From the course: Exam Tips: CompTIA CySA+ (CS0-002)
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Security operations and monitoring
From the course: Exam Tips: CompTIA CySA+ (CS0-002)
Security operations and monitoring
- The third domain of the CySA+ exam, Security Operations and Monitoring, makes up 25% of the questions on the test. This domain has four objectives. In the first objective, you'll be asked to analyze data as part of security monitoring activities when you're given a scenario. This includes understanding the data generated by endpoints, network devices, and security tools. You'll need to know how to review logs, conduct an impact analysis, and use a security information and event management platform. You'll also need to understand how to analyze email headers. The second objective for this domain, is that you be able to implement configuration changes to existing controls to improve security, when given a scenario. You'll need to understand permissions, whitelisting and blacklisting, firewalls, intrusion prevention systems, data loss prevention systems, and endpoint detection and response platforms.…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.