What Is on the CompTIA CySA+ Exam?

CompTIA Cybersecurity Analyst (CySA+) is an IT workforce certification that applies behavioral analytics to networks and devices to prevent, detect and combat cybersecurity threats.

CompTIA CySA+ is the only intermediate high-stakes cybersecurity analyst certification with performance-based questions covering the following:

  • Security analytics
  • Intrusion detection
  • Response

CompTIA certification exams are proctored at a Pearson VUE testing center in a highly secure environment. CompTIA CySA+ is the most up-to-date security analyst certification that covers advanced persistent threats in a post-2014 cybersecurity environment.

Successful candidates will have the following skills:

  • Identify tools and techniques to use to perform an environmental reconnaissance of a target network or security system
  • Collect, analyze, and interpret security data from multiple log and monitoring sources
  • Use network host and web application vulnerability assessment tools and interpret the results to provide effective mitigation
  • Understand and remediate identity management, authentication and access control issues
  • Participate in a senior role within an incident response team and use forensic tools to identify the source of an attack
  • Understand the use of frameworks, policies, and procedures and report on security architecture with recommendations for effective compensating controls

The CompTIA CySA+ exam focuses on today’s best practices to configure and use threat detection tools, perform data analysis and interpret the results to identify vulnerabilities, threats and risks to an organization.

How Many Questions are on the CompTIA CySA+ Exam?

The CompTIA CySA+ exam has a maximum of 85 questions.

After completing the exam, you will be asked to fill out some optional exit survey information about your study practices and why you decided to get certified. This will consist of about 12 multiple choice questions.

What Types of Questions are on the CompTIA CySA+ Exam?

The CompTIA CySA+ exam includes a combination of multiple-choice, drag-and-drop activities, and performance-based questions. The multiple-choice questions are single- and multiple-response. Performance-based items test your ability to solve problems in a simulated environment.

Remember to manage your time wisely when solving these problems on your exam. Most of the performance-based questions will appear at the beginning of the exam, and you won’t be able to see a clock when working on the items.

Click here to learn more about performance-based questions or to try a sample of a performance-based question.

What Are the CompTIA CySA+ Exam Domains and What Do They Cover?

The CompTIA CySA+ exam includes the following domains and topics:

  • Threat Management: Implement or recommend the appropriate response and countermeasure to a network-based threat
  • Vulnerability Management: Compare and contrast common vulnerabilities found in an organization
  • Cyber-Incident Response: Summarize the incident recovery and post-incident response process
  • Security Architecture and Tool Sets: Review security architecture and make recommendations to implement compensating controls

Click here to review the detailed exam objectives

How Long Is the CompTIA CySA+ Exam?

You will have 165 minutes to complete the exam. This does not include the time necessary to check in at the testing center, so plan to arrive early.

Ready to Advance Your Skill Level in Cybersecurity?

CompTIA now offers a number of exam training options for CySA+ to fit your particular learning style and schedule, many of which may be used in combination with each other as you prepare for your exam.

There’s a wealth of information to take you from deciding if CompTIA CySA+ is right for you, all the way to taking your exam. We’re with you every step of the way!