Scroll to top button

Pearson CompTIA Cybersecurity Analyst (CySA+)

ISBN : 9781616919931

Gain hands-on experience to pass the CompTIA CySA+ CS0-001 certification exam with the CompTIA Cybersecurity Analyst (CySA+) course and lab. The lab is cloud-based, device-enabled, and can be easily integrated with an LMS. Interactive chapters comprehensively cover CompTIA CySA+ CS0-001 certification exam objectives and teach you how to configure and use threat detection tools; perform data analysis, and interpret the interpret the reports to protect an organization by identifying vulnerabilities, threats, and risks.

The CompTIA Cybersecurity Analyst (CySA+) certification is an internationally acknowledged vendor-neutral credential that applies behavioral analytics to improve the overall state of IT security. CompTIA CySA+ CS0-001 exam validates the critical knowledge and skills that are required to prevent, detect, and combat cybersecurity threats. The CS0-001 exam is also designed for IT security analysts, vulnerability analysts, or threat intelligence analysts.

Glossary of terms
Pre Assessment Questions
Post Assessment Questions
Performance lab
Learn the real world skills using LiveLab.
Video Tutorials
Video tutorials

Videos and How To

uCertify course includes videos to help understand concepts. It also includes How Tos that help learners with how to accomplish certain tasks.

Video Lessons
Exam related FAQs
What are the prerequisites for this exam? There is no required prerequisite for CompTIA CS0-001 certification exam, but the candidate should hold CompTIA Network+, Security+ or equivalent knowledge. Candidate should have a minimum of 3-4 years of hands-on information security or related experience.
What is the exam registration fee? USD 346
Where do I take the exam? Pearson VUE
What is the format of the exam? Multiple-choice and performance-based
How many questions are asked in the exam? The exam contains 85 questions.
What is the duration of the exam? 165 minutes
What is the passing score? 750

(on a scale of 0-900)

What is the exam's retake policy?

In the event that you fail your first attempt at passing the CySA+ examination, CompTIA's retake policies are:

  1. CompTIA does not require a waiting period between the first and second attempt to pass such examination. However, if you need a third or subsequent attempt to pass the examination, you shall be required to wait for a period of at least 14 calendar days from the date of your last attempt before you can retake the exam.
  2. If a candidate has passed an exam, he/she cannot take it again without prior consent from CompTIA.
  3. A test result found to be in violation of the retake policy will not be processed, which will result in no credit awarded for the test taken. Repeat violators will be banned from participation in the CompTIA Certification Program.
  4. Candidates must pay the exam price each time they attempt the exam. CompTIA does not offer free re-tests or discounts on retakes.
What is the validity of the certification? CompTIA CySA+ certification expires after three years from the date of issue, after which the certification holder will need to renew their certification via CompTIA's Continuing Education Program.
Where can I find more information about this exam? To know more about the pearson-cysa-plus-complete, click here.
Which certification covers this exam?
What are the career opportunities after passing this exam?
  • Security Analyst
  • Vulnerability Analyst
  • Cybersecurity Specialist
  • Threat Intelligence Analyst
  • Security Operations Center (SOC) Analyst
  • Goals and Methods
  • Who Should Read This Book?
  • Strategies for Exam Preparation
  • Procedures/Common Tasks
  • Variables
  • Tools
  • Review All Key Topics
  • Point-in-Time Data Analysis
  • Data Correlation and Analytics
  • Data Output
  • Tools
  • Review All Key Topics
  • Network Segmentation
  • Honeypot
  • Endpoint Security
  • Group Policies
  • ACLs
  • Hardening
  • Network Access Control
  • Review All Key Topics
  • Penetration Testing
  • Reverse Engineering
  • Training and Exercises
  • Risk Evaluation
  • Review All Key Topics
  • Identification of Requirements
  • Establish Scanning Frequency
  • Configure Tools to Perform Scans According to Specification
  • Execute Scanning
  • Generate Reports
  • Remediation
  • Ongoing Scanning and Continuous Monitoring
  • Review All Key Topics
  • Analyzing Output Resulting from a Vulnerability Scan
  • Common Vulnerabilities Found in Targets Within an Organization
  • Review All Key Topics
  • Threat Classification
  • Factors Contributing to Incident Severity and Prioritization
  • Forensics Kit
  • Forensic Investigation Suite
  • Review All Key Topics
  • Stakeholders
  • Purpose of Communication Processes
  • Role-Based Responsibilities
  • Using Common Symptoms to Select the Best Course of Action to Support Incident Response
  • Review All Key Topics
  • Containment Techniques
  • Eradication Techniques
  • Validation
  • Corrective Actions
  • Incident Summary Report
  • Review All Key Topics
  • Regulatory Compliance
  • Frameworks
  • Policies
  • Controls
  • Procedures
  • Verifications and Quality Control
  • Review All Key Topics
  • Security Issues Associated with Context-Based Authentication
  • Security Issues Associated with Identities
  • Security Issues Associated with Identity Repositories
  • Security Issues Associated with Federation and Single Sign-on
  • Exploits
  • Review All Key Topics
  • Security Data Analytics
  • Manual Review
  • Defense in Depth
  • Review All Key Topics
  • Best Practices During Software Development
  • Secure Coding Best Practices
  • Review All Key Topics
  • Preventative Tools
  • Collective Tools
  • Analytical Tools
  • Exploit Tools
  • Forensics Tools
  • Review All Key Topics
  • Lesson 1: Reconnaissance Techniques
  • Lesson 2: Network Reconnaissance
  • Lesson 3: Response and Counter Measures
  • Lesson 4: Securing Corporate Environments
  • Lesson 5: Implementing the Information Security Vulnerability Management Process
  • Lesson 6: Analyze Output of Vulnerability Scan
  • Lesson 7: Compare and Contrast Common Vulnerabilities
  • Lesson 8: Determine Impact of an Incident
  • Lesson 9: Forensics Tools and Investigation
  • Lesson 10: Incident Reporting and Communications
  • Lesson 11: Analyzing Incident Response Symptoms and Recovery Techniques
  • Lesson 12: Post-Incident Response Process
  • Lesson 13: Frameworks, Common Policies, Controls, and Procedures
  • Lesson 14: Access Control and Access Management Remediation
  • Lesson 15: Reviewing Security Architectures
  • Lesson 16: Software Development Lifecycle (SDLC) Best Practices
  • Lesson 17: Cybersecurity Tools and Technologies

Hands on Activities (Labs)

  • Performing reconnaissance on a network
  • Downloading and running scanning tools
  • Initiating an SSH session from your Windows 10 client to your Windows Server
  • Opening the policy template and setting the company name
  • Reviewing and modifying the policy items
  • Adding revision to the revision history
  • Identifying security apps available for Android
  • Accessing remotely the DT_Watch folder to generate audit logs
  • Acquiring the Trojan horse simulator
  • Uploading the Trojan horse simulator to VirusTotal
  • Uploading the Trojan horse simulator to Malwr
  • Identifying a suspicious account on the System User Groups
  • Enabling auditing of the DT_Watch folder
  • Enabling logging for audited objects
  • Examining the audited events
  • Implementing security during the SDLC
  • Collecting network-based security intelligence
  • Installing Wireshark and WinPcap
  • Acquainting yourself with Wireshark's interface
  • Analyzing the capture file to find the attack(s)
  • Generating network traffic and using filter
  • Examining the traffic between client and server
  • Confirming the spoofing attack in Wireshark
  • Conducting vulnerability scans
  • Installing Splunk on the server
  • Manipulating Kali Linux VM's network interfaces
  • Starting a live packet capture
  • Using Process Explorer to view specific details about running processes on the system
  • Examining the ipconfig options and creating the activity log
  • Identifying search options in Metasploit
  • Performing initial scan

Customer Testimonials

Robert Gustafsson
uCertify training program for CompTIA Cybersecurity Analyst (CySA+). At first, I was skeptical since there was a lot of reading and not so much instructor videos. After reading a few chapters I found myself more involved and enjoying myself learning. Ucertify has found a perfect balance with just enough reading and then challenging you with quizzes and labs
Orji Ngozi Edith
I am very happy that I chose uCertify CompTIA CySA+ cert guide ( for the exam prep. The course fulfills your requirements for the exam preparation. The course has interactive learning resources like quizzes, flashcards, pre and post assessments that reflect the complete exam objectives.
Ch Qasim Raza
I have just completed the uCertify CompTIA Cybersecurity Analyst (CySA+) course. The course had complete and authentic information about the curriculum and also formulated as per the learning objectives. It is also proven to be a swiss knife for my future references.