 Cert Prep 5 Security Operations and Monitoring/thumbnail.webp?token=Y291cnNlcy8yMDIwLzA0L0NvbXBUSUEgQ3lTQSsgKENTMC0wMDIpIENlcnQgUHJlcCA1IFNlY3VyaXR5IE9wZXJhdGlvbnMgYW5kIE1vbml0b3JpbmcvdGh1bWJuYWlsLndlYnA6MTc4MzI5NTU2NDoxMTU2ZDBlNDhhZWMyYTcxY2Q4NTdkYmNhODIwMTViODA1ZGZiMGE0OTQ2NmNmYzRjZGQ5MTlmODA1NjI1ZmE4)
CompTIA CySA+ (CS0-002) Cert Prep: 5 Security Operations and Monitoring
2h 56mBeginner2020-11-20
Authors
Mike Chapple
Teaching Professor at the University of Notre Dame
Course details
Professionals looking to earn the CompTIA Cybersecurity Analyst (CySA+) certification must have a robust understanding of how to keep the security and overall health of their systems in check. In this installment of the CySA+ (CS0-002) Cert Prep series, instructor Mike Chapple covers key security techniques and best practices as he prepares you for the Security Operations and Monitoring domain of the CySA+ (CS0-002) exam. Mike covers log monitoring, network traffic analysis, intrusion detection and prevention, examining email for malicious content, network access control, endpoint security techniques, automating threat intelligence, and more.
Skills covered
Network SecurityCybersecurityCert Prep
Concepts
0. Introduction
- 01 - Security operations and monitoring
- 02 - What you should know
- 03 - Study resources
1. Security Monitoring
- 04 - Monitoring Log Files
- 05 - Correlating security event information
- 06 - Continuous security monitoring
- 07 - Syslog
- 08 - Network traffic analysis
2. Monitoring System Components
- 09 - Endpoint monitoring
- 10 - Malware prevention
- 11 - File system integrity monitoring
- 12 - Network monitoring
- 13 - Protocol analyzers
- 14 - DNS harvesting
- 15 - Intrusion detection and prevention
- 16 - Web security tools
- 17 - Impact analysis
- 18 - Querying logs
3. Email Analysis
- 19 - Malicious email content
- 20 - Digital signatures
- 21 - DKIM, DMARC, and SPF
- 22 - Analyzing email headers
4. Network Security Techniques
- 23 - Restricting network access
- 24 - Network Access Control
- 25 - Firewall rule management
- 26 - Router configuration security
- 27 - Switch configuration security
- 28 - Data loss prevention
5. Endpoint Security
- 29 - Operating system security
- 30 - Application management
- 31 - Host-based network security
- 32 - File permissions
- 33 - Process analysis with SysInternals
- 34 - Executable analysis
6. Security Automation
- 35 - Workflow orchestration
- 36 - Automating threat intelligence
- 37 - Continuous integration and delivery
Conclusion
- 38 - What's next
Related courses
- Windows Server 2025: Advanced Management Features
- ISC2 Systems Security Certified Practitioner (SSCP) Cert Prep
- Certificate of Cloud Security Knowledge (CCSK) Cert Prep
- Building a Multicloud Security Program: Strategy, Implementation, and Emerging Trends
- Modern Cloud Security: Shift-Left, Observability, and Automated Defense
- Cybersecurity Awareness: Cloud Security
- CertNexus Certified IoT Security Practitioner Cert Prep by InfoSec
- Building Customer Identity and Access Management (CIAM) in Your Applications on AWS