more study time and then using the domain-specific chapters to test your domain knowledge where it is weak. Once you're ready, take the second practice exam to make sure you've covered all the material and are ready to attempt the CySA+ exam.
As you work through questions in this book, you will encounter tools and technology that you may not be familiar with. If you find that you are facing a consistent gap or that a domain is particularly challenging, we recommend spending some time with books and materials that tackle that domain in depth. This can help you fill in gaps and help you be more prepared for the exam.
Objectives Map for CompTIA CySA+ (Cybersecurity Analyst) Exam CS0-002
The following objective map for the CompTIA CySA+ (Cybersecurity Analyst) certification exam will enable you to find where each objective is covered in the book.
Objectives Map
| Objective | Chapter |
| 1.0 THREAT AND VULNERABILITY MANAGEMENT | |
| 1.1 Explain the importance of threat data and intelligence. | Chapter 1 |
| 1.2 Given a scenario, utilize threat intelligence to support organizational security. | Chapter 1 |
| 1.3 Given a scenario, perform vulnerability management activities. | Chapter 1 |
| 1.4 Given a scenario, analyze the output from common vulnerability assessment tools. | Chapter 1 |
| 1.5 Explain the threats and vulnerabilities associated with specialized technology. | Chapter 1 |
| 1.6 Explain the threats and vulnerabilities associated with operating in the cloud. | Chapter 1 |
| 1.7 Given a scenario, implement controls to mitigate attacks and software vulnerabilities. | Chapter 1 |
| 2.0 SOFTWARE AND SYSTEMS SECURITY | |
| 2.1 Given a scenario, apply security solutions for infrastructure management. | Chapter 2 |
| 2.2 Explain software assurance best practices. | Chapter 2 |
| 2.3 Explain hardware assurance best practices. | Chapter 2 |
| 3.0 SECURITY OPERATIONS AND MONITORING | |
| 3.1 Given a scenario, analyze data as part of security monitoring activities. | Chapter 3 |
| 3.2 Given a scenario, implement configuration changes to existing controls to improve security. | Chapter 3 |
| 3.3 Explain the importance of proactive threat hunting. | Chapter 3 |
| 3.4 Compare and contrast automation concepts and technologies. | Chapter 3 |
| 4.0 INCIDENT RESPONSE | |
| 4.1 Explain the importance of the incident response process. | Chapter 4 |
| 4.2 Given a scenario, apply the appropriate incident response procedure. | Chapter 4 |
| 4.3 Given an incident, analyze potential indicators of compromise. | Chapter 4 |
| 4.4 Given a scenario, utilize basic digital forensic techniques. | Chapter 4 |
| 5.0 COMPLIANCE AND ASSESSMENT | |
| 5.1 Understand the importance of data privacy and protection. | Chapter 5 |
| 5.2 Given a scenario, apply security concepts in support of organizational risk mitigation. | Chapter 5 |
| 5.3 Explain the importance of frameworks, policies, procedures, and controls. | Chapter 5 |
Chapter 1 Domain 1.0: Threat and Vulnerability Management
EXAM OBJECTIVES COVERED IN THIS CHAPTER:
1.1 Explain the importance of threat data and intelligence.Intelligence sourcesConfidence levelsIndicator managementThreat classificationThreat actorsIntelligence cycleCommodity malwareInformation sharing and analysis communities
1.2 Given a scenario, utilize threat intelligence to support organizational security.Attack frameworksThreat researchThreat modeling methodologiesThreat intelligence sharing with supported functions
1.3 Given a scenario,
