What's new in CS0-003?

- [Instructor] The third version of the CySA+ exam is a major change from previous versions. Because of this, if you're preparing for the third version of the exam, I strongly recommend that you use books and video courses designed for that exam's objectives. There's simply too much new material on the new exam to use old materials to prepare. The most significant change is that the exam now covers only four domains of material. The first three are renamed and revised versions of domains from the old exam. What used to be called "Security Operations and Monitoring" on the second version of the exam is now the "Security Operations Domain" on the new test. The old "Threat and Vulnerability Management" domain is now simply "Vulnerability Management" and "Incident Response" has been renamed "Incident Response and Management". The fourth domain is new. It's called "Reporting and Communication" and while it does bring in some of the material from the second version of the exam, there's also a ton of new material in this domain. Next, I'd like to show you some of the exam objectives and point out areas that are new to the third version of the exam. There are a lot of small changes, so I'm just going to hit the highlights here. Objective 1.1 is almost entirely new. It asks you to explain the importance of system and network architecture concepts in security operations. This material is all new on the third version of the exam and it asks you to understand a variety of network and security controls. Objective 1.3 on using tools and techniques to determine malicious activity also contains some new material. Most of the changes here are just adding some new tools and technologies, but this last section is really significant. You're now expected to understand the use of programming languages and scripting in our work and that includes a list of six languages. Objective 1.4 on threat intelligence and threat hunting covers topics that were on the old exam, but it adds a lot of detail to the objective on specific topics that you need to know. And rounding out the changes to domain one, Objective 1.5 asks you to explain the importance of efficiency and process improvement in security operations. This one is entirely new. Domain two on vulnerability management is mostly the same. Each of the objectives does have some new material thrown in, but the main structure of the domain is intact. The big changes in domain two come in objective 2.5. This asks you to explain concepts related to vulnerability response, handling, and management. You'll find a lot of new material here asking you to explain concepts like maintenance windows and patch management, as well as the principles of risk management and attack surface management. Domain three on incident response and management remains mostly the same in the third version of the exam with just a handful of new topics thrown in. But domain four on reporting and communication is entirely new. In this domain, you'll be asked to explain the importance of material found in two objectives. Objective 4.1 asks you to explain the importance of vulnerability management, reporting, and communication and objective 4.2 asks you to explain the importance of incident response, reporting, and communication. Hopefully, this review of the new CySA+ exam objectives gave you a good idea of what's changed on the exam. The new exam is still a great test of your cybersecurity analysis skills. My advice to you is simply to make sure that you're using updated study materials because there's a lot of new content on this test.