Live Chat
Monday - Friday 8am - 6pm EST Chat Now
Contact Us
Monday - Friday 8am - 8pm EST 1-800-268-7737 Other Contact Options

Cart () Loading...

    • Quantity:
    • Delivery:
    • Dates:
    • Location:


CySA+ - Cybersecurity Analyst+ Prep Course

Learn how to analyze, monitor, and protect critical infrastructures using threat-detection and threat-analysis tools.

GK# 5867

Course Overview


Learn about the duties of cybersecurity analysts who are responsible for monitoring and detecting security incidents in information systems and networks and for executing a proper response to such incidents. Depending on the size of the organization, this individual may act alone or may be a member of a cybersecurity incident response team (CSIRT).

Gain the tools and tactics to manage cybersecurity risks, identify various types of common threats, evaluate an organization's security, collect and analyze cybersecurity intelligence, and handle incidents as they occur. This is a comprehensive approach to security aimed toward those on the front lines of defense.

This course is designed to assist students in preparing for the CompTIA CySA+ - Cybersecurity Analyst+ (CS0-002) certification exam.

In addition, this course can help students who are looking to fulfill DoD directive 8570.01 for information assurance (IA) training. This program is designed for personnel performing IA functions, establishing IA policies, and implementing security measures and procedures for the Department of Defense and affiliated information systems and networks.


Learn more about this topic. View the recorded webinar From Analyst to Threat Hunter.

Learn more about this topic. View the recorded webinar The Importance of Maintaining Cyber Security Skills.

Learn more about this topic. View the recorded webinar Deploying MITRE ATT&CK Navigator to Improve Incident Response.


  • Delivery Format:
  • Date:
  • Location:
  • Limited Time Offer: This course is 25% off! Use promo code CA25GTR at checkout.
  • Access Period:


Class is Full
This session is full. Please select a different session.

What You'll Learn


Assess and respond to security threats and operate a systems and network security analysis platform.

  • Assess information security risk in computing and network environments.
  • Analyze reconnaissance threats to computing and network environments.
  • Analyze attacks on computing and network environments.
  • Analyze post-attack techniques on computing and network environments.
  • Implement a vulnerability management program.
  • Collect cybersecurity intelligence.
  • Analyze data collected from security and event logs.
  • Perform active analysis on assets and networks.
  • Respond to cybersecurity incidents.
  • Investigate cybersecurity incidents.
  • Address security issues with the organization's technology architecture.


Viewing outline for:

Classroom Live Outline

Lesson 1: Explaining the Importance of Security Controls and Security Intelligence

  • Topic 1A: Identify Security Control Types
  • Topic 1B: Explain the Importance of Threat Data and Intelligence

Lesson 2: Utilizing Threat Data and Intelligence

  • Topic 2A: Classify Threats and Threat Actor Types
  • Topic 2B: Utilize Attack Frameworks and Indicator Management
  • Topic 2C: Utilize Threat Modeling and Hunting Methodologies

Lesson 3: Analyzing Security Monitoring Data

  • Topic 3A: Analyze Network Monitoring Output
  • Topic 3B: Analyze Appliance Monitoring Output
  • Topic 3C: Analyze Endpoint Monitoring Output
  • Topic 3D: Analyze Email Monitoring Output

Lesson 4: Collecting and Querying Security Monitoring Data

  • Topic 4A: Configure Log Review and SIEM Tools
  • Topic 4B: Analyze and Query Logs and SIEM Data

Lesson 5: Utilizing Digital Forensics and Indicator Analysis Techniques

  • Topic 5A: Identify Digital Forensics Techniques
  • Topic 5B: Analyze Network-related IOCs
  • Topic 5C: Analyze Host-related IOCs
  • Topic 5D: Analyze Application-related IOCs
  • Topic 5E: Analyze Lateral Movement and Pivot IOCs

Lesson 6: Applying Incident Response Procedures

  • Topic 6A: Explain Incident Response Processes
  • Topic 6B: Apply Detection and Containment Processes
  • Topic 6C: Apply Eradication, Recovery, and Post-incident Processes

Lesson 7: Applying Risk Mitigation and Security Frameworks

  • Topic 7A: Apply Risk Identification, Calculation,and Prioritization Processes
  • Topic 7B: Explain Frameworks, Policies, and Procedures

Lesson 8: Performing Vulnerability Management

  • Topic 8A: Analyze Output from Enumeration Tools
  • Topic 8B: Configure Infrastructure Vulnerability Scanning Parameters
  • Topic 8C: Analyze Output from Infrastructure Vulnerability Scanners
  • Topic 8D: Mitigate Vulnerability Issues

Lesson 9: Applying Security Solutions for Infrastructure Management

  • Topic 9A: Apply Identity and Access Management Security Solutions
  • Topic 9B: Apply Network Architecture and Segmentation Security Solutions
  • Topic 9C: Explain Hardware Assurance Best Practices
  • Topic 9D: Explain Vulnerabilities Associated with Specialized Technology

Lesson 10: Understanding Data Privacy and Protection

  • Topic 10A: Identify Non-technical Data and Privacy Controls
  • Topic 10B: Identify Technical Data and Privacy Controls

Lesson 11: Applying Security Solutions for Software Assurance

  • Topic 11A: Mitigate Software Vulnerabilities and Attacks
  • Topic 11B: Mitigate Web Application Vulnerabilities and Attacks
  • Topic 11C: Analyze Output from Application Assessments

Lesson 12: Applying Security Solutions for Cloud and Automation

  • Topic 12A: Identify Cloud Service and Deployment Model Vulnerabilities
  • Topic 12B: Explain Service-oriented Architecture
  • Topic 12C: Analyze Output from Cloud Infrastructure Assessment Tools
  • Topic 12D: Compare Automation Concepts and Technologies


Viewing labs for:

Classroom Live Labs

Labs Available:

  1. Analyzing Output from Network Security Monitoring Tools
  2. Analyzing Output from Security Appliance Logs
  3. Analyzing Output from Endpoint Security Monitoring Tools
  4. Analyzing Email Headers
  5. Configuring SIEM Agents and Collectors
  6. Analyzing, Filtering, and Searching Event Log and syslog Output
  7. Collecting and Validating Digital Evidence
  8. Analyzing Network-related IoCs
  9. Analyzing Host and Application IoCs
  10. Following an Incident Response Process
  11. Observing IoCs during a Security Incident
  12. Reviewing Risk Management Processes
  13. Analyzing Output from Topology and Host Enumeration Tools
  14. Testing Credential Security
  15. Configuring Vulnerability Scanning and Analyzing Outputs
  16. Assessing Vulnerability Scan Outputs
  17. Assessing the Impact of Regulation on Vulnerability Management
  18. Performing Account and Permissions Audits
  19. Configuring Network Segmentation and Security
  20. Configuring and Analyzing Share Permissions
  21. Assessing the Impact of Web Application Vulnerabilities
  22. Analyzing Output from Web Application Assessment Tools
  23. Analyzing Output from Cloud Infrastructure Assessment Tools
  24. Assessing the Impact of Threats to Cloud Infrastructures



To ensure your success in this course, you should meet the following requirements:

  • At least two years (recommended) of experience in computer network security technology or a related field.
  • The ability to recognize information security vulnerabilities and threats in the context of risk management.
  • Foundation-level operational skills with some of the common operating systems for computing environments.
  • Foundational knowledge of the concepts and operational framework of common assurance safeguards in computing environments. Safeguards include, but are not limited to, basic authentication and authorization, resource permissions, and anti-malware mechanisms.
  • Foundation-level understanding of some of the common concepts for network environments, such as routing and switching.
  • Foundational knowledge of major TCP/IP networking protocols including, but not limited to, TCP, IP, UDP, DNS, HTTP, ARP, ICMP, and DHCP.
  • Foundational knowledge of the concepts and operational framework of common assurance safeguards in network environments. Safeguards include, but are not limited to, firewalls, intrusion prevention systems, and VPNs.

Who Should Attend

  • IT Security Analyst
  • Security Operations Center (SOC) Analyst
  • Vulnerability Analyst
  • Cybersecurity Specialist
  • Threat Intelligence Analyst
  • Security Engineer

Follow-On Courses

Course Delivery

This course is available in the following formats:

Classroom Live

Receive face-to-face instruction at one of our training center locations.

Duration: 5 day

Virtual Classroom Live

Experience expert-led online training from the convenience of your home, office or anywhere with an internet connection.

Duration: 5 day

Request this course in a different delivery format.