TGS-2024049211 — CompTIA CySA+ CS0-003 Hands-On Labs

Course: WSQ — CompTIA Cybersecurity Analyst (CySA+) Training Course Code: TGS-2024049211 Register here: https://www.tertiarycourses.com.sg/wsq-comptia-cybersecurity-analyst-cysa-training.html

These are the official hands-on lab exercises for the WSQ CompTIA Cybersecurity Analyst (CySA+) Training course delivered by Tertiary Infotech Academy Pte Ltd.

A complete set of 30 step-by-step labs aligned to the CompTIA CySA+ CS0-003 exam objectives. Most labs run on the free Killercoda Ubuntu Playground (https://killercoda.com/playgrounds/scenario/ubuntu) — no local install required. A few use free web tools or free virtual appliances.

---

How to use

1. Open the Killercoda playground in your browser: https://killercoda.com/playgrounds/scenario/ubuntu
2. Pick a lab from the list below and follow the steps in order.
3. Reset the playground between labs that change firewall rules or install heavy services.
4. See labs/tools.md for every free tool used (with install commands and download links).

---

Lab catalogue

Domain 1 — Security Operations (33%)

• Lab 1 — Log Ingestion and Time Synchronization
• Lab 2 — OS Hardening and System Process Inspection
• Lab 3 — Network Segmentation and Zero Trust
• Lab 4 — Detecting Malicious Network Activity
• Lab 5 — Host-Based IOC Hunting
• Lab 6 — Packet Capture for Threat Hunting
• Lab 7 — SIEM Log Correlation
• Lab 8 — Email Header Analysis (SPF/DKIM/DMARC)
• Lab 9 — Malware Triage with Hashing and VirusTotal
• Lab 10 — Threat Intelligence and MITRE ATT&CK

Domain 2 — Vulnerability Management (30%)

• Lab 11 — Asset Discovery with Nmap
• Lab 12 — Vulnerability Scanning with OpenVAS
• Lab 13 — Web App Scanning with OWASP ZAP
• Lab 14 — Web Recon with Nikto and Burp Suite
• Lab 15 — Metasploit Framework Basics
• Lab 16 — CVSS Scoring and Prioritization
• Lab 17 — Exploiting and Mitigating XSS and SQL Injection
• Lab 18 — Patch Management and Hardening
• Lab 19 — Attack Surface Reconnaissance

Domain 3 — Incident Response and Management (20%)

• Lab 20 — Cyber Kill Chain and ATT&CK Mapping
• Lab 21 — Evidence Acquisition and Chain of Custody
• Lab 22 — Memory Forensics with Volatility
• Lab 23 — Log Analysis for Incident Response
• Lab 24 — Containment with Host Isolation
• Lab 25 — Incident Response Playbook and Tabletop

Domain 4 — Reporting and Communication (17%)

• Lab 26 — Vulnerability Management Report
• Lab 27 — Executive Incident Report
• Lab 28 — Security Metrics Dashboard (MTTD/MTTR)
• Lab 29 — Compliance Reporting (PCI DSS / ISO 27001)
• Lab 30 — Stakeholder Communication and Lessons Learned

---

Reference

• labs/README.md — Lab index grouped by domain with software requirements
• labs/tools.md — Complete list of free tools (Killercoda + external)
• cmptia_cysaplus_cso-003.pdf — Official exam blueprint

---

Free tools used

All tooling is 100% free. The bulk runs inside the disposable Killercoda VM via apt. A few labs use free web tools (VirusTotal, AbuseIPDB, MITRE ATT&CK Navigator) or free virtual appliances (DVWA, Metasploitable, OpenVAS / Greenbone CE).

Full tool list: labs/tools.md.