We’ve been getting a lot of questions about our new CompTIA Cybersecurity Analyst (CySA+) exam, and we want to make sure you have the answers you need to decide whether or not it’s right for you. In this post, we’re answering some of your biggest questions.
Preparing for the Exam
What study materials and training are available for CySA+?
Because CySA+ is a new exam, new materials are constantly being developed and released. That said, there are already some available, so you can begin preparing!
To find study materials:
- Go to the CySA+ page.
- Click on Preparation.
- Select Training Materials or Classroom Training, depending on how you learn best.
- If you select Training Materials, leaving the Media Type open rather than selecting a specific type will provide you with the most robust list of materials available.
- If you don’t find something that meets your needs, check back frequently or sign up for email alerts about product updates. (Complete the “Get Sample Questions and Exam Objectives” form on the right-hand side of the page. You can also use the sample questions and exam objectives to prepare for the exam.)
How long will it take the average engineer to study for the exam?
The time needed to study will depend on your experience. Instructor-led training programs for CySA+ are usually five days (35 to 40 hours).
Will there be CertMaster for CySA+?
Yes, it's slated to be released by the end of June 2017.
What to Expect from the Exam
Does the exam include hands-on evaluation?
Yes, the exam includes performance-based questions as well as multiple choice questions. Some of our beta testers reported that answering the performance-based questions took them about one-third of the exam time.
What tools should candidates be familiar with in order to take the exam?
Candidates should know Wireshark, Bro and/or Snort at the very least.
Does the CySA+ exam cover aspects related to security analytics, data visualization, etc.?
Our research has shown security analytics is a broader term that includes threat management, vulnerability management, intrusion detection and response, and tools. For example, data visualization occurs in the threat management domain, as network reconnaissance tools and techniques are covered.
Do I need to know a programming language for this exam, and if so, which one(s)?
It depends on your situation. XML is used to create the drivers in the AlienVault security information and event management (SIEM) platform, for example, and can be customized. However, your primary job is to identify vulnerabilities introduced on the network as a result of poor programming in languages like C and C++, which are harder to secure.
Comparing CySA+ to Other Certifications
You can, but it’s not recommended. The CompTIA Cybersecurity Career Pathway shows how each certification builds on the previous one, and skipping Security+ could leave a gap in your baseline cybersecurity skills. We recommend having a minimum of three to four years of hands-on information security or related experience before taking the CySA+ exam.
Why is CySA+ a separate certification rather than an enhancement of Security+?
CySA+ includes more analytics with a different focus to address the growing specialization in cybersecurity. Security+ is a baseline of general cybersecurity knowledge and skills.
Will Security+ be updated to reflect the addition of CySA+?
Yes, the next Security+ exam will be released in October 2017 and will refocus on baseline cybersecurity skills. Trends indicate that cybersecurity jobs are becoming more specialized at the intermediate level, thus CySA+ will cover intermediate security analyst skills and Security+ will cover the baseline, entry-level skills.
How much does CySA+ overlap with CASP?
About 25 to 30 percent of the content overlaps, mainly under the topics of intrusion detection and vulnerability management.
How does CySA+ compare to other popular cybersecurity certifications?
CySA+ differs from others on the market because it’s a mid-level certification that focuses on security analytics for the security analyst job role. Many other certifications out there don't go into as much detail with analytics. CySA+ also focuses on defense, or “blue team,” cybersecurity skills rather than offense, or “red team,” skills.
Continuing Education (CE) and Renewal
How long is CySA+ good for, and how can it be renewed?
As with many CompTIA certifications, CySA+ is good for three years. We have a number of renewal options available and will be rolling out an enhanced CE program in the coming months. You can learn more in the CE section of the website.
I need to renew my Security+ certification. If I pass CySA+ or CompTIA Advanced Security Practitioner (CASP), will that renew it?
Yes, CySA+ and CASP both renew Security+, since they are considered higher-level certifications.
CySA+ and the Department of Defense (DoD)
Will CySA+ be approved by the DoD for 8570 requirements? If so, is there a date when you expect to receive approval?
CySA+ is ISO/ANSI 17024 accredited and is awaiting approval by the U.S. Department of Defense (DoD) for directive 8140/8570.01-M requirements. The DoD has approved CySA+ under 8570 as of October 2017.For more information on CySA+ and to receive updates, check out the CySA+ home page and download the Sample Questions and Exam Objectives.