CompTIA Cybersecurity Analyst+ (CySA+) Training

If you have some IT security experience and want to take the next step in your cybersecurity career, TrainACE’s Cyber Security Analyst (CySA+) training course will teach you what you need to succeed in an in-demand and lucrative branch of the IT Industry. Aimed at accrediting people with intermediate-level security skills, our vendor-neutral training course prepares you for the CompTIA CySA+ Certification exam.

CySA+ certification satisfies DOD 8570 IAT Level II

Our CySA+ class includes access to iLabs, provided by InfoSec Learning LLC

Enroll today, by selecting a class' date, to the right

Learn More About CySA+

Why Take CySA+ Training?

Demand for skilled cybersecurity personnel is at an all-time high and the number of people with the necessary skills is low in comparison. This skills gap is creating a demand for people who have CySA+ certification, driving up opportunities and salaries. If you have some experience in IT, particularly A+, Network+ and Security+ certification, you are well poised to take advantage of these opportunities.

CompTIA CySA+ is the only intermediate high-stakes cybersecurity analyst certification exam with both hands-on, performance-based questions and multiple-choice, to ensure each candidate possesses the skills, knowledge, and ability to address security analytics, intrusion detection and response.

TrainACE’s training methodology has a strong emphasis on practical learning. This reinforces the hands-on approach to CySA+ so that you are not only in a position to pass the technical aspects of the exam but can deal with real-world incidents quickly and efficiently when you return to work.

What you need to know before taking CySA+ training

The CompTIA CySA+ examination is designed for IT security analysts, vulnerability analysts, or threat intelligence analysts. The exam will certify that the successful candidate has the knowledge and skills required to configure and use threat detection tools, perform data analysis and interpret the results to identify vulnerabilities, threats, and risks to an organization with the end goal of securing and protecting applications and systems within an organization.

It is not necessary but is recommended that candidates for CySA+ certification have 3-4 years of hands-on information security or related experience. Also, candidates with Network+, Security+, or equivalent knowledge will be well placed to pass the exam.

Exam and Certification Requirements:

Current exam number CS0-003

• Maximum of 85 questions
• Time Length 165 minutes
• Passing Score 750
• Format Multiple Choice and Performance Based Questions

Who needs CySA+ Certification?

Related Careers:

CompTIA CySA+ Certification prepares you for roles in the following job types:

• IT Security Analyst
• Security Operations Center (SOC) Analyst
• Vulnerability Analyst
• Cybersecurity Specialist
• Threat Intelligence Analyst
• Security Engineer
• Cybersecurity Analyst

Skills and Concepts:

Module 1 / Threat Management (1)

Cybersecurity Analysts

• Cybersecurity Roles and Responsibilities
• Frameworks and Security Controls
• Risk Evaluation
• Penetration Testing Processes

Reconnaissance Techniques

• The Kill Chain
• Open Source Intelligence
• Social Engineering
• Topology Discovery
• Service Discovery
• OS Fingerprinting
• Labs
  • OSINT
  • VM Orientation
  • Host
  • Topology and Service Discovery with Nmap

Module 2 / Vulnerability Management

Managing Vulnerabilities

• Vulnerability Management Requirements
• Asset Inventory
• Data Classification
• Vulnerability Management Processes
• Vulnerability Scanners
• Microsoft Baseline Security Analyzer
• Vulnerability Feeds and SCAP
• Configuring Vulnerability Scans
• Vulnerability Scanning Criteria
• Exploit Frameworks
• Labs
  • Vulnerability Scanning with OpenVAS and MBSA

Remediating Vulnerabilities

• Analyzing Vulnerability Scans
• Remediation and Change Control
• Remediating Host Vulnerabilities
• Remediating Network Vulnerabilities
• Remediating Virtual Infrastructure Vulnerabilities

Secure Software Development

• Software Development Lifecycle
• Software Vulnerabilities
• Software Security Testing
• Interception Proxies
• Web Application Firewalls
• Source Authenticity
• Reverse Engineering
• Labs • Web Application Testing with Nikto and Burpsuite

Module 3 / Threat Management (2)

 Security Appliances

• Configuring Firewalls
• Intrusion Detection and Prevention
• Configuring IDS
• Malware Threats
• Configuring Anti-virus Software
• Sysinternals
• Enhanced Mitigation Experience Toolkit
• Labs
  • Network Security Monitoring with Snort and Security Onion
  • Malware Analysis with Sysinternals

Logging and Analysis

• Packet Capture
• Packet Capture Tools
• Monitoring Tools
• Log Review and SIEM
• SIEM Data Outputs
• SIEM Data Analysis
• Point-in-Time Data Analysis
• Labs
  • Packet Analysis with Wireshark and Network Miner
  • SIEM with OSSIM

Module 4 / Cyber Incident Response

Incident Response

• Incident Response Processes
• Threat Classification
• Incident Severity and Prioritization
• Types of Data

Forensics Tools

• Digital Forensics Investigations
• Documentation and Forms
• Digital Forensics Crime Scenes
• Digital Forensics Kits
• Image Acquisition
• Password Cracking
• Analysis Utilities
• Labs
  • Forensic Image Analysis with Autopsy

Incident Analysis and Recovery

• Analysis and Recovery Frameworks
• Analyzing Network Symptoms
• Analyzing Host Symptoms
• Analyzing Data Exfiltration
• Analyzing Application Symptoms
• Using Sysinternals
• Containment Techniques
• Eradication Techniques
• Validation Techniques
• Corrective Actions
• Labs
  • Red Team Versus Blue Team

Module 5 / Security Architecture

Secure Network Design

• Network Segmentation
• Blackholes, Sinkholes, and Honeypots
• System Hardening
• Group Policies and MAC
• Endpoint Security
• Labs
  • Network Segmentation with pfSense

Managing Identities and Access

• Network Access Control
• Identity Management
• Identity Security Issues
• Identity Repositories
• Context-based Authentication
• Single Sign On and Federation
• Exploiting Identities
• Exploiting Web Browsers and Applications
• Labs
  • Secure Appliance Administration
  • Email Spoofing and XSS

Security Frameworks and Policies

• Frameworks and Compliance
• Reviewing Security Architecture
• Procedures and Compensating Controls
• Verifications and Quality Control • Security Policies and Procedures
• Personnel Policies and Training