CompTIA CySA+ (CS0-002) Cert Prep: 5 Security Operations and Monitoring
Description
Learn how to keep the security and overall health of your systems in check as you prepare for the CySA+ (CS0-002) exam.
Tags
Syllabus
Syllabus IntroductionSecurity operations and monitoringWhat you should knowStudy resources1. Security MonitoringMonitoring Log FilesCorrelating security event informationContinuous security monitoringSyslogNetwork traffic analysis2. Monitoring System ComponentsEndpoint monitoringMalware preventionFile system integrity monitoringNetwork monitoringProtocol analyzersDNS harvestingIntrusion detection and preventionWeb security toolsImpact analysisQuerying logs3. Email AnalysisMalicious email contentDigital signaturesDKIM, DMARC, and SPFAnalyzing email headers4. Network Security TechniquesRestricting network accessNetwork Access ControlFirewall rule managementRouter configuration securitySwitch configuration securityData loss prevention5. Endpoint SecurityOperating system securityApplication managementHost-based network securityFile permissionsProcess analysis with SysInternalsExecutable analysis6. Security AutomationWorkflow orchestrationAutomating threat intelligenceContinuous integration and deliveryConclusionWhat's next Read more
![](https://d3f1iyfxxz8i1e.cloudfront.net/courses/course_image/3542dd3ef795.jpeg)
CompTIA CySA+ (CS0-002) Cert Prep: 5 Security Operations and Monitoring
-
Provider