Introduction

Representing one of the newest in professional IT workforce certifications, CompTIA’s Cyber Security Analyst certification, or CySA+, is a child of necessity (the mother of invention). Covering a broad swath of cybersecurity skills and knowledge, CySA+ stands out for the fact that it covers the newer approaches to cyberattacks that have been wreaking havoc in the business IT world in recent years. 

This article will detail the history of this certification, including what CySA+ is, the domains of knowledge the certification exam covers and current exam details. This will provide an insightful view into how CySA+ is one of the most relevant certifications available to information security professionals today. If you are not currently unaware of how CySA+ came about and how it fits into today’s world, read on.


What is CySA+?

The CompTIA CySA+ certification is the first intermediate professional IT workforce certification that focuses on the latest in cyberattack approaches and technologies. This certification verifies that the certification holder can proficiently use security-based behavioral analytics, or security analytics, to detect, prevent and combat cyberattacks against organization networks and devices. This is a marked departure from pre-existing cybersecurity certifications that fell short in addressing the rise in the new approaches to cyberattacks. 

CySA+ history

CompTIA first released the CySA+ certification on February 15, 2017. The first version of this exam was CS0-001 and at the time of writing this article, this is the only version yet released. 

You may be asking yourself what happened to the CSA+ certification. Actually, what happened was that an undisclosed copyright issue arose with the naming acronym CSA+, so it was renamed to CySA+ to avoid further issues. Despite the name change, none of the material covered has changed at all.

CySA+ certification exam details

Before we delve into the proverbial nuts and bolts of the certification exam details, one thing must be made clear. CompTIA does not strictly require that any certain perquisites are satisfied before you can earn the CySA+ certification. Rather, CompTIA advances a short list of recommendations. 

While a bright cybersecurity analyst that has not satisfied these recommendations could potentially pass the certification exam, I would not recommend taking that route. The certification exam is made in part with performance-based questions that challenge your real-world, hands-on cybersecurity skills, but more on this later.

Regarding the pre-certification exam recommendations, CompTIA recommends the following:

  • Three to four years of hands-on information security experience: This can be in any of the related job fields to cybersecurity analyst (it is not an exclusive list)
  • Having previously earned either the Security+ or Network+ certifications, or having the equivalent knowledge

Not too bad in terms of recommendations — just two and many have already satisfied these. 

Once you make it past these, you still need to know about the vital exam details. What you need to know about the exam is as follows:

  • Number of questions: A maximum of 85 questions
  • Length of exam: 165 minutes
  • Minimum passing score: 750 (possible range is 100-900)
  • Question format: Exam is made up of multiple-choice and performance-based questions
  • Lifetime of certification: Three years, with an option of renewal

Performance-based questions

While not unique in terms of other CompTIA certifications of the intermediate level, one of the things that sets CySA+ apart from other cybersecurity certifications is the use of performance-based questions. This form of exam question uses a simulation for the practice of real-world skills and knowledge and is then followed by questions. 

This is one of the main reasons for the recommendation for three to four years of hands-on information security experience. Sometimes doing is the best form of learning and it can be difficult to effectively learn hands-on skills from books or the internet, so I would say this recommendation is well-founded.

Domains of knowledge

CySA+ covers four main domains of knowledge. These domains are:

  • 1.0 Threat Management
  • 2.0 Vulnerability Management
  • 3.0 Cyber Incident Response
  • 4.0 Security Architecture and Tool Sets

Relevance in today’s world

Everyone knows that the information security landscape is rapidly changing. Effectively dealing with change like this entails response and sometimes, this response needs to be timely. CySA+ is an example of a response to the changing information security battlefield and this should be a feather in the cap of this certification.

For the longest time, cyberattackers focused on signature-based attacks — and a lot of these attacks ended up with firewalls being in their crosshairs. Then, beginning around 2013, this started to change. Cyberattackers started shifting their focus to different approaches to their attacks including advanced persistent threat, the target breach and other approaches. This presented a challenge to the information security community, as other certifications did not adequately address this change.

CySA+ was the collective response by some in the information security community to this changing cyberattack landscape. You can objectively say that the CySA+ certification is an example of a direct response to new challenges in information security. 

As is well known, cause and effect are powerful forces in the world — CySA+ serves as the effect of the cause that is the new approaches to cyberattacks. CySA+ is one of the most relevant information security certifications today, equipping certification holders with a verification of a relevant and very useful skill set. 

Conclusion

CySA+ is a relatively new information security certification that fits into the Intermediate level of certifications. This certification verifies a high caliber of security analytics-based cybersecurity skills that will solidly improve the overall health of an organization’s information security environment. Moreover, this certification is very relevant, as it is the response of the information security community to new cyberattack approaches and technologies. Certifications as useful and relevant as this do not come along every day. 

 

Sources

  1. CompTIA CySA+ Overview, CompTIA
  2. CompTIA Cybersecurity Analyst (CySA+): Your Questions Answered, CompTIA
  3. CompTIA Cybersecurity Analyst (CySA+) Certification Exam Objectives, CompTIA

Be Safe

Section Guide

Greg
Belding

View more articles from Greg

Earn your CySA+ the first time with Infosec and pass your exam, GUARANTEED!

Section Guide

Greg
Belding

View more articles from Greg