Lesson

Description

Matching CySA+ Objectives (Samples)

6hr lecture/ Labs
1. Cyber Defense Analyst PR-DA-001

Uses data collected from a variety of cyber- defense tools (e.g., intrusion detection system (IDS) alerts, firewalls, network traffic logs) to analyze events that occur within their environments
for the purposes of mitigating threats.

1. Given a scenario, apply environmental reconnaissance techniques using appropriate tools and processes
2. Given a scenario, analyze the results of a network reconnaissance
3. Given a network-based threat, implement or recommend the appropriate response and countermeasure

6 hr Lecture/ Lab
2. Cyber Defense Infrastructure Support Specialist PR-INF-001

Tests, implements, deploys, maintains and administers the infrastructure hardware and software.

1. Explain the purpose of practices used to secure a corporate environment
2. Compare and contrast common vulnerabilities found in the following targets within an organization
3. Given a scenario, review security architecture and make recommendations to implement compensating controls

10 hr Lecture/ Lab
3. Cyber Defense Incident Responder PR-IR-001

Investigates, analyzes and responds to cyber-incidents within the network environment or enclave.

1. Given a scenario, distinguish threat data or behavior to determine the impact of an incident
2. Given a scenario, prepare a toolkit and use appropriate forensics tools during an investigation
3. Explain the importance of communication during the incident response process
4. Given a scenario, analyze common symptoms to select the best course of action to support incident response
5. Summarize the incident recovery and post-incident response process

10 hr Lecture/ Lab
4. Vulnerability Assessment Analyst PR-VA-001

Performs assessments of systems and networks within the network environment or enclave and identifies where those systems/networks deviate from acceptable configurations, enclave policy or local policy. Measures effectiveness of defense-in- depth architecture against known vulnerabilities.

1. Given a scenario, implement an information security vulnerability management process
2. Given a scenario, analyze the output resulting from a vulnerability scan
3. Compare and contrast common vulnerabilities found in the following targets within an organization

10hr Lecture/ Lab
5. Warning Analyst AN-TA-001

Develops unique cyber-indicators to maintain constant awareness of the status of the highly dynamic operating environment. Collects, processes, analyzes and disseminates cyber-warning assessments.

1. Given a scenario, apply environmental reconnaissance techniques using appropriate tools and processes
2. Given a scenario, analyze the results of a network reconnaissance
3. Explain the importance of communication during the incident response process

10hr Lecture/ Labs
6. Cyber Crime Investigator
IN-CI-001

Identifies, collects, examines and preserves evidence using controlled and documented analytical and investigative techniques.

1. Given a scenario, distinguish threat data or behavior to determine the impact of an incident
2. Given a scenario, prepare a toolkit and use appropriate forensics tools during an investigation
3. Summarize the incident recovery and post-incident response process
4. Explain the relationship between frameworks, common policies, controls and procedures
5. Compare and contrast the general purpose and reasons for using various cybersecurity tools and technologies

10hr Lecture/ Labs
7. Forensics Analyst IN-FO-001

Conducts deep-dive investigations on computer- based crimes establishing documentary or physical evidence, to include digital media and logs associated with cyber-intrusion incidents.

1. Given a scenario, apply ironmental reconnaissance techniques using appropriate tools and processes
2. Given a scenario, prepare a toolkit and use appropriate forensics tools during an investigation
3. Compare and contrast the general purpose and reasons for using various cybersecurity tools and technologies

12hr Lecture/ Lecture
8. Cyber Defense Forensics Analyst IN-FO-002

Analyzes digital evidence and investigates computer security incidents to derive useful information in support of system/network vulnerability mitigation.

1. Given a scenario, analyze the output resulting from a vulnerability scan
2. Given a scenario, distinguish threat data or behavior to determine the impact of an incident
3. Given a scenario, prepare a toolkit and use appropriate forensics tools during an investigation
4. Given a scenario, analyze common symptoms to select the best course of action to support incident response