CySA+

Track Room Location: Heritage Hall, room 131


Registration for this track is now CLOSED, but you can add yourself to the "wait list" and be notified if and when space opens up. Simply make the "wait list" option your primary choice when you register. While you are on the "wait list" you will be enrolled into your alternate track choice.

Description

This intermediate-level Cyber Security course will provide students the opportunity to gain immeasurable hands-on experience with current and emerging security tools. Students will learn about the latest threats, vulnerabilities, analysis, and counter-measures in a controlled classroom environment. Students will gain a broad overview of the topics covered on the CySA+ exam and the technologies covered. The student will achieve valuable knowledge as applied to both academic and production environments.

Prerequisites

Network+, Security+ or equivalent knowledge. Minimum of 3-4 years of hands-on information security or related experience. While there is no required prerequisite, CSA+ is intended to follow CompTIA Security+ or equivalent experience and has a technical, hands-on focus.

Textbook

CompTIA CSA+ Study Guide by Mike Chapple and David Seidl
ISBN:978-1-119-34897-9

Wiley will not provide e-books for this track. Desk copies of this title can be requested by emailing Rosemary Burke at Wiley (roburke@wiley.com) and giving her the following information.
Course Name
Course Number
All semesters to be taught
Estimated enrollment
Other Faculty teaching this course
Current book in use
Has this book been adopted?


Instructor

Andy Hurd2.jpg
Andrew Hurd is the Technical Program Facilitator of Cybersecurity for Southern New Hampshire University. Andrew is responsible for curriculum development and cyber competition teams. He holds dual Bachelors of Arts in Computer Science and Mathematics, a Masters in the Science of Teaching Mathematics, and a PhD in Information Sciences specialized in Information Assurance and Online Learning. Andrew, the author for a Network Guide to Security+ lab manual and Cengage, has over 17 years as a higher education professor.

Three Objectives

1. Students will be able to configure and use threat detection tools.
2. Students will be able to collect data samples and perform data analysis.
3. Students will be able to interpret the results to identify vulnerabilities, threats and risks to an organization.

Agenda

Day 1 (Monday)
Course Introduction – CSA+ Overview and Certification Objectives
Network+ and Security+ Review

Module 1 – Domain 1 – Threat Management
Objective 1.1 Given a scenario, apply environmental reconnaissance techniques using appropriate tools and processes.
  • Procedures/ Common tasks
  • Variables
  • Tools
    • NMAP
    • Host Scanning
    • Packet Analyzers
    • Vulnerability Scanners
Objective 1.2 Given a scenario, analyze the results of a network reconnaissance.
  • Point in time data analysis
  • Data Correlation and analytics
  • Data output
  • Tools
Objective 1.3 Given a network-based threat, implement or recommend the appropriate response and countermeasure.
  • Network segmentation
  • Honeypots
  • Network Access Control
  • Hardening
Objective 1.4 Explain the purpose of practices used to secure a corporate environment.
  • Pen Testing
  • Reverse Engineering
  • Training Exercises
  • Risk Evaluation

Day 2 (Tuesday)
Review – Day 1

Module 1 Completion
Objective 1.4 Explain the purpose of practices used to secure a corporate environment.

Module 2 – Domain 2 Vulnerability Management
Objective 2.1 Given a scenario, implement an information security vulnerability management process.
  • Identification of Requirements
  • Scanning Frequency
  • Tool configuration
  • Remediation
Objective 2.2 Given a scenario, analyze the output resulting from a vulnerability scan.
  • Analyze Scans
  • Validate Results
Objective 2.3 Compare and contrast common vulnerabilities found in the following targets within an organization.
  • Servers
  • Endpoints
  • Network Infrastructure
  • Virtual Infrastructure
  • SCADA devices
  • Mobile devices
  • VPN’s

Day 3 (Wednesday)
Review – Day 2

Module 3 – Domain 3 – Cyber Incident Response
Objective 3.1 Given a scenario, distinguish threat data or behavior to determine the impact of an incident.
  • Threat Classification
  • Prioritization
  • Types of data
Objective 3.2 Given a scenario, prepare a toolkit and use appropriate forensics tools during an investigation.
  • Forensic Kits
  • Forensic Investigation Suites
Objective 3.3 Explain the importance of communication during the incident response process.
  • Stakeholders
  • Communication
  • Role Based responsibilities
Objective 3.4 Given a scenario, analyze common symptoms to select the best course of action to support incident response.
  • Network related symptoms
  • Host related symptoms
  • Application related symptoms
Objective 3.5 Summarize the incident recovery and post-incident response process.
  • Containment
  • Eradication
  • Validation
  • Corrective Actions
  • Incident Reporting

Day 4 (Thursday)
Review – Day 3

Module 4 – Domain 4 – Security Architecture and Tool Sets
Objective 4.1 Explain the relationship between frameworks, common policies, controls, and procedures.
  • Regulation compliance
  • Frameworks
  • Policies
  • Controls
  • Procedures
  • Verification
Objective 4.2 Given a scenario, use data to recommend remediation of security issues related to identity and access management.
  • Context based authentication
  • Security issues with identities
  • Security issues with identity repositories
  • Exploits
Objective 4.3 Given a scenario, review security architecture and make recommendations to implement compensating controls.
  • Data analytics
  • Manual review
  • Defense in depth
Objective 4.4 Given a scenario, use application security best practices while participating in the Software Development Life Cycle (SDLC).
  • Best practices
  • Secure Coding
Objective 4.5 Compare and contrast the general purpose and reasons for using various cybersecurity tools and technologies.
  • Preventative
  • Collective
  • Analytical
  • Exploit
  • Forensics

Day 5 (Friday)
  • Review
  • Module 4 Completion
  • Course Review
  • Practice Exam

Special Note:
It will be required for the student's school to register as a CompTIA academic partner. If they are already an academic partner then this is not an extra step. If the student's school is not an academic partner then they will have to contact their CompTIA representative and complete this process before taking the class.

Certification/Instructor Resources

CySA+ exam vouchers will be provided to all participants that qualify. To qualify, a participant must 1) attend the class, 2) register their school as a CompTIA Academic partner (if they are not already), 3) register for the CompTIA Instructor Network.

Please note that content is subject to change or modification based on the unique needs of the track participants in attendance.