CompTIA Certifications

CompTIA CySA+

CompTIA Cybersecurity Analyst+

Overview

The CompTIA Cybersecurity Analyst (CySA+) examination is the only intermediate high-stakes cybersecurity analyst certification with performance-based questions covering security analytics, intrusion detection and response. High-stakes exams are proctored at a Pearson VUE testing center in a highly secure environment. CySA+ is the most up-to-date security analyst certification that covers advanced persistent threats in a post-2014 cybersecurity environment. The behavioral analytics skills covered by the CompTIA CySA+ certification identify and combat malware and advanced persistent threats (APTs), resulting in better threat visibility across a broad attack surface by focusing on network behavior, including an organization’s interior network. The exam will certify that the successful candidate has the knowledge and skills required to:

  • Leverage intelligence and threat detection techniques
  • Analyze and interpret data
  • Identify and address vulnerabilities
  • Suggest preventative measures
  • Effectively respond to and recover from incidents

CompTIA CySA+ meets the ISO 17024 standard and is approved by U.S. Department of Defense to fulfill Directive 8570.01-M requirements. It is compliant with government regulations under the Federal Information Security Management Act (FISMA). Regulators and government rely on ANSI accreditation because it provides confidence and trust in the outputs of an accredited program. Over 1.3 million CompTIA ISO/ANSI-accredited exams have been delivered since January 1, 2011.

Exam Domains

CySA+ CS0-001

Domain
% of Exam
Threat Management
27%
Vulnerability Management
26%
Cyber Incident Response
23%
Security and Architecture Tool Sets
24%

CySA+ CS0-002

Domain
% of Exam
Threat and Vulnerability Management
22%
Software and Systems Security
18%
Security Operations and Monitoring
25%
Incident Response
22%
Compliance and Assessment
13%

Intended Job Roles

  • IT Security Analyst
  • Security Operations Center (SOC) Analyst
  • Vulnerability Analyst
  • Cybersecurity Specialist
  • Threat Intelligence Analyst
  • Security Engineer

Organizations That Contributed to Exam Development

  • US Department of Veteran Affairs
  • US Navy
  • Target
  • RICOH USA
  • Northrop Grumman
  • Washington State Patrol
  • Linux Professional Institute
  • Boulder Community Health
  • Western Governor's University
  • BlacKnight Cyber Security International

Why did CompTIA develop CySA+?

As attackers have learned to evade traditional signature-based solutions, an analytics-based approach has become extremely important. CySA+ applies behavioral analytics to the IT security market to improve the overall state of security.

CySA+ also bridges the professional level CompTIA Security+ (which targets cybersecurity professionals with at least two years of on-the-job experience) and the mastery level CompTIA Advanced Security Practitioner CASP certification (which targets security pros with five or more years of experience).

Exam Details

Exam Codes CS0-001 CS0-002
Launch Date  February 15, 2017 April 21, 2020
Exam Description The CompTIA Cybersecurity Analyst (CySA+) certification verifies that successful candidates have the knowledge and skills required to configure and use threat detection tools, perform data analysis and interpret the results to identify vulnerabilities, threats and risks to an organization, with the end goal of securing and protecting applications and systems within an organization. The CompTIA Cybersecurity Analyst (CySA+) certification verifies that successful candidates have the knowledge and skills required to leverage intelligence and threat detection techniques, analyze and interpret data, identify and address vulnerabilities, suggest preventative measures, and effectively respond to and recover from incidents.
Number of Questions Maximum 85 questions
Type of Questions Multiple choice and performance-based
Length of Test 165 minutes
Passing Score 750 (on a scale of 100-900)
Recommended Experience Network+, Security+ or equivalent knowledge. Minimum of 3-4 years of hands-on information security or related experience. While there is no required prerequisite, CySA+ is intended to follow CompTIA Security+ or equivalent experience and has a technical, hands-on focus. Network+, Security+ or equivalent knowledge. Minimum of 4 years of hands-on information security or related experience.
Languages English, Japanese and Simplified Chinese English, Japanese, TBD - others
Retirement  October, 2020 TBD - Usually three years after launch