CompTIA CySA+
Gain the skills required to pass the CompTIA CySA+ certification exam with the CompTIA Cybersecurity Analyst (CySA+) course and lab. The lab is versatile and delivers a hands-on experience, replacing expensive physical labs. The CompTIA CySA+ training course and lab cover the CS0-002 exam objectives and offer an interactive learning experience required to analyse and interpret data; identify and address vulnerabilities, and more. The CySA+ study guide has all the learning resources to help you master all the skills covered in the exam.
Lessons | Test Prep | Lab
Here’s what’s included
The CompTIA CySA+ certification focuses on the candidate’s ability required to capture, monitor, and respond to network traffic findings along with the software and application security; automation, threat hunting, and IT regulatory compliance. The CompTIA CySA+ certified candidates will be able to apply the appropriate incident response procedure, analyse potential indicators of compromise, and utilise basic digital forensics techniques.
Lessons
18+ Lessons
320+ Quizzes
160+ Flashcards
160+ Glossary of terms
Test Prep
85+ Pre Assessment Questions
2+ Full-Length Tests
85+ Post Assessment Questions
170+ Practice Test Questions
Video Lessons
46+ Videos
15 hours
Lab
30+ Performance Lab
What you will learn
- Lesson 1: Introduction
- Lesson 2: Todays Cyber Security Analyst
- Lesson 3: Using Threat Intelligence
- Lesson 4: Intelligence Gathering
- Lesson 5: Design and Vulnerability Management Programme
- Lesson 6: Analysing Vulnerabilty Scans
- Lesson 7: Cloud Security
- Lesson 8: Infrastructure Security and Controls
- Lesson 9: Identity and Management Security
- Lesson 10: Software and Hardware Development
- Lesson 11: Security Operations and Monitoring
- Lesson 12: Building an Incident Response Programme
- Lesson 13: Analysing Indicators of Compromise
- Lesson 14: Performing Forensic Analysis and Techniques
- Lesson 15: Containment, Eradication, and Recovery
- Lesson 16: Risk Management
- Lesson 17: Policy and Compliance
- What does this course cover?
- Objectives map for CompTIA Cybersecurity Analyst (CySA+) Exam CS0-002
- Cybersecurity objectives
- Privacy vs. security
- Evaluating security risks
- Building a secure network
- Secure endpoint management
- Penetration testing
- Reverse engineering
- The future of cybersecurity analytics
- Summary
- Exam essentials
- Threat data and intelligence
- Threat classification
- Attack frameworks
- Applying threat intelligence organisation wide
- Summary
- Exam essentials
- Mapping and enumeration
- Passive footprinting
- Gathering organisational intelligence
- Detecting, preventing, and responding to reconnaissance
- Summary
- Exam Essentials
-
- Identifying vulnerability management requirements
- Configuring and executing vulnerability scans
- Developing a remediation workflow
- Overcoming risks of vulnerability scanning
- Vulnerability scanning tools
- Summary
- Exam essentials
- Reviewing and interpreting scan reports
- Validating scan results
- Common vulnerabilities
- Summary
- Exam essentials
- Understanding cloud environments
- Operating in the cloud
- Cloud infrastructure security
- Summary
- Exam essentials
- Understanding defense-in-depth
- Improving security by improving controls
- Analysing security architecture
- Summary
- Exam essentials
- Understanding identity
- Threats to identity and access
- Identity as a security layer
- Federation and single sign-on
- Summary
- Exam essentials
- Software assurance best practices
- Designing and coding for security
- Software security testing
- Hardware assurance best practices
- Summary
- Exam essentials
- Security Monitoring
- Summary
- Exam Essentials
- Security incidents
- Phases of incident response
- Building the foundation for incident response
- Creating an incident response team
- Coordination and information sharing
- Classifying incidents
- Summary
- Exam essentials
- Analysing network events
- Investigating host-related issues
- Investigating service and application-related issues
- Summary
- Exam essentials
- Building a forensics capability
- Understanding forensic software
- Conducting endpoint forensics
- Network forensics
- Cloud, virtual, and container forensics
- Conducting a forensic investigation
- Forensic investigation: an example
- Summary
- Exam essentials
- Containing the damage
- Incident eradication and recovery
- Wrapping up the response
- Summary
- Exam essentials
- Analysing risk
- Managing risk
- Security controls
- Summary
- Exam essentials
- Understanding policy documents
- Complying with laws and regulations
- Adopting a standard framework
- Implementing policy-based controls
- Security control verification and quality control
- Summary
- Exam essentials
Hands on activities
- Todays Cyber Security Analyst
- Reconnaissance and Intelligence Gathering
- Designing a Vulnerability Management Programme
- Identity and Access Management Security
- Software and Hardware Development
- Security Operations and Monitoring
- Analysing Indicators of Compromise
- Performing Forensic Analysis and Techniques
- Setting up a Honeypot on Kali Linux
- Using the iptables Command to Create a Personal Firewall in Linux
- Using the hping Program
- Scanning the Local Network
- Performing Reconnaissance on a Network
- Identifying Search Options in Metasploit
- Making Syslog Entries Readable
- Using nslookup for Passive Reconnaissance
- Conducting Vulnerability Scanning Using Nessus
- Using OWASP ZAP
- Inspecting the Vulnerability in the Echo Server’s Source Code
- Performing Session Hijacking Using Burp Suite
- Using Nikto
- Performing Vulnerability Scanning Using OpenVAS
- Exploiting LDAP-Based Authentication
- Encrypting and Decrypting Messages Using Kleopatra
- Encrypting and Decrypting a File Using AES Crypt
- Downloading and Installing Wireshark
- Configuring Snort
- Simulating the DDoS Attack
- Confirming the Spoofing Attack in Wireshark
- Capturing a Packet Using Wireshark
- Performing a Memory-Based Attack
- Examining Audited Events
- Enabling Logging for Audited Objects
- Using the MD5 Hash Algorithm
- Using Apktool to Decode and Analyse the apk File
Frequently Asked Questions
Where do I take the exam?
What is the format of the exam?
| Multiple choice questions (single and multiple response), drag and drops and performance-based |
How many questions are asked in the exam?
The exam contains 85 questions
What is the duration of the exam?
2hours 45 minutes
What is the passing score?
Core 1: 220-1001: 675
Core 2: 220-1002: 700
(on a scale out of 900)
What is the exam's retake policy?
Here are the retake policies:
In the event that you fail your first attempt at passing the Cysa+ examination, CompTIA’s retake policies are:
- CompTIA does not require a waiting period between the first and second attempt to pass such examination. However, if you need a third or subsequent attempt to pass the examination, you shall be required to wait for a period of at least 14 calendar days from the date of your last attempt before you can retake the exam.
- If a candidate has passed an exam, he/she cannot take it again without prior consent from CompTIA.
- A test result found to be in violation of the retake policy will not be processed, which will result in no credit awarded for the test taken. Repeat violators will be banned from participation in the CompTIA Certification Program.
- Candidates must pay the exam price each time they attempt the exam. CompTIA does not offer free re-tests or discounts on retakes.
What is the exam's registration fee?
£270
What are the career opportunities after passing this exam?
Security Analyst
Security Engineer
Compliance Analyst
Threat Intelligence Analyst
Application Security Analyst
Incident Response or Handler
What is the validity of the certification?
CompTIA Cysa+ certification expires after three years from the date of issue, after which the certification holder will need to renew their certification via CompTIA’s Continuing Education Program.