CySA+: Compliance and Assessment Competency (Intermediate Level)

Topics covered

• allow business continuity during unexpected disruptions
• apply various risk treatments to risks
• benefit from lessons learned during incident response
• configure custom encryption keys for cloud storage
• define how cryptography protects sensitive data
• define which types of solutions provide IT system and data high availability
• deploy a private CA using Amazon Web Services
• describe common characteristics of a business continuity plan, BIA, and related insurance options
• describe how cybersecurity insurance is a form of risk transference
• describe the proliferation of botnets under malicious user control
• disable SSL on web clients and servers
• download and verify a checksum for Kali Linux
• generate file hashes on a Linux system
• generate file hashes on a Windows system
• identify the steps in the PKI certificate lifecycle
• identify the various forms of social engineering and the related security risks
• list the components of a PKI hierarchy
• proactively design a plan that outlines the response to disruptions
• protect data at rest on a Linux system
• protect data at rest using BitLocker
• protect data at rest using EFS
• recall how structured risk management frameworks work
• recognize differences between malware types
• recognize how malware and resultant botnets have become a commodity for black markets
• recognize how SSL and TLS are used to secure network traffic
• recognize the danger of ransomware and how to mitigate this threat
• recognize the importance of hashing for file systems and network communications
• recognize the relevance of a risk register
• use the Social Engineering Toolkit to execute social engineering attacks
• view authentic e-mail phishing messages