Professional Documents
Culture Documents
Diploma in Cyber Security
Diploma in Cyber Security
Detailed Syllabus
Page 1
www.smeclabs.com
SMEC
• HTTPS
• SSH
1.2 Compare and contrast common networking hardware.
• Routers
• Switches
• Managed
• Unmanaged
• Access points
• Patch panel
• Firewall
• Power over Ethernet (PoE)
• Injectors
• Switch
• PoE standards
• Hub
• Cable modem
• Digital subscriber line (DSL)
• Optical network terminal (ONT)
• Network interface card (NIC)
• Software defined networking (SDN)
1.3 Compare and contrast protocols for wireless networking.
• Frequencies
• 2.4GHz
• 5GHz
• Channels
• Regulations
• 2.4GHz vs. 5GHz
• Bluetooth
• 802.11
Page 2
www.smeclabs.com
SMEC
• a
• b
• g
• n
• ac (WiFi 5)
• ax (WiFi 6)
• Longrange fixed wireless
• Licensed
• Unlicensed
• Power
• Regulatory requirements for wireless power
• NFC
• Radiofrequency identification (RFID)
• 1.4 Summarize services provided by networked hosts.
• Server roles
o DNS
o DHCP
o Fileshare
o Print servers
o Mail servers
o Syslog
o Web servers
o Authentication, authorization, and accounting (AAA)
• Internet appliances
o Spam gateways
o Unified threat management(UTM)
o Load balancers
o Proxy servers
Page 3
www.smeclabs.com
SMEC
Page 4
www.smeclabs.com
SMEC
• Reservations
• Scope
• Virtual LAN (VLAN)
• Virtual private network (VPN)
1.7 Compare and contrast Internet connection types, network types,
and their features.
• Internet connection types
• Satellite
• Fiber
• Cable
• DSL
• Cellular
• Wireless Internet service provider (WISP)
• Network types
• Local area network (LAN)
• Wide area network (WAN)
• Personal area network (PAN)
• Metropolitan area network (MAN)
• Storage area network (SAN)
• Wireless local area network (WLAN)
1.8 Given a scenario, use networking tools.
• Crimper
• Cable stripper
• WiFi analyzer
• Toner probe
• Punchdown tool
• Cable tester
• Loopback plug
• Network tap
Page 5
www.smeclabs.com
SMEC
CompTIA CySA+
EXAM CODES CS0002 & CS0003
CompTIA Cybersecurity Analyst (CySA+) is a certification for cyber
professionals tasked with incident detection, prevention and
response through continuous security monitoring.
1.0 Threat Management 27%
2.0 Vulnerability Management 26%
3.0 Cyber Incident Response 23%
4.0 Security Architecture and Tool Sets 24%
Page 6
www.smeclabs.com
SMEC
Page 7
www.smeclabs.com
SMEC
• Data output
• Firewall logs
• Packet captures
• NMAP scan results
• Event logs
• Syslogs
• IDS report
• Tools
• SIEM
• Packet analyzer
• IDS
• Resource monitoring tool
• Netflow analyzer
1.3 Given a network based threat, implement or recommend the
appropriate response and countermeasure.
• Network segmentation
• System isolation
• Jump box
• Honeypot
• Endpoint security
• Group policies
• ACLs
Sinkhole
• Hardening
• Mandatory Access Control (MAC)
• Compensating controls
• Blocking unused ports/services
Page 8
www.smeclabs.com
SMEC
Patching
• Network Access Control (NAC)
• Timebased
• Rulebased
• Rolebased
• Locationbased
Page 9
www.smeclabs.com
SMEC
• White team
• Risk evaluation
• Technical control review
• Operational control review
• Technical impact and likelihood
• High
• Medium
• Low
2.0 Vulnerability Management
2.1 Given a scenario, implement an information security
vulnerability management process.
• Identification of requirements
• Regulatory environments
• Corporate policy
• Data classification
• Asset inventory
• Critical
• Noncritical
• Establish scanning frequency
• Risk appetite
• Regulatory requirements
• Technical constraints
• Workflow
• Configure tools to perform scans according to specification
• Determine scanning criteria
• Sensitivity levels
• Vulnerability feed
• Scope
• Credentialed vs. noncredentialed
Page 10
www.smeclabs.com
SMEC
• Types of data
• Serverbased vs. agentbased
• Tool updates/plugins
• SCAP
• Permissions and access
• Execute scanning
• Generate reports
• Automated vs. manual distribution
• Remediation
• Prioritizing
• Criticality
• Difficulty of implementation
• Communication/change control
• Sandboxing/testing
• Inhibitors to remediation
• MOUs
• SLAs
• Organizational governance
• Business process interruption
• Degrading functionality
• Ongoing scanning and continuous monitoring
2.2 Given a scenario, analyse the output resulting from a
vulnerability scan.
• Analyse reports from a vulnerability scan
Review and interpret scan results
Identify false positives
Identify exceptions
Prioritize response actions
Page 11
www.smeclabs.com
SMEC
Page 12
www.smeclabs.com
SMEC
Page 13
www.smeclabs.com
SMEC
Page 14
www.smeclabs.com
SMEC
Page 15
www.smeclabs.com
SMEC
Page 16
www.smeclabs.com
SMEC
• ISO
• COBIT
• SABSA
• TOGAF
• ITIL
• Policies
• Password policy
• Acceptable use policy
• Data ownership policy
• Data retention policy
• Account management policy
• Data classification policy
• Controls
• Control selection based on criteria
• Organizationally defined parameters
• Physical controls
• Logical controls
• Administrative controls
• Procedures
• Continuous monitoring
• Evidence production
• Patching
• Compensating control development
• Control testing procedures
• Manage exceptions
• Remediation plans
Page 17
www.smeclabs.com
SMEC
• Evaluations
• Assessments
• Maturity model
• Certification
4.2 Given a scenario, use data to recommend remediation of
security issues related to identity and access management.
• Security issues associated with Contextbased authentication
• Time
• Location
• Frequency
• Behavioural
• Security issues associated with identities
• Personnel
• Endpoints
• Servers
• Services
• Roles
• Applications
Page 18
www.smeclabs.com
SMEC
o Impersonation
o Man in the middle
o Session hijack
o Cross-site scripting
o Privilege escalation
o Rootkit
4.3 Given a scenario, review security architecture and make
recommendations to implement compensating controls.
• Security data analytics
• Data aggregation and correlation
• Trend analysis
• Historical analysis
• Manual review
• Firewall log
• Syslogs
• Authentication logs
• Event logs
• Defense in depth
• Personnel
• Training
• Dual control
• Separation of duties
• Third party/consultants
• Cross training
• Mandatory vacation
• Succession planning
• Processes
• Continual improvement
• Scheduled reviews
• Retirement of processes
Page 19
www.smeclabs.com
SMEC
• Technologies
• Automated reporting
• Security appliances
• Security suites
• Outsourcing
• Security as a Service
• Cryptography
• Other security concepts
• Network design
• Network segmentation
4.4 Given a scenario, use application security best practices
while participating in the Software Development Life Cycle
(SDLC).
• Best practices during software development
• Security requirements definition
• Security testing phases
• Static code analysis
• Web app vulnerability scanning
• Fuzzing
• Use interception proxy to crawl application
• Manual peer reviews
• User acceptance testing
• Stress test application
• Security regression testing
• Input validation
• Secure coding best practices
• OWASP
• SANS
• Center for Internet Security
• System design recommendations
• Benchmarks
Page 20
www.smeclabs.com