CompTIA CySA+
The CompTIA CySA+ certification prep path will provide you with a comprehensive overview of the cybersecurity principles and security best practices you’ll need to pass the CySA+ certification exam.
43
H
5
M
Intermediate
38
Learners at 96% of Fortune 1000 companies trust Cybrary
.svg){kind=small}
About this Path
CompTIA Cybersecurity Analyst, or CySA+, is a globally recognized certification that validates the competencies required for Cybersecurity Analysts. CySA+ is often used as a requirement for positions such as Security Analyst, Threat Intelligence Analyst, and SOC Analyst.
Cybrary’s CompTIA CySA+ certification course provides the foundational knowledge you’ll need for the CySA+ exam. Topics include security operations, vulnerability management, incident response, reporting, and more.
Skills you'll gain
Path Outline
Collection Outline
Coming Soon
The Leadership and Management Career Path is expected to release in Q2 of 2025. Sign up now to explore our other leadership courses and content.
Start Learning for FreeLearn
Learn core concepts and get hands-on with key skills.
CySA+: Security Operations
In this CompTIA Cybersecurity Analyst (CySA+ CS0-003): Security Operations course you will learn about system and network architecture in security operations, how to analyze indicators of potentially malicious activity, and about the tools and techniques used for determining malicious activity.
CySA+: Vulnerability Management
In this CompTIA Cybersecurity Analyst (CySA+ CS0-003): Vulnerability Management course, you will learn about analyzing output from vulnerability assessment tools, controls to mitigate attacks and software vulnerabilities, and vulnerability response, handling, and management.
CySA+: Incident Response and Management
In this CompTIA Cybersecurity Analyst (CySA+ CS0-003): Incident Response and Management course, you will learn about attack methodology frameworks, performing incident response activities, and preparation and post-incident phases.
CySA+: Reporting and Communication
In this CompTIA Cybersecurity Analyst (CySA+ CS0-003): Reporting and Communication course, you will learn about the importance of vulnerability management reporting and incident response reporting.
Practice
Exercise your problem-solving and creative thinking skills with security-centric puzzles
Nmap Basics
In this hands-on lab, you will learn the basics of Nmap, including basic functionality and practical applications. You will practice scanning and enumeration using a range of different Nmap options.
Security Ticketing
In this hands-on lab, you will learn the basics of security ticketing, including the core components of a security ticket and how they can be resolved. You will practice navigating a security ticketing platform, and create, edit, and close tickets in that platform.
Log Analysis Basics
In this hands-on lab, you will learn the basics of log analysis, including key terms and basic anatomy. You will practice using the command line to conduct simple analysis techniques on a series of log files, including profiling and search.
Vulnerability Scanner Basics
In this hands-on lab, you will learn the basics of vulnerability scanners, including basic functionality and practical applications. You will practice configuring and analyzing scans using the OpenVAS vulnerability scanner.
Patching Basics
In this hands-on lab, you will learn the basics of vulnerability scanners, including basic functionality and practical applications. You will practice configuring and analyzing scans using the OpenVAS vulnerability scanner
Windows Event Logs
In this hands-on lab, you will learn the basics of Windows Event logs, their format, and different types. You will practice using the Event Viewer and correlating between Event Logs in the Event Viewer and a SIEM
SIEM Search Expressions
In this hands-on lab, you will learn the basics of using search expressions in a SIEM. You will practice creating a series of search expressions in the Wazuh SIEM.
Network Observables
In this hands-on lab, you will learn the basics of network observables. You will practice researching and documenting observables from a suspicious email using the security ticketing system theHive.
Burp Suite Basics
In this hands-on lab, you will learn the basics of Burp Suite, a popular web application penetration testing tool. You will practice using some core features of Burp Suite to identify and exploit vulnerabilities in a web application.
SIEM Detection and Alerting
In this hands-on lab, you will learn the basics of SIEM-based detection and alerting. You will practice using the Wazuh SIEM to create, modify, and test custom rules and alerts.
Web Activity Logs
In this hands-on lab, you will learn the basics of web activity logs. You will then practice identifying meaningful events in web proxy (HTTP/HTTPS) and name server (DNS) logs in the context of a new threat intelligence report.
EDR Basics
In this hands-on lab, you will learn the basics of Endpoint Detection and Response tools. You will practice using the Wazuh EDR to install an agent on a Windows endpoint and detect simulated attacks aligned to the MITRE ATT&CK framework.
SIEM Dashboards
In this lab, you will learn the basics of SIEM dashboards. You will practice creating your own custom dashboard using the Wazuh SIEM.
Cryptography Basics
In this hands-on lab, you will learn about the basics of cryptography and the cryptographic process. You will practice encrypting and decrypting messages using a simple simple ciphe
Spearphishing with a Link
In this hands-on lab, you will learn how to analyze spearphishing emails containing malicious links. You will practice analyzing a sample spearphishing email.
Symmetric Cryptography
In this hands-on lab, you will learn about the basics of symmetric cryptography. You will practice encrypting and decrypting messages using symmetric cryptography.
Wireshark Basics
In this hands-on lab, you will learn the basics of Wireshark, including basic functionality and practical applications. You will practice packet capture and analysis using a range of different protocols and Wireshark features, including display filters, streams, and conversation filters.
Execution in Windows
In this hands-on lab, you will learn the basics of process analysis and Windows execution. You will practice using Process Explorer and a SIEM to analyze information from collected process dumps.
Asymmetric Cryptography
In this hands-on lab, you will learn about the basics of asymmetric cryptography. You will practice encrypting and decrypting messages using asymmetric cryptography.
Persistence via Windows Services
Cryptographic Hash Functions
In this hands-on lab, you will learn about the basics of cryptographic hash functions. You will practice generating and comparing hash values.
Spearphishing with an Attachment
In this hands-on lab, you will learn the basics of email analysis with a special focus on malicious attachments. You will practice performing triage analysis of a spearphishing email containing a suspicious attachment.
Local Authentication in Windows
In this hands-on lab, you will learn about local authentication mechanics in the Windows operating system, including user accounts, the authentication process, and different types of authentication. You will practice identifying when a user account has logged on and logged off, including the type of authentication.
Domain Authentication in Windows
In this hands-on lab, you will learn about domain-based authentication mechanics in the Windows operating system, including user accounts, the authentication process, and different types of authentication. You will practice identifying when a domain user account has logged on and logged off, including the type of authentication.
SIEM Basics
In this hands-on lab, you will learn the basics of SIEMs, including basic functionality and practical applications. You will practice analyzing log files using the Wazuh SIEM.
Metasploit Basics
In this hands-on lab, you will learn the basics of Metasploit, a popular penetration testing tool. You will practice using some core features of Metasploit to identify and exploit vulnerabilities on a live server.
Incident Response Basics
In this hands-on lab, you will learn the basics of Incident Response, including its role in a security program and major phases. You will practice using incident response tools on a live system to capture memory and essential system files for further investigation.
Digital Forensics Basics
In this hands-on lab, you will learn the basics of digital forensics, including its role in an investigation and major phases. You will practice using the Autopsy forensics tool to analyze and retrieve evidence from a
Prove
Assess your knowledge and skills to identify areas for improvement and measure your growth
CompTIA Cybersecurity Analyst (CySA+) CS0-003
The CySA+ practice test helps students prepare for the CompTIA CySA+ CS0-003 certification exam. The CySA+ certification prepares students for careers in security analyst roles and is an approved certification under DOD 8570.
Train Your Team
Cybrary’s expert-led cybersecurity courses help your team remediate skill gaps and get up-to-date on certifications. Utilize Cybrary to stay ahead of emerging threats and provide team members with clarity on how to learn, grow, and advance their careers within your organization.
Instructors
Instructors
Get Hands-on Learning
Put your skills to the test in virtual labs, challenges, and simulated environments.
Measure Your Progress
Track your skills development from lesson to lesson using the Cybrary Skills Tracker.
Connect with the Community
Connect with peers and mentors through our supportive community of cybersecurity professionals.
Success from Our Learners
Frequently Asked Questions
This certification prep path is designed for mid-to-advanced career practitioners who are interested in earning their CySA+ certification.
There are no prerequisites for Cybrary’s CySA+ training course, but you will need four years of hands-on experience in incident response or related cybersecurity roles to obtain certification. CompTIA recommends earning your Network+ or Security+ certification before pursuing CySA+.
This certification prep path is aligned with the CS0-003 version of CySA+, released in June 2023.
The CompTIA CySA+ certification is the industry standard for Cybersecurity Analysts. CySA+ validates your ability to perform data analysis and interpret the results to identify vulnerabilities, threats and risks to an organization.
CySA+ demonstrates to employers that you have the skill required for a role in threat detection, incident response, or vulnerability management.
The CompTIA CySA+ exam contains multiple choice and performance-based questions on topics related to threat detection and analysis, threat management, incident response, and reporting. Cybrary’s CySA+ certification prep path covers all relevant topics and includes both labs for hands-on practice and a practice test that will ensure you’re ready for the official certification exam.
Earning your CySA+ certification will prepare you for a variety of cybersecurity roles, including security operations center (SOC) analyst, vulnerability analyst, cybersecurity specialist, threat intelligence analyst, security engineer, and more. CySA+ is an ideal advanced certification for validating your existing knowledge and growing your career in security analytics.
