CompTIA Cybersecurity Analyst (CySA+) is an IT workforce certification that applies behavioral analytics to networks and devices to prevent, detect, and combat cybersecurity threats.
CompTIA CySA+ is the only intermediate high-stakes cybersecurity analyst certification with performance-based questions covering the following:
- Security analytics
- Intrusion detection
- Response
CompTIA certification exams are proctored in a highly secure environment at a Pearson VUE testing center. CompTIA CySA+ is the most up-to-date security analyst certification, covering advanced persistent threats in a post-2014 cybersecurity environment.
Successful candidates will have the following skills:
- Identify tools and techniques to perform an environmental reconnaissance of a target network or security system.
- Collect, analyze, and interpret security data from multiple log and monitoring sources.
- Use network host and web application vulnerability assessment tools and interpret the results to provide effective mitigation.
- Understand and remediate identity management, authentication, and access control issues.
- Participate in a senior role within an incident response team and use forensic tools to identify the source of an attack.
- Understand the use of frameworks, policies, and procedures and report on security architecture with recommendations for effective compensating controls.
The CompTIA CySA+ exam focuses on today’s best practices for configuring and using threat detection tools, performing data analysis, and interpreting the results to identify vulnerabilities, threats, and risks to an organization.
How many questions are on the CompTIA CySA+ exam?
The CompTIA CySA+ exam has a maximum of 85 questions.
After completing the exam, you will be asked to complete some optional exit survey information about your study practices and why you decided to get certified. This survey will consist of about 12 multiple-choice questions.
What types of questions are on the CompTIA CySA+ exam?
The CompTIA CySA+ exam includes multiple-choice questions, drag-and-drop activities, and performance-based questions. The multiple-choice questions are single- and multiple-response. Performance-based items test your ability to solve problems in a simulated environment.
Remember to manage your time wisely when solving these problems on your exam. Most of the performance-based questions will appear at the beginning of the exam, and you won’t be able to see a clock when working on the items.
Learn more about performance-based questions.
What are the CompTIA CySA+ exam domains and what do they cover?
The CompTIA CySA+ exam includes the following domains and topics:
- Threat management: Implement or recommend the appropriate response and countermeasure to a network-based threat
- Vulnerability management: Compare and contrast common vulnerabilities found in an organization
- Cyber-incident response: Summarize the incident recovery and post-incident response process
- Security architecture and tool sets: Review security architecture and make recommendations to implement compensating controls
Review the detailed exam objectives.
How long is the CompTIA CySA+ exam?
You will have 165 minutes to complete the exam. This does not include the time necessary to check in at the testing center, so plan to arrive early.
Ready to advance your skill level in cybersecurity?
CompTIA now offers several exam training options for CySA+ to fit your particular learning style and schedule. Many of these may be used in combination as you prepare for your exam.
There’s a wealth of information to take you from deciding if CompTIA CySA+ is right for you all the way to taking your exam. We’re with you every step of the way!
Buy CompTIA CySA+
Resources
- CySA+ Product Page
- Certification Training and Preparation
- CompTIA Career Pathways
- How Do I Get an IT Certification?