CySA+: Hands-on Approach & Practice Tests All-in-One Course

Name: CySA+: Hands-on Approach & Practice Tests All-in-One Course
Rating: 4.4 (17 reviews)

Hands On Practical Experience

Created byMike S, Josh G

Last updated 1/2026

English

What you'll learn

Detect, analyze, respond to, and manage cybersecurity threats.
Hands-on application of CySA+ Objectives
600 Practice Questions and 2 Full length Exam Simulations
Security Operations and Monitoring, Threat and Vulnerability Management, Incident Response and Management, and Reporting and Communication

Course content

20 sections • 187 lectures • 41h 33m total length

Introduction3:03

Log Ingestion6:02
Lab 1a Log Ingestion (Windows)23:39
Lab 1b Log Ingestion (Linux)8:19
Log Ingestion Knowledge Check
Operating System (OS) Concepts5:34
Operating System Lab21:35
Operating System Concepts Knowledge Check
Infrastructure Concepts13:39
Infrastructure Concepts Lab1:08:03
Infrastructure Concepts Knowledge Check
Network Architecture27:56
Network Architecture Lab23:51
Network Architecture Knowledge Check
Identity and Access Management36:37
Identity and Access Management Lab14:09
Demonstrates the triple A framework: authentication, authorization, and accounting, through hands-on lab activities with Linux logins, directory permissions, and audit logs, plus a practical MFA setup.
Identity and Access Management Knowledge Check
Encryption13:50
Encryption Lab15:14
Demonstrates practical encryption lab techniques by hashing files to verify integrity, encrypting with OpenSSL AES-256-CBC, and generating and deploying self-signed PKI certificates for data at rest and in transit.
Encryption Knowledge Check
Sensitive Data Protection5:19
Sensitive Data Protection Lab5:03
Sensitive Data Protection Knowledge Check

Network Related26:14
Network Related Lab18:10
Detect command and control beacons using Rita, an open source network analytics tool, by converting a pcap to Zeek logs and examining beacon scores for C2 activity.
Network Related Quiz
Host Related14:25
Host Related Lab18:29
Application Related22:44
Application Related Lab Part 123:27
Application Related Lab Part 222:11
Application Related Quiz
Other8:54
Explore social engineering attacks and obfuscated links, including phishing and tailgating, and learn defenses such as awareness training, multi-factor authentication, and detection via baselining with behavior analytics.
Other Lab Intro2:43
Other Lab Solution13:43
Other Quiz

Tools33:32
Tools Lab 1 Intro5:32
Tools Lab 1 Solution13:26
Tools Lab 2 (Automation POC)24:39
Tools Lab 318:29
Tools Quiz
Common Techniques8:15
Common Techniques Lab Intro5:00
Common Techniques Lab Solution17:03
Common Techniques Quiz
Programming Languages and Scripting5:32
Programming Languages and Scripting Lab Intro7:47
Programming Languages and Scripting Lab Solution28:33
Programming Languages and Scripting Quiz

Threat Actors and TTPs12:28
Identify threat actors and map their tactics, techniques, and procedures to defend networks, exploring APTs, hacktivists, organized crime, nation state actors, insiders, script kiddies, and supply chain risks.
Threat Actors and TTPs Lab55:38
Threat Actors and TTPs Quiz
Confidence Levels10:39
Confidence Levels Lab26:46
Confidence Levels Quiz
Collection Methods and Sources9:55
Collection Methods and Sources Quiz
Threat Intelligence Sharing10:08
Explore how threat intelligence sharing strengthens incident response, vulnerability management, risk management, security engineering, and monitoring through shared indicators of compromise from Isacs, Cisa, and Traffic Light Protocol standards.
Collection Methods and Threat Intelligence Sharing Lab10:42
Threat Intelligence Sharing Quiz
Threat Hunting10:19
Threat Hunting Lab43:43
Threat Hunting Quiz

Standardized Processes8:21
Standardized Processes Lab24:39
Standardized Processes Quiz
Streamline Operations7:31
Streamline Operations Quiz
Technology and Tool Integration7:25
Integrate security tools through APIs, webhooks, and plugins to create a unified, automated workflow that speeds detections and reduces analyst workload.
Combined Streamline Operations and Tech and Tool Integration Lab19:48
Technology and Tool Integration Quiz
Single Pane of Glass7:54
Single Pane of Glass Lab14:02
Single Pane of Glass Quiz

Install OpenVAS Lab12:01
Install Openvas in a docker container on Ubuntu, mounting data and configuring health checks. Access the web GUI via port 9443 to support vulnerability management.
Install Nessus in Docker Lab14:01
Asset Discovery6:00
Asset Discovery Lab15:20
Asset Discovery with OpenVas Lab7:37
discover all network hosts with openvas lab, create a new target for an IP range, run a scan, review the hosts report, and compare automated results with nmap.
Asset Discovery Knowledge Check
Special Considerations4:48
Special Considerations Lab18:12
Special Considerations Knowledge Check
Internal vs External Scanning4:14
Internal vs External Scanning Lab15:07
Internal vs External Knowledge Check
Agent vs Agentless4:24
Agent vs Agentless Knowledge Check
Credentialed vs non-Credentialed3:58
Credentialed vs non-Credentialed Lab8:30
Credentialed vs non-Credentialed Knowledge Check
Active vs Passive Scanning Lab8:43
Static vs Dynamic3:31
Static vs Dynamic Lab4:09
This lab demonstrates the difference between static and continuous scanning by running a one-time credentialed Windows scan and then converting it into a weekly scheduled scan.
Static vs Dynamic Knowledge Check
Critical Infrastructure3:39
Critical Infrastructure Lab24:52
Run a vulnerability scan with Nessus on a critical hvac control system, mitigate identified flaws, and configure a Splunk dashboard to detect and monitor suspicious activity for Steel Mountain facility.
Critical Infrastructure Knowledge Check
Security Baseline Scanning3:29
Security Baseline Scanning Lab10:13
Security Baseline Scanning Knowledge Check
Industry Frameworks4:14
Industry Frameworks Lab5:00
Industry Frameworks Knowledge Checks

Common Vulnerability Scoring System Interpretation5:58
Common Vulnerability Scoring System Interpretation Lab10:22
Common Vulnerability Scoring System Interpretation Knowledge Check
Validation7:29
Validation Lab27:29
Learn to validate alerts in Splunk by classifying events as true/false positives and negatives, and quantify detection with precision, recall, and F1 for data-driven incident response.
Validation Knowledge Check
Context Awareness6:51
Context Awareness Lab10:20
Context Awareness Knowledge Check
Exploitability/weaponization10:11
Explore exploitability and weaponization, mapping how vulnerabilities become attacks through attack vectors and proof-of-concepts, and how attackers package, deliver, and operate exploits in the wild.
Exploitability/weaponization Lab14:33
Analyze vulnerability scenarios to assess exploitability and weaponization risk, then recommend detection, containment, and remediation actions through a walkthrough lab with real-world scenarios.
Exploitability/weaponization Knowledge Check
Asset Value10:11
Asset Value Lab26:37
Asset Value Knowledge Check
Zero Day8:03
Zero Day Lab32:36
Zero Day Knowledge Check

Requirements

CompTIA recommends 3-4 Years SOC Experience. If you are motivated you can do the course with less experience, but learning curve may be steep.

Description

In this course, your learning experience isn't limited to theory. We take you far beyond the lectures and slides. This is a hands on, lab driven program built to help you truly understand cybersecurity analysis, detection, and response techniques the way real SOC analysts do. Throughout the course, you'll work through over eighty hands on labs.

Nearly every lecture has a corresponding lab giving you the opportunity to immediately apply the concepts you just learned. These labs reinforce the theory, boost retention, and build real operational skills. To support these labs, every module includes step by step walk through documents. These walk throughs mirror the video lectures exactly. So whether you prefer to read, follow along visually, or reference material later, you'll always have a clear guide.

The combination of lecture plus walk through plus hands on ensures you understand not just what to do, but why you're doing it. The best part is that you don't need a high end laptop or a powerful workstation. Thanks to Docker based lab architecture, the entire practical environment runs in just two virtual machines, One Ubuntu server running Docker containers and one Windows eleven VM for endpoint activities. This lightweight setup lets you run enterprise grade tools without enterprise grade hardware. And, yes, these are real tools used in real security operations.

You will gain direct experience with technologies like Splunk, Wazet, Nessus, Velociraptor, and more. To make it fun and interesting, we've developed scenarios and attacks based on the TV show, Mr. Robot.

To help check your understanding, every lecture ends with a learning check. These are short quizzes designed to reinforce the concepts before you move on. And when you're ready to test your skills at the exam level, you'll have access to over six hundred test questions and two full length practice exam simulations. But you're not doing this alone. Enrollment in this course gives you access to our discord community where you can connect with instructors and fellow students, ask questions, share insights, and build relationships that support your learning journey.

In total, this course includes over forty hours of instructional video content. To make sure this course is a good fit for you, try the lab set up in the first size of plus objective lecture in labs for free.

Who this course is for:

Beginner/Intermediate SOC Analysts

CySA+: Hands-on Approach & Practice Tests All-in-One Course

What you'll learn

Explore related topics

Course content

Introduction1 lecture • 3min

Course Lab3 lectures • 1hr 11min

OBJ 1.1: System and network architecture concepts in security operations.15 lectures • 4hr 49min

OBJ 1.2: Given a scenario, analyze indicators of potentially malicious activity.10 lectures • 2hr 51min

OBJ 1.3: Use appropriate tools or techniques to determine malicious activity11 lectures • 2hr 48min

OBJ 1.4: Compare and contrast threat-intelligence and threat-hunting concepts.9 lectures • 3hr 10min

OBJ 1.5 Explain the importance of efficiency and process improvement in sec ops.7 lectures • 1hr 30min

OBJ 2.1 Given a scenario, implement vulnerability scanning methods and concepts.21 lectures • 3hr 2min

OBJ 2.2 Given a scenario, analyze output from vulnerability assessment tools2 lectures • 24min

OBJ 2.3 Given a scenario, analyze data to prioritize vulnerabilities.12 lectures • 2hr 51min

Requirements

Description

Who this course is for: