- Threat and Vulnerability Management (22%)
- This domain covers the skills necessary to Cysa+ Syllabus identify, assess, and prioritize vulnerabilities. It includes hands-on experience with vulnerability assessment tools, analyzing the results, and developing plans to remediate vulnerabilities.
- Understanding current threat landscapes and being able to categorize threats based on their risk to the organization is also crucial.
- Software and Systems Security (18%)
- This domain focuses on securing software and systems, with an emphasis on application security. Candidates will need to demonstrate their ability to secure applications throughout their development lifecycle, as well as how to configure systems to minimize vulnerabilities.
- The syllabus also includes content on secure coding practices and how to detect common vulnerabilities, such as buffer overflows and injection attacks.
- Security Operations and Monitoring (25%)
- In this domain, candidates will learn how to monitor for potential security incidents, respond to detected threats, and manage day-to-day security operations. This includes using SIEM (Security Information and Event Management) tools and other monitoring systems to detect and analyze suspicious activity.
- The syllabus emphasizes the importance of continuous monitoring and real-time analysis to ensure rapid detection of threats.