This CompTIA Cybersecurity Analyst (CySA+) training course will prepare you to successfully achieve this in-demand certification with hands-on, scenario-based training so you’ll be ready to meet advanced persistent threats (APTs) head on.
In this certification training course, you will gain the foundational knowledge to fully prepare for the CySA+ exam (CS0-002). This is an intermediate certification that is part of the CompTIA certification pathway, fitting in between the Network+ & CASP certifications. Achieving this certification validates that you have the skills as a cybersecurity analyst, that you can take an analytical approach to cybersecurity, and have the knowledge of network security tools and techniques to combat threats.
Included in your course tuition is a voucher that enables you to take the CS0-002 exam at any Pearson VUE Test Center location.
IT Security Professionals must have 3-4 years of hands-on information security or related experience at the level of Network+ or Security+
It is recommended that you have the following skills and knowledge before starting this course:
Knowledge of basic network terminology and functions (such as OSI Model, Topology, Ethernet, Wi-Fi, switches, routers)
Understanding of TCP/IP addressing, core protocols, and troubleshooting tools
Network attack strategies and defenses
Knowledge of the technologies and uses of cryptographic standards and products
Network- and host-based security technologies and practices
Standards and products used to enforce security on web and communications technologies
Course tuition includes an exam voucher. The exam is offered through Pearson Vue.
To earn this certification, you must take and pass CompTIA exam CS0-002
You must earn 60 CompTIA CEUs over a three-year period to maintain CySA+ certification
This is a CompTIA certification prep course.
CompTIA Cybersecurity Analyst CySA+ Certification Training Delivery Methods
CompTIA-approved CySA+ training programs
After-course instructor coaching benefit
Exam voucher included
CompTIA Cybersecurity Analyst CySA+ Certification Training Course Benefits
Prepare for and pass the Cybersecurity Analyst (CySA+) examThreat and Vulnerability ManagementSoftware and Systems Security Security Operations and MonitoringIncident ResponseCompliance and Assessment
CySA+ Course Outline
1.0 Threat and Vulnerability Management
1.1 Explain the importance of threat data and intelligence.
Structured Threat Information eXpression (STIX)
Trusted Automated eXchange of Indicator Information (TAXII)
Known threat vs. unknown threat
Advanced persistent threat
Information sharing and analysis communities
1.2 Given a scenario, utilize threat intelligence to support organizational security.
The Diamond Model of Intrusion Analysis
Indicator of compromise (IoC)
Common vulnerability scoring system (CVSS)
Threat modeling methodologies
Total attack surface
Threat intelligence sharing with supported functions
Detection and monitoring
1.3 Given a scenario, perform vulnerability management activities.
Active vs. passive scanning
False positive – True negative
Verification of mitigation
Scanning parameters and criteria
Risks associated with scanning activities
Credentialed vs. non-credentialed
Server-based vs. agent-based
Internal vs. external
Types of data
Intrusion prevention system (IPS), intrusion detection system (IDS), and firewall settings
Inhibitors to remediation
Memorandum of understanding (MOU)
Service-level agreement (SLA)
Business process interruption
1.4 Given a scenario, analyze the output from common vulnerability assessment tools.
Web application scanner
OWASP Zed Attack Proxy (ZAP)
Infrastructure vulnerability scanner
Software assessment tools and techniques
Active vs. passive
Wireless assessment tools
Cloud Infrastructure assessment tools
1.5 Explain the threats and vulnerabilities associated with specialized technology.
Internet of Things (IoT)
Real-time operating system (RTOS)
Field programmable gate array (FPGA)
Physical access control
Busiling automation systems
Vehicles and drones
Workflow and process automation systems
Industrial control system
Supervisory control and data acquisition (SCADA)
1.6 Explain the threats and vulnerabilities associated with operating in the cloud.
Cloud service models
Software as a Service (SaaS)
Platform as a Service (PaaS)
Infrastructure as a Service (IaaS)
Cloud deployment models
Function as a Service (FaaS)/ serverless architecture
Infrastructure as code (IaC)
Insecure application programming interface (API)
Improper key management
Logging and monitoring
Insufficient logging and monitoring
Inability to access
1.7 Given a scenario, implement controls to mitigate attacks and software vulnerabilities.
Extensible markup language (XML) attack
Structured query language (SQL) injection
Remote code execution
Document object model (DOM)
Improper error handling
Insecure object reference
Sensitive data exposure
Insecure components – Insufficient logging and monitoring – Weak or default configurations – Use of insecure functions – strcpy
2.0 Software and Systems Security
3.0 Security Operations and Monitoring
4.0 Incident Response
5.0 Compliance and Assessment