+ CS0-002 exam, which I passed. So I’d say it did its job!
May 13, 2021
There is additional material in this book that is not on the exam. Please be sure to follow the objective maps when reading. Nevertheless all valuable information for a career in cyber security.
October 10, 2024
Useful study resource for CompTIA CySA+ cert.
Notes
Cyber Kill Chain doesn't work well for attacks that aren't dependent on all phases to achieve end goals (e.g., phishing that relies on victims to execute script). Cyber Kill Chain is malware-focused and doesn't work well with other threat vectors (e.g., insider threats, social engineering, non-malware-based intrusions).
DoD systems follow Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIGs) and NSA guides.
Web application vulnerability scanners
• OWASP Zed Attack Proxy
• Burp Suite
• Nikto
• Arachni
Infrastructure vulnerability scanners
• Nessus
• OpenVAS
• QualysGuard
Reverse-engineering software requires a disassembler (e.g., IDA Pro) which converts machine language back into assembly language. Some decompilers exist, but are unreliable.
IDS/IPS
• Snort: NIDS, packet analyzer, NIPS
• Zeek (formerly Bro): signature and anomaly based; tracks sessions; takes actions based on policies; extracts executables from network streams
• Suricata: can use Snort signatures; is multithreaded; extracts executables from network streams
Notes
Cyber Kill Chain doesn't work well for attacks that aren't dependent on all phases to achieve end goals (e.g., phishing that relies on victims to execute script). Cyber Kill Chain is malware-focused and doesn't work well with other threat vectors (e.g., insider threats, social engineering, non-malware-based intrusions).
DoD systems follow Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIGs) and NSA guides.
Web application vulnerability scanners
• OWASP Zed Attack Proxy
• Burp Suite
• Nikto
• Arachni
Infrastructure vulnerability scanners
• Nessus
• OpenVAS
• QualysGuard
Reverse-engineering software requires a disassembler (e.g., IDA Pro) which converts machine language back into assembly language. Some decompilers exist, but are unreliable.
IDS/IPS
• Snort: NIDS, packet analyzer, NIPS
• Zeek (formerly Bro): signature and anomaly based; tracks sessions; takes actions based on policies; extracts executables from network streams
• Suricata: can use Snort signatures; is multithreaded; extracts executables from network streams
Displaying 1 - 3 of 3 reviews