What do you think?
Rate this book
CompTIA CySA+ Cybersecurity Analyst Certification All-in-One Exam Guide
Publisher's Products purchased from Third Party sellers are not guaranteed by the publisher for quality, authenticity, or access to any online entitlements included with the product.
This comprehensive self-study guide offers complete coverage of the new CompTIA Cybersecurity Analyst+ certification exam This guide has been updated to reflect CompTIA's exam acronym C ySA+. This highly effective self-study system provides complete coverage of every objective for the challenging CompTIA CySA+ Cybersecurity Analyst exam . You'll find learning objectives at the beginning of each chapter, exam tips, in-depth explanations, and practice exam questions. All questions closely mirror those on the live test in content, format, and tone. Designed to help you pass exam CS0-001 with ease, this definitive guide also serves as an essential on-the-job reference. Covers every topic on the exam, • Threat and vulnerability management • Conducting and analyzing reconnaissance • Responding to network-based threats • Securing a cooperate network • Cyber incident response • Determining the impact of incidents • Preparing the incident response toolkit • Security architectures • Policies, procedures, and controls • Assuring identity and access management • Putting in compensating controls • Secure software development Electronic content • 175+ practice questions • Secured book PDF
This comprehensive self-study guide offers complete coverage of the new CompTIA Cybersecurity Analyst+ certification exam This guide has been updated to reflect CompTIA's exam acronym C ySA+. This highly effective self-study system provides complete coverage of every objective for the challenging CompTIA CySA+ Cybersecurity Analyst exam . You'll find learning objectives at the beginning of each chapter, exam tips, in-depth explanations, and practice exam questions. All questions closely mirror those on the live test in content, format, and tone. Designed to help you pass exam CS0-001 with ease, this definitive guide also serves as an essential on-the-job reference. Covers every topic on the exam, • Threat and vulnerability management • Conducting and analyzing reconnaissance • Responding to network-based threats • Securing a cooperate network • Cyber incident response • Determining the impact of incidents • Preparing the incident response toolkit • Security architectures • Policies, procedures, and controls • Assuring identity and access management • Putting in compensating controls • Secure software development Electronic content • 175+ practice questions • Secured book PDF
448 pages, Paperback
Published August 23, 2017
37 people are currently reading
67 people want to read
Ratings & Reviews
Friends & Following
Create a free account to discover what your friends think of this book!
Community Reviews
Displaying 1 - 4 of 4 reviews
January 31, 2021
I used this book to prepare for the CS0-001 exam, along with 2 Udemy courses, and I passed the exam on my first attempt. So, I'm satisfied with the content. At Udemy, the course by Brent Chapman (one of this book's authors) nicely complements the book, so I read each chapter and then watched the corresponding video.
I have a paper copy of the book, but I found that some of the screenshots were hard to read. That's partly because I'm squinting at a small picture, and partly because charts are printed in black and white so all the lines look very similar. The book includes a CD with a pdf copy, and that solves the problem: all the screenshots are in colour, and you can zoom in to read small text. Based on that, you might be better off getting an electronic edition of the book and skipping the paper edition altogether. However, the CD also includes a practice exam (which I found useful) and I don't know whether electronic editions include that too.
I found most of the chapters quite interesting. However, I got a bit bogged down in chapter 11 ("Frameworks, Policies, Controls, and Procedures"), which reminded me of studying for the ITIL Foundation exam. For instance, you need to be familiar with COBIT, SABSA, and TOGAF. In fairness, these are part of the exam objectives, and I don't think there's any way for the authors to make them particularly interesting. I persevered, and I got on better with the remaining chapters in the book.
I submitted some errata to McGraw-Hill in March 2020. They acknowledged my email, but as of Jan 2021 they haven't updated the official webpage. Possibly they made a note of my comments when they revised the text for CS0-002, but I haven't read the newer book so I can't say for certain. Here's my list, in case it's helpful to any other readers:
Chapter 1
p11, final paragraph. "the header size is fixed for IPv4 packets at 40 bytes". Change "IPv4" to "IPv6".
Chapter 2
p30, 2nd paragraph, change "ping" to "tracert".
p36, change 802.1x to 802.1X (i.e. X should be in upper case rather than lower case). It's used correctly elsewhere in the book!
Chapter 5
p111, 3rd paragraph. Change "there may multiple ones" to "there may be multiple ones" (i.e. add the word "be").
Chapter 6
p121, 1st paragraph. Change "http://localhost:8834" to "https://localhost:8834" (i.e. specify https).
p136, 1st paragraph, final sentence. Change "port" to "portal".
Chapter 9
p191, 1st paragraph. "Linux typically has both the md5 tool as well as sha1sum." Change "md5" to "md5sum".
p191, 1st paragraph. "Finally, Microsoft provides the File Checksum Integrity Verifier (FCIV) tool as a free but unsupported download." I recommend using PowerShell instead, specifically the "Get-FileHash" cmdlet (supports MD5, SHA1, and SHA256, among others). You would only need FCIV on Windows 2000/XP, and you shouldn't be using them on your analysis PC!
p201, answer 4. Change "may always be performed" to "may not always be performed" (i.e. add the word "not").
Chapter 12
p262, final paragraph. "Allowing users to rest their own passwords ..." Change "rest" to "reset".
Chapter 15
p316, code sample. Change "permit tcp any ..." to "permit tcp..." (i.e. remove "any").
p316, 2nd paragraph. Change "(TCP and "any" version of IP)" to "(TCP)".
If that's intended to be a Cisco rule, then "any" is an alternative to "host X", i.e. it's a way to define the source or destination. It doesn't define the protocol: you would either say "tcp" (with a port) or "ip" (without a port). Also, it wouldn't make sense to say "any version of IP" if you then use IPv4 addresses for the hosts (i.e. this rule won't be relevant to IPv6 traffic).
p359, final paragraph. Change "cyclic redundancy check (CDC)" to "cyclic redundancy check (CRC)".
I have a paper copy of the book, but I found that some of the screenshots were hard to read. That's partly because I'm squinting at a small picture, and partly because charts are printed in black and white so all the lines look very similar. The book includes a CD with a pdf copy, and that solves the problem: all the screenshots are in colour, and you can zoom in to read small text. Based on that, you might be better off getting an electronic edition of the book and skipping the paper edition altogether. However, the CD also includes a practice exam (which I found useful) and I don't know whether electronic editions include that too.
I found most of the chapters quite interesting. However, I got a bit bogged down in chapter 11 ("Frameworks, Policies, Controls, and Procedures"), which reminded me of studying for the ITIL Foundation exam. For instance, you need to be familiar with COBIT, SABSA, and TOGAF. In fairness, these are part of the exam objectives, and I don't think there's any way for the authors to make them particularly interesting. I persevered, and I got on better with the remaining chapters in the book.
I submitted some errata to McGraw-Hill in March 2020. They acknowledged my email, but as of Jan 2021 they haven't updated the official webpage. Possibly they made a note of my comments when they revised the text for CS0-002, but I haven't read the newer book so I can't say for certain. Here's my list, in case it's helpful to any other readers:
Chapter 1
p11, final paragraph. "the header size is fixed for IPv4 packets at 40 bytes". Change "IPv4" to "IPv6".
Chapter 2
p30, 2nd paragraph, change "ping" to "tracert".
p36, change 802.1x to 802.1X (i.e. X should be in upper case rather than lower case). It's used correctly elsewhere in the book!
Chapter 5
p111, 3rd paragraph. Change "there may multiple ones" to "there may be multiple ones" (i.e. add the word "be").
Chapter 6
p121, 1st paragraph. Change "http://localhost:8834" to "https://localhost:8834" (i.e. specify https).
p136, 1st paragraph, final sentence. Change "port" to "portal".
Chapter 9
p191, 1st paragraph. "Linux typically has both the md5 tool as well as sha1sum." Change "md5" to "md5sum".
p191, 1st paragraph. "Finally, Microsoft provides the File Checksum Integrity Verifier (FCIV) tool as a free but unsupported download." I recommend using PowerShell instead, specifically the "Get-FileHash" cmdlet (supports MD5, SHA1, and SHA256, among others). You would only need FCIV on Windows 2000/XP, and you shouldn't be using them on your analysis PC!
p201, answer 4. Change "may always be performed" to "may not always be performed" (i.e. add the word "not").
Chapter 12
p262, final paragraph. "Allowing users to rest their own passwords ..." Change "rest" to "reset".
Chapter 15
p316, code sample. Change "permit tcp any ..." to "permit tcp..." (i.e. remove "any").
p316, 2nd paragraph. Change "(TCP and "any" version of IP)" to "(TCP)".
If that's intended to be a Cisco rule, then "any" is an alternative to "host X", i.e. it's a way to define the source or destination. It doesn't define the protocol: you would either say "tcp" (with a port) or "ip" (without a port). Also, it wouldn't make sense to say "any version of IP" if you then use IPv4 addresses for the hosts (i.e. this rule won't be relevant to IPv6 traffic).
p359, final paragraph. Change "cyclic redundancy check (CDC)" to "cyclic redundancy check (CRC)".
March 2, 2018
The best knowledge is translatable to actionable items. And this book is full of pertinent information to make someone more aware and has plenty of actionable items from anywhere along a forensic investigation you might be involved in as well as just basic testing for your environment.
As it relates to the exam - not sure yet since my test is upcoming. I feel thoroughly prepared however and will update based on the results.
If you are just wanting to learn more about cybersecurity this is a very base level book to give you a good foundational understanding.
I would highly recommend for any IT analyst.
As it relates to the exam - not sure yet since my test is upcoming. I feel thoroughly prepared however and will update based on the results.
If you are just wanting to learn more about cybersecurity this is a very base level book to give you a good foundational understanding.
I would highly recommend for any IT analyst.
January 5, 2020
The text flows smoothly and covers a broad subject matter. I also liked that different toolsets and vendors were discussed in the last chapter.
I am using this in prep for the Beta exam [version 002] - and will update this review after taking the exam.
I am using this in prep for the Beta exam [version 002] - and will update this review after taking the exam.
January 28, 2022
Excellent exam preparation book. Very well written.
Displaying 1 - 4 of 4 reviews