CySA+ exam objectives
To achieve CompTIA Cybersecurity Analyst (CySA+) certification, you must pass the current version of the CySA+ exam which was last updated in April 2020. The exam covers the five objectives, or domains listed below:
-
Threat and Vulnerability Management (22%)
Covers vulnerability management strategies as well as how to decipher and apply threat intelligence data to support organizational security.
-
Software and Systems Security (18%)
Covers software and hardware assurance best practices and how to apply effective security solutions for the protection of infrastructure and systems.
-
Security Operations and Monitoring (25%)
Covers the principles of continuous data monitoring for improved security and how to implement configuration changes to existing controls.
-
Incident Response (22%)
Covers how to analyze potential IOCs, apply appropriate incident response procedure(s) and utilize basic digital forensic techniques where needed.
-
Compliance and Assessment (13%)
Covers how to apply risk mitigation strategies according to an organization’s risk appetite and design strategies according to today’s frameworks, policies and controls.
Learn more about the CySA+ domains.
Why should I get the CySA+?
If you have a few years of IT experience and you’ve decided cybersecurity is the career path for you, the CySA+ is a great option. It’s considered an intermediate-level designation and a step beyond the CompTIA Security+ certification.
It’s very popular among cybersecurity analysts who seek to demonstrate their skills in effectively defending an organization from relentless cybercriminals.
CompTIA director of products Patrick Lane explains cybersecurity analysts are most often employed “in a security operations center (SOC) using behavior analytic tools to try to find the attacks that come in from the pentesters who are legal hackers.”
What is the current CySA+ version?
CS0-001 vs CS0-002
The CySA+ exam was updated in April 2020 and six primary changes were made. One big change is the combination of threat and vulnerability management into one objective, rather than two separate objectives, with a shift from basic cybersecurity principles to comprehensive analysis.
“As cybersecurity becomes more complicated, many of the basic threat and vulnerability management skills [went] down to the Security+ certification and [now] more of the analysis is covered in the CySA+,” says Lane.
Another point of differentiation from the previous CSO-001 exam is the added focus on software vulnerabilities (not just systems) and continuous monitoring through a security operations center (SOC).
CySA+ exam FAQs
The cybersecurity analyst CySA+ certification exam was re-released in April 2020. With a focus on the ability to capture, monitor and respond to network traffic findings as well as software and systems security, the designation covers skills used by today’s busy cybersecurity analysts. Here’s what you should know about the current CySA+ exam CSO-002:
-
What is the CySA+ exam outline and structure?
The CySA+ exam required for certification has a maximum of 85 questions and test-takers have 165 minutes to complete the exam. The passing score is 750 (on a scale of 100-900).
The exam includes two types of questions: performance-based questions, which involve performing a task or solving a problem, and multiple choice. Read our CompTIA CySA+ exam article for more information.
-
How hard is the CySA+ exam?
Like most certification exams, the degree of difficulty for CySA+ test-takers will vary from person to person. The updated exam tests on today’s cybersecurity technologies. It is considered an intermediate professional certification, and the passing score is 750/900.
CompTIA recommends CySA+ certification candidates first earn the CompTIA Network+ and Security+ certification and have 3-4 years of work experience.
-
How do you take the CySA+ exam?
You can take the CySA+ exam at a Pearson VUE testing center or OnVUE, the online proctoring service for Pearson VUE.
To register for either an in-person or online exam, you’ll need to go to the CompTIA website, create an account and purchase an exam voucher. You can schedule your exam, and all exam details will be shared with you via that account. If you’re taking the in-person test, you will need to bring two forms of identification.
You’ll find more information on the Pearson VUE CompTIA page.
-
How much does the CySA+ exam cost?
The CompTIA CySA+ certification costs vary based on location. Prices are outlined below:
- U.S.: $381
- Emerging market currency: 213
- Great Britain currency: GBP 226
- EURO currency: EURO 344
- Japan currency: JPY 43,469
- Australia currency: AUD 515
- South Africa currency: ZAR 2,928
The most up-to-date pricing for CompTIA exams can be found on the CompTIA website.
-
How to pass the CySA+ exam?
To pass the CySA+ exam, you must earn 750 points out of 900 points. The exam has 85 questions.
CompTIA recommends CySA+ certification candidates earn the CompTIA Network+and Security+ certifications and have at least 3-4 years of work experience.
Pass rates vary depending on an individual’s experience, study habits and test-taking strategies. Infosec partners with CompTIA to offer a CySA+ Boot Camp that comes with an Exam Pass Guarantee, which means if you don’t pass the exam on your first attempt, you’ll get a second exam attempt at no cost to you.
Additional free and paid training resources are listed below.
-
How long does the CySA+ certification last?
To keep your CySA+ certification up to date, you must renew it every three years. Several activities and training programs that offer continuing education units can help you renew.
For more information check our CySA+ renewal requirements article.
-
How do I earn CPEs and renew my CySA+?
To renew your CySA+ certification, you’ll have to earn continuing education units (CEUs). Over three years, you’ll need to earn a total of 60 and then upload them to your certification account.
You can earn CEUs via a single activity or collect credits individually over time.
Single activity options for CySA+ include:
- Earn the CompTIA’s Complete CertMaster CE
- Earn additional CompTIA certifications
- Earn non-CompTIA IT industry certifications
- Pass the latest release of your CompTIA exam
Multiple activity renewal options for CySA+ include:
- Attend webinars and conferences
- Complete courses
- Create instructional materials
- Publish blogs, whitepapers or books
- Teach, mentor or gain work experience
For the full list of ways to renew your certification, see CompTIA’s website.
You will also need to pay a continuing education renewal fee. The fee comes out to $50 a year or $150 for the three-year cycle.
Free and self-study CySA+ materials
Studying for the CySA+ exam is the best way to prepare yourself to earn a passing grade. Luckily, there are tons of helpful CySA+ resources. Before you start scouting out the best training resources, we recommend taking a look at the official CySA+ exam outline since it will shed light on what topics you’ll need to study.
CySA+ study guides and CySA+ books
A number of study guides and books are available to help you prepare for the CySA+ exam. You can find them at your local library or book store, or at online stores like Amazon and elsewhere. A few of the most popular are:
- Official CompTIA CySA+ Self-Paced Study Guide (CS0-002) by James Pengelly
- CompTIA CySA+ Study Guide Exam CSO-002 by Mike Chapple and David Seidl (Sybex)
- CompTIA CySA+ Cybersecurity Analyst Certification All-in-One Exam Guide, Second Edition (Exam CS0-002) by Brent Chapman and Fernando Maymi (McGraw Hill)
Infosec has also created a number of free videos on different analyst careers.
CySA+ practice exams and simulations
Practice exams are a great way to gauge your exam readiness. There are even free CySA+ exam dumps that can be found, although it’s against CompTIA policy to disclose the actual exam questions being used. A few of the most popular CySA+ practice question options are listed below:
- CompTIA CertMaster Practice for CySA+ Training
- CompTIA CySA+ Practice Tests: Exam CSO-002 by David Seidl (Sybex)
- CompTIA CySA+ Cybersecurity Analyst Certification Practice Exams (Exam CS0-002) by Kelly Spark (McGraw Hill)
- CompTIA CySA+ CSO-002 Practice Lab (Boson)
In addition to these options, many CySA+ training courses and content include practice questions. For example, Infosec Skills CySA+ training includes a customizable practice exam with 150 questions.
Other free CySA+ training resources
There are a number of other free CySA+ training materials being produced and shared by the community:
- Forums like TechExams and Reddit allow you to connect directly with others who are studying for or have already taken the CySA+.
- YouTube is another great place to connect with cybersecurity practitioners and learn about the CySA+ exam. Although most CySA+ courses cost money, there are numerous free CySA+ videos available to watch, including our CySA+ exam webcast with CompTIA’s Patrick Lane.
- Podcasts may not help you directly study for your CySA+ exam, but those like the Cyber Work Podcast are a great way to learn about cybersecurity career options and your peers’ career journeys.
CySA+ jobs and careers
Cybersecurity analysts are in high demand. According to the Bureau of Labor Statistics, the job outlook for these professionals is forecast to grow 33% faster than average. The CySA+ certification is a good way to set yourself apart from other candidates and succeed in a fast-growing field.
-
What does a CySA+ do?
The CySA+ certification validates your skills in cybersecurity analysis. According to CompTIA, these are some of the more popular job titles CySA+ certified people hold:
- Cybersecurity analyst
- Threat intelligence analyst
- Security engineer
- Application security analyst
- Incident response or handler
- Compliance analyst
- Threat hunter
If you aspire to a more senior-level, specialized cybersecurity position, the CySA+ certification is an essential stepping stone in your pathway forward.
-
Is CySA+ worth it?
The CySA+ is one of three cybersecurity certifications offered by CompTIA after their “core” certifications. For intermediate-level cyber professionals, it’s an important proof point for those seeking career advancement in cybersecurity.
Most U.S. Department of Defense (DoD) organizations must be in compliance with directive 8140 which means that DoD information assurance and cybersecurity personnel must obtain one of a few pre-approved certifications. CompTIA CySA+ is on this list.
Want to learn more about your job options? Take a look at our CySA+ overview article for more information.
-
What is the CySA+ average salary?
CompTIA CySA+ certification is designed for professionals with mid-level experience. This is reflected in the national average salary data for popular CySA+ jobs.
According to Glassdoor:
- Security analyst $99,275
- Threat intelligence analyst $76,734
- Security engineer $111,691
- Application security analyst $93,176
- Incident response or handler $75,859
- Compliance analyst $84,570
- Threat hunter $167,884
Comparatively, Salary.com has a similar average salary for these positions: $83,493.
Read our CySA+ salary article for more information.
-
How many people have CySA+?
Since CompTIA introduced its entry-level A+ certification in 1993, more than 2 million people have been CompTIA certified. The CySA+ is one of three cybersecurity certifications the non-profit offers and while the precise number of CySA+ designation holders is not known, CompTIA is well respected by many hiring managers and the CySA+ is has become quite popular since its release in 2017.
-
Where can I find CySA+ jobs?
CySA+ is a requested certification in job listings, and general job boards like Indeed, Monster, Glassdoor, LinkedIn and CareerBuilder all allow you to search by keywords like “CompTIA CySA+” or related job titles for open roles.
There are also cybersecurity-specific job boards, such as ClearedJobs, infosec-jobs.com and others. Another great way to find CySA+ job openings is by joining local and national cybersecurity groups — such as ISSA, or Women in Cybersecurity — joining local meetups or engaging in other cybersecurity forums and websites.
To prepare for your job interview, download our free ebook of cybersecurity interview tips, “How to stand out, get hired and advance your career.”
Paid CompTIA CySA+ training and exam prep
When it comes to preparing for the CySA+ exam, you can choose to train yourself with books and free resources, or you can find a paid course. Most CySA+ courses fall into two categories: live online CySA+ boot camps or on-demand CySA+ courses where you go at your own pace.
Live CySA+ boot camps
A CySA+ boot camp provides days of in-depth instruction from an expert instructor. For example, Infosec partners with CompTIA to provide a five-day CySA+ Boot Camp that you can take live online or in person. There are a number of other training providers that offer similar options.
The benefits of a live CySA+ Boot Camp include:
- Live training and Q&A: Learning from an expert cybersecurity practitioner who knows the pitfalls of previous CySA+ test takers is a proven way to both build your knowledge and ensure you’re ready to pass the exam on your first attempt.
- Complete training package: Most CySA+ boot camps come with everything you need: instruction, exam vouchers, books, practice exams and labs. Training with a live instructor is more expensive, so when shopping around, be sure you know what’s included in your purchase — and what you’ll have to pay extra for.
- Improved pass rates: Boot camp providers like Infosec stand by their training with an Exam Pass Guarantee. That means if you fail your exam on your first attempt, you’ll get a second attempt to pass — for free.
Self-paced CySA+ training
If you’re not in a hurry to earn your CySA+, the go-at-your-own-pace model such as Infosec’s CySA+ Skills training can be a great (and more affordable) option. These types of courses usually consist of a number of pre-recorded videos, along with practice exams and labs or exercises you can do on your own to reinforce the material.
The benefits of on-demand CySA+ training include:
- Train when you want: You’re in charge of your training schedule, whether that’s daily on your lunch break or cramming all weekend long. For further motivation, you can join a study group or connect with others who are preparing for the exam.
- Build an individual training plan: Don’t waste time learning what you already know. Since you’re not tied to a group, you can spend more time focused on the areas you need to learn most.
- Prepare at your own pace: With on-demand training, you can take your time preparing for your CySA+. Just don’t go too slow! Studies show you can quickly forget the information you’re studying — unless you’re actively using it or reviewing it.
CySA+ comparisons and alternatives
CySA+ is a popular mid-level cybersecurity certification, but it’s not the only one. Depending on your career goals, you may wish to explore alternative options. Check out these articles to learn more:
- CySA+: Comparable certifications (SSCP, GSEC): What’s the next step in your career ladder? Choose the cert that aligns with where you are now and where you want to be.
- 7 top security certifications you should have: What about certs like CISSP, CISA and CISM?
- A security pro’s guide to CompTIA certifications: Whether you know nothing about computers or are pro with 10 years of experience, CompTIA provides a career path you can jump into and follow.
- Vendor-specific vs. vendor-neutral certifications: Confused about vendor-neutral vs. vendor-specific IT and cybersecurity certifications? We break them down in detail.
