Learning Path

CompTIA Cybersecurity Analyst (CySA+)

Learn to use behavioral analytics to prevent, detect and combat cyber threats as a cybersecurity analyst.

What you will learn

This learning path teaches you the tools and techniques used by cybersecurity analysts and prepares you for the CompTIA Cybersecurity Analyst CySA+ CS0-002 exam. Seventeen courses build on your existing security knowledge and walk you through the key concepts covered in the five CySA+ CS0-002 certification exam objectives: threat and vulnerability management, software and systems security, security operations and monitoring, incident response, and compliance and assessment. Upon completion, you’ll be prepared to earn your CompTIA Cybersecurity Analyst (CySA+) certification and validate your skills as a cybersecurity analyst.

Wistia video thumbnail


The Importance of Threat Data and Intelligence

Course — 00:29:02

This course discusses intelligence sources and confidence levels and introduces other important threat analysis concepts, such as threat indicators and threat trends.

Threat Intelligence in Support of Organizational Security

Course — 00:22:57

This course explains how threat intelligence contributes to organizational security. It covers the use of attack frameworks, threat research, and threat modeling.

Vulnerability Management Activities

Course — 00:40:23

This course walks through the vulnerability management process, from vulnerability identification and scanning to validation and remediation.

Vulnerability Assessment Tools

Course — 01:29:57

This course discusses different types and uses of vulnerability assessment tools, including Web application scanners, wireless and cloud assessment tools, and tools related to preventative measures.

Threats and Vulnerabilities Associated with Specialized Technology

Course — 00:37:09

This course explains threats and vulnerabilities specific to mobile and IoT devices, embedded systems and firmware, and other specialized technologies, such as connected vehicles.

Threats and Vulnerabilities Associated with Operating in the Cloud

Course — 00:22:19

This course describes cloud service and deployment models, discusses common cloud vulnerabilities and other concepts related to cloud security.

Mitigating Controls for Attacks and Software Vulnerabilities

Course — 00:38:39

This course provides an overview of common attacks on applications, including injection and overflow attacks, and explains effective mitigation strategies.

Security Solutions for Infrastructure Management

Course — 00:32:55

This course covers important infrastructure security topics, including secure network architecture, physical security, identity and access management, and more.

Software Assurance Best Practices

Course — 00:27:35

This course describes common software architecture types, introduces the concept of DevSecOps, and provides and overview of secure software development process and secure coding practices.

Hardware Assurance Best Practices

Course — 00:21:55

This course discusses important topics related to hardware security, including trusted hardware, hardware encryption, secure processing, trusted foundry, and anti-tamper techniques.

Data Analysis in Security Monitoring Activities

Course — 01:12:35

This course goes into detail on security data sources, collection tools, and analysis techniques.

Implement Configuration Changes to Existing Controls to Improve Security

Course — 00:26:33

This course provides an overview of best practices for configuring file and resource permissions, firewalls and intrusion prevention systems, and endpoint security solutions.

The Importance of Proactive Threat Hunting

Course — 00:18:34

This course explains the concept of threat hunting and walks though the process and effective application of the results.

Compare and Contrast Automation Concepts and Technologies

Course — 00:26:30

This course explains the importance of automation in security and explains its common uses, including malware signature creation, analyzing threat feeds, and others.

The Importance of the Incident Response Process

Course — 00:17:18

This course highlights the importance of Incident Response, explaining roles and responsibilities and active preparation.

Appropriate Incident Response Procedures

Course — 00:06:36

This course walks through the phases of Incident Response and highlights the three key components: communication, analysis, and reporting,

Analyze Potential Indicators of Compromise

Course — 00:15:55

This course explores common network, host, and application symptoms that may indicate a compromise.

Utilize Basic Digital Forensic Techniques

Course — 00:52:59

This course discusses digital forensics, from the key principles, procedures and tools to the process of forensic analysis and mobile and cloud forensics.

The Importance of Data Privacy and Protection

Course — 00:22:48

This course explains the concept of data privacy and provides an overview of common technical and non-technical data security controls.

Security Concepts in Support of Organizational Risk Mitigation

Course — 00:24:09

This course explains important risk management topics, including Business Impact Analysis (BIA), risk identification, and the role of training and supply chain assessment.

The Importance of Frameworks, Policies, Procedures, and Controls

Course — 00:31:20

This course provides and overview of common cybersecurity frameworks, explains different types of security policies, procedures, and controls.

CySA+ Cyber Range

Cyber Range — 03:30:00

The CySA+ range walks a student through defensive activities that they will need to undertake to secure their networks and applications from attackers.

CySA+ Practice Exam

Assessment — 150 questions — 01:15:00

CompTIA CySA+ Skill Assessment

Assessment — 150 questions — 01:15:00

Meet the author

Mike Meyers, affectionately called the “Alpha Geek,” is the industry’s leading authority on CompTIA certifications. He is the president and co-founder of Total Seminars, LLC, a provider of PC and network repair seminars, books, videos and courseware for thousands of organizations throughout the world. Mike has been involved in the computer and network repair industry since 1987 as a technician, instructor, author, consultant and speaker. He has sold over a million IT and certification books, including the best-selling CompTIA A+ Certification All-in-One Exam Guide and CompTIA Network+ Certification All-in-One Exam Guide. He has personally taught thousands of students, including U.S. senators, U.S. Supreme Court Justices, members of the United Nation, every branch of the U.S. Armed Forces, many branches of the Department of Justice, hundreds of corporate clients and academic students at every level.

The details

Learning path insights

How to claim CPEs

Should you complete this learning path, you’ll be able to download a certificate of completion. Use this to claim your CPEs or CPUs.

Associated NICE Work Roles

All Infosec training maps directly to the NICE Workforce Framework for Cybersecurity to guide you from beginner to expert across 52 Work Roles.

  • Law Enforcement / Counterintelligence Forensics Analyst
  • Cyber Defense Forensics Analyst
  • Network Operations Specialist

No software. No set up. Unlimited access.

Skip the server racks and spin up a realistic environment with one click. Infosec Skills cyber ranges require no additional software, hardware or server space so your team can spend less time configuring environments and more time learning. Unlimited cyber range access is included in every lnfosec Skills subscription so your team can skill up however they learn best.

Plans & pricing

  • Infosec Skills Personal

    $299 / year

    • 190+ role-guided learning paths (e.g., Ethical Hacking, Threat Hunting)
    • 100s of hands-on labs in cloud-hosted cyber ranges
    • Custom certification practice exams (e.g., CISSP, Security+)
    • Skill assessments
    • Infosec peer community support
  • Infosec Skills Teams

    $799 per license / year

    • Team administration and reporting
    • Dedicated client success manager
    • Single sign-on (SSO)
      Easily authenticate and manage your learners by connecting to any identity provider that supports the SAML 2.0 standard.
    • Integrations via API
      Retrieve training performance and engagement metrics and integrate learner data into your existing LMS or HRS.
    • 190+ role-guided learning paths and assessments (e.g., Incident Response)
    • 100s of hands-on labs in cloud-hosted cyber ranges
    • Create and assign custom learning paths
    • Custom certification practice exams (e.g., CISSP, CISA)
    • Optional upgrade: Guarantee team certification with live boot camps

Unlock 7 days of free training

  • 1,400+ hands-on courses and labs
  • Certification practice exams
  • Skill assessments

You're in good company


We use Infosec Skills to provide continuous training to our technicians and to prepare them for various certifications. Infosec Skills allows us to create personalized training programs that focus on each of our technicians’ particular roles and see their progress as they take courses. We also, recommend it to clients to make their IT support teams better.

Caleb Yankus


This has been utilized to bridge the skills gap across our cyber team and to aid them as they prepare for their various certifications. It also has provided a nice learning foundation for our various cyber team members to utilize as we continue to find ways for cross-utilization with operations while minimizing the downtime needed to ensure everyone’s knowledge is the same.

Daniel Simpson


We use Infosec Skills to provide base level knowledge for employees. We also use the services to provide in depth learning for employees as they encounter new technologies. If an employee is is assigned to a new project, we can rely on Infosec Skills to provide a rapid concentrated learning environment. This rapid concentrated learning positions our employees for success.

Infosec Skills Teams client