CompTIA CySA+ (Cybersecurity Analyst)
The CompTIA Cybersecurity Analysts (CySA+) is for cyber professionals tasked with incident detection, prevention, and response through continuous security monitoring. Stand out in cybersecurity among your peers. Demonstrate your competency in current trends, proactively monitor and detect malicious activities and respond to threats, attacks, and vulnerabilities.
Exam
Certification by
per person
Level
Duration
Training Delivery Format
Face-to-face / Virtual Class
Associated Certification
per person
Level
Duration
Training Delivery Format
Face-to-face (F2F) / Virtual Class
Associated Certification
Class types
Public Class
Private Class
In-House Training
Bespoke
About this course
The CompTIA CySA+ certification course prepares individuals to become cybersecurity analysts responsible for detecting and analyzing indicators of malicious activity using the most up-to-date methods and tools, such as threat intelligence, security information and event management (SIEM), endpoint detection and response (EDR) and extended detection and response (XDR).
It covers tools and tactics for responding to threats, attacks, and vulnerabilities. Incident response and vulnerability management processes and highlight the communication skills critical to security analysis and compliance.
CySA+ is a global, vendor-neutral certification covering intermediate-level knowledge and skills required by information security analyst job roles. It helps identify a cybersecurity professional’s ability to proactively defend an organization using secure monitoring, threat identification, incident response, and teamwork.
Who should attend?
The CompTIA CySA+ is suitable for you if you are looking or assigned for the followings jobs:
- Application Security Analyst
- Threat Hunter
- Threat Intelligence Analyst
- Vulnerability Analyst
- Security Operation Center (SOC) Analyst
- Security Architect
- Cybersecurity Engineer
Learning Outcome
The CySA+ will verify the successful candidate has the knowledge and skills required to:
- Leverage intelligence and threat detection techniques
- Analyze and interpret data
- Identify and address vulnerabilities
- Suggest preventative measures
- Effectively respond to and recover from incidents
Prerequisites
- Recommended two years of experience in computer network security or a related field.
- Ability to identify information security vulnerabilities and threats as part of risk management.
- Possess foundation-level operational skills with common computing environment operating systems.
Course Content
Module 1: Explaining the Importance of Security Controls and Security Intelligence
- Topic 1A: Identify Security Control Types
- Topic 1B: Explain the Importance of Threat Data and Intelligence
Module 2: Utilizing Threat Data and Intelligence
- Topic 2A: Classify Threats and Threat Actor Types
- Topic 2B: Utilize Attack Frameworks and Indicator Management
- Topic 2C: Utilize Threat Modeling and Hunting Methodologies
Module 3: Analyzing Security Monitoring Data
- Topic 3A: Analyze Network Monitoring Output
- Topic 3B: Analyze Appliance Monitoring Output
- Topic 3C: Analyze Endpoint Monitoring Output
- Topic 3D: Analyze Email Monitoring Output
Module 4: Collecting and Querying Security Monitoring Data
- Topic 4A: Configure Log Review and SIEM Tools
- Topic 4B: Analyze and Query Logs and SIEM Data
Module 5: Utilizing Digital Forensics and Indicator Analysis Techniques
- Topic 5A: Identify Digital Forensics Techniques
- Topic 5B: Analyze Network-related IOCs
- Topic 5C: Analyze Host-related IOCs
- Topic 5D: Analyze Application-related IOCs
- Topic 5E: Analyze Lateral Movement and Pivot IOCs
Module 6: Applying Incident Response Procedures
- Topic 6A: Explain Incident Response Processes
- Topic 6B: Apply Detection and Containment Processes
- Topic 6C: Apply Eradication, Recovery, and Post-incident
- Processes
Module 7: Applying Risk Mitigation and Security Framework
- Topic 7A: Apply Risk Identification, Calculation, and Prioritization Processes
- Topic 7B: Explain Frameworks, Policies, and Procedures
Module 8: Performing Vulnerability Management
- Topic 8A: Analyze Output from Enumeration Tools
- Topic 8B: Configure Infrastructure Vulnerability Scanning Parameters
- Topic 8C: Analyze Output from Infrastructure Vulnerability Scanners
- Topic 8D: Mitigate Vulnerability Issues
Module 9: Applying Security Solutions for Infrastructure Management
- Topic 9A: Apply Identity and Access Management Security Solutions
- Topic 9B: Apply Network Architecture and Segmentation Security Solutions
- Topic 9C: Explain Hardware Assurance Best Practices
- Topic 9D: Explain Vulnerabilities Associated with Specialized Technology
Module 10: Understanding Data Privacy and Protection
- Topic 10A: Identify Non-technical Data and Privacy Controls
- Topic 10B: Identify Technical Data and Privacy Controls
Module 11: Applying Security Solutions for Software Assurance
- Topic 11A: Mitigate Software Vulnerabilities and Attacks
- Topic 11B: Mitigate Web Application Vulnerabilities and Attacks
- Topic 11C: Analyze Output from Application Assessments
Module 12: Applying Security Solutions for Cloud and Automation
- Topic 12A: Identify Cloud Service and Deployment Model Vulnerabilities
- Topic 12B: Explain Service-oriented Architecture
- Topic 12C: Analyze Output from Cloud Infrastructure Assessment Tools
- Topic 12D: Compare Automation Concepts and Technologies
Certification
CompTIA CySA+
CompTIA Cybersecurity Analyst (CySA+) is a certification for cyber professionals tasked with incident detection, prevention and response through continuous security monitoring.
Set yourself apart with CompTIA CySA+
•ProactivelyMonitorandDetect.Demonstrateyourskillsindetectingandanalyzingindicators of malicious activity using the most up-to-date methods and tools, such as threat intelligence, security information and event management (SIEM), endpoint detection and response (EDR) and extended detection and response (XDR).
•RespondtoThreats,AttacksandVulnerabilities.Proveyourknowledgeofincidentresponse and vulnerability management processes and highlight the communication skills critical to security analysis and compliance.
•DemonstrateCompetencyofCurrentTrends.Valuableteammemberscanshowknowledge of current trends that affect the daily work of security analysts, such as cloud and hybrid environments.
Prove your skills with CompTIA CySA+
Validate the skills required for high-stakes cybersecurity analysis.
CySA+ is a global, vendor-neutral certification covering intermediate-level knowledge and skills required by information security analyst job roles. It helps identify a cybersecurity professional’s ability to proactively defend an organization using secure monitoring, threat identification, incident response and teamwork. The CompTIA CySA+ CS0-003 certification exam ensures the candidate has the knowledge and skills required to:
• Detect and analyze indicators of malicious activity
• Understand threat hunting and threat intelligence concepts
• Use appropriate tools and methods to manage, prioritize and respond to attacks and vulnerabilities • Perform incident response processes
EC-Council Certified Security Analyst (ECSA) |
GIAC Continuous Monitoring Certification (GMON) |
Certified Information Systems Auditor (CISA)
|
||
Performance Based Questions | ✔ | |||
Vendor Neutral | Yes | Yes | Yes | Yes |
Experience Level | Intermediate | Intermediate | Intermediate | Advanced |
Exam Focus | Security analytics, intrusion detection and response | Pentesting methodology | Defensible security and continuous security monitoring |
Auditing and vulnerability assessment
|
CySA+ Exam Details
Exam Codes | CS0-002 |
Launch Date | April 21, 2020 |
Exam Description | The CompTIA Cybersecurity Analyst (CySA+) certification verifies that successful candidates have the knowledge and skills required to leverage intelligence and threat detection techniques, analyze and interpret data, identify and address vulnerabilities, suggest preventative measures, and effectively respond to and recover from incidents. |
Number of Questions | Maximum of 85 questions |
Type of Questions | Multiple choice and performance-based |
Length of Test | 165 minutes |
Passing Score | 750 (on a scale of 100-900) |
Recommended Experience | Network+, Security+ or equivalent knowledge. Minimum of 4 years of hands-on information security or related experience. |
Languages | English, Japanese, TBD – others |
Retirement | TBD – Usually three years after launch |
Organizations that have contributed to the development of CompTIA CySA+
- Amazon Web Services
- Bank of Montreal (BMO)
- Booz Allen Hamilton
- Contentful
- Deloitte
- Fidelis Risk Advisory
- Fidelity Investments
- Five9
- General Dynamics IT (GDIT)
- L3Harris
- Microsoft
- Organon
- SecureWorks
- SenseOn
- University of Maryland
- U.S. Department of Defense
CompTIA Certifications Courses
CompTIA has four IT certification series that test different knowledge standards – from entry-level to expert. Below are the available certifications courses:
- ITF Fundamentals (ITF+)
- CompTIA A+
- CompTIA Networks+
- CompTIA Security+
- CompTIA Cloud+
- CompTIA Linux+
- CompTIA Server+
- CompTIA CASP+
- CompTIA PenTest+
- CompTIA Data+
- CompTIA Project+
- CompTIA CTT+
- CompTIA Cloud Essentials+
At this time, this course is available for private class and in-house training only. Please contact us for any inquiries.