COMP-202
CompTIA CySA+ Bootcamp
Description
This 5-day intensive Bootcamp prepares cybersecurity professionals for the CompTIA CySA+ (CS0-003) certification. It focuses on applying behavioral analytics to networks to improve security posture, detect threats, perform incident response, and manage vulnerabilities—equipping learners with critical skills for a Security Operations Center (SOC) role.
U.S. DoDM 8140.03 APPROVED BY DEPARTMENT OF DEFENSE
Prerequisite
Security+ or equivalent is preferred.
Objectives
By the end of this course, participants will:
- Use threat detection tools and techniques to identify Indicators of Compromise (IOCs).
- Analyze network, host, and application vulnerabilities.
- Apply appropriate response techniques during security incidents.
- Configure and manage threat detection systems (SIEM, IDS/IPS).
- Understand and implement cybersecurity frameworks and compliance controls.
Key Takeaways
- Proficiency in threat detection and analysis using real-world tools
- Understanding of vulnerability management and risk mitigation
- Hands-on experience with SIEM, packet capture, and log analysis
- Preparedness for CySA+ certification exam (CS0-003)
- Exposure to common frameworks and regulatory standards (NIST, GDPR, etc.)
Who Is This For
CySA+ is tailored for IT professionals with intermediate cybersecurity experience (security analysts, incident responders, and threat hunters) looking to advance their skills in threat detection and response. Ideal candidates include IT support technicians, network administrators, or those with CompTIA Security+ or equivalent knowledge, aiming to specialize in analyzing and mitigating cyber threats in roles like SOC analyst or cybersecurity specialist.
Certificate of Completion
- Certificate of Completion issued after successful completion of all chapters, hands-on exercises, and course evaluation.
- Certificate is downloadable from the Ghost Team Academy Education Portal.
Training Outline
Day 1: Threat and Vulnerability Management
- Topics:
- Cybersecurity frameworks (NIST, ISO, MITRE ATT&CK)
- Threat intelligence types and sources
- Vulnerability scanning and assessment tools
- Prioritizing vulnerabilities using CVSS risk rating
- Labs/Exercises: Run a Nessus scan, interpret CVE data, threat intel report
- Exam Domain Focus: Threat & Vulnerability Management (22%)
Day 2: Security Operations and Monitoring
- Topics:
- Security monitoring tools (SIEM, log analyzers)
- Understanding logs (auth logs, event logs, firewall logs)
- Packet capture and traffic analysis (Wireshark, tcpdump)
- Detecting lateral movement and anomalies
- Labs/Exercises: SIEM event analysis, traffic capture, log correlation
- Exam Domain Focus: Security Operations & Monitoring (25%)
Day 3: Incident Response
- Topics:
- Incident response process and lifecycle
- Types of attacks (malware, phishing, web-based, insider threats)
- Containment, eradication, and recovery procedures
- Digital forensics basics and evidence handling
- Labs/Exercises: Simulate an incident response, analyze phishing emails
- Exam Domain Focus: Incident Response (23%)
Day 4: Security Architecture and Tools
- Topics:
- Secure network architecture (DMZ, segmentation, zero trust)
- IDS/IPS, firewalls, proxies, endpoint protection
- Access control models and identity management
- Cloud and virtualization security considerations
- Labs/Exercises: Configure firewall rules, analyze endpoint alerts
- Exam Domain Focus: Security Architecture & Tools (18%)
Day 5: Governance, Risk, and Compliance + Exam Prep
- Topics:
- Risk management principles
- Security policies, procedures, and awareness training
- Regulatory compliance: HIPAA, PCI-DSS, GDPR, SOX
- Final exam review and practice test
- Labs/Exercises: Evaluate a risk register, compliance checklist audit
- Exam Domain Focus: Governance, Risk & Compliance (12%)
Exam Prep & Practice
- Daily review questions and summaries
- Full-length timed practice exam (CS0-003 format)
- Key definitions, tools, and methodologies
- Final Q&A and test-taking strategies
