CS0-002 - CompTIA Cybersecurity Analyst+: Intrusion Detection & Traffic Analysis
Overview/Description
Expected Duration
Lesson Objectives
Course Number
Expertise Level
Overview/Description
Discover how IT security analysts must recognized how malicious attacks take place. Explore how to analyze log results allows for the detection of security incidents. This course can be used in preparation for the CompTIA Cybersecurity Analyst (CySA+) Certification Exam CS0-002.
Expected Duration (hours)
1.5
Lesson Objectives CS0-002 - CompTIA Cybersecurity Analyst+: Intrusion Detection & Traffic Analysis
discover the key concepts covered in this course
identify suspicious log entries
view a sample Burp Suite report
scan a web app using nikto
deploy Kali Linux as a cloud-based virtual machine
install and configure the Snort IDS tool (mention sinkhole, antivirus heuristics)
create a Snort IDS rule
analyze an ICS traffic capture
capture and analyze HTTP user authentication traffic
playback a captured VoIP call
upload a PCAP file for analysis
enter a WPA password in WireShark to decrypt wireless traffic
use hashing to detect file changes through steganography
monitor, block, and configure notifications for devices on a Wi-Fi network using the eero app
use third-party tool to encrypt sensitive files
use aircrack-ng in Kali Linux to crack protected Wi-Fi networks
use Kismet to detect Wi-Fi networks
use Nessus to audit Amazon Web Services (AWS)
use Nessus to scan LAN hosts for malware
summarize the key concepts covered in this course
Course Number: it_cscysa20_16_enus
Expertise Level
Intermediate