CompTIA CySA+ (CS0-002) is the only intermediate high-stakes cybersecurity analyst certification with performance-based questions covering security analytics, intrusion detection and response. High-stakes exams are proctored at a Pearson VUE testing center in a highly secure environment. CompTIA CySA+ is the most up-to-date security analyst certification that covers advanced persistent threats in a post-2014 cybersecurity environment.
As attackers have learned to evade traditional signature-based solutions, such as firewalls, an analytics-based approach within the IT security industry is increasingly important for most organizations. The behavioral analytics skills covered by CompTIA CySA+ identify and combat malware, and advanced persistent threats (APTs), resulting in enhanced threat visibility across a broad attack surface.
CompTIA CySA+ is for IT professionals looking to gain the following security analyst skills:
- Perform data analysis and interpret the results to identify vulnerabilities, threats and risks to an organization.
- Configure and use threat-detection tools.
- Secure and protect applications and systems within an organization.
CompTIA CySA+ meets the ISO 17024 standard and is approved by U.S. Department of Defense to fulfill Directive 8570.01-M requirements. It is compliant with government regulations under the Federal Information Security Management Act (FISMA). Regulators and government rely on ANSI accreditation because it provides confidence and trust in the outputs of an accredited program. Over 1.3 million CompTIA ISO/ANSI-accredited exams have been delivered since January 1, 2011.
This course is designed primarily for cybersecurity practitioners who perform job functions related to protecting information systems by ensuring their availability, integrity, authentication, confidentiality, and non-repudiation. This course focuses on the knowledge, ability, and skills necessary to provide for the defense of those information systems in a cybersecurity context, including protection, detection, analysis, investigation, and response processes. In addition, the course ensures that all members of an IT team—everyone from help desk staff to the Chief Information Officer—understand their role in these security processes.
What Will You Learn
- THREAT MANAGEMENT
Apply environmental reconnaissance techniques using appropriate tools, analyzing results, and implementing recommended response
- SECURITY ARCHITECTURE & TOOL SETS
Use data to recommend remediation of security issues related to identity and access management and recommend implementation strategy while participating in the Software Development Life Cycle (SDLC).
- CYBER-INCIDENT RESPONSE
Distinguish threat data to determine incident impact and prepare a toolkit with appropriate forensics tools, communication strategy, and best practices as a response
- VULNERABILITY MANAGEMENT
Implement vulnerability management process and analyze results of the scan
- Analyzing Output from Network Security Monitoring Tools
- Discovering the Lab Environment
- Analyzing Output from Security Appliance Logs
- Analyzing Output from Endpoint Security Monitoring Tools
- Analyzing Email Headers
- Configuring SIEM Agents and Collectors
- Analyzing, Filtering, and Searching Event Log and syslog Output
- Collecting and Validating Digital Evidence
- Analyzing Network-related IoCs
- Analyzing Host and Application IoCs
- Observing IoCs during a Security Incident
- Analyzing Output from Topology and Host Enumeration Tools
- Testing Credential Security
- Configuring Vulnerability Scanning and Analyzing Outputs
- Assessing Vulnerability Scan Outputs
- Assessing the Impact of Regulation on Vulnerability Management
- Performing Account and Permissions Audits
- Configuring Network Segmentation and Security
- Configuring and Analyzing Share Permissions
- Assessing the Impact of Web Application Vulnerabilities
- Analyzing Output from Web Application Assessment Tools
- Analyzing Output from Cloud Infrastructure Assessment Tools
Requirements & Jobs
Network+, Security+, Certified Cyber Crime Consultant, Certified Web Intelligence Analyst or equivalent knowledge.
Minimum of 3-4 years of hands-on information security or related experie
While there is no required prerequisite, CySA+ is intended to follow CompTIA Security+ or equivalent experience and has a technical, hands-on focus
Threat Intelligence Analyst
IT Security Analyst
Tier II SOC Analyst
- NORTHROP GRUMMAN
- JOHNS HOPKINS
UNIVERSITY OF MARYLAND
- Each course has a discussion Forum where you can chat with fellow students as well as the instructor.
- Have a question about this course? Call and speak to your instructor directly 5 days a week.
- Email your instructor 24/7.
- Every week all student taking this course can participate in a live video group chat with your instructor.
All students will receive a certificate of completion in CompTIA Security+
||February 15, 2017
||The CompTIA Cybersecurity Analyst (CySA+) certification verifies that successful candidates have the knowledge and skills required to configure and use threat detection tools, perform data analysis and interpret the results to identify vulnerabilities, threats and risks to an organization, with the end goal of securing and protecting applications and systems within an organization.
||The CompTIA Cybersecurity Analyst (CySA+) certification verifies that successful candidates have the knowledge and skills required to leverage intelligence and threat detection techniques, analyze and interpret data, identify and address vulnerabilities, suggest preventative measures, and effectively respond to and recover from incidents.
|Number of Questions
||Maximum of 85 questions
|Type of Questions
||Multiple choice and performance-based
|Length of Test
||750 (on a scale of 100-900)
||Network+, Security+ or equivalent knowledge. Minimum of 3-4 years of hands-on information security or related experience. While there is no required prerequisite, CySA+ is intended to follow CompTIA Security+ or equivalent experience and has a technical, hands-on focus.
||Network+, Security+ or equivalent knowledge. Minimum of 4 years of hands-on information security or related experience.
||English, Japanese, and Simplified Chinese
||English, Japanese, TBD – others
||TBD – Usually three years after launch
||The voucher price is not included in this course.