CySA+ is the only intermediate high-stakes cybersecurity analyst certification with performance-based questions covering security analytics, intrusion detection and response. High-stakes exams are proctored at a Pearson VUE testing center in a highly secure environment. CySA+ is the most up-to-date security analyst certification that covers advanced persistent threats in a post-2014 cybersecurity environment.

As attackers have learned to evade traditional signature-based solutions, such as firewalls, an analytics-based approach within the IT security industry is increasingly important for most organizations. The behavioral analytics skills covered by CySA+ identify and combat malware, and advanced persistent threats (APTs), resulting in enhanced threat visibility across a broad attack surface. 

CompTIA CySA+ is for IT professionals looking to gain the following security analyst skills:

  • Perform data analysis and interpret the results to identify vulnerabilities, threats and risks to an organization. 
  • Configure and use threat-detection tools.       
  • Secure and protect applications and systems within an organization.    

CompTIA CySA+ meets the ISO 17024 standard and is approved by U.S. Department of Defense to fulfill Directive 8570.01-M requirements. It is compliant with government regulations under the Federal Information Security Management Act (FISMA). Regulators and government rely on ANSI accreditation because it provides confidence and trust in the outputs of an accredited program. Over 1.3 million CompTIA ISO/ANSI-accredited exams have been delivered since January 1, 2011.

Target Audience

This course is designed primarily for cybersecurity practitioners who perform job functions related to protecting information systems by ensuring their availability, integrity, authentication, confidentiality, and non-repudiation. This course focuses on the knowledge, ability, and skills necessary to provide for the defense of those information systems in a cybersecurity context, including protection, detection, analysis, investigation, and response processes. In addition, the course ensures that all members of an IT team—everyone from help desk staff to the Chief Information Officer—understand their role in these security processes.

What Skills Will You Learn?

  • THREAT MANAGEMENT

    Apply environmental reconnaissance techniques using appropriate tools, analyzing results, and implementing recommended response

  • SECURITY ARCHITECTURE & TOOL SETS

    Use data to recommend remediation of security issues related to identity and access management and recommend implementation strategy while participating in the Software Development Life Cycle (SDLC).

  • CYBER-INCIDENT RESPONSE

    Distinguish threat data to determine incident impact and prepare a toolkit with appropriate forensics tools, communication strategy, and best practices as a response

  • VULNERABILITY MANAGEMENT

    Implement vulnerability management process and analyze results of the scan

Requirements For This Course

  • Network+, Security+, Certified Cyber Crime Consultant, Certified Web Intelligence Analyst or equivalent knowledge.

  • Minimum of 3-4 years of hands-on information security or related experie

  • While there is no required prerequisite, CySA+ is intended to follow CompTIA Security+ or equivalent experience and has a technical, hands-on focus

Jobs That Use CompTIA CySA+

  • Threat Intelligence Analyst

  • Cybersecurity Analyst

  • IT Security Analyst

  • Vulnerability Analyst

  • Tier II SOC Analyst

  • Cybersecurity Specialist

  • Security Engineer

Organizations That Have Contributed To The Development Of CompTIA CySA+

  • NORTHROP GRUMMAN

  • TARGET

  • NETFLIX

  • DELL

  • JOHNS HOPKINS

  • UNIVERSITY OF MARYLAND

Communicate With Your Instructor

  • Each course has a discussion Forum where you can chat with fellow students as well as the instructor.
  • Have a question about this course?  Call and speak to your instructor directly 5 days a week.
  • Email your instructor 24/7.
  • Every week all student taking this course can participate in a live video group chat with your instructor.

Included In This Course

  • The Official CompTIA CySA+ Student Guide

  • Over 600 Test Questions

  • Download Over 200 CompTIA CySA+ Slided For Your Review At A Later Time

  • Over 79 Training Videos

  • Access This Course For Up to 1 Year

  • Call Or Email The Instructors With Your Questions

Course Curriculum

  • 1

    Getting Started

    • Introduction

    • Download The Official CompTIA CySA+ Student Guide Exam CSO-001

    • Download All The Tools And Reference Materials

  • 2

    Lesson 1 - Apply Environmental Reconnaissance Techniques Using Appropriate Tools And Processes

    • Apply Environmental Reconnaissance Techniques Using Appropriate Tools And Processes - Part 1

    • Apply Environmental Reconnaissance Techniques Using Appropriate Tools And Processes - Part 2

    • Apply Environmental Reconnaissance Techniques Using Appropriate Tools And Processes - Part 3

    • Apply Environmental Reconnaissance Techniques Using Appropriate Tools And Processes - Part 4

    • Apply Environmental Reconnaissance Techniques Using Appropriate Tools And Processes - Part 5

    • Apply Environmental Reconnaissance Techniques Using Appropriate Tools And Processes - Part 6

    • Apply Environmental Reconnaissance Techniques Using Appropriate Tools And Processes - Part 7

    • Apply Environmental Reconnaissance Techniques Using Appropriate Tools And Processes - Part 9

  • 3

    Lesson 2 - Analyze The Results Of A Network Reconnaissance

    • Analyze The Results Of A Network Reconnaissance - Part 1

    • Analyze The Results Of A Network Reconnaissance - Part 2

    • Analyze The Results Of A Network Reconnaissance - Part 3

    • Analyze The Results Of A Network Reconnaissance - Part 4

    • Analyze The Results Of A Network Reconnaissance - Part 5

  • 4

    Lesson 3 - Given A Network Based Threat Implement Or Recommend The Appropriate Response And Countermeasure

    • Given A Network Based Threat Implement Or Recommend The Appropriate Response And Countermeasure - Part 1

    • Given A Network Based Threat Implement Or Recommend The Appropriate Response And Countermeasure - Part 2

    • Given A Network Based Threat Implement Or Recommend The Appropriate Response And Countermeasure - Part 3

    • Given A Network Based Threat Implement Or Recommend The Appropriate Response And Countermeasure - Part 4

  • 5

    Lesson 4 - Explain The Purpose Of Practices Used To Secure A Corporate Environment

    • Explain The Purpose Of Practices Used To Secure A Corporate Environment - Part 1

    • Explain The Purpose Of Practices Used To Secure A Corporate Environment - Part 2

    • Explain The Purpose Of Practices Used To Secure A Corporate Environment - Part 3

    • Explain The Purpose Of Practices Used To Secure A Corporate Environment - Part 4

  • 6

    Given A Scenario Implement An Information Security Vulnerability Management Process

    • Implement An Information Security Vulnerability Management Process - Part 1

    • Implement An Information Security Vulnerability Management Process - Part 2

    • Implement An Information Security Vulnerability Management Process - Part 3

    • Implement An Information Security Vulnerability Management Process - Part 4

    • Implement An Information Security Vulnerability Management Process - Part 5

    • Implement An Information Security Vulnerability Management Process - Part 6

    • Implement An Information Security Vulnerability Management Process - Part 7

  • 7

    Given A Scenario Analyze The Output Resulting From A Vulnerability Scan

    • Given A Scenario Analyze The Output Resulting From A Vulnerability Scan - Part 1

    • Given A Scenario Analyze The Output Resulting From A Vulnerability Scan - Part 2

  • 8

    Compare And Contrast Common Vulnerabilities Found In The Following Targets Within An Organization

    • Compare And Contrast Common Vulnerabilities Found In The Following Targets Within An Organization - Part 1

    • Compare And Contrast Common Vulnerabilities Found In The Following Targets Within An Organization - Part 2

    • Compare And Contrast Common Vulnerabilities Found In The Following Targets Within An Organization - Part 3

  • 9

    Distinguish Threat Data Or Behavior To Determine The Impact Of An Incident

    • Distinguish Threat Data Or Behavior To Determine The Impact Of An Incident - Part 1

    • Distinguish Threat Data Or Behavior To Determine The Impact Of An Incident - Part 2

    • Distinguish Threat Data Or Behavior To Determine The Impact Of An Incident - Part 3

  • 10

    Prepare A Toolkit And Use Appropriate Forensic Tools During An Investigation

    • Prepare A Toolkit And Use Appropriate Forensic Tools During An Investigation - Part 1

    • Prepare A Toolkit And Use Appropriate Forensic Tools During An Investigation - Part 2

    • Prepare A Toolkit And Use Appropriate Forensic Tools During An Investigation - Part 3

    • Prepare A Toolkit And Use Appropriate Forensic Tools During An Investigation - Part 4

    • Prepare A Toolkit And Use Appropriate Forensic Tools During An Investigation - Part 5

  • 11

    Explain The Importance Of Communications During The Incident Response Process

    • Explain The Importance Of Communications During The Incident Response Process

  • 12

    Given A Scenario Analyze Common Symptoms To Select The Best Course Of Action To Support Incident Response - Part 1

    • Analyze Common Symptoms To Select The Best Course Of Action To Support Incident Response - Part 1

    • Analyze Common Symptoms To Select The Best Course Of Action To Support Incident Response - Part 2

    • Analyze Common Symptoms To Select The Best Course Of Action To Support Incident Response - Part 3

    • Analyze Common Symptoms To Select The Best Course Of Action To Support Incident Response - Part 4

  • 13

    Summarize The Incident Recovery And Post Incident Response Process

    • Summarize The Incident Recovery And Post Incident Response Process - Part 1

    • Summarize The Incident Recovery And Post Incident Response Process - Part 2

    • Summarize The Incident Recovery And Post Incident Response Process - Part 3

    • Summarize The Incident Recovery And Post Incident Response Process - Part 4

  • 14

    Explain The Relationship Between Frameworks Common Policies Controls And Procedures

    • Explain The Relationship Between Frameworks Common Policies Controls And Procedures - Part 1

    • Explain The Relationship Between Frameworks Common Policies Controls And Procedures - Part 2

    • Explain The Relationship Between Frameworks Common Policies Controls And Procedures - Part 3

    • Explain The Relationship Between Frameworks Common Policies Controls And Procedures - Part 4

  • 15

    Given A Scenario Use Data To Recommend Remediation Of Security Issues Related To Identity And Access Management

    • Use Data To Recommend Remediation Of Security Issues Related To Identity And Access Management - Part 1

    • Use Data To Recommend Remediation Of Security Issues Related To Identity And Access Management - Part 2

    • Use Data To Recommend Remediation Of Security Issues Related To Identity And Access Management - Part 3

    • Use Data To Recommend Remediation Of Security Issues Related To Identity And Access Management - Part 4

  • 16

    Given A Scenario Review Security Architecture And Make Recommendations To Implement Compensating Controls

    • Review Security Architecture And Make Recommendations To Implement Compensating Controls - Part 1

    • Review Security Architecture And Make Recommendations To Implement Compensating Controls - Part 2

    • Review Security Architecture And Make Recommendations To Implement Compensating Controls - Part 3

  • 17

    Given A Scenario Use Applications Security Best Practices While Participating In The Software Development Life Cycle SDLC

    • GBest Practices While Participating In The Software Development Life Cycle SDLC - Part 1

    • Best Practices While Participating In The Software Development Life Cycle SDLC - Part 2

  • 18

    Quizzes

    • Quiz - Part 1

    • Quiz - Part 2

    • Exam Questions - Part 1

  • 19

    Final Thoughts

    • Overview

    • Exam Questions

    • Download CompTIA Official Videos For Future Reference

All Students Will Receive A Certificate Of Completion

All students will receive a certificate of completion in CompTIA Security+

Exam Details

Exam Codes CS0-001 CS0-002 
Launch Date  February 15, 2017  April, 2020 
Exam Description The CompTIA Cybersecurity Analyst (CySA+) certification verifies that successful candidates have the knowledge and skills required to configure and use threat detection tools, perform data analysis and interpret the results to identify vulnerabilities, threats and risks to an organization, with the end goal of securing and protecting applications and systems within an organization.             The CompTIA Cybersecurity Analyst (CySA+) certification verifies that successful candidates have the knowledge and skills required to leverage intelligence and threat detection techniques, analyze and interpret data, identify and address vulnerabilities, suggest preventative measures, and effectively respond to and recover from incidents. 
Number of Questions Maximum of 85 questions 
Type of Questions Multiple choice and performance-based
Length of Test 165 minutes
Passing Score 750 (on a scale of 100-900)
Recommended Experience Network+, Security+ or equivalent knowledge.     Minimum of 3-4 years of hands-on information security or related experience. While there is no required prerequisite, CySA+ is intended to follow CompTIA Security+ or equivalent experience and has a technical, hands-on focus.             Network+, Security+ or equivalent knowledge. Minimum of 4 years of hands-on information security or related experience. 
Languages English, Japanese, and Simplified Chinese             English, Japanese, TBD - others 
Retirement  October, 2020 TBD – Usually three years after launch 
EXAM Price The voucher price is not included in this course.