The CompTIA Cybersecurity Analyst (CSA+) certification is a vendor-neutral IT professional certification that validates knowledge and skills required to configure and use threat detection tools, perform data analysis, interpreting the results to identify vulnerabilities, threats and risk to an organization with the end goal of securing and protecting applications and systems within an organization.

Wondering what it’s like to take a CompTIA exam?

See examples of question structure

Still need convincing why you should be CompTIA certified?

Learn more about the benefits of certifications

Overview

Coming soon! Final exam to be released on February 15, 2017. The CSA+ beta exam registration is closed. If you took the beta exam, your pass/fail results will be sent directly from Pearson VUE when the exam is released. Thank you for taking the beta and helping CompTIA further define IT workforce skills in security analytics.

The CSA+ certification applies behavioral analytics to the IT security market to improve the overall state of IT security. Analytics have been successfully integrated in the business intelligence, retail and financial services industries for decades. Analytics are now applied to IT security.

Cybersecurity analytics greatly improves threat visibility across a broad attack surface by focusing on network behavior, including an organization’s interior network. Threats are better detected using analytics. CSA+ is a vendor-neutral IT professional certification and the recommended first professional-level certification for IT security-analyst professionals.

CompTIA Cybersecurity Certification Path

CSA+ creates a vendor-neutral certification path from Security+ to CASP, as shown in Figure 1.
CSA_Path_Figure1_1

*The Figure 1 certification path is based on years of recommended experience: Security+ 2 years; ​CSA+ 3-4 years; and CASP 5-10 years.

Performance-Based Assessment

The performance-based CSA+ exam will include hands-on simulations. These simulations require test-takers to perform security analyst job tasks during the exam. To prepare for these performance-based assessments, trainers, educators and publishers should emphasize open-source analytics tools and teamwork. Use net wars or cyberwarfare scenarios with red teams as pen testers, white teams as security analysts, and blue teams as incident responders.

Software

Security analysts require hands-on experience. Training must include virtual labs and software tools. Table ​1 shows common open source tools used by security analysts, as determined by the security analysts that participated in the job task analysis workshop.

Table ​1 software may or may not appear on the exam. It is listed so that readers may better understand the job role.

Open Source Software Description URL
Wireshark Network protocol analyzer / packet capture tool https://www.wireshark.org
Bro and/or Snort Network intrusion detection systems (NIDS) https://www.bro.org
https://www.snort.org
AlienVault Open Source SIEM (OSSIM) with Open Threat Exchange [OTX]) Security Information and Event Management (SIEM) software https://www.alienvault.com/products/ossim

Table ​1: Common Open Source Software Tools for Security Analysts

Certification Development

As of August 15, 2016, the CSA+ certification had been reviewed by nearly 2,200 security analysts and/or IT pros, including those who took the beta exam. It has received feedback from organizations and partners across the globe to reach its current status. The content in this page may change based on the results of the CSA+ beta exam.

Key Job Roles

Security Analyst

Security Operations Center (SOC) Analyst

Vulnerability Analyst

Cybersecurity Specialist

Threat Intelligence Analyst

Security Engineer

Plan Your Career Path

Exam Details

Coming soon! Final exam to be released on February 15, 2017. The CSA+ beta exam registration is closed. If you took the beta exam, your pass/fail results will be sent directly from Pearson VUE when the exam is released. Thank you for taking the beta and helping CompTIA further define IT workforce skills in security analytics.

Get Sample Questions and Exam Objectives
I'm interested in receiving:

Being back in the job market, I realized how important these certifications are.

Paul Richard,
IT manager, Tacoma Park Silver Spring Food Co Op

Next Steps

Sample Questions

Wondering what it’s like to take a CompTIA exam?

See examples of question structure

Sample Questions

Still need convincing why you should be CompTIA certified?

Learn more about the benefits of certifications

WhichCertification-Solid
Roadmap