You're reading from CompTIA CySA+ (CS0-003) Certification Guide Pass the CySA+ exam on your first attempt with complete topic coverage, expert tips, and practice resources

Product type Paperback

Published in Apr 2025

Publisher Packt

ISBN-13 9781835468920

Length 742 pages

Edition 1st Edition

Concepts

Cybersecurity

Author (1):

Jonathan Isley

View More author details

Table of Contents (19) Chapters

Preface

1. Chapter 1: IAM, Logging, and Security Architecture

2. Chapter 2: Attack Frameworks FREE CHAPTER

3. Chapter 3: Incident Response Preparation and Detection

4. Chapter 4: Incident Response – Containment, Eradication, Recovery, and Post-Incident Activities

5. Chapter 5: Efficiency in Security Operations

6. Chapter 6: Threat Intelligence and Threat Hunting

7. Chapter 7: Indicators of Malicious Activity

8. Chapter 8: Tools and Techniques for Malicious Activity Analysis

9. Chapter 9: Attack Mitigations

10. Chapter 10: Risk Control and Analysis

11. Chapter 11: Vulnerability Management Program

12. Chapter 12: Vulnerability Assessment Tools

13. Chapter 13: Vulnerability Prioritization

14. Chapter 14: Incident Reporting and Communication

15. Chapter 15: Vulnerability Management Reporting and Communication

16. Chapter 16: Accessing the Online Practice Resources

17. Index

Why Subscribe?

18. Other Books You May Enjoy

Activity 1.3: CIS Benchmark and STIG Review

This activity gives you practice with two widely recognized resources for system hardening: CIS benchmarks and STIGs. These documents provide detailed guidelines for securing systems by implementing industry best practices and government standards. By reviewing and comparing them, you’ll gain hands-on experience of analyzing security settings, assessing their organizational impact, and understanding how different frameworks present and enforce security controls.

Follow these steps to explore key security settings, analyze their applicability, and compare the presentation of information in CIS benchmarks and STIGs:

Visit https://www.cisecurity.org/cis-benchmarks and navigate to Operating Systems | Microsoft Windows Server | DOWNLOAD THE BENCHMARK. You will have to register to be able to complete the download.
Access your email and you will receive a link to download the applicable benchmark. Choose the Windows Server 2022 benchmark to use in the following steps. You can use any benchmark you want to explore on your own, but the rest of the steps here are specific to the Windows Server 2022 benchmark. Explore the settings for section 1.1 Password Policy on pages 29–44 in the document. Note that the PDF pages may not exactly match the document pages. While reviewing these settings consider these questions:
- Do these settings fit within your environment?
- If these settings were to be turned on enterprise-wide, would there be any concern of adverse impact?
- If there is a concern for impact, what steps would be best to follow for those specific settings?
Another specific setting to explore is 2.3.7.3 Interactive logon: Machine inactivity limit on page 188. Bearing in mind where this benchmark would be applied, answer the same questions.
Continue to practice reviewing this benchmark and others of interest and see what kind of common items you see. Remember, it may not always be best for every organization to implement every item exactly as written.
STIGs provided by the DoD can also provide this type of system hardening guidance but require some additional steps. They must be opened via a STIG Viewer tool as they are in an XCCDF format. Navigate to https://public.cyber.mil/stigs/srg-stig-tools/ and download the STIG Viewer compatible with your system and install it. If you get the MSI package, select More Info and Run Anyway to get the installation to work.
Navigate to https://public.cyber.mil/stigs/downloads/ on the right-hand filter, choose operating systems, then select the plus sign to choose Windows. Find Windows Server 2022 STIG and download it.
These files are typically found in compressed format, so you will have to unzip them first. You will see a .xml file and many other files. These other files help explain some details about STIG itself. Open the STIG Viewer you installed. Click to open STIG and navigate to the .xml file and open it.
Take some time to explore the interface. In the top left, next to STIG Rules, you will see a gear icon and a filter icon. Click on the filter icon, which will allow ways to search through the STIG, and input interactive login. Choose V-254456 from the filtered list. Explore these details and compare what you saw in step 4 from the CIS benchmark.