Sybex

Home Certification IT Administration Architecture & Design
3D Animation & CGI Internet Marketing
Print this page Share

CompTIA CSA+ Study Guide: Exam CS0-001

ISBN: 978-1-119-34897-9
552 pages
April 2017
CompTIA CSA+ Study Guide: Exam CS0-001 (1119348978) cover image

Description

Prepare yourself for the newest CompTIA certification

The CompTIA Cybersecurity Analyst+ (CSA+) Study Guide provides 100% coverage of all exam objectives for the new CSA+ certification. The CSA+ certification validates a candidate's skills to configure and use threat detection tools, perform data analysis, identify vulnerabilities with a goal of securing and protecting organizations systems. Focus your review for the CSA+ with Sybex and benefit from real-world examples drawn from experts, hands-on labs, insight on how to create your own cybersecurity toolkit, and end-of-chapter review questions help you gauge your understanding each step of the way. You also gain access to the Sybex interactive learning environment that includes electronic flashcards, a searchable glossary, and hundreds of bonus practice questions.

This study guide provides the guidance and knowledge you need to demonstrate your skill set in cybersecurity. Key exam topics include:

  • Threat management
  • Vulnerability management
  • Cyber incident response
  • Security architecture and toolsets
See More

Table of Contents

Introduction xxvii

Assessment Test xxxix

Chapter 1 Defending Against Cybersecurity Threats 1

Chapter 2 Reconnaissance and Intelligence Gathering 33

Chapter 3 Designing a Vulnerability Management Program 75

Chapter 4 Analyzing Vulnerability Scans 103

Chapter 5 Building an Incident Response Program 143

Chapter 6 Analyzing Symptoms for Incident Response 169

Chapter 7 Performing Forensic Analysis 207

Chapter 8 Recovery and Post-Incident Response 245

Chapter 9 Policy and Compliance 269

Chapter 10 Defense-in-Depth Security Architectures 293

Chapter 11 Identity and Access Management Security 329

Chapter 12 Software Development Security 371

Chapter 13 Cybersecurity Toolkit 401

Appendix A Answers to the Review Questions 437

Chapter 1: Defending Against Cybersecurity Threats 438

Chapter 2: Reconnaissance and Intelligence Gathering 439

Chapter 3: Designing a Vulnerability Management Program 441

Chapter 4: Analyzing Vulnerability Scans 443

Chapter 5: Building an Incident Response Program 444

Chapter 6: Analyzing Symptoms for Incident Response 446

Chapter 7: Performing Forensic Analysis 448

Chapter 8: Recovery and Post-Incident Response 449

Chapter 9: Policy and Compliance 451

Chapter 10: Defense-in-Depth Security Architectures 453

Chapter 11: Identity and Access Management Security 456

Chapter 12: Software Development Security 458

Appendix B Answers to the Lab Exercises 461

Chapter 1: Defending Against Cybersecurity Threats 462

Chapter 2: Reconnaissance and Intelligence Gathering 462

Chapter 4: Analyzing Vulnerability Scans 463

Chapter 5: Building an Incident Response Program 464

Chapter 6: Analyzing Symptoms for Incident Response 465

Chapter 7: Performing Forensic Analysis 466

Chapter 8: Recovery and Post-Incident Response 467

Chapter 9: Policy and Compliance 470

Chapter 10: Defense-in-Depth Security Architectures 471

Chapter 11: Identity and Access Management Security 472

Chapter 12: Software Development Security 473

Index 475

See More

Author Information

Mike Chapple, PhD, CSA+, CISSP, Security+, is Senior Director for IT Service Delivery at the University of Notre Dame overseeing information security, data governance, IT architecture, project management, strategic planning and product management functions and teaches undergraduate courses on Information Security.
David Seidl, CISSP, GPEN, GCIH is the Senior Director for Campus Technology Services at Notre Dame. As Senior Director for CTS, he is responsible for central platform and operating system support, database administration and services, identity and access management, application services, and email and digital signage.

See More

Related Websites / Extra

http://web.fiberme.net/?page=go/sybextestprep Sybex Online Test Prep & Certification Products
See More

Errata

Do you think you've discovered an error in this book? Please check the list of errata below to see if we've already addressed the error. If not, please submit the error via our Errata Form. We will attempt to verify your error; if you're right, we will post a correction below.

ChapterPageDetailsDatePrint Run
xlv Errata in Text
INCORRECT:
Question 10. C is not the correct answer.

CORRECT:
Question 10. A is the correct answer.
11-May-17
xlv - FM Errata in Text
Question 11 on xli:
11. Ben's monitoring detects regular traffic sent from a system that is suspected to be compromised and participating in a botnet to a set of remote IP addresses. What is this called?
A. Anomalous pings
B. Probing
C. Zombie chatter
D. Beaconing

Answer 11 on xlv:
Incorrect text:
C. Regular traffic from compromised systems to command and control nodes is known as beaconing. Anomalous pings could describe unexpected pings, but they are not typically part of botnet behavior, zombie chatter is a made-up term, and probing is part of scanning behavior in some cases.

Correct text:
D. Regular traffic from compromised systems to command and control nodes is known as beaconing. Anomalous pings could describe unexpected pings, but they are not typically part of botnet behavior, zombie chatter is a made-up term, and probing is part of scanning behavior in some cases.
19-May-17
See More
Instructors Resources
Wiley Instructor Companion Site
Request a print evaluation copy
Contact us
See More
See Less

Learn more about