The CySA+ knowledge domains
Introduction
The new CompTIA Cybersecurity Analyst Certification (CySA+), exam code CS0-002, came into effect as of April 21, 2020, replacing the CySA+ exam (CS0-001). The new certification verifies that CySA+-certified professionals have the skills and knowledge required to deploy intelligence and threat detection techniques, analyze and interpret data, find and remediate vulnerabilities, suggest preventive measures and effectively respond and recover from the security incidents.
This article will detail the five knowledge domains of the CySA+ certification exam (CS0-002) and what material you can expect to be covered on the exam. Here is a breakdown.
CySA+ certification exam background
The CySA+ certification exam is divided into five general categories of knowledge domains:
Domains | Exam percentage |
---|---|
1.0 Threat and Vulnerability Management | 22% |
2.0 Software and Systems Security | 18% |
3.0 Security Operations and Monitoring | 25% |
4.0 Incident Response | 22% |
5.0 Compliance and Assessment | 13% |
Total | 100% |
These five general categories of knowledge domains can be further broken down into smaller domains, but these will be explored in subsequent articles.
1.0 Threat and Vulnerability Management
Cyberthreats and vulnerabilities are continually proliferating and organizations are looking for solutions to enable greater cyber resilience. The first domain spells out everything about cybersecurity threats and vulnerabilities, including the importance of threat data and vulnerabilities, vulnerability management activities, vulnerability assessment tools, threats and vulnerabilities associated with specialized technologies (e.g., mobile or IoT), as well as threats and vulnerabilities in the cloud. The following sections list all the contents under this domain:
1.1 Explain the importance of threat data and intelligence
- Intelligence sources
- Confidence levels
- Indicator management
- Threat classification
- Threat actors
- Intelligence cycle
- Commodity malware
- Information sharing and analysis communities
1.2 Given a scenario, analyze the results of a network reconnaissance
- Attack frameworks
- Threat research
- Threat modeling methodologies
- (Read more...)
*** This is a Security Bloggers Network syndicated blog from Infosec Resources authored by Greg Belding. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/hHtqVGJb9To/