Reading Time: 7 minutes Given a scenario, use data to recommend remediation of security issues related to identity and access management. CompTIA Cybersecurity Analyst (CySA+) Certification Exam Objectives Version 3.0 Identity and access management are crucial to the security of an enterprise. There are specific security concerns with identity and access management. Security Issues Associated with Context-Based Authentication Context-Based […]

Read More »

Reading Time: 2 minutes Nothing happens until something moves. Albert Einstein After studying for about 3 months, 1 month intensively, I sat for the CompTIA CySA+ exam today. For those of you going, “Wait, he hasn’t finished his blog posts on all of the objectives,” relax, they’re still in the works. So here are my thoughts on the experience […]

Read More »

Reading Time: 8 minutes Explain the relationship between frameworks, common policies, controls, and procedures. CompTIA Cybersecurity Analyst (CySA+) Certification Exam Objectives Version 3.0 Regulatory Compliance Security analysts must be aware of the regulations for the countries and industries in which their organization operates. Sarbanes-Oxley Act (SOX/SARBOX): Officially the Public Company Accounting Reform and Investor Protection Act of 2002, Sarbanes-Oxley, […]

Read More »

Reading Time: 3 minutes Summarize the incident recovery and post-incident response process. CompTIA Cybersecurity Analyst (CySA+) Certification Exam Objectives Version 3.0 Containment Techniques Segmentation Segmentation involves limiting the scope of an incident by instituting barriers to prevent it from spreading to other parts of the network. At Layer 3, ACLs and shutting down interfaces may be an option. At […]

Read More »

Reading Time: 2 minutes Given a scenario, analyze common symptoms to select the best course of action to support incident response. CompTIA Cybersecurity Analyst (CySA+) Certification Exam Objectives Version 3.0 Common Network-Related Symptoms Bandwidth consumption: It is important to have a baseline before an incident to know what is normal on the network. Deviation from the baseline can be […]

Read More »

Reading Time: 2 minutes Explain the importance of communication during the incident response process. CompTIA Cybersecurity Analyst (CySA+) Certification Exam Objectives Version 3.0 Communication is important during an incident response. The stakeholders and types of communication need to be defined before an incident. Stakeholders Human Resources HR should provide the following responsibilities in reference to incident response. Develop job […]

Read More »

Reading Time: 3 minutes Given a scenario, prepare a toolkit and use appropriate forensics tools during an investigation. CompTIA Cybersecurity Analyst (CySA+) Certification Exam Objectives Version 3.0 Being prepared before an event is a crucial part of being a security analyst. Developing a forensics toolkit is key in this preparedness. Digital Forensics Workstation The workstation for an investigation should […]

Read More »

Reading Time: 2 minutes Given a scenario, distinguish threat data or behavior to determine the impact of an incident. CompTIA Cybersecurity Analyst (CySA+) Certification Exam Objectives Version 3.0 Threat Classification Security threats can be classified by several characteristics. First, they are classified on whether or not they are known or not. Known threats are identified and reported. Unknown threats […]

Read More »