Prepare yourself for the newest CompTIA certification
The CompTIA Cybersecurity Analyst+ (CSA+) Study Guide provides 100% coverage of all exam objectives for the new CSA+ certification. The CSA+ certification validates a candidate's skills to configure and use threat detection tools, perform data analysis, identify vulnerabilities with a goal of securing and protecting organizations systems. Focus your review for the CSA+ with Sybex and benefit from real-world examples drawn from experts, hands-on labs, insight on how to create your own cybersecurity toolkit, and end-of-chapter review questions help you gauge your understanding each step of the way. You also gain access to the Sybex interactive learning environment that includes electronic flashcards, a searchable glossary, and hundreds of bonus practice questions.
This study guide provides the guidance and knowledge you need to demonstrate your skill set in cybersecurity. Key exam topics include:
- Threat management
- Vulnerability management
- Cyber incident response
- Security architecture and toolsets
Introduction xxvii
Assessment Test xxxix
Chapter 1 Defending Against Cybersecurity Threats 1
Chapter 2 Reconnaissance and Intelligence Gathering 33
Chapter 3 Designing a Vulnerability Management Program 75
Chapter 4 Analyzing Vulnerability Scans 103
Chapter 5 Building an Incident Response Program 143
Chapter 6 Analyzing Symptoms for Incident Response 169
Chapter 7 Performing Forensic Analysis 207
Chapter 8 Recovery and Post-Incident Response 245
Chapter 9 Policy and Compliance 269
Chapter 10 Defense-in-Depth Security Architectures 293
Chapter 11 Identity and Access Management Security 329
Chapter 12 Software Development Security 371
Chapter 13 Cybersecurity Toolkit 401
Appendix A Answers to the Review Questions 437
Chapter 1: Defending Against Cybersecurity Threats 438
Chapter 2: Reconnaissance and Intelligence Gathering 439
Chapter 3: Designing a Vulnerability Management Program 441
Chapter 4: Analyzing Vulnerability Scans 443
Chapter 5: Building an Incident Response Program 444
Chapter 6: Analyzing Symptoms for Incident Response 446
Chapter 7: Performing Forensic Analysis 448
Chapter 8: Recovery and Post-Incident Response 449
Chapter 9: Policy and Compliance 451
Chapter 10: Defense-in-Depth Security Architectures 453
Chapter 11: Identity and Access Management Security 456
Chapter 12: Software Development Security 458
Appendix B Answers to the Lab Exercises 461
Chapter 1: Defending Against Cybersecurity Threats 462
Chapter 2: Reconnaissance and Intelligence Gathering 462
Chapter 4: Analyzing Vulnerability Scans 463
Chapter 5: Building an Incident Response Program 464
Chapter 6: Analyzing Symptoms for Incident Response 465
Chapter 7: Performing Forensic Analysis 466
Chapter 8: Recovery and Post-Incident Response 467
Chapter 9: Policy and Compliance 470
Chapter 10: Defense-in-Depth Security Architectures 471
Chapter 11: Identity and Access Management Security 472
Chapter 12: Software Development Security 473
Index 475