Threat and vulnerability management

- [Instructor] CompTIA provides a very detailed curriculum for the CySA Plus Exam. It organizes the content into five major domains, threat and vulnerability management, software and systems security, security operations and monitoring, incident response, and compliance and assessment. I'd suggest that you take the time to look through the official exam objectives and get a sense for the things that you'll learn as you prepare for the CySA Plus Exam. Chances are that you're already familiar with some topics, while others might be brand new to you. That's fine. This course is designed to give you all of the knowledge you'll need to pass the CySA Plus Exam, no matter where you are in your security career. In this video and the four that follow, I'll walk you through each of the five CySA Plus domains and give you just a quick flavor of what the exam covers. The first domain on the CySA Plus Exam, threat and vulnerability management, makes up 22% of the questions on the CySA Plus Exam. It has seven objectives. In the first objective for this domain, you'll be asked to explain the importance of threat data and intelligence. This includes understanding different intelligence sources and confidence levels, knowing how to classify different types of threat actors, and knowing how the intelligence cycle operates. The second objective for this domain is that you be able to utilize threat intelligence to support organizational security when given a scenario. This includes understanding different attack frameworks, knowing how to conduct threat research and threat modeling, and understanding threat intelligence sharing with other functions in your organization. The third objective is to perform vulnerability management activities in a given scenario. For this objective, you'll need to be able to identify vulnerabilities, validate them, and remediate or mitigate them as appropriate. You'll also need to set scanning parameters and criteria and identify inhibitors to vulnerability remediation. In the fourth objective, you're expected to be able to analyze the output from common vulnerability assessment tools. You'll need to know how to interpret results from web application scanners, infrastructure vulnerability scanners, software assessment tools, enumeration tools, wireless assessment tools, and cloud infrastructure assessment tools. The fifth objective asks you to explain the threats and vulnerabilities associated with specialized technology. You'll need to understand the risks with mobile computing, the internet of things, embedded devices, physical access controls, vehicles, drones, industrial control systems, and other specialized technologies. The sixth objective focuses on the threats and vulnerabilities associated with operating in the cloud. You'll need to understand cloud service models and cloud deployment models. You'll need to be able to identify the security issues associated with infrastructure as code, APIs, key management, storage, logging, and monitoring. Finally, the seventh objective requires that you be able to implement controls to mitigate attacks and software vulnerabilities in a given scenario. You'll need to understand a variety of common attack types as well as common software vulnerabilities. Successfully mastering the seven objectives of this domain will provide you with all of the information that you need to know to answer CySA Plus Exam questions related to threat and vulnerability management. I cover this material in two full courses, CySA Plus Threat Management and CySA Plus Vulnerability Management.