CS0-001-complete : Cybersecurity Analyst (CSA+)

Cybersecurity Analyst (CSA+)
ISBN : 978-1-61691-969-6
Pass CompTIA CS0-001 certification exam with Cybersecurity Analyst (CSA+) course and performance-based labs. Performance-based labs simulate real-world, hardware, software & command line interface environments and can be mapped to any text-book, course & training. CompTIA Cybersecurity Analyst (CSA+) certification exam is an international, vendor-neutral credential designed for IT security analysts, vulnerability analysts, or threat intelligence analysts to configure and use threat detection tools; perform data analysis; and interpret the results to identify vulnerabilities, threats, and risks to an organization with the end goal of securing and protecting applications and systems within an organization.


uCertify uses content from well known publishers, instructors, and subject matter experts. They have a minimum of 15 years of experience in their fields. uCertify brings these textbooks to life. It is full of interactive activities that keep the learner engaged. uCertify brings all available learning resources for a topic in one place so that the learner can efficiently learn without going to multiple places. Challenge questions are also embedded in the chapters so learners can attempt those while they are learning about that particular topic. This helps them grasp the concepts better because they can go over it again right away which improves learning. At the end of every lesson, uCertify courses guide the learners on the path they should follow.

uCertify platform supports 50+ different types of interactive activities, connect the idea, or try it yourself lab activities embedded throughout its course. These interactive activities keep learners engaged and make learning fun.

Here's What You Get

Flashcards Quizzes Glossary

Each lesson comes with Flashcards & Quizzes. There is no limit to the number of times learners can attempt these. Flashcards help master the key concepts. Glossary defines the key terms.

Glossary of terms

Test Prep & Practice Questions

uCertify provides full length practice tests. These tests closely follow the exam objectives and are designed to simulate real exam conditions. Each course has a number of test sets consisting of hundreds of items to ensure that learners are prepared for the certification exam.

Here's What You Get

Pre-assessments Questions
Full Length Tests
Post-Assessments Questions


Full Remediation

Each question comes with detailed remediation explaining not only why an answer option is correct but also why the incorrect answer options are incorrect.

Unlimited Practice

Each test can be taken unlimited number of times until the learner feels they are prepared. Learner can review the test and read detailed remediation. Detailed test history is also available.

Learn, Test and Review Mode

Each test set comes with learn, test and review modes. In learn mode, learners will attempt a question and will get immediate feedback and complete remediation as they move on to the next question. In test mode, learners can take a timed test simulating the actual exam conditions. In review mode, learners can read through one item at a time without attempting it.


Online labs can be used to supplement training. uCertify labs are an inexpensive & safe way to explore and learn. uCertify labs are versatile - labs simulate real-world, hardware, software & command line interface environments and can be mapped to any text-book, course & training.

Here's What You Get

Performance based lab

Hands on Activities

Assessing Information Security Risk

  • Adding revision to the revision history
  • Viewing and downloading the policy templates
  • Opening the policy template and setting the company name
  • Reviewing and modifying the policy items

Analyzing the Threat Landscape

  • Identifying the most significant emerging technologies of 2016
  • Consulting a vulnerability database
  • Finding information security blogs

Analyzing Reconnaissance Threats to Computing and Network Environments

  • Performing reconnaissance on a network
  • Installing Wireshark and WinPcap
  • Acquainting yourself with Wireshark's interface
  • Analyzing the capture file to find the attack(s)
  • Generating network traffic and using filter
  • Examining the traffic between client and server
  • Assessing the impact of malware

Analyzing Attacks on Computing and Network Environments

  • Confirming the spoofing attack in Wireshark
  • Identifying security apps available for Android
  • Examining the DDOS_Attack.pcap file

Analyzing Post-Attack Techniques

  • Downloading and running scanning tools

Managing Vulnerabilities in the Organization

  • Installing Tenable Nessus

Implementing Penetration Testing to Evaluate Security

  • Identifying search options in Metasploit
  • Performing initial scan

Collecting Cybersecurity Intelligence

  • Installing Snort
  • Exporting your Windows Server logs

Analyzing Log Data

  • Making syslog entries readable
  • Installing Splunk on the server

Performing Active Asset and Network Analysis

  • Manipulating Kali Linux VM's network interfaces
  • Retrieving a real-time list of running processes
  • Starting a live packet capture
  • Examining the ipconfig options
  • Initiating an SSH session from your Windows 10 client to your Windows Server
  • Using Process Explorer to view specific details about running processes on the system
  • Acquiring the Trojan horse simulator
  • Accessing remotely the DT_Watch folder to generate audit logs
  • Uploading the Trojan horse simulator to VirusTotal
  • Uploading the Trojan horse simulator to Malwr
  • Identifying a suspicious account on the Active Directory domain
  • Enabling auditing of the DT_Watch folder
  • Examining the audited events
  • Enabling logging for audited objects

Responding to Cybersecurity Incidents

Investigating Cybersecurity Incidents

Addressing Security Architecture Issues

  • Implementing security during the SDLC

Appendix A: Mapping Course Content to CyberSec First Responder (Exam CFR-210)

Appendix B: Mapping Course Content to CompTIA® CyberSecurity Analyst+ (Exam CS0-001)

Appendix C: Security Resources

Appendix D: U.S. Department of Defense Operational Security

Exam Information

The CompTIA Cybersecurity Analyst (CSA+) is an international, vendor-neutral cybersecurity certification that applies behavioral analytics to improve the overall state of IT security. CSA+ validates critical knowledge and skills that are required to prevent, detect, and combat cybersecurity threats.

Prepare for the following certification

Career Prospects
  • Security Analyst
  • Vulnerability Analyst
  • Cybersecurity Specialist
  • Threat Intelligence Analyst
  • Security Operations Center (SOC) Analyst
Exam FAQs
What are the prerequisites for this exam?
There is no required prerequisite for CompTIA CS0-001 certification exam, but the candidate should hold CompTIA Network+, Security+ or equivalent knowledge. He or she should have a minimum of 3-4 years of hands-on information security or related experience.
What is the exam registration fee?
USD 320

Pricing and taxes may vary from country to country.

Where do I take the exam?
What is the format of the exam?
Multiple-choice and performance-based
How many questions are asked in the exam?
The exam contains 85 questions.
What is the duration of the exam?
165 minutes
What is the passing score?

(on a scale of 100-900)

What is the validity of the certification?
TBD - Three years after launch.
Where can I find more information about this exam?
To know more about the CS0-001-complete, click here.

Table of Content

Here's What you will Learn

Lesson 1: Assessing Information Security Risk

  • TOPIC A: Identify the Importance of Risk Management
  • TOPIC B: Assess Risk
  • TOPIC C: Mitigate Risk
  • TOPIC D: Integrate Documentation into Risk Management
  • Summary

Lesson 2: Analyzing the Threat Landscape

  • TOPIC A: Classify Threats and Threat Profiles
  • TOPIC B: Perform Ongoing Threat Research
  • Summary

Lesson 3: Analyzing Reconnaissance Threats to Computing and Network Environments

  • TOPIC A: Implement Threat Modeling
  • TOPIC B: Assess the Impact of Reconnaissance Incidents
  • TOPIC C: Assess the Impact of Social Engineering
  • Summary

Lesson 4: Analyzing Attacks on Computing and Network Environments

  • TOPIC A: Assess the Impact of System Hacking Attacks
  • TOPIC B: Assess the Impact of Web-Based Attacks
  • TOPIC C: Assess the Impact of Malware
  • TOPIC D: Assess the Impact of Hijacking and Impersonation Attacks
  • TOPIC E: Assess the Impact of DoS Incidents
  • TOPIC F: Assess the Impact of Threats to Mobile Security
  • TOPIC G: Assess the Impact of Threats to Cloud Security
  • Summary

Lesson 5: Analyzing Post-Attack Techniques

  • TOPIC A: Assess Command and Control Techniques
  • TOPIC B: Assess Persistence Techniques
  • TOPIC C: Assess Lateral Movement and Pivoting Techniques
  • TOPIC D: Assess Data Exfiltration Techniques
  • TOPIC E: Assess Anti-Forensics Techniques
  • Summary

Lesson 6: Managing Vulnerabilities in the Organization

  • TOPIC A: Implement a Vulnerability Management Plan
  • TOPIC B: Assess Common Vulnerabilities
  • TOPIC C: Conduct Vulnerability Scans
  • Summary

Lesson 7: Implementing Penetration Testing to Evaluate Security

  • TOPIC A: Conduct Penetration Tests on Network Assets
  • TOPIC B: Follow Up on Penetration Testing
  • Summary

Lesson 8: Collecting Cybersecurity Intelligence

  • TOPIC A: Deploy a Security Intelligence Collection and Analysis Platform
  • TOPIC B: Collect Data from Network-Based Intelligence Sources
  • TOPIC C: Collect Data from Host-Based Intelligence Sources
  • Summary

Lesson 9: Analyzing Log Data

  • TOPIC A: Use Common Tools to Analyze Logs
  • TOPIC B: Use SIEM Tools for Analysis
  • TOPIC C: Parse Log Files with Regular Expressions
  • Summary

Lesson 10: Performing Active Asset and Network Analysis

  • TOPIC A: Analyze Incidents with Windows-Based Tools
  • TOPIC B: Analyze Incidents with Linux-Based Tools
  • TOPIC C: Analyze Malware
  • TOPIC D: Analyze Indicators of Compromise
  • Summary

Lesson 11: Responding to Cybersecurity Incidents

  • TOPIC A: Deploy an Incident Handling and Response Architecture
  • TOPIC B: Mitigate Incidents
  • TOPIC C: Prepare for Forensic Investigation as a CSIRT
  • Summary

Lesson 12: Investigating Cybersecurity Incidents

  • TOPIC A: Apply a Forensic Investigation Plan
  • TOPIC B: Securely Collect and Analyze Electronic Evidence
  • TOPIC C: Follow Up on the Results of an Investigation
  • Summary

Lesson 13: Addressing Security Architecture Issues

  • TOPIC A: Remediate Identity and Access Management Issues
  • TOPIC B: Implement Security During the SDLC
  • Summary

Lesson 14: Appendix A: Mapping Course Content to CyberSec First Responder (Exam CFR-210)

Lesson 15: Appendix B: Mapping Course Content to CompTIA® CyberSecurity Analyst+ (Exam CS0-001)

Lesson 16: Appendix C: Security Resources

  • TOPIC A: List of Security Resources

Lesson 17: Appendix D: U.S. Department of Defense Operational Security

  • TOPIC A: Summary of U.S. Department of Defense Operational Security Practices

uCertify provides courses, simulator, labs, test prep kits for IT certifications including Microsoft, Oracle, Cisco, CompTIA, CIW, PMI, ISC2, Linux, Zend, Google, IC3 , Adobe and many more.

© 2002-2017 uCertify. All Rights Reserved