Welcome to ONLC Training Centers

CompTIA Cybersecurity Analyst (CSA+) Training Course Outline

 (5 days)
Version 001

This course is intended for those wishing to qualify with CompTIA CSA+ Cybersecurity Analyst Certification. CompTIA's CSA+ Certification is an intermediate-level certificate for IT professionals with previous experience of working in the field of IT security. The CompTIA CSA+ examination is designed for IT security analysts, vulnerability analysts, or threat intelligence analysts. The exam will certify that the successful candidate has the knowledge and skills required to configure and use threat detection tools, perform data analysis, and interpret the results to identify vulnerabilities, threats, and risks to an organization with the end goal of securing and protecting applications and systems within an organization.

Certification track
This courseware bears the seal of CompTIA Approved Quality Content. This seal signifies this content covers 100% of the exam objectives and implements important instructional design principles. CompTIA recommends multiple learning tools to help increase coverage of the learning objectives. The contents of this training material were created for the CompTIA CSA+ Cybersecurity Analyst Certification CS0-001 exam covering the 2017 Edition certification exam objectives.

*** NOTE: This class also available in On-Demand, eLearning Format ***
Too busy at work to miss 5 days out of the office to take this class? Consider the CompTIA On-Demand version of this course. Watch videos, take the same hands-on labs, access an online expert 24/7, and study at on your own time, at your own pace. For details on this alternative format, go to
CompTIA On-Demand Cybersecurity Analyst (CSA+) Certification Training

Target audience and course prerequisites
CompTIA CSA+ certification is aimed at IT professionals with (or seeking) job roles such as IT Security Analyst, Security Operations Center (SOC) Analyst, Vulnerability Analyst, Cybersecurity Specialist, Threat
Intelligence Analyst, and Security Engineer.

Ideally, you should have successfully completed:
CompTIA Network+ Certification AND Security+ Certification courses or have equivalent knowledge before attending this training.

Specifically, it is recommended that you have the following skills and knowledge before starting this course:
◾ Know basic network terminology and functions (such as OSI Model, Topology, Ethernet, Wi-Fi, switches, routers).
◾ Understand TCP/IP addressing, core protocols, and troubleshooting tools.
◾ Identify network attack strategies and defenses.
◾ Know the technologies and uses of cryptographic standards and products.
◾ Identify network- and host-based security technologies and practices.
◾ Describe the standards and products used to enforce security on web and communications technologies.

Additional Notes Regarding CompTIA Certification Exams
As with most professional IT certifications, many addition hours of study are required before the class (meeting the prerequisites) and after the class (reviewing exam objectives and practice questions). Expect to spend a significant number of hours studying outside of the class before you take a CompTIA or any other IT professional exam.

Course Outline

Module 1 Threat Management 1
◾Cybersecurity Analysts
Cybersecurity Roles and Responsibilities
Frameworks and Security Controls
Risk Evaluation
Penetration Testing Processes
◾Reconnaissance Techniques
The Kill Chain
Open Source Intelligence
Social Engineering
Topology Discovery
Service Discovery
OS Fingerprinting

Module 2 Threat Management 2
◾Security Appliances
Configuring Firewalls
Intrusion Detection and Prevention
Configuring IDS
Malware Threats
Configuring Anti-virus Software
Enhanced Mitigation Experience Toolkit
◾Logging and Analysis
Packet Capture
Packet Capture Tools
Monitoring Tools
Log Review and SIEM
SIEM Data Outputs
SIEM Data Analysis
Point-in-Time Data Analysis

Module 3 Vulnerability Management
◾Managing Vulnerabilities
Vulnerability Management Requirements
Asset Inventory
Data Classification
Vulnerability Management Processes
Vulnerability Scanners
Microsoft Baseline Security Analyzer
Vulnerability Feeds and SCAP
Configuring Vulnerability Scans
Vulnerability Scanning Criteria
Exploit Frameworks
◾Remediating Vulnerabilities
Analyzing Vulnerability Scans
Remediation and Change Control
Remediating Host Vulnerabilities
Remediating Network Vulnerabilities
Remediating Virtual Infrastructure Vulnerabilities
◾Secure Software Development
Software Development Lifecycle
Software Vulnerabilities
Software Security Testing
Interception Proxies
Web Application Firewalls
Source Authenticity
Reverse Engineering

Module 4 Cyber Incident Response
◾Incident Response
Incident Response Processes
Threat Classification
Incident Severity and Prioritization
Types of Data
◾Forensics Tools
Digital Forensics Investigations
Documentation and Forms
Digital Forensics Crime Scene
Digital Forensics Kits
Image Acquisition
Password Cracking
Analysis Utilities
◾Incident Analysis and Recovery
Analysis and Recovery Frameworks
Analyzing Network Symptoms
Analyzing Host Symptoms
Analyzing Data Exfiltration
Analyzing Application Symptoms
Using Sysinternals
Containment Techniques
Eradication Techniques
Validation Techniques
Corrective Actions

Module 5 Security Architecture
◾Secure Network Design
Network Segmentation
Blackholes, Sinkholes, and Honeypots
System Hardening
Group Policies and MAC
Endpoint Security
◾Managing Identities and Access
Network Access Control
Identity Management
Identity Security Issues
Identity Repositories
Context-based Authentication
Single Sign On and Federations
Exploiting Identities
Exploiting Web Browsers and Applications
◾Security Frameworks and Policies
Frameworks and Compliance
Reviewing Security Architecture
Procedures and Compensating Controls
Verifications and Quality Control
Security Policies and Procedures
Personnel Policies and Training

View outline in Word


Attend hands-on, instructor-led CompTIA Cybersecurity Analyst (CSA+) Training training classes at ONLC's more than 300 locations. Not near one of our locations? Attend these same live classes from your home/office PC via our Remote Classroom Instruction (RCI) technology.

For additional training options, check out our list of Courses and select the one that's right for you.

Microsoft Gold Partner
Class Dates
(click date for class times)
(click Enroll for locations)

Fee:  $2495

Savings options:

 15 Day Pass
 CEA Tech Saver
Need a price quote?

Follow the link to our self-service price quote form to generate an email with a price quote.

Email Alert

Receive an email when this class is available as "Ready to Run" or "Early Notice" status.

Attend from your office or home

If you have high-speed internet and two computers you can likely take this class from your office or home.

Need a class for a group?

We can deliver this class for a private group at your location. Follow the link to request more information.

Attend computer classes from ONLC Training Centers Request a copy via mail


Class Format
Class Policies
Student Reviews

Bookmark and Share

First Name

Last Name