CompTIA CySA+ (CS0-002) Practice Exam - RETIRED
CompTIA CySA+ (CS0-002) Practice Exam
The exam has retired and updated to the latest version CompTIA CySA+ (CS0-003)
About CompTIA CySA+ (CS0-002) Practice Exam
The CompTIA Cybersecurity Analyst (CySA+) exam has been built to assess the skills of the candidate needed to handle tasks including -
- Implementing intelligence and threat detection techniques
- Examining and interpreting data
- Observing and addressing vulnerabilities
- Recommend preventative measures
- Ability to effectively respond and recover from incidents.
Exam Details
- Exam Name: CompTIA CySA+
- Exam Code: CS0-002
- Total Questions: 85 questions
- Exam Duration: 165 minutes
- Passing score: 750 (on a scale of 100 - 900)
- Exam Language: English, Japanese
- Exam fees: $370 USD
Recommended Experience
- The CompTIA CySA+ (CS0-002) exam recommends Network+, Security+ or equivalent knowledge.
- Candidates are suggested to have at least 4 years of hands-on information security or related experience.
CompTIA CySA+ (CS0-002) Course Outline
The CompTIA CySA+ (CS0-002) Exam develops skills on topics -
DOMAIN 1 - Describe Threat and Vulnerability Management - 22%
1.1 Understand the importance of threat data and intelligence.
- Learn Intelligence sources
- Learn Confidence levels
- Learn Indicator management
- Learn Threat classification and factors
- Learn Intelligence cycle
- Learn Commodity malware
- Learn Information sharing and analysis communities
1.2 Learn to utilize threat intelligence for supporting organizational security.
- Understand the Attack frameworks
- Overview of Threat research
- Learn about Threat modeling methodologies
- Overview of Threat intelligence sharing
- Understanding the concept of Validation
- Explain Remediation/mitigation
- Understanding Scanning parameters and scenario
- Learn about Inhibitors to remediation
1.3 Understand and examine the output from common vulnerability assessment tools.
- Lean Web application scanner
- Learn Infrastructure vulnerability scanner
- Overview of Software assessment tools and techniques
- Understanding the concept of Enumeration
- Learn about Wireless assessment tools
- Understanding Cloud infrastructure assessment tools
1.4 Understanding threats and vulnerabilities with specialized technology.
- Understanding Internet of Things (IoT)
- Overview of Real-time operating system (RTOS)
- Overview of System-on-Chip (SoC)
- Understanding Field programmable gate array (FPGA)
- Understand Physical access control
- Learn and build automation systems
- Overview of Vehicles and drones
- Learning Workflow and process automation systems
- Understanding industrial control system
- Overview of SCADA - Supervisory Control and Data Acquisition (SCADA)
1.5 Understand threats and vulnerabilities with operating in the cloud.
- Overview of Cloud service models
- Understanding cloud deployment models
- Learn Function as a Service (FaaS)/serverless architecture
- Overview of Infrastructure as code (IaC)
- Describe Insecure application programming interface (API)
- Understand improper key management
- Learn about Unprotected storage
- Overview of Logging and monitoring
1.6 Learn to execute controls to mitigate attacks and software vulnerabilities.
- Understanding types of Attack
- Learning about vulnerabilities
DOMAIN 2 - Software and Systems Security
2.1 Learn to implement security solutions for infrastructure management.
- Overview of Cloud vs. on-premises
- Understanding Asset management
- Understanding Network architecture
- Describe Change management
- Learn concepts of Virtualization and Containerization
- Overview of Identity and access management
- Understanding Cloud access security broker (CASB)
2.2 Understanding software assurance best practices.
- Understanding Platforms
- Overview of Software development life cycle (SDLC) integration
- Understanding DevSecOps
- Learn about Software assessment methods
- Learn Secure coding best practices
- Understand Static analysis tools
- Overview of Dynamic analysis tools
- Learn about methods for verification of critical software
- Understanding Service-oriented architecture
2.3 Explain hardware assurance best practices.
- Understanding Hardware root of trust
- Overview of eFuse
- Describe Unified Extensible Firmware Interface (UEFI)
- Understanding Trusted foundry
- Overview of Secure processing
- Overview of Anti-tamper
- Understanding Self-encrypting drive
- Overview of Trusted firmware
- Understanding measured boot and attestation
DOMAIN 3 - Describe Security Operations and Monitoring - 25%
3.1 Examine data as part of security monitoring activities.
- Learning Heuristics and Trend analysis
- Overview of Endpoint and Network
- Describe Log reviews
- Conducting Impact analysis
- Overview of Query writing concept
- Understanding E-mail analysis
3.2 Learn to examine configuration changes to existing controls.
- Understanding Permissions
- Overview of Whitelisting
- Describe Blacklisting
- Overview of Firewall
- Define Intrusion prevention system (IPS) rules
- Learning about Data loss prevention (DLP)
- Overview of Endpoint detection and response (EDR)
- Understanding Network access control (NAC)
- Overview Sinkholing
- Understanding Malware signatures
- Learn about Sandboxing and Port security
3.3 Understanding the significance of proactive threat hunting.
- Learn about establishing a hypothesis
- Overview of profiling threat actors and activities
- Understanding Threat hunting tactics
- Understanding the attack surface area
- Overview of bundling critical assets
- Understanding Attack vectors
- Overview of Integrated intelligence
- Learning about detection capabilities
3.4 Understand automation concepts and technologies.
- Understanding Workflow orchestration
- Overview of Scripting
- Learning about application programming interface (API) integration
- Creating Automated malware signature
- Overview of Data enrichment
- Understanding threat feed combination
- Understanding Machine learning
- Learning automation protocols and standards
3.5 Describe Security Content Automation Protocol (SCAP)
- Learning continuous integration
- Overview of continuous deployment/delivery
DOMAIN 4 - Describe Incident Response - 22%
4.1 Understand the significance of the incident response process.
- Understanding Communication plan
- Learn about Response coordination
- Understanding Factors contributing to data criticality
4.2 Learn to implement incident response procedure.
- Understanding Preparation
- Learn about Detection and analysis
- Learn about Containment
- Overview of Eradication and recovery
- Understanding Post-incident activities
4.3 Learn to examine potential indicators of compromise.
- Overview of Network-related
- Overview f Host-related
- Understanding Application-related
4.4 Understand and Implement basic digital forensics techniques.
- Overview of Network
- Overview of Endpoint
- Learning about Mobile
- Overview of Cloud
- Learn about Virtualization
- Understand Legal hold
- Learn Procedures of Hashing
- Understanding Data acquisition
DOMAIN 5 - Describe Compliance and Assessment - 13%
5.1 Explain the significance of data privacy and protection.
- Overview of Privacy vs. security
- Understanding Non-technical controls
- Learn about Technical controls
5.2 Understand and Implement security concepts in support of organizational risk mitigation.
- Understanding Business impact analysis
- Overview of a risk identification process and risk calculation
- Overview of risk factors and Risk prioritization
- Understanding systems assessment
- Learning documented compensating controls
- Learn about Supply chain assessment
- Understanding Control type
- Learn concepts of audits and assessments
What do we offer?
- Full-Length Mock Test with unique questions in each test set
- Practice objective questions with section-wise scores
- In-depth and exhaustive explanation for every question
- Reliable exam reports evaluating strengths and weaknesses
- Latest Questions with an updated version
- Tips & Tricks to crack the test
- Unlimited access
What are our Practice Exams?
- Practice exams have been designed by professionals and domain experts that simulate real-time exam scenario.
- Practice exam dumps have been created on the basis of content outlined in the official documentation.
- Each set in the practice exam contains unique questions built with the intent to provide real-time experience to the candidates as well as gain more confidence during exam preparation.
- Practice exams help to self-evaluate against the exam content and work towards building strength to clear the exam.
- You can also create your own practice exam based on your choice and preference