CySA+ Cyber Range

The CySA+ range walks a student through defensive activities that they will need to undertake to secure their networks and applications from attackers.

3 hours, 30 minutes

The Labs

Train hands-on

  • CySA+ CTF

    30 minutes
    This CTF mainly focuses on the forensic side of security, meaning that it will be on the defending part. Challenges can include file format analysis, steganography, memory dump analysis, or network packet capture analysis.
  • CySA+ Digital Forensics Techniques

    30 minutes
    Digital Forensics is described as the preservation, identification, extraction, and documentation of computer evidence used by the court of law. It is a science of finding evidence from digital media like computers, mobile phones, servers, or networks. It gives the forensic the best techniques and tools to solve complicated digital-related cases. Digital Forensics assists the forensic team analyze, inspect, identify, and preserve the digital evidence residing on various electronic devices.● Recover, analyze, and preserve computers and related materials in such a manner that it allows the investigation agency to present them as evidence in a court of law.● Postulate the motive behind the crime and the identity of the main culprit.● Design procedures at a suspected crime scene and ensure that the digital evidence obtained is not corrupted.● Identify the evidence and estimate the potential impact of the malicious activity on the victim.
  • CySA+ Indicators of Compromise

    30 minutes
    Indicators of compromise (IOCs) are forensic data found in system log entries or files that identify conceivably malicious activity on a system or network. They assist information security and IT professionals in detecting data breaches, malware infections, or other threat activities. By monitoring IOCs, businesses can identify attacks and act quickly to stop violations from occurring or limit damages by preventing attacks in earlier stages.Indicators of compromise are vital components that lead information security and IT experts to discover malicious activity in the early stages. These unexpected actions are the red flags that indicate a possible or in-progress attack that could lead to a systems compromise. Moreover, IOCs are not constantly effortless to detect. They can be as simple as EXIF data components or astonishingly complex malicious code. Security Analysts frequently collect and classify many IOCs just to look for correlations and piece them together to analyze a potential threat or incident.
  • CySA+ Infrastructure Management

    30 minutes
    Infrastructures include different devices, topologies, logical constructions and separations, protocols, user authentication and monitoring services, logging, and security constructs. Maintaining security in such homogeneous environments means that several types of technologies, tools, and defense practices must be combined. Active defense practices aim to outmaneuver adversaries by implementing multiple layers of security and using offensive tools to prevent cyber attacks. These layers of security consist of decoy hosts and traps that are heavily monitored.
  • CySA+ IPS Rules

    30 minutes
    Intrusion Detection and Prevention Systems are network solutions that monitor, analyze and detect malicious traffic that make their decision based on rule sets, comparisons with known malware signatures, monitoring user behavior, or monitoring system settings and configurations. Snort is an open-source IDS/IPS that sniffs packets and determines if the traffic generated is malicious by comparing it to rulesets which can be customized and prioritized as needed.
  • CySA+ Log, SIEM, and Email Analysis

    30 minutes
    This lab showcases the importance of log files in maintaining security and identifying potential breaches and incidents. The lab also provides an overview of rule writing in Security Information and Event Management (SIEM) platforms, using logs that contain traces of a brute-force attack as an example.
  • CySA+ Software Assurance

    30 minutes
    Software assurance practices are procedures and policies followed to ensure that the software meets quality and security requirements.Static code analysis is the process of analyzing an application's source code without running them, meaning exhaustive tests can be performed without constructing a runtime environment or posing a risk to production systems, making this the preferred method for testing security flaws.

Plans & pricing

Infosec Skills Personal

$299 / year

  • 190+ role-guided learning paths (e.g., Ethical Hacking, Threat Hunting)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Custom certification practice exams (e.g., CISSP, Security+)
  • Skill assessments
  • Infosec peer community support

Infosec Skills Teams

$799 per license / year

  • Team administration and reporting
  • Dedicated client success manager
  • Single sign-on (SSO)
    Easily authenticate and manage your learners by connecting to any identity provider that supports the SAML 2.0 standard.
  • Integrations via API
    Retrieve training performance and engagement metrics and integrate learner data into your existing LMS or HRS.
  • 190+ role-guided learning paths and assessments (e.g., Incident Response)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Create and assign custom learning paths
  • Custom certification practice exams (e.g., CISSP, CISA)
  • Optional upgrade: Guarantee team certification with live boot camps

Learn about scholarships and financing with

Affirm logo

Unlock 7 days of free training

  • 1,400+ hands-on courses and labs
  • Certification practice exams
  • Skill assessments