CompTIA CySA+ (CS0-002)


The CompTIA Cybersecurity Analyst (CySA+ CS0-002) certification prepares you to identify and combat malware, advanced persistent threats (APTs), and other attacks that threaten an organization’s security. Enroll now to gain hands-on training as you build your skills in threat and vulnerability management, incident response, and more.

35 hours 14 minutes
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *

Already have an account? Sign In »

Course Content
Learn, Practice, Prove
Welcome and Introduction
Course Outline and Structure

2.1Threat and Data Intelligence

2h 18m

2.2Threat Intelligence and Organizational Security

1h 25m

2.3Vulnerability Management

2h 20m

2.4Vulnerability Scanning, Enumeration, and Assessment

3h 20m

2.5Vulnerabilities in Specialized Technology

1h 13m

2.6Cloud Service Model Vulnerabilities

1h 14m

2.7Software Vulnerabilities

2h 10m

3.1Infrastructure Management Solutions

4h 10m

3.2 Software Assurance


3.3Hardware Assurance


3.4CompTIA CySA+ - Study Break


4.1Security Monitoring

3h 20m

4.2Configuration Controls

2h 15m

4.3Threat Hunting



1h 7m

5.1Incident Response Process

1h 10m

5.2Applying Incident Response Procedures

1h 14m

5.3Indicators of Compromise (IoCs)

3h 15m

5.4Digital Forensics Techniques

1h 12m

6.1Data and Privacy Controls


6.2Organizational Risk Mitigation

1h 13m

6.3Frameworks, Policies, Procedures, and Controls

1h 14m

6.4CompTIA CySA+ Practice Test

Course Description

In this course, you will gain experience in the five major learning domains in the CompTIA CySA+, which include threat and vulnerability management, software and systems security, security operations and monitoring, incident response and compliance and assessment. This course includes illustrative written material, study flashcards, a glossary of key terms, video lessons that cover practice exam questions, virtual labs that align with the exam material, and challenge questions that give you all the practice you'll need to pass the exam. Beyond exam day, you will gain an understanding of the topics covered so that you can apply them in real-world scenarios. The material prepares you for various cybersecurity work roles, such as Systems Security Analyst, Threat Analyst, and Vulnerability Assessment Analyst.

This intermediate-level CySA+ course focuses on analysis and defense techniques leveraging data and tools to identify risks to an organization and apply effective mitigation strategies. They CySA+ is an approved baseline certification of the DoD Directive 8570.

Learning Objectives:

  • Provide a review of the following four skills: threat management, vulnerability management, security architecture and toolsets, and cyber incident response.
  • Supplemental self-study preparation resource for the CompTIA CySA+ exam.
  • Understand how to configure and use threat detection tools, perform data analysis, identify vulnerabilities, threats and risks, and secure and protect applications and systems within an organization.

Training Purpose: Certification Prep

Security Domains:

  • Protect and Defend
  • Operate and Maintain
  • Securely Provision

Specialty Areas:

  • Vulnerability Assessment and Management
  • Systems Analysis
  • Cyber Defense Analysis

Proficiency Area: Intermediate


While there are no specific prerequisites for you to take this course or sit for the CompTIA CySA+ exam, it’s recommended that students have knowledge of topics covered in the preceding CompTIA certifications such as A+, Network+ and Security+. You will have the best chance of success if you follow the cybersecurity pathway set up by CompTI, in which you have sat in for these prior exams before taking the CySA+. In addition, you should have computer skills and knowledge of computer networking.

Course Goals

By the end of this course, you should be able to:

  • Understand threat management and how to apply threat management techniques
  • Understand vulnerability management and how to apply vulnerability management techniques
  • Understand the process of cyber incident response
  • Recognize security architecture and toolsets
  • Determine which tools and technologies should be used given a specific scenario

What is the CompTIA CySA+ Certification?

The CompTIA Cybersecurity Analyst (CySA+) certification is an intermediate-level credential that uses behavioral analytics to identify and mitigate cyber threats and to prevent future attacks from occurring. The certification focuses on the individual’s abilities to proactively monitor, capture, and act on network findings, as well as emphasize application and software automation, security, IT compliance, and threat hunting--all of which affect the work of security analysts.

The CySA+ certification covers the latest core security analyst skillset used by application security analysts, threat intelligence analysts, threat hunters, incident responders, and compliance analysts to develop new methods for mitigating cyber threats inside and outside the Security Operations Center (SOC).

What Does the CySA+ Training Course Cover?

Our CompTIA CySA+ training course is designed to prepare students for the certification exam. It focuses on analysis and defense methods that leverage data and tools to identify cyber risks to an organization, and then how to apply mitigation strategies. The course covers the same objectives that are included on the CySA+ certification exam, which are to:

  • Leverage threat detection and intelligence techniques
  • Analyze and interpret data
  • Discover and address vulnerabilities
  • Recommend preventative methods
  • Respond and recover from any incidents effectively

To achieve those objectives, the course provides students with a review of vulnerability management, threat management, security architecture and tools, and incident response methods. Upon completing the CySA+ course, students should be proficient at configuring and using threat detection tools and techniques, performing data analysis, identifying weaknesses and risks, and securing and protecting systems and applications within an organization’s technology infrastructure. Students should also have all the skills and knowledge to successfully pass the CySA+ certification exam.

The CySA+ training totals 10 hours and 19 minutes of clock time, for which students earn 12 CEU/CPE and a Certificate of Completion.

How Hard is the CompTIA CySA+ Certification Exam?

With any exam, it’s important to consider the difficulty level and what material the test will cover – the CySA+ certification exam isn’t an exception. The exam is made up of multiple-choice questions, as well as several simulation-type questions, which can make it fairly difficult. A major part of the exam is regarding logging files and threat recognition techniques. Most IT professionals who have taken the CySA+ certification exam agree that this test falls somewhere in the intermediately difficult area, not easy but not terribly difficult.

The best way to ensure a passing score on the CySA+ exam is thorough preparation. This CySA+ training course, studying, and taking practice exams are the key to passing the test and earning the credential.

Is the CySA+ Certification Worth It?

The world today is flooded with technology, and that opens the door for more advanced, well-equipped cyber criminals looking to take advantage of any weaknesses they find. For that reason, organizations are working harder to find information security professionals to keep their digital assets safe. Organizations recognize the expertise of CompTIA certified professionals and utilize them to formulate and provide the proper protective measures to their sensitive data.

As a result, it’s beneficial for any IT professional’s career advancement to earn CompTIA certifications, including the CySA+ credential. It’s a validation of skills that can be a lucrative and exciting career for anyone who is interested in thwarting cyber criminals.

Is the CySA+ Certificate DoD Approved?

The U.S. Department of Defense (DoD) established the 8570 Directive that provides guidelines for the training, certification, and management of the department’s workforce. The certifications that are recognized by the DoD meet the department’s requirements and are seen as both valid and valuable. The CompTIA CySA+ certification is approved by the DoD as an 8570 baseline certification in five profession categories, four of which are for several Cybersecurity Service Provider roles and one that is for a level 2 Information Assurance Technical job.

How Long Should It Take to Study for the CySA+ Exam?

All of Cybrary’s courses are taught by subject matter experts, many who work in the field, so students are ensured to receive excellent training. Additionally, all courses are self-paced, allowing students to complete the training at the speed that works best for them and their schedule. Enrolling for the course is simple, just click on the Register button in the top right corner of the screen.