CompTIA CySA+ Practice Tests. Mike Chapple
Читать онлайн книгу.NetWars-style simulations, penetration testing and defensive cybersecurity simulations, and incident response training to prepare for the CySA+.
Additional resources for hands-on exercises include the following:
Exploit-Exercises.com provides virtual machines, documentation, and challenges covering a wide range of security issues at exploit-exercises.lains.space.
Hacking-Lab provides capture-the-flag (CTF) exercises in a variety of fields at www.hacking-lab.com/index.html.
PentesterLab provides a subscription-based access to penetration testing exercises at www.pentesterlab.com/exercises/.
The InfoSec Institute provides online capture-the-flag activities with bounties for written explanations of successful hacks at ctf.infosecinstitute.com.
Since the exam uses scenario-based learning, expect the questions to involve analysis and thought, rather than relying on simple memorization. As you might expect, it is impossible to replicate that experience in a book, so the questions here are intended to help you be confident that you know the topic well enough to think through hands-on exercises.
Taking the Exam
Once you are fully prepared to take the exam, you can visit the CompTIA website to purchase your exam voucher:
www.comptiastore.com/Articles.asp?ID=265&category=vouchers
CompTIA partners with Pearson VUE's testing centers, so your next step will be to locate a testing center near you. In the United States, you can do this based on your address or your ZIP code, while non-U.S. test takers may find it easier to enter their city and country. You can search for a test center near you at the Pearson Vue website, where you will need to navigate to “Find a test center”:
www.pearsonvue.com/comptia/
Now that you know where you'd like to take the exam, simply set up a Pearson VUE testing account and schedule an exam:
www.comptia.org/testing/testing-options/take-in-person-exam
On the day of the test, bring two forms of identification, and make sure to show up with plenty of time before the exam starts. Remember that you will not be able to take your notes, electronic devices (including smartphones and watches), or other materials in with you.
After the Cybersecurity Analyst+ Exam
Once you have taken the exam, you will be notified of your score immediately, so you'll know if you passed the test right away. You should keep track of your score report with your exam registration records and the email address you used to register for the exam.
Maintaining Your Certification
CompTIA certifications must be renewed on a periodic basis. To renew your certification, you can either pass the most current version of the exam, earn a qualifying higher-level CompTIA or industry certification, or complete sufficient continuing education activities to earn enough continuing education units (CEUs) to renew it.
CompTIA provides information on renewals via their website at
www.comptia.org/continuing-education
When you sign up to renew your certification, you will be asked to agree to the CE program's Code of Ethics, to pay a renewal fee, and to submit the materials required for your chosen renewal method.
A full list of the industry certifications you can use to acquire CEUs toward renewing the CySA+ can be found at
www.comptia.org/continuing-education/choose/renew-with-a-single-activity/earn-a-higher-level-comptia-certification
Using This Book to Practice
This book is composed of seven chapters. Each of the first five chapters covers a domain, with a variety of questions that can help you test your knowledge of real-world, scenario, and best practices–based security knowledge. The final two chapters are complete practice exams that can serve as timed practice tests to help determine whether you're ready for the CySA+ exam.
We recommend taking the first practice exam to help identify where you may need to spend more study time and then using the domain-specific chapters to test your domain knowledge where it is weak. Once you're ready, take the second practice exam to make sure you've covered all the material and are ready to attempt the CySA+ exam.
As you work through questions in this book, you will encounter tools and technology that you may not be familiar with. If you find that you are facing a consistent gap or that a domain is particularly challenging, we recommend spending some time with books and materials that tackle that domain in depth. This can help you fill in gaps and help you be more prepared for the exam.
Objectives Map for CompTIA CySA+ (Cybersecurity Analyst) Exam CS0-002
The following objective map for the CompTIA CySA+ (Cybersecurity Analyst) certification exam will enable you to find where each objective is covered in the book.
Objectives Map
Objective | Chapter |
1.0 THREAT AND VULNERABILITY MANAGEMENT | |
1.1 Explain the importance of threat data and intelligence. | Chapter 1 |
1.2 Given a scenario, utilize threat intelligence to support organizational security. | Chapter 1 |
1.3 Given a scenario, perform vulnerability management activities. | Chapter 1 |
1.4 Given a scenario, analyze the output from common vulnerability assessment tools. | Chapter 1 |
1.5 Explain the threats and vulnerabilities associated with specialized technology. | Chapter 1 |
1.6 Explain the threats and vulnerabilities associated with operating in the cloud. | Chapter 1 |
1.7 Given a scenario, implement controls to mitigate attacks and software vulnerabilities. | Chapter 1 |
2.0 SOFTWARE AND SYSTEMS SECURITY | |
2.1 Given a scenario, apply security |