CompTIA Cybersecurity Analyst (CySA+)

Cyber Security has been a big concern for almost every business around the globe due to rapid expansion in the IT industry and the changing paradigm of the use of IT in the business. Cyber Security professionals are now playing a vital role in order to keep both the business process and data safe from any kind of cyber threats. Both vendor-neutral and vendor-specific certified cybersecurity professionals are now being considered as the key IT professional of almost every business.

CompTIA Cybersecurity Analyst (CySA+) is one such vendor-specific recognition for Cyber Security professionals, across the globe. IT is one of the most rapidly changing industries among other industries due to rapid change in the field of innovation and technologies. IT professionals, who are looking forward to developing their career as a Cyber Security Specialist, may consider CompTIA Cybersecurity Analyst (CySA+) as the best option for them to get an official validation of their capacity to deal with any kind of cyber threats related issues.

A Brief About CompTIA Cybersecurity Analyst (CySA+)

CompTIA has recently brought some changes in the content of the CompTIA Cybersecurity Analyst (CySA+) course, in order to keep the course curriculum updated with the updated tech industry. IT security professionals are now required to deal with the security issues for both the hardware and software and they must possess a proactive attitude against any kind of cyber threat and earn adequate knowledge regarding cyber defence and threat intelligence.

The content of the CompTIA Cybersecurity Analyst (CySA+) course is designed mainly for the security analyst who is supposed to go through the behavioral pattern of the end users with the IT device and through the transmission of data over the network in order to address, detect and prevent cyber threats. CompTIA first introduced this program on 15th February, 2017 and then the exam code of CompTIA Cybersecurity Analyst (CySA+) was CS0 – 001. After three years, CompTIA has updated the content of this course on 21st April, 2020; and the new exam code for this course is CS0 – 002. The updated content focuses more on the behavioral pattern more than the traditional security issues like antivirus software and both the hardware and software based firewall.

Extent of the Validation Period of This Exam

CompTIA Cybersecurity Analyst CySA+ (CS0 – 002) certification will remain valid for three years once you successfully pass the exam.

Skills Measures in CompTIA Cybersecurity Analyst CySA+ (CS0 – 002)

CompTIA has distributed the content of the CompTIA Cybersecurity Analyst (CySA+) course in five different areas, relevant to cyber security. Followings are the details regarding the skills measures in CompTIA Cybersecurity Analyst (CySA+) through five different segments:

1. Threat and Vulnerability Management

(Weight: 22%)

In the previous version of CompTIA CyberSecurity Analyst CySA+ (CS0 – 001), threat management and vulnerability management were in two different domains. The updated version of the course (CS0 – 002), combined those two different domains into one. This topic covers mostly the cyber intelligence and the cyber threats on data. You will also learn how to deal with threat intelligence and vulnerability management. Content of this topic will also help you to know more about the uses of vulnerability assessment tools, concept of cyber threat on cloud computing and the processes to mitigate such threats.

2. Software and System Security (Weight: 18%)

Due to the rapid change in the innovation in the arena of IT, businesses have realized the threats on business data, computer networks, databases and other IT related infrastructure. This topic was not included in the previous version of CompTIA CyberSecurity Analyst CySA+ (CS0 – 001). ComTIA has included this after finding the importance of detecting software vulnerability not only during the run time but also during the Software Development Lifecycle (SDLC), as well. CompTIA Cybersecurity Analyst (CySA+) certified professionals have started working also as Application Security Analyst, which is another key reason to include this topic in the updated version of CompTIA CyberSecurity Analyst CySA+ (CSO – 002).

3. Security Operations and Monitoring (Weight: 25%)

According to the update curriculum of CompTIA CyberSecurity Analyst CySA+ (CSO – 002), Security operation and monitoring is the third topic, added to the course content. This topic was not included in the previous version (CSO – 001), and this subject matter covers many indispensable concepts that are required to keep the IT infrastructure of an organization safe and secure. This topic covers mostly the issues those are related with reviewing the logs, securing the endpoint, analysis of emails and secure the Computer Network. This matter in hand also covers the Security Information and Event Management (SIEM) solutions of the organization, as well. In recent days, SIEM is considered as a very effective security tool in Security Operation Centers (SOC). Followings are some other security solutions introduced in this topic:

·       Firewall (both the software and hardware based).

·       Intrusion Prevention System (IPS).

·       Port security.

·       Manage and configure access permission.

·       Design and develop Data Loss Prevention (DLP) mechanism.

·       Deploy Network Access Control (NAC).

·       Manage and configure both the blacklisting and white-listing

·       Sandboxing of Endpoint Detection and Response (EDR).

·       Troubleshooting sinkholing and malware signature.

4. Incident Response (Weight: 22%)

This topic was also the part of the previous version (CS0 – 001) of CompTIA Cybersecurity Analyst (CySA+) course, though it was not that much in details. The updated version (CS0 – 002)of the course cover this topic in a comprehensive manner, as the priority of effective response to any Cyber Security incident goes higher in recent days. This topic covers the security issues of the most updated issues, relevant with this topic like Internet of Things (IoT), Field Programmable Gate Array (FPGA), System on Chip (SoC), Indicators of Compromise (IoC), Real Time Operating System (RTOS) and so on. It has been estimated that, both the automotive and enterprise Internet of Things (IoT) market will expand nearly 5.8 billion endpoints, by the end of 2020. Despite such extensive adoption of IoT devices, IoT security is not up to the mark and creates many loopholes regarding the security issue. This is one of the key reasons for why theupdated version of CompTIA CyberSecurity Analyst CySA+ (CS0 – 002) focuses more on effective and appropriate Incident Response issue.

5. Compliance and Assessment (Weight: 13%)

This is a new subject matter, included in the updated version of CompTIA CyberSecurity Analyst CySA+ (CS0 – 002). The Compliance and Assessment section of this course will help the IT security professional to have a clear understanding about the security related regulations like HIPAA, PCI DSS and GDPR. These security bodies play an important role in the regular day-to-day work of IT security professionals. Through this compliance section, candidates of this certification exam can have a clear understanding about the security regulation and the tools and means to apply those regulations in their job, as well. The IT security and compliance analysts are responsible for internal audits, monitoring the regulations and managing the risk of the organization.

 List of Hardware and Software required for CompTIA Cyber Security Analyst CySA+ (CS0 – 002)

1. Software

                           I.          Virtual Machine Images.

                         II.          Windows Server OS.

                        III.          Chrome OS.

                       IV.          Linux OS.

                         V.          Security information and Event Management (SIEM).

                       VI.          Vulnerability Scanners.

                      VII.          Metasploitable.

                    VIII.          Windows client.

                        IX.          Access to cloud instances, such as Azure, AWS etc.

                         X.          UTM Appliance.

2. Hardware

                           I.          IoT devices.

                         II.          Mobile devices.

                        III.          Servers.

                       IV.          Firewalls.

                         V.          Workstations with Virtual Machine installed.

                       VI.          VoIP phone.

                      VII.          Network Switch.

                    VIII.          Network Router.

Details About CompTIA Cybersecurity Analyst (CySA+) CS0-002

·       Exam Code: CS0-002.

·       Total number of questions: 85.

·       Types of question: Performance based and multiple choices.

·       Duration of the exam: Two hours forty five minutes.

·       Total marks of the exam: 900.

·       Passing score: 750.

·       Cost of the exam: £278.

Preparation For The Exam

We are offering both the instructor-led and self-paced online options for CompTIA Cybersecurity Analyst CySA+ (CS0 – 002). We have plenty of resources available for you to get well prepared for the exam. You can get access to our resources from anywhere through online connectivity. We have also prepared a sample test so that you could be more familiar with the pattern of the exam question. After successful completion of the exam, we will help you to make a professional CV for better job placement. We are working in collaboration with different IT companies across the UK, and you may get a great opportunity to catch your dream job through our job placement program, as well.