CompTIA CySA+ Training Boot Camp

The CompTIA CySA+ Boot Camp is a comprehensive five-day training that teaches you the knowledge and skills required to configure and use the latest industry-standard threat detection tools. Throughout the cybersecurity program, you will learn how to perform data analysis to identify vulnerabilities and expose cyber threats — with the ultimate goal of helping organizations protect and secure their applications and systems.

You will leave with the required knowledge to pass your CySA+ exam,...

5 Days
Open Enrollment
Offered in partnership with your preferred school

George Mason University

Change School
Learning method

for additional information

Course code: LBC103

What you will learn

  • Applying environmental reconnaissance techniques and analyzing the results
  • Implementing or recommending responses to network-based threats
  • Implementing a vulnerability management process
  • Identifying common vulnerabilities and analyzing vulnerability scans
  • Analyzing threat data to determine the impact of threats
  • Preparing toolkits and supporting incident response
  • Using data to recommend remediation of security issues

How you will benefit

  • You will verify that you have the knowledge and skills required to configure and use the latest industry-standard threat detection tools, analyze data, and identify vulnerabilities in the results, exposing threats and risks to an organization.
  • You will prepare to pass the CompTIA CySA+ exam
  • The provided information security theory is also enforced through hands-on exercises
  • Learn how to configure and operate many different technical security controls over the course of the 5-day boot camp
  • The CySA+ certification meets 8570.1 mandate and is approved for five job categories, including 1) Information Assurance Technician Level II, 2) Cybersecurity Service, 3) Provider (CSSP) – Analyst, 4) CSSP – Incident Response, 5) CSSP – Infrastructure Support, 6) CSSP – Auditor

How the course is taught

  • Live Online, Instructor-Led
  • 5 Days to complete Boot Camp
  • 90-day extended access to all boot camp materials
  1. Day 1 - Threat and Vulnerability Management
    1. Explain the importance of threat data and intelligence
      1. Intelligence sources
      2. Confidence levels
      3. Indicator management
      4. Threat classification
      5. Threat actors
      6. Intelligence cycle
      7. Commodity malware
      8. Information sharing and analysis communities
    2. Given a scenario, utilize threat intelligence to support organizational security
      1. Attack frameworks
      2. Threat research
      3. Threat modeling methodologies
      4. Threat intelligence sharing with supported functions
    3. Given a scenario, perform vulnerability management activities
      1. Vulnerability identification
      2. Validation
      3. Remediation/Mitigation
      4. Scanning parameters and criteria
    4. Given a scenario, analyze the output from common vulnerability assessment tools
      1. Web application scanner
      2. Infrastructure vulnerability scanner
      3. Software assessment tools and techniques
      4. Enumeration
      5. Wireless assessment tools
      6. Cloud infrastructure assessment tools
    5. Explain the threats and vulnerabilities associated with specialized technology
      1. Mobile
      2. Internet of Things (IoT)
      3. Embedded
      4. Real-time operating system (RTOS)
      5. System-on-Chip (SoC)
      6. Field programmable gate array (FPGA)
      7. Physical access control
      8. Building automation systems
      9. Vehicles and drones
      10. Workflow and process automation systems
      11. Industrial control system
      12. Supervisory control and data acquisition (SCADA)
    6. Explain the threats and vulnerabilities associated with operating in the cloud
      1. Cloud service models
      2. Cloud deployment models
      3. Function as a Service (FaaS)/serverless architecture
      4. Infrastructure as code (IaC)
      5. Insecure application programming interface (API)
      6. Improper key management
      7. Unprotected storage
      8. Logging and monitoring
    7. Given a scenario, implement controls to mitigate attacks and software vulnerabilities
      1. Attack types
      2. Vulnerabilities
  2. Day 2 - Software and Systems Security
    1. Given a scenario, apply security solutions for infrastructure management
      1. Cloud vs. on-premises
      2. Asset management
      3. Segmentation
      4. Network architecture
      5. Change management
      6. Virtualization
      7. Containerization
      8. Identity and access management
      9. Cloud access security broker (CASB)
      10. Honeypot
      11. Monitoring and logging
      12. Encryption
      13. Certificate management
      14. Active defense
    2. Explain software assurance best practices
      1. Platforms
      2. Software development life cycle (SDLC) integration
      3. DevSecOps
      4. Software assessment methods
      5. Secure coding best practices
      6. Static analysis tools
      7. Dynamic analysis tools
      8. Formal methods for verification of critical software
      9. Service-oriented architecture
      10. Markup Language (SAML)
    3. Explain hardware assurance best practices
      1. Hardware root of trust
      2. Unified Extensible Firmware Interface (UEFI)
      3. Trusted foundry
      4. Secure processing
      5. Anti-tamper
      6. Self-encrypting drive
      7. Trusted firmware updates
      8. Measured boot and attestation
      9. Bus encryption
  3. Day 3 - Security Operations and Monitoring
    1. Given a scenario, analyze data as part of security monitoring activities
      1. Heuristics
      2. Trend analysis
      3. Endpoint
      4. Network
      5. Log review
      6. Impact analysis
      7. Security information and event management (SIEM) review
      8. Query writing
      9. Email analysis
    2. Given a scenario, implement configuration changes to existing controls to improve security
      1. Permissions
      2. Allowlisting
      3. Denylisting
      4. Firewall
      5. Intrusion prevention system (IPS) rules
      6. Data loss prevention (DLP)
      7. Endpoint detection and response (EDR)
      8. Network access control (NAC)
      9. Sinkholing
      10. Malware signatures
      11. Sandboxing
      12. Port security
    3. Explain the importance of proactive threat hunting
      1. Establishing a hypothesis
      2. Profiling threat actors and activities
      3. Threat hunting tactics
      4. Reducing the attack surface area
      5. Bundling critical assets
      6. Attack vectors
      7. Integrated intelligence
      8. Improving detection capabilities
    4. Compare and contrast automation concepts and technologies
      1. Workflow orchestration
      2. Scripting
      3. Application programming interface (API) integration
      4. Automated malware signature creation
      5. Data enrichment
      6. Threat feed combination
      7. Machine learning
      8. Use of automation protocols and standards
      9. Continuous integration
      10. Continuous deployment/delivery
  4. Day 4 - Incident Response
    1. Explain the importance of the incident response process
      1. Communication plan
      2. Response coordination with relevant entities
      3. Factors contributing to data criticality
    2. Given a scenario, apply the appropriate incident response procedure
      1. Preparation
      2. Detection and analysis
      3. Containment
      4. Eradication and recovery
      5. Post-incident activities
    3. Given an incident, analyze potential indicators of compromisee
      1. Network-related
      2. Host-related
      3. Application-related
    4. Given a scenario, utilize basic digital forensics techniques
      1. Network
      2. Endpoint
      3. Mobile
      4. Cloud
      5. Virtualization
      6. Legal hold
      7. Procedures
      8. Hashing
      9. Carving
      10. Data acquisition
  5. Day 5 - Compliance and Assessment
    1. Understand the importance of data privacy and protection
      1. Privacy vs. security
      2. Non-technical controls
      3. Technical controls
    2. Given a scenario, apply security concepts in support of organizational risk mitigation
      1. Business impact analysis
      2. Risk identification process
      3. Risk calculation
      4. Communication of risk factors
      5. Risk prioritization
      6. Systems assessment
      7. Documented compensating controls
      8. Training and exercises
      9. Supply chain assessment
    3. Explain the importance of frameworks, policies, procedures and controls
      1. Frameworks
      2. Policies and procedures
      3. Category
      4. Control type
      5. Audits and assessments

Boot camps are led by instructors that have years of industry experience and are recognized as subject matter experts


This course is intended for cybersecurity analysts, vulnerability analysts, cybersecurity specialists, or anyone interested in building their skills as an analyst.

Certification Requirements:

Although not required, CompTIA recommends three to four years of hands-on information security experience, as well as a Network+, Security+ certification or equivalent knowledge.


Hardware Requirements:

  • This course can be taken on either a PC, Mac, or Chromebook.
  • A microphone.
  • Speakers.
  • Webcam.

Software Requirements:

  • PC: Windows 7 or later.
  • Mac: macOS 10.7 or later.
  • Browser: The latest version of Google Chrome or Mozilla Firefox is preferred. Microsoft Edge and Safari are also compatible.
  • Microsoft Word Online.
  • Adobe Acrobat Reader.
  • Zoom Meetings.
  • Software must be installed and fully operational before the course begins.


  • Email capabilities and access to a personal email account.

Instructional Material Requirements:

The student materials required for this course are included in enrollment and will be available online.

The median cybersecurity analyst salary in the United States is $74,952 per year. However, a CySA+ salary can vary—with some professionals making up to $119,588 per year—based on experience in the cybersecurity space and location. Earning the CySA+ will open the door to career advancement opportunities and in-demand positions.

The U.S. Bureau of Labor Statistics (BLS) predicts that the information security analyst field will grow 31% through 2029. This is much faster than the average growth rate of 4 percent expected across all occupations.

Yes. Sample CySA+ practice questions are included with your course. You will have unlimited attempts to complete CySA+ practice exams as you study and prepare for certification.

Cybersecurity analyst is a popular job title for CySA+ holders. Almost half of all cybersecurity analysts are in the early stages of their careers, having entered the field 0-4 years ago, so it is a great entry point into a field and a position that will help you launch a career in cyber security.

Cybersecurity analysts (CSAs) use analytics tools to design security integration solutions that aid the detection of and response to security incidents. These professionals effectively use behavioral threat assessment tools to analyze risks to the information systems of their organization while ensuring business continuity and the availability of data and services. They also work to identify patterns and expose anomalies that could indicate cyberattacks and then take action to proactively protect against malicious events before they develop.

Yes, you will be prepared to take the CompTIA Cybersecurity Analyst (CySA+) certification exam.

You can register for the boot camp whenever you are ready. Our team will help you select the session that will best fit you.

Yes, ed2go courses are completely online. However, keep in mind that not all certifying bodies or industry-specific certifications are recognized internationally. Please review your country's regulations prior to enrolling in courses that prepare for certification.

The boot camp is 5 days in length. You will have 3 months from the completion of the boot camp to access all boot camp materials.

The boot camp instructor will be available during the session to answer any questions. You will also have access to the Infosec Skills platform where you will be able to create support requests, as needed.

Upon successful completion of your boot camp session, you will be awarded a certificate of completion from Infosec and the school or organization that you registered through.

ed2go courses will help you gain the skills and knowledge you need to take the next step in your career and stand out to potential employers. However, you should always research the job market in your area before enrolling.

ed2go courses are non-credit, so they do not qualify for federal aid, FAFSA, and Pell Grant. In some states, vocational rehab or workforce development boards may provide funding to take our courses. Additionally, you may qualify for financial assistance if you meet certain requirements. Learn more about financial assistance.

If you have questions that are not answered on our website, representatives are available via LIVE chat. You can also call us at 1-877-221-5151 during regular business hours to have your questions promptly answered. If you are visiting us during non-business hours, please send us a question using the "Contact Us."