You're reading from CompTIA CySA+ (CS0-003) Certification Guide Pass the CySA+ exam on your first attempt with complete topic coverage, expert tips, and practice resources

Product type Paperback

Published in Apr 2025

Publisher Packt

ISBN-13 9781835468920

Length 742 pages

Edition 1st Edition

Concepts

Cybersecurity

Author (1):

Jonathan Isley

View More author details

Table of Contents (19) Chapters

Preface

1. Chapter 1: IAM, Logging, and Security Architecture FREE CHAPTER

2. Chapter 2: Attack Frameworks

3. Chapter 3: Incident Response Preparation and Detection

4. Chapter 4: Incident Response – Containment, Eradication, Recovery, and Post-Incident Activities

5. Chapter 5: Efficiency in Security Operations

6. Chapter 6: Threat Intelligence and Threat Hunting

7. Chapter 7: Indicators of Malicious Activity

8. Chapter 8: Tools and Techniques for Malicious Activity Analysis

9. Chapter 9: Attack Mitigations

10. Chapter 10: Risk Control and Analysis

11. Chapter 11: Vulnerability Management Program

12. Chapter 12: Vulnerability Assessment Tools

13. Chapter 13: Vulnerability Prioritization

14. Chapter 14: Incident Reporting and Communication

15. Chapter 15: Vulnerability Management Reporting and Communication

16. Chapter 16: Accessing the Online Practice Resources

17. Index

Why Subscribe?

18. Other Books You May Enjoy

Tools

In this section, example tool providers will be listed, but the CySA+ exam is vendor-neutral, so you are not expected to know any of these tools in any depth. If any of these tool topic sets require further depth for the test, they will be discussed later in the book.

Tools can be an integral part of the IR process. Tools provide support to all phases of the IR life cycle and support multiple purposes. The overall IR process can be supported with IR platforms and ticketing tools. IR platforms allow for centralized management and automation of some IR processes, such as incident detection and alerting, case management, threat intelligence integration, and workflow automation. Some examples of IR platform tools are Demisto, Resilient, and Phantom. Ticketing tools support these efforts by documenting the incident process as it occurs, from initial detection through lessons learned. Some examples of ticketing tools include BMC Remedy, ServiceNow, and Ivanti. Communication and...