Lesson |
Description |
Matching CySA+ Objectives (Samples) |
1. Cyber Defense Analyst PR-DA-001 |
Uses data collected from a variety of cyber- defense tools (e.g., intrusion detection system (IDS) alerts, firewalls, network traffic logs) to analyze events that occur within their environments
for the purposes of mitigating threats. |
- Given a scenario, apply environmental reconnaissance techniques using appropriate tools and processes
- Given a scenario, analyze the results of a network reconnaissance
- Given a network-based threat, implement or recommend the appropriate response and countermeasure
|
2. Cyber Defense Infrastructure Support Specialist PR-INF-001 |
Tests, implements, deploys, maintains and administers the infrastructure hardware and software. |
- Explain the purpose of practices used to secure a corporate environment
- Compare and contrast common vulnerabilities found in the following targets within an organization
- Given a scenario, review security architecture and make recommendations to implement compensating controls
|
3. Cyber Defense Incident Responder PR-IR-001 |
Investigates, analyzes and responds to cyber-incidents within the network environment or enclave. |
- Given a scenario, distinguish threat data or behavior to determine the impact of an incident
- Given a scenario, prepare a toolkit and use appropriate forensics tools during an investigation
- Explain the importance of communication during the incident response process
- Given a scenario, analyze common symptoms to select the best course of action to support incident response
- Summarize the incident recovery and post-incident response process
|
4. Vulnerability Assessment Analyst PR-VA-001 |
Performs assessments of systems and networks within the network environment or enclave and identifies where those systems/networks deviate from acceptable configurations, enclave policy or local policy. Measures effectiveness of defense-in- depth architecture against known vulnerabilities. |
- Given a scenario, implement an information security vulnerability management process
- Given a scenario, analyze the output resulting from a vulnerability scan
- Compare and contrast common vulnerabilities found in the following targets within an organization
|
5. Warning Analyst AN-TA-001 |
Develops unique cyber-indicators to maintain constant awareness of the status of the highly dynamic operating environment. Collects, processes, analyzes and disseminates cyber-warning assessments. |
- Given a scenario, apply environmental reconnaissance techniques using appropriate tools and processes
- Given a scenario, analyze the results of a network reconnaissance
- Explain the importance of communication during the incident response process
|
6. Cyber Crime Investigator
IN-CI-001 |
Identifies, collects, examines and preserves evidence using controlled and documented analytical and investigative techniques. |
- Given a scenario, distinguish threat data or behavior to determine the impact of an incident
- Given a scenario, prepare a toolkit and use appropriate forensics tools during an investigation
- Summarize the incident recovery and post-incident response process
- Explain the relationship between frameworks, common policies, controls and procedures
- Compare and contrast the general purpose and reasons for using various cybersecurity tools and technologies
|
7. Forensics Analyst IN-FO-001 |
Conducts deep-dive investigations on computer- based crimes establishing documentary or physical evidence, to include digital media and logs associated with cyber-intrusion incidents. |
- Given a scenario, apply ironmental reconnaissance techniques using appropriate tools and processes
- Given a scenario, prepare a toolkit and use appropriate forensics tools during an investigation
- Compare and contrast the general purpose and reasons for using various cybersecurity tools and technologies
|
8. Cyber Defense Forensics Analyst IN-FO-002 |
Analyzes digital evidence and investigates computer security incidents to derive useful information in support of system/network vulnerability mitigation. |
- Given a scenario, analyze the output resulting from a vulnerability scan
- Given a scenario, distinguish threat data or behavior to determine the impact of an incident
- Given a scenario, prepare a toolkit and use appropriate forensics tools during an investigation
- Given a scenario, analyze common symptoms to select the best course of action to support incident response
|