by Debra B. McCraw | Mar 27, 2017

04920 CySA ImageWe’ve been getting a lot of questions about our new CompTIA Cybersecurity Analyst (CySA+) exam, and we want to make sure you have the answers you need to decide whether or not it’s right for you. In this post, we’re answering some of your biggest questions.

Preparing for the Exam

What study materials and training are available for CySA+?

Because CySA+ is a new exam, new materials are constantly being developed and released. That said, there are already some available, so you can begin preparing!

To find study materials:

  • Go to the CySA+ page.
  • Click on Preparation.
  • Select Training Materials or Classroom Training, depending on how you learn best.
  • If you select Training Materials, leaving the Media Type open rather than selecting a specific type will provide you with the most robust list of materials available.
  • If you don’t find something that meets your needs, check back frequently or sign up for email alerts about product updates. (Complete the “Get Sample Questions and Exam Objectives” form on the right-hand side of the page. You can also use the sample questions and exam objectives to prepare for the exam.)

How long will it take the average engineer to study for the exam?

The time needed to study will depend on your experience. Instructor-led training programs for CySA+ are usually five days (35 to 40 hours).

Sign up to receive a discount on CertMaster or an exam voucher Will there be CertMaster for CySA+?

Yes, it's slated to be released by the end of June 2017.

What to Expect from the Exam

Does the exam include hands-on evaluation?

Yes, the exam includes performance-based questions as well as multiple choice questions. Some of our beta testers reported that answering the performance-based questions took them about one-third of the exam time.

What tools should candidates be familiar with in order to take the exam?

Candidates should know Wireshark, Bro and/or Snort at the very least.

Does the CySA+ exam cover aspects related to security analytics, data visualization, etc.?

Our research has shown security analytics is a broader term that includes threat management, vulnerability management, intrusion detection and response, and tools. For example, data visualization occurs in the threat management domain, as network reconnaissance tools and techniques are covered. 

Do I need to know a programming language for this exam, and if so, which one(s)?

It depends on your situation. XML is used to create the drivers in the AlienVault security information and event management (SIEM) platform, for example, and can be customized. However, your primary job is to identify vulnerabilities introduced on the network as a result of poor programming in languages like C and C++, which are harder to secure.

Comparing CySA+ to Other Certifications

I have CompTIA A+ and CompTIA Network+. Can I go straight to CySA+ instead of getting CompTIA Security+?

You can, but it’s not recommended. The CompTIA Cybersecurity Career Pathway shows how each certification builds on the previous one, and skipping Security+ could leave a gap in your baseline cybersecurity skills. We recommend having a minimum of three to four years of hands-on information security or related experience before taking the CySA+ exam.

Why is CySA+ a separate certification rather than an enhancement of Security+?

CySA+ includes more analytics with a different focus to address the growing specialization in cybersecurity. Security+ is a baseline of general cybersecurity knowledge and skills.

Will Security+ be updated to reflect the addition of CySA+?

Yes, the next Security+ exam will be released in October 2017 and will refocus on baseline cybersecurity skills. Trends indicate that cybersecurity jobs are becoming more specialized at the intermediate level, thus CySA+ will cover intermediate security analyst skills and Security+ will cover the baseline, entry-level skills.

How much does CySA+ overlap with CASP?

About 25 to 30 percent of the content overlaps, mainly under the topics of intrusion detection and vulnerability management.

How does CySA+ compare to other popular cybersecurity certifications?

CySA+ differs from others on the market because it’s a mid-level certification that focuses on security analytics for the security analyst job role. Many other certifications out there don't go into as much detail with analytics. CySA+ also focuses on defense, or “blue team,” cybersecurity skills rather than offense, or “red team,” skills.

Continuing Education (CE) and Renewal

How long is CySA+ good for, and how can it be renewed?

As with many CompTIA certifications, CySA+ is good for three years. We have a number of renewal options available and will be rolling out an enhanced CE program in the coming months. You can learn more in the CE section of the website.

I need to renew my Security+ certification. If I pass CySA+ or CompTIA Advanced Security Practitioner (CASP), will that renew it?

Yes, CySA+ and CASP both renew Security+, since they are considered higher-level certifications.

CySA+ and the Department of Defense (DoD)

Will CySA+ be approved by the DoD for 8570 requirements? If so, is there a date when you expect to receive approval?

CySA+ is ISO/ANSI 17024 accredited and is awaiting approval by the U.S. Department of Defense (DoD) for directive 8140/8570.01-M requirements. The DoD has approved CySA+ under 8570 as of October 2017.

For more information on CySA+ and to receive updates, check out the ​CySA+ home page and download the Sample Questions and Exam Objectives.


  • Casey

    Thursday, August 10, 2017

    What is the status of the DoD approval for the CSA+ certification? Although CompTIA was expecting to hear something back this last spring, there doesn't seem to be an update.

  • Patrick Lane

    Thursday, August 10, 2017

    Hello All, Here is an update on CSA+ 8570 approval: It has been preliminarily approved, but must go through a mapping by SOLID, a third party that maps the CSA+ objectives to the 8570 job tasks. The SOLID review began on August 1st and could last from 1 to 5 months. It is our hope the process goes quicker and CSA+ can be available for our soldiers and government contractors as soon as possible. I'll provide an update when I hear something. Patrick

  • Norman Lynch

    Thursday, August 31, 2017

    what if I am getting my undergrad in cybersecurity can I skip the Security+ and go straight to the CSA+?

  • Thursday, August 31, 2017

    Hi, Norman! We recommend two years of hands-on experience to take Security+ and three to four years of hands-on experience to take CSA+. To see where your skills are at, you can download the exam objectives and sample questions. If you think you might be close, CertMaster can help you prepare: Good luck!

  • Curtis Grogins

    Friday, September 8, 2017

    What is the value of choosing CSA+ over CEH?

  • Patrick Lane

    Sunday, September 10, 2017

    Hello Curtis, great question. Both CSA+ and CEH are intermediate-level IT workforce certifications. However, the certification you choose depends on your end goal. In general, CSA+ focuses on defense, or “blue team,” cybersecurity skills. CEH focuses on offense, or “red team,” skills. CompTIA is developing a red team, offensive certification called "CompTIA Penetration Tester (CPT+)" for release Q3 2018. It will include performance-based questions and the latest techniques in mobile environments. The beta exam takes place Q1 2018, so stay tuned. We'll need pen testers and vulnerability assessment and management IT pros to take it. Thank you for the question.

  • Patrick

    Sunday, September 24, 2017

    Hi Patrick, exciting news about the CPT. I want to go the security route and have been looking at CSA once I complete S+. I wanted to take CEH initially but with CPT coming I am thinking of staying the Comptia route. If I took CSA and CPT because they both intermediate levels would both need to be renewed separately or would the latest of the 2 renew the other. I think it would be beneficial to be able to do both so you able to preempt threats from both perspectives.Thanks in advance.

  • Patrick Lane

    Monday, September 25, 2017

    Thanks for the message, Patrick. We are very excited about the upcoming Q3 2018 release of the CompTIA Penetration Tester (CPT+) exam. It will be taken at Pearson VUE testing centers and will include performance-based questions and multiple-choice questions for penetration testing and vulnerability assessment and management (the only one of its kind at a secure Pearson VUE testing center). As you mentioned, both CPT+ and CSA+ cover intermediate-level cybersecurity skills (CPT+ = offense and CSA+ = defense). Therefore, they cannot renew one another. Here's what it will look like: CASP (renews all below), CPT+ (renews Security+ and below), CSA+ (renews Security+ and below), Security+ (renews below), Network+ (renews below), A+ (it starts here) Great question. Have a good day! -Patrick

  • Jeff Wilson

    Monday, September 25, 2017

    Why doesn't CertMaster include performance based questions?

  • Tuesday, September 26, 2017

    Hi, Jeff! Thanks for your feedback. The CertMaster tool is designed to cover the exam objectives and help you learn the key concepts based on a unique “questions-first” learning model. We are working on providing performance-based questions in a future release. Thanks for your support of CompTIA.

  • Davon

    Tuesday, November 7, 2017

    I am a desktop support technician trying to get into the cyber security field and I am hoping that getting this certification will do that for me. Do you believe that the book alone is enough to pass the exam?

  • Tuesday, November 7, 2017

    Hi, Davon! Everyone learns differently, and only you can decide what study method works best for you. Because CSA+ has a large hands-on component, you will at the very least want to combine hands-on experience or practice with your book learning. This article and quiz may help you figure out what is best for you: Good luck!

  • juni

    Sunday, December 24, 2017

    can i am eligible for CSA+ certification directly, I cleared CCNA

  • Tuesday, January 2, 2018

    Hi, Juni! There are not eligibility requirements for CSA+, but we recommend candidates have 3-4 years of hands-on cybersecurity experience before taking the exam.


    Sunday, February 4, 2018

    Hi I want take exam of CySA+ in middle east , Saudi Arabia Location , where can I apply for the Exam , Please Help

  • Tuesday, February 6, 2018

    Hi, Abdullah! You don't need to apply for the exam. Simply buy your voucher and schedule a time with the testing center: Good luck!

  • Tracy Moss

    Wednesday, March 7, 2018

    I have a bachelors degree in Criminal Justice. I want to become a security analyst. What test is recommended?

  • Thursday, March 15, 2018

    Hi, Tracy! It depends on how much IT experience you have. If you are brand new to IT, CompTIA A+, CompTIA Network+ and CompTIA Security+ will give you a solid foundation of knowledge for a cybersecurity career. Check out the CompTIA Cybersecurity Pathway to see what make sthe most sense for you. Good luck!

Leave a Comment

Boost your Career with a Certification

Find out more about our Certifications

How to get Certified

4 Steps to Certification

Already certified? Let us and others know!

Share Your Story