Cybersecurity Analyst+ (CySA+) (CS0-001)

Disclaimer: Tech-Act is an independent training services provider. Any use of third party trademarks, brand names, products and services is only referential.Tech-Act disclaims any sponsorship, affiliation or endorsement of or by any third parties. Tech-Act is an authorized training partner only where explicitly stated and as listed here.


IT Certification Training Courses
mta certification
microsoft technology associate certification
mcsa certification

Cybersecurity Analyst+ (CySA+) (CS0-001)

About This Course

CompTIA is a top-notch provider of vendor-neutral IT certification programs. Aimed at reviving the IT vertical, CompTIA’s IT certifications validate professionals with best practices and industry-grade expertise. With 2,000,000+ successful certifications, CompTIA is the most sought after IT certification domain when it comes to cybersecurity.

CompTIA’s CySA+ is a globally recognized and vendor neutral certification course in cybersecurity, which trains you to apply behavioral analytics for improving IT security. CySA+ validates professionals for critical skills and expertise required to avert, combat and detect cybersecurity vulnerabilities and threats.

CySA+ course instill skills to help you kick-start a career in IS analysis, which stands at 7th rank in the 100 best IT and tech jobs. In fact, it is estimated to be one of the fastest growing job categories by 2022. CySA+ certified cybersecurity experts tend to fetch an average salary of $90,120.

Who Should Attend This Course

CySA+ certification course is aimed at anyone interested to learn about cybersecurity or is looking out to hone his/her cybersecurity knowledge. The course prepares the candidates to pass CySA+ exam. It serves as a steppingstone to becoming an expert cybersecurity analyst.

Why This Course

Since cyber attackers use novel ways to evade firewalls, it is increasingly important to have analytics based approach in IT security for organizations. Behavioral analytics knowledge covered in the CySA+ course helps a person to identity as well as combat malware and advanced threats.

Here are few convincing reasons to why CySA+:

  • You learn to execute data analysis
  • CySA+ certification is in huge demand these days
  • One of the fastest growing job categories in cybersecurity
  • Industry supported.
  • CySA+ certification bridges skills gap between CASP and Security+ exams.


Did you know that experts with CompTIA CySA+ certification earn an average salary of around $90,120/annum. (Source:

Course Objectives

The CySA+ coursework covers the following aspects:

  • Network threats
  • Securing corporate enterprise network
  • Performing cybersecurity incident response
  • Determining impact of cyber incidents
  • Preparing cyber response and incident toolkit

Course Prerequisites

CompTIA recommends you to have Security+, Network+ or any equivalent knowledge before you take up the CySA+ certification course.

Basic understanding of IP/ TCP addressing, troubleshooting tools and core protocols.

Course Benefits

The course offers you with the following benefits:

CySA+ lets you:

  • Analyze and conduct reconnaissance
  • Respond to network threats
  • Secure corporate enterprise network
  • Perform cybersecurity incident response
  • Determine impact of cyber incidents
  • Prepare cyber response and incident toolkit


Threat Management


This section explains CompTIA Cybersecurity Analyst (CSA+) exam objectives. It discusses IT security, CSA+ critical knowledge and skills that are required to prevent, detect and combat cybersecurity threats.

Environmental Reconnaissance

This section covers the concepts and utilities used to gain information on a network through environmental reconnaissance. It explains the techniques like topology discovery, os fingerprinting, host scanning, network mapping, port scanning and more.

Network Reconnaissance

This section covers the concepts and practice of Network Reconnaissance. It explains what point-in-time data analysis is and how to use different analyzing tools to gather and interpret that information. It also discusses Data Analytics, data output from logs, captures, and scans.

Response and Countermeasures

This section explores common responses and countermeasures to address network-based threats such as Network segmentation, Honeypots, Endpoint security, ACLs, System Hardening, and Network Access Control(NAC) systems.

Corporate Environment Security

This section explains the purpose of practices used to secure a corporate environment. It demonstrates practices like Penetration Testing, Reverse Engineering, security training and exercises, and evaluating risk.

Vulnerability Management

Vulnerability Management

This section dives into the realm of data standards and specifications as part of vulnerability management. It covers HIPAA, FISMA, GLBA, do-not-call-list, Can-Spam Act of 2003, corporate policies as well as data classification.

Vulnerability Scanning

This section covers Vulnerability scan and analyze the output. It demonstrates the Nexpose Vulnerability Scanner to scan a network and explains the output to identify possible vulnerabilities, false positives, exceptions.

Common Vulnerabilities

This section explains common vulnerabilities to be aware of in today’s networks. It covers the components that can be exploited once vulnerabilities have been found such as server, end-points, routers and switches.

Cyber Incident Response

Incident Impact

This section talks about the concepts to determine the impact of incidents on an organization. It explores threat classification by determining known threats vs. unknown threats, zero day, severity and prioritization, downtime as well as recovery time. 

Forensics Tools

This section takes a look at the various forensics tools that can be used during an investigation. It covers forensic kits, write blockers, crime tape, chain of custody, incident response and forensics investigation suites.

Communication Process

This section explains the communication process during during an incident response. It covers stakeholders such as the CIO, CISO, incident response teams, human relations, public relations, legal advisors and role-based responsibilities.

Common Incident Symptoms

This sections explains common incident systems to determine the appropriate actions to support incident response. It discusses threat classification and the difference between known and unknown threats, zero day, severity and prioritization, downtime, PII, PHI and more.

Post Incident Response

This section summarizes the incident recovery and post-incident response process. Topics covered include: Call lists, Forensic Investigation suites, analysis utilities, chain of custody, hashing utilities, and log viewers.

Security Architecture and Tool Sets


This section discusses the importance of frameworks such as NIST, ISO, COBIT, SABSA, TOGAF and ITIL. It also explains why companies may be faced with regulatory compliance situations.

Identity Access Issues

This section explains the issues associated with identity and access issues. It covers context-based authentication, identity and identity repositories as well as federation and single sign-on vulnerabilities.

Security Architecture

This section discusses the relevance of analysis techniques. It covers software or hardware that will offer some form of logging capabilities which be a useful to help find trends, correlations, root causes and more.

Application Security

This section explores application security. It covers the risks and techniques to mitigate the risks. It demonstrates various testing techniques such as web app vulnerability scans and fuzzing.

Cybersecurity Tools

This section covers Cybersecurity Tools to be familiar with for the CSA+ exam. It explores preventative tools like IPS/IDS, Firewalls, Antivirus/Anti-malware, Web proxy, and Web Application Firewalls.


This section demonstrate the venerable Intrusion Detection System(IDS) known as Snort. It explain how to check Snort’s help system to get started with the most common options.


This section demonstrate the venerable packet capture and/or packet analyzer known as Wireshark. It explains how to launch Wireshark and connect to a network interface to quickly capture data.


This section demonstrate the venerable network host and port scanning software known as Nmap. It explains Nmap’s options and shows how to perform common tasks like host discovery, port filtering, Scan types, OS detection Versioning, and the Nmap Scripting Engine(NSE).

Practical Application

This section demonstrates some practical applications tools and techniques that they’ve been discussing throughout the series. It explains scanning a vulnerable machine and searching for ways to exploit the found vulnerabilities.

Schedule & Fees

Online Instructor Led Cybersecurity Analyst+ (CySA+) (CS0-001) Certification Training

Please contact us for more information on course fees and upcoming batch schedule.

Course FAQ

Why Tech-Act for CySA+?

  • Businesses are witnessing a skyrocketing number of cyber threats. As the cyber threats continue to evolve, the need for security experts is going up at a breakneck speed. CySA+ certification validates a person’s skills as a cybersecurity analyst. The course helps you learn analytical concepts to deal with cyber threats and attacks.

Tech-Act has been a known name in the IT ecosystem. We make sure that every trainer onboard is industry experienced and certified. Moreover, Tech-Act’s CySA+ coursework is designed keeping in mind a friendly learning agenda. The training covers all the necessary skills for becoming a cybersecurity analyst. Most important of all, we let you pick the pace of training.

Who will train me?

  • Tech-Act fully acknowledges the significance of cybersecurity and thereby, makes sure to employ only the best and trainers. Tech-Act is an authorized learning solutions provider for CompTIA, Red Hat, EC Council, Project Management Institute and a Person Vue Authorized Test Center.

What are the benefits of CySA+?

Following are the benefits:

  • Analyze and conduct reconnaissance
  • Respond to network threats
  • Secure corporate enterprise network
  • Perform cybersecurity incident response
  • Determine impact of cyber incidents
  • Prepare cyber response and incident toolkit

What’s the eligibility criteria?

CompTIA recommends you to have Security+, Network+ or any equivalent knowledge before you take up the course. Also, basic understanding of IP/ TCP addressing, troubleshooting tools and core protocols will make you good to go for the CySA+ certification course.

CySA+ is perfect for anyone interested to learn about cybersecurity. The coursework prepares you to pass CySA+ exam. It caters as a steppingstone to becoming an expert cybersecurity analyst.




Your Cart