Free ยท 2 imports included
| Concept/Formula | Definition/Equation | When to Use |
|---|---|---|
| CYSA+ Certification | Intermediate-level certification | Validates cybersecurity analysis skills |
| Passing Score | 750/900 | To achieve certification |
| Exam Voucher Cost | ~$400 | To register for the exam |
Type A: Identifying Target Audience
Setup: "When determining if CYSA+ is right for a professional"
Method: Consider existing Network+ and Security+ certifications, 3-4 years of experience, or direct cybersecurity experience.
Example: A network administrator with 2 years of experience and Security+ certification.
Type B: Exam Preparation Strategies
Setup: "When needing to maximize study effectiveness"
Method: Use closed captions, control course speed, join study groups, and download the study guide.
Example: A candidate struggling with audio comprehension using closed captions.
Problem: What is the minimum score required to pass the CYSA+ exam? Steps:
"โAnswer: 750
| Concept/Formula | Definition/Equation | When to Use |
|---|---|---|
| Preventative Control | Acts to eliminate or reduce the likelihood of an attack | Before an attack occurs |
| Detective Control | Identifies and records any attempted or successful intrusion | During or after an attack |
| Corrective Control | Acts to eliminate or reduce the impact of an intrusion event | After an attack occurs |
Type A: Matching Roles to Responsibilities
Setup: "When identifying the appropriate role for a specific task"
Method: Match the role's description to the task requirements.
Example: Assigning incident response to an Incident Analyst/Responder.
Type B: Classifying Security Controls
Setup: "When categorizing a security measure based on its function"
Method: Determine if the control prevents, detects, or corrects security incidents.
Example: Classifying a firewall as a preventative control.
Problem: Which security role is responsible for the hands-on configuration of security systems? Steps:
"โAnswer: Cybersecurity Specialist/Technician
| Concept/Formula | Definition/Equation | When to Use |
|---|---|---|
| Intelligence Cycle | Requirements -> Collection -> Analysis -> Dissemination -> Feedback | To effectively manage threat intelligence |
| OSINT | Open-Source Intelligence | Gathering information from publicly available sources |
| Threat Modeling | Identifying and assessing possible threat actors and attack vectors | To understand potential threats |
Type A: Applying the Intelligence Cycle
Setup: "When managing threat intelligence data"
Method: Follow the phases of the intelligence cycle to gather, analyze, and disseminate information.
Example: Collecting data on emerging threats and disseminating it to relevant stakeholders.
Type B: Utilizing OSINT Techniques
Setup: "When gathering information about a potential threat actor"
Method: Use publicly available information and tools to gather intelligence.
Example: Using Google Hacking to find vulnerabilities on a website.
Problem: What is the first phase of the intelligence cycle? Steps:
"โAnswer: Requirements
| Concept/Formula | Definition/Equation | When to Use |
|---|---|---|
| Wireshark | Packet analyzer | Capturing and analyzing network traffic |
| HTTP Response Codes | Numerical codes indicating the status of a request | Troubleshooting web server issues |
| Endpoint Detection and Response (EDR) | Monitors endpoints for malicious activity | Detecting and responding to threats on endpoints |
Type A: Analyzing Network Traffic with Wireshark
Setup: "When investigating network anomalies"
Method: Capture network traffic with Wireshark and analyze the packets for suspicious activity.
Example: Identifying a large number of SYN packets indicating a potential SYN flood attack.
Type B: Interpreting HTTP Response Codes
Setup: "When troubleshooting web server issues"
Method: Check the HTTP response code to determine the status of the request.
Example: Seeing a 404 error indicating that the requested resource was not found.
Problem: What tool is used to capture and analyze network traffic? Steps:
"โAnswer: Wireshark
Create a free account to import and read the full study notes โ all 10 sections.
No credit card ยท 2 free imports included