Certification Preparation

CompTIA CySA+ (Cybersecurity Analyst)

The CompTIA Cybersecurity Analysts (CySA+) is for cyber professionals tasked with incident detection, prevention, and response through continuous security monitoring. Stand out in cybersecurity among your peers. Demonstrate your competency in current trends, proactively monitor and detect malicious activities and respond to threats, attacks, and vulnerabilities.

Exam

CS0-002

Certification by

CompTIA
RM 3,499.00

per person

Level

Advanced

Duration

5 Days

Training Delivery Format

Face-to-face / Virtual Class

Associated Certification

CompTIA CySA+
RM 3,499.00

per person

Level

Advanced

Duration

5 Days

Training Delivery Format

Face-to-face (F2F) / Virtual Class

Associated Certification

CompTIA CySA+

Class types

Public Class

Private Class

In-House Training

Bespoke

The CompTIA CySA+ certification course prepares individuals to become cybersecurity analysts responsible for detecting and analyzing indicators of malicious activity using the most up-to-date methods and tools, such as threat intelligence, security information and event management (SIEM), endpoint detection and response (EDR) and extended detection and response (XDR).

It covers tools and tactics for responding to threats, attacks, and vulnerabilities. Incident response and vulnerability management processes and highlight the communication skills critical to security analysis and compliance.

CySA+ is a global, vendor-neutral certification covering intermediate-level knowledge and skills required by information security analyst job roles. It helps identify a cybersecurity professional’s ability to proactively defend an organization using secure monitoring, threat identification, incident response, and teamwork.

 

 

The CompTIA CySA+ is suitable for you if you are looking or assigned for the followings jobs:

  • Application Security Analyst
  • Threat Hunter
  • Threat Intelligence Analyst
  • Vulnerability Analyst
  • Security Operation Center (SOC) Analyst
  • Security Architect
  • Cybersecurity Engineer

The CySA+ will verify the successful candidate has the knowledge and skills required to:

  • Leverage intelligence and threat detection techniques
  • Analyze and interpret data
  • Identify and address vulnerabilities
  • Suggest preventative measures
  • Effectively respond to and recover from incidents
  • Recommended two years of experience in computer network security or a related field.
  • Ability to identify information security vulnerabilities and threats as part of risk management.
  • Possess foundation-level operational skills with common computing environment operating systems.

Module 1: Explaining the Importance of Security Controls and Security Intelligence

  • Topic 1A: Identify Security Control Types
  • Topic 1B: Explain the Importance of Threat Data and Intelligence

 

Module 2: Utilizing Threat Data and Intelligence

  • Topic 2A: Classify Threats and Threat Actor Types
  • Topic 2B: Utilize Attack Frameworks and Indicator Management
  • Topic 2C: Utilize Threat Modeling and Hunting Methodologies

 

Module 3: Analyzing Security Monitoring Data

  • Topic 3A: Analyze Network Monitoring Output
  • Topic 3B: Analyze Appliance Monitoring Output
  • Topic 3C: Analyze Endpoint Monitoring Output
  • Topic 3D: Analyze Email Monitoring Output

 

Module 4: Collecting and Querying Security Monitoring Data

  • Topic 4A: Configure Log Review and SIEM Tools
  • Topic 4B: Analyze and Query Logs and SIEM Data

 

Module 5: Utilizing Digital Forensics and Indicator Analysis Techniques

  • Topic 5A: Identify Digital Forensics Techniques
  • Topic 5B: Analyze Network-related IOCs
  • Topic 5C: Analyze Host-related IOCs
  • Topic 5D: Analyze Application-related IOCs
  • Topic 5E: Analyze Lateral Movement and Pivot IOCs

 

Module 6: Applying Incident Response Procedures

  • Topic 6A: Explain Incident Response Processes
  • Topic 6B: Apply Detection and Containment Processes
  • Topic 6C: Apply Eradication, Recovery, and Post-incident
  • Processes

 

Module 7: Applying Risk Mitigation and Security Framework

  • Topic 7A: Apply Risk Identification, Calculation, and Prioritization Processes
  • Topic 7B: Explain Frameworks, Policies, and Procedures

 

Module 8: Performing Vulnerability Management

  • Topic 8A: Analyze Output from Enumeration Tools
  • Topic 8B: Configure Infrastructure Vulnerability Scanning Parameters
  • Topic 8C: Analyze Output from Infrastructure Vulnerability Scanners
  • Topic 8D: Mitigate Vulnerability Issues

 

Module 9: Applying Security Solutions for Infrastructure Management

  • Topic 9A: Apply Identity and Access Management Security Solutions
  • Topic 9B: Apply Network Architecture and Segmentation Security Solutions
  • Topic 9C: Explain Hardware Assurance Best Practices
  • Topic 9D: Explain Vulnerabilities Associated with Specialized Technology

 

Module 10: Understanding Data Privacy and Protection

  • Topic 10A: Identify Non-technical Data and Privacy Controls
  • Topic 10B: Identify Technical Data and Privacy Controls

 

Module 11: Applying Security Solutions for Software Assurance

  • Topic 11A: Mitigate Software Vulnerabilities and Attacks
  • Topic 11B: Mitigate Web Application Vulnerabilities and Attacks
  • Topic 11C: Analyze Output from Application Assessments

 

Module 12: Applying Security Solutions for Cloud and Automation

  • Topic 12A: Identify Cloud Service and Deployment Model Vulnerabilities
  • Topic 12B: Explain Service-oriented Architecture
  • Topic 12C: Analyze Output from Cloud Infrastructure Assessment Tools
  • Topic 12D: Compare Automation Concepts and Technologies

CompTIA CySA+

CompTIA Cybersecurity Analyst (CySA+) is a certification for cyber professionals tasked with incident detection, prevention and response through continuous security monitoring.

Set yourself apart with CompTIA CySA+

•ProactivelyMonitorandDetect.Demonstrateyourskillsindetectingandanalyzingindicators of malicious activity using the most up-to-date methods and tools, such as threat intelligence, security information and event management (SIEM), endpoint detection and response (EDR) and extended detection and response (XDR).

•RespondtoThreats,AttacksandVulnerabilities.Proveyourknowledgeofincidentresponse and vulnerability management processes and highlight the communication skills critical to security analysis and compliance.

•DemonstrateCompetencyofCurrentTrends.Valuableteammemberscanshowknowledge of current trends that affect the daily work of security analysts, such as cloud and hybrid environments.

Prove your skills with CompTIA CySA+

Validate the skills required for high-stakes cybersecurity analysis.

CySA+ is a global, vendor-neutral certification covering intermediate-level knowledge and skills required by information security analyst job roles. It helps identify a cybersecurity professional’s ability to proactively defend an organization using secure monitoring, threat identification, incident response and teamwork. The CompTIA CySA+ CS0-003 certification exam ensures the candidate has the knowledge and skills required to:

• Detect and analyze indicators of malicious activity
• Understand threat hunting and threat intelligence concepts
• Use appropriate tools and methods to manage, prioritize and respond to attacks and vulnerabilities • Perform incident response processes

 

 

EC-Council Certified Security Analyst (ECSA)

 

GIAC Continuous Monitoring Certification (GMON)

 

 

Certified Information Systems Auditor (CISA)

 

Performance Based Questions
Vendor Neutral Yes Yes Yes Yes
Experience Level Intermediate Intermediate Intermediate Advanced
Exam Focus Security analytics, intrusion detection and response Pentesting methodology Defensible security and continuous security monitoring

Auditing and vulnerability assessment

 

 

 

CySA+ Exam Details

 

Exam Codes CS0-002
Launch Date April 21, 2020
Exam Description The CompTIA Cybersecurity Analyst (CySA+) certification verifies that successful candidates have the knowledge and skills required to leverage intelligence and threat detection techniques, analyze and interpret data, identify and address vulnerabilities, suggest preventative measures, and effectively respond to and recover from incidents.
Number of Questions Maximum of 85 questions
Type of Questions Multiple choice and performance-based
Length of Test 165 minutes
Passing Score 750 (on a scale of 100-900)
Recommended Experience Network+, Security+ or equivalent knowledge. Minimum of 4 years of hands-on information security or related experience.
Languages English, Japanese, TBD – others
Retirement TBD – Usually three years after launch

 

Organizations that have contributed to the development of CompTIA CySA+

  • Amazon Web Services
  • Bank of Montreal (BMO)
  • Booz Allen Hamilton
  • Contentful
  • Deloitte
  • Fidelis Risk Advisory
  • Fidelity Investments
  • Five9
  • General Dynamics IT (GDIT)
  • L3Harris
  • Microsoft
  • Organon
  • SecureWorks
  • SenseOn
  • University of Maryland
  • U.S. Department of Defense

 

CompTIA Certifications Courses

CompTIA has four IT certification series that test different knowledge standards – from entry-level to expert. Below are the available certifications courses:

 

 

HRD Corp Claimable Course

At this time, this course is available for private class and in-house training only. Please contact us for any inquiries. 

Contact form

Get the Project Charter Guide now!

Just enter your email address to access the FREE Project Charter guide and template.