Request for consultation
Thanks for your request. You’ll soon be chatting with a consultant to get the answers you need.
Your form is submitting...
{{formPostErrorMessage.message}} [{{formPostErrorMessage.code}}]
MindTap for Ciampa's CompTIA CySA+ Guide to Cybersecurity Analyst (CS0-003), 2 terms Instant Access, 3rd Edition
Starting At $84.95
See pricing and ISBN options
Quick Navigation
Overview
IAC MT 2S COMPTIA CYSA+ G UIDE TO CYBERSECURITY ANALYST
- MindTap is an outcome-driven application that propels students from memorization to mastery. It’s the only platform that gives you complete ownership of your course. With it, you can challenge every student, build their confidence and empower them to be unstoppable.
- Access everything you need in one place. Cut down on prep with preloaded, organized course materials in MindTap. Teach more efficiently with interactive multimedia, assignments, quizzes and more. Give your students the power to read, listen and study on their phones so they can learn on their terms.
- Empower your students to reach their potential. 12 distinct metrics give you actionable insights into student engagement. Identify topics troubling your entire class and instantly communicate with struggling students. Students can track their scores to stay motivated toward their goals. Together, you can accelerate progress.
- Your course. Your content. Only MindTap gives you complete control over your course. You have the flexibility to reorder textbook chapters, add your own notes and embed a variety of content, including OER. Personalize course content to your students’ needs. They can even read your notes, add their own and highlight key text to aid their progress.
- A dedicated team, whenever you need them. MindTap isn’t just a tool, it’s backed by a personalized team eager to support you. Get help setting up your course and tailoring it to your specific objectives. You’ll be ready to make an impact from day one. And, we’ll be right here to help you and your students throughout the semester and beyond.
Part 1: CYBERSECURITY FOUNDATIONS.
1. Technology Underpinnings.
a. Infrastructures and Architectures.
i. Infrastructure Concepts.
ii. Network Architectures.
iii. Operational Technology.
b. Software.
i. Operating System Fundamentals.
ii. Coding (1.3c).
2. Threat Actors and Their Threats.
a. Who Are the Threat Actors?
i. Script Kiddie.
ii. Organized Crime.
iii. Insider Threat.
iv. Hacktivists.
v. Nation-state Actors.
vi. Others.
b. Threat Actor Actions.
i. Tactics, Techniques, and Procedures (TTP).
ii. Known and Unknown Threats.
c. Types of Attacks.
i. Web Server Application Attacks.
ii. Remote Code Execution.
iii. Data Poisoning.
iv. Obfuscated Links.
d. Vulnerabilities.
i. Programming Vulnerabilities.
ii. Broken Access Control.
iii. Cryptographic Failures.
iv. Dated Components.
v. Identification and Authentication Failures.
3. Cybersecurity Substrata.
a. Identity and Access Management (IAM).
i. Identity.
ii. Access.
b. Encryption.
i. Public Key Infrastructure (PKI).
ii. Secure Sockets Layer (SSL) Inspection.
c. Secure Coding.
i. Secure Software Development Life Cycle (SDLC).
ii. Secure Coding Best Practices.
d. Networking (1.1d).
i. Zero Trust.
ii. Secure Access Service Edge (SASE).
Part 2: SECURITY OPERATIONS.
4. Identifying Indicators of Attack (IOA).
a. Cybersecurity Indicators.
i. Indicators of Attack (IOA).
ii. Indicators of Compromise (IOC) (1.4f).
b. Network IOA.
i. Abnormal Network Traffic.
ii. Stealth Transmissions.
iii. Scan/Sweeps.
iv. Rogue Devices on a Network.
c. Endpoint IOA.
i. High-Volume Consumption of Resources.
ii. Operating System Evidence.
iii. Software-Related Evidence.
iv. Data Exfiltration.
d. Application IOA.
i. Unusual Activity.
ii. New Account Creation.
iii. Unexpected Outbound Communications.
iv. Application Logs.
5. Analyzing Indicators of Compromise (IOC).
a. Common Techniques for Investigating IOC.
i. Diagnose Malware.
ii. Analyze Email.
iii. User Behavior Analysis (UBA).
b. Tools for IOC Analysis.
i. File Analysis Tools.
ii. Tools for Analyzing Network IOC
iii. Reputation Tools.
iv. Log Correlation and Analysis Tools.
6. Threat Detection and Process Improvement.
a. Threat Intelligence.
i. What is Threat Intelligence (TI)?
ii. Threat Intelligence Versus Threat Data.
iii. The Intelligence Cycle.
iv. Threat Intelligence Sources.
v. Confidence Levels.
b. Threat Hunting.
i. What is Threat Hunting?
ii. Hunters and Hunting.
iii. Threat Hunting Methodologies.
iv. Steps in Threat Hunting.
c. Improving Security Operation Processes.
i. Standardize Processes.
ii. Streamline Operations.
iii. Tool Automation and Integration.
Part 3: VULNERABILITY ASSESSMENT AND MANAGEMENT.
7. Vulnerability Scanning and Assessment Tools.
a. Industry Frameworks.
i. Payment Card Industry Data Security Standard (PCI DSS).
ii. Center for Internet Security (CIS) Benchmarks.
iii. Open Web Application Security Project (OWASP).
iv. International Organization for Standardization (ISO) 27000 Series.
b. Vulnerability Scanning Methods.
i. Asset Discovery.
ii. Special Considerations.
iii. Types of Scanning.
c. Vulnerability Assessment Tools.
i. Network Scanning and Mapping.
ii. Web Application Scanners.
iii. Vulnerability Scanners.
iv. Debuggers.
v. Multipurpose.
vi. Cloud Infrastructure Assessment Tools.
8. Addressing Vulnerabilities.
a. Prioritizing Vulnerabilities.
i. Common Vulnerability Scoring System (CVSS) Interpretation.
ii. Validation.
iii. Context Awareness.
iv. Exploitability/Weaponization.
v. Asset Value.
vi. Zero-day.
b. Managing Vulnerabilities.
i. Using Controls.
ii. Patching and Configuration Management.
iii. Maintenance Windows.
iv. Exceptions.
v. Policies, Governance, and Service-level Objectives (SLOs).
vi. Prioritization and Escalation.
vii. Attack Surface Management.
viii. Threat Modeling.
9. Vulnerability Management Reporting and Communication.
a. Reporting Vulnerabilities.
b. Compliance Reports.
c. Action Plans.
d. Inhibitors to Remediation
i. Memorandum of Understanding (MOU).
ii. Service-level Agreement (SLA).
iii. Organizational Governance.
iv. Business Process Interruption.
v. Degrading Functionality.
vi. Legacy Systems.
vii. Proprietary Systems.
e. Metrics and Key Performance Indicators (KPIs).
i. Trends.
ii. Top 10.
iii. Critical Vulnerabilities and Zero-days.
iv. SLOs.
f. Stakeholder Identification and Communication.
Part 4: INCIDENT RESPONSE.
10. Incident Response Planning.
a. Attack Methodology Frameworks.
i. Cyber Kill Chains.
ii. Diamond Model of Intrusion Analysis.
iii. MITRE ATT&CK.
iv. Open Source Security Testing Methodology Manual (OSS TMM).
v. OWASP Testing Guide.
b. Incident Response Procedures.
i. Preparation.
c. Reporting and Communication.
i. Stakeholder Identification and Communication.
ii. Incident Declaration and Escalation.
iii. Incident Response Reporting.
iv. Communications.
v. Root Cause Analysis.
vi. Lessons Learned.
vii. Metrics and KPIs.
11. Responding to a Cyber Incident.
a. Detecting an Incident.
i. IOC.
ii. Evidence Acquisitions.
iii. Data and Log Analysis.
b. Controlling an Incident.
i. Scope.
ii. Impact.
iii. Isolation.
c. Recovering From an Incident.
i. Remediation.
ii. Re-imaging.
iii. Compensating Controls.
d. Post-incident Analysis.
i. Forensic Analysis.
ii. Root Cause Analysis.
iii. Lessons Learned.
iv. Adjusting Risk Thresholds.
12. Data Protection and Utilization.
a. Sensitive Data Protection.
i. Data Loss Prevention (DLP).
ii. Personally Identifiable Information (PII).
iii. Cardholder Data (CHD).
b. Utilizing Data for Cybersecurity.
i. Data Analytics.
ii. Artificial Intelligence (AI).
1. Technology Underpinnings.
a. Infrastructures and Architectures.
i. Infrastructure Concepts.
ii. Network Architectures.
iii. Operational Technology.
b. Software.
i. Operating System Fundamentals.
ii. Coding (1.3c).
2. Threat Actors and Their Threats.
a. Who Are the Threat Actors?
i. Script Kiddie.
ii. Organized Crime.
iii. Insider Threat.
iv. Hacktivists.
v. Nation-state Actors.
vi. Others.
b. Threat Actor Actions.
i. Tactics, Techniques, and Procedures (TTP).
ii. Known and Unknown Threats.
c. Types of Attacks.
i. Web Server Application Attacks.
ii. Remote Code Execution.
iii. Data Poisoning.
iv. Obfuscated Links.
d. Vulnerabilities.
i. Programming Vulnerabilities.
ii. Broken Access Control.
iii. Cryptographic Failures.
iv. Dated Components.
v. Identification and Authentication Failures.
3. Cybersecurity Substrata.
a. Identity and Access Management (IAM).
i. Identity.
ii. Access.
b. Encryption.
i. Public Key Infrastructure (PKI).
ii. Secure Sockets Layer (SSL) Inspection.
c. Secure Coding.
i. Secure Software Development Life Cycle (SDLC).
ii. Secure Coding Best Practices.
d. Networking (1.1d).
i. Zero Trust.
ii. Secure Access Service Edge (SASE).
Part 2: SECURITY OPERATIONS.
4. Identifying Indicators of Attack (IOA).
a. Cybersecurity Indicators.
i. Indicators of Attack (IOA).
ii. Indicators of Compromise (IOC) (1.4f).
b. Network IOA.
i. Abnormal Network Traffic.
ii. Stealth Transmissions.
iii. Scan/Sweeps.
iv. Rogue Devices on a Network.
c. Endpoint IOA.
i. High-Volume Consumption of Resources.
ii. Operating System Evidence.
iii. Software-Related Evidence.
iv. Data Exfiltration.
d. Application IOA.
i. Unusual Activity.
ii. New Account Creation.
iii. Unexpected Outbound Communications.
iv. Application Logs.
5. Analyzing Indicators of Compromise (IOC).
a. Common Techniques for Investigating IOC.
i. Diagnose Malware.
ii. Analyze Email.
iii. User Behavior Analysis (UBA).
b. Tools for IOC Analysis.
i. File Analysis Tools.
ii. Tools for Analyzing Network IOC
iii. Reputation Tools.
iv. Log Correlation and Analysis Tools.
6. Threat Detection and Process Improvement.
a. Threat Intelligence.
i. What is Threat Intelligence (TI)?
ii. Threat Intelligence Versus Threat Data.
iii. The Intelligence Cycle.
iv. Threat Intelligence Sources.
v. Confidence Levels.
b. Threat Hunting.
i. What is Threat Hunting?
ii. Hunters and Hunting.
iii. Threat Hunting Methodologies.
iv. Steps in Threat Hunting.
c. Improving Security Operation Processes.
i. Standardize Processes.
ii. Streamline Operations.
iii. Tool Automation and Integration.
Part 3: VULNERABILITY ASSESSMENT AND MANAGEMENT.
7. Vulnerability Scanning and Assessment Tools.
a. Industry Frameworks.
i. Payment Card Industry Data Security Standard (PCI DSS).
ii. Center for Internet Security (CIS) Benchmarks.
iii. Open Web Application Security Project (OWASP).
iv. International Organization for Standardization (ISO) 27000 Series.
b. Vulnerability Scanning Methods.
i. Asset Discovery.
ii. Special Considerations.
iii. Types of Scanning.
c. Vulnerability Assessment Tools.
i. Network Scanning and Mapping.
ii. Web Application Scanners.
iii. Vulnerability Scanners.
iv. Debuggers.
v. Multipurpose.
vi. Cloud Infrastructure Assessment Tools.
8. Addressing Vulnerabilities.
a. Prioritizing Vulnerabilities.
i. Common Vulnerability Scoring System (CVSS) Interpretation.
ii. Validation.
iii. Context Awareness.
iv. Exploitability/Weaponization.
v. Asset Value.
vi. Zero-day.
b. Managing Vulnerabilities.
i. Using Controls.
ii. Patching and Configuration Management.
iii. Maintenance Windows.
iv. Exceptions.
v. Policies, Governance, and Service-level Objectives (SLOs).
vi. Prioritization and Escalation.
vii. Attack Surface Management.
viii. Threat Modeling.
9. Vulnerability Management Reporting and Communication.
a. Reporting Vulnerabilities.
b. Compliance Reports.
c. Action Plans.
d. Inhibitors to Remediation
i. Memorandum of Understanding (MOU).
ii. Service-level Agreement (SLA).
iii. Organizational Governance.
iv. Business Process Interruption.
v. Degrading Functionality.
vi. Legacy Systems.
vii. Proprietary Systems.
e. Metrics and Key Performance Indicators (KPIs).
i. Trends.
ii. Top 10.
iii. Critical Vulnerabilities and Zero-days.
iv. SLOs.
f. Stakeholder Identification and Communication.
Part 4: INCIDENT RESPONSE.
10. Incident Response Planning.
a. Attack Methodology Frameworks.
i. Cyber Kill Chains.
ii. Diamond Model of Intrusion Analysis.
iii. MITRE ATT&CK.
iv. Open Source Security Testing Methodology Manual (OSS TMM).
v. OWASP Testing Guide.
b. Incident Response Procedures.
i. Preparation.
c. Reporting and Communication.
i. Stakeholder Identification and Communication.
ii. Incident Declaration and Escalation.
iii. Incident Response Reporting.
iv. Communications.
v. Root Cause Analysis.
vi. Lessons Learned.
vii. Metrics and KPIs.
11. Responding to a Cyber Incident.
a. Detecting an Incident.
i. IOC.
ii. Evidence Acquisitions.
iii. Data and Log Analysis.
b. Controlling an Incident.
i. Scope.
ii. Impact.
iii. Isolation.
c. Recovering From an Incident.
i. Remediation.
ii. Re-imaging.
iii. Compensating Controls.
d. Post-incident Analysis.
i. Forensic Analysis.
ii. Root Cause Analysis.
iii. Lessons Learned.
iv. Adjusting Risk Thresholds.
12. Data Protection and Utilization.
a. Sensitive Data Protection.
i. Data Loss Prevention (DLP).
ii. Personally Identifiable Information (PII).
iii. Cardholder Data (CHD).
b. Utilizing Data for Cybersecurity.
i. Data Analytics.
ii. Artificial Intelligence (AI).
Compare Buying Options
{{collapseContainerClosed['compare-buying-options'] ? 'Show More' : 'Show Less'}}
Each MindTap product offers the full, mobile-ready textbook combined with superior and proven learning tools at one affordable price. Students who purchase digital access can add a print option at any time when a print option is available for their course.
This Cengage solution can be seamlessly integrated into most Learning Management Systems (Blackboard, Brightspace by D2L, Canvas, Moodle, and more) but does require a different ISBN for access codes. Please work with your Cengage Learning Consultant to ensure the proper course set up and ordering information. For additional information, please visit the LMS Integration site.
This Cengage solution can be seamlessly integrated into most Learning Management Systems (Blackboard, Brightspace by D2L, Canvas, Moodle, and more) but does require a different ISBN for access codes. Please work with your Cengage Learning Consultant to ensure the proper course set up and ordering information. For additional information, please visit the LMS Integration site.
Standalone Digital Access — Ultimate Value
Recommended and most popular
- ISBN-10: 8214011515
- ISBN-13: 9798214011516
- RETAIL $84.95