by Debra B. McCraw | Mar 27, 2017

04920 CySA ImageWe’ve been getting a lot of questions about our new CompTIA Cybersecurity Analyst (CySA+) exam, and we want to make sure you have the answers you need to decide whether or not it’s right for you. In this post, we’re answering some of your biggest questions.

Preparing for the Exam

What study materials and training are available for CySA+?

Because CySA+ is a new exam, new materials are constantly being developed and released. That said, there are already some available, so you can begin preparing!

To find study materials:

  • Go to the CySA+ page.
  • Click on Preparation.
  • Select Training Materials or Classroom Training, depending on how you learn best.
  • If you select Training Materials, leaving the Media Type open rather than selecting a specific type will provide you with the most robust list of materials available.
  • If you don’t find something that meets your needs, check back frequently or sign up for email alerts about product updates. (Complete the “Get Sample Questions and Exam Objectives” form on the right-hand side of the page. You can also use the sample questions and exam objectives to prepare for the exam.)


How long will it take the average engineer to study for the exam?

The time needed to study will depend on your experience. Instructor-led training programs for CySA+ are usually five days (35 to 40 hours).

Sign up to receive a discount on CertMaster or an exam voucher Will there be CertMaster for CySA+?

Yes, it's slated to be released by the end of June 2017.

What to Expect from the Exam

Does the exam include hands-on evaluation?

Yes, the exam includes performance-based questions as well as multiple choice questions. Some of our beta testers reported that answering the performance-based questions took them about one-third of the exam time.


What tools should candidates be familiar with in order to take the exam?

Candidates should know Wireshark, Bro and/or Snort at the very least.


Does the CySA+ exam cover aspects related to security analytics, data visualization, etc.?

Our research has shown security analytics is a broader term that includes threat management, vulnerability management, intrusion detection and response, and tools. For example, data visualization occurs in the threat management domain, as network reconnaissance tools and techniques are covered. 


Do I need to know a programming language for this exam, and if so, which one(s)?

It depends on your situation. XML is used to create the drivers in the AlienVault security information and event management (SIEM) platform, for example, and can be customized. However, your primary job is to identify vulnerabilities introduced on the network as a result of poor programming in languages like C and C++, which are harder to secure.

Comparing CySA+ to Other Certifications

I have CompTIA A+ and CompTIA Network+. Can I go straight to CySA+ instead of getting CompTIA Security+?

You can, but it’s not recommended. The CompTIA Cybersecurity Career Pathway shows how each certification builds on the previous one, and skipping Security+ could leave a gap in your baseline cybersecurity skills. We recommend having a minimum of three to four years of hands-on information security or related experience before taking the CySA+ exam.


Why is CySA+ a separate certification rather than an enhancement of Security+?

CySA+ includes more analytics with a different focus to address the growing specialization in cybersecurity. Security+ is a baseline of general cybersecurity knowledge and skills.


Will Security+ be updated to reflect the addition of CySA+?

Yes, the next Security+ exam will be released in October 2017 and will refocus on baseline cybersecurity skills. Trends indicate that cybersecurity jobs are becoming more specialized at the intermediate level, thus CySA+ will cover intermediate security analyst skills and Security+ will cover the baseline, entry-level skills.


How much does CySA+ overlap with CASP?

About 25 to 30 percent of the content overlaps, mainly under the topics of intrusion detection and vulnerability management.


How does CySA+ compare to other popular cybersecurity certifications?

CySA+ differs from others on the market because it’s a mid-level certification that focuses on security analytics for the security analyst job role. Many other certifications out there don't go into as much detail with analytics. CySA+ also focuses on defense, or “blue team,” cybersecurity skills rather than offense, or “red team,” skills.

Continuing Education (CE) and Renewal

How long is CySA+ good for, and how can it be renewed?

As with many CompTIA certifications, CySA+ is good for three years. We have a number of renewal options available and will be rolling out an enhanced CE program in the coming months. You can learn more in the CE section of the website.


I need to renew my Security+ certification. If I pass CySA+ or CompTIA Advanced Security Practitioner (CASP), will that renew it?

Yes, CySA+ and CASP both renew Security+, since they are considered higher-level certifications.

CySA+ and the Department of Defense (DoD)

Will CySA+ be approved by the DoD for 8570 requirements? If so, is there a date when you expect to receive approval?

CySA+ is ISO/ANSI 17024 accredited and is awaiting approval by the U.S. Department of Defense (DoD) for directive 8140/8570.01-M requirements. The DoD has approved CySA+ under 8570 as of October 2017.

For more information on CySA+ and to receive updates, check out the ​CySA+ home page and download the Sample Questions and Exam Objectives.

24 Comments

  • Casey

    Thursday, August 10, 2017

    What is the status of the DoD approval for the CySA+ certification? Although CompTIA was expecting to hear something back this last spring, there doesn't seem to be an update.

  • Patrick Lane

    Thursday, August 10, 2017

    Hello All, Here is an update on CySA+ 8570 approval: It has been preliminarily approved, but must go through a mapping by SOLID, a third party that maps the CySA+ objectives to the 8570 job tasks. The SOLID review began on August 1st and could last from 1 to 5 months. It is our hope the process goes quicker and CySA+ can be available for our soldiers and government contractors as soon as possible. I'll provide an update when I hear something. Patrick

  • Norman Lynch

    Thursday, August 31, 2017

    what if I am getting my undergrad in cybersecurity can I skip the Security+ and go straight to the CySA+?

  • dmccraw

    Thursday, August 31, 2017

    Hi, Norman! We recommend two years of hands-on experience to take Security+ and three to four years of hands-on experience to take CySA+. To see where your skills are at, you can download the exam objectives and sample questions. If you think you might be close, CertMaster can help you prepare: https://certification.comptia.org/training/certmaster Good luck!

  • Curtis Grogins

    Friday, September 8, 2017

    What is the value of choosing CySA+ over CEH?

  • Patrick Lane

    Sunday, September 10, 2017

    Hello Curtis, great question. Both CySA+ and CEH are intermediate-level IT workforce certifications. However, the certification you choose depends on your end goal. In general, CySA+ focuses on defense, or “blue team,” cybersecurity skills. CEH focuses on offense, or “red team,” skills. CompTIA is developing a red team, offensive certification called "CompTIA Penetration Tester (CPT+)" for release Q3 2018. It will include performance-based questions and the latest techniques in mobile environments. The beta exam takes place Q1 2018, so stay tuned. We'll need pen testers and vulnerability assessment and management IT pros to take it. Thank you for the question.

  • Patrick

    Sunday, September 24, 2017

    Hi Patrick, exciting news about the CPT. I want to go the security route and have been looking at CySA once I complete S+. I wanted to take CEH initially but with CPT coming I am thinking of staying the Comptia route. If I took CySA and CPT because they both intermediate levels would both need to be renewed separately or would the latest of the 2 renew the other. I think it would be beneficial to be able to do both so you able to preempt threats from both perspectives.Thanks in advance.

  • Patrick Lane

    Monday, September 25, 2017

    Thanks for the message, Patrick. We are very excited about the upcoming Q3 2018 release of the CompTIA Penetration Tester (CPT+) exam. It will be taken at Pearson VUE testing centers and will include performance-based questions and multiple-choice questions for penetration testing and vulnerability assessment and management (the only one of its kind at a secure Pearson VUE testing center). As you mentioned, both CPT+ and CySA+ cover intermediate-level cybersecurity skills (CPT+ = offense and CySA+ = defense). Therefore, they cannot renew one another. Here's what it will look like: CASP (renews all below), CPT+ (renews Security+ and below), CySA+ (renews Security+ and below), Security+ (renews below), Network+ (renews below), A+ (it starts here) Great question. Have a good day! -Patrick

  • Jeff Wilson

    Monday, September 25, 2017

    Why doesn't CertMaster include performance based questions?

  • Tuesday, September 26, 2017

    Hi, Jeff! Thanks for your feedback. The CertMaster tool is designed to cover the exam objectives and help you learn the key concepts based on a unique “questions-first” learning model. We are working on providing performance-based questions in a future release. Thanks for your support of CompTIA.

  • Davon

    Tuesday, November 7, 2017

    I am a desktop support technician trying to get into the cyber security field and I am hoping that getting this certification will do that for me. Do you believe that the book alone is enough to pass the exam?

  • dmccraw

    Tuesday, November 7, 2017

    Hi, Davon! Everyone learns differently, and only you can decide what study method works best for you. Because CySA+ has a large hands-on component, you will at the very least want to combine hands-on experience or practice with your book learning. This article and quiz may help you figure out what is best for you: https://certification.comptia.org/it-career-news/post/view/2017/01/13/determine-your-learning-style-to-ace-your-comptia-certification-exam Good luck!

  • juni

    Sunday, December 24, 2017

    can i am eligible for CySA+ certification directly, I cleared CCNA

  • dmccraw

    Tuesday, January 2, 2018

    Hi, Juni! There are not eligibility requirements for CySA+, but we recommend candidates have 3-4 years of hands-on cybersecurity experience before taking the exam.

  • ABDULLAH ABU RASIN

    Sunday, February 4, 2018

    Hi I want take exam of CySA+ in middle east , Saudi Arabia Location , where can I apply for the Exam , Please Help

  • Tuesday, February 6, 2018

    Hi, Abdullah! You don't need to apply for the exam. Simply buy your voucher and schedule a time with the testing center: https://certification.comptia.org/testing/schedule-exam Good luck!

  • Tracy Moss

    Wednesday, March 7, 2018

    I have a bachelors degree in Criminal Justice. I want to become a security analyst. What test is recommended?

  • dmccraw

    Thursday, March 15, 2018

    Hi, Tracy! It depends on how much IT experience you have. If you are brand new to IT, CompTIA A+, CompTIA Network+ and CompTIA Security+ will give you a solid foundation of knowledge for a cybersecurity career. Check out the CompTIA Cybersecurity Pathway to see what make sthe most sense for you. Good luck! https://certification.comptia.org/it-career-news/post/view/2017/09/27/the-comptia-cybersecurity-career-pathway-employable-skills-found-here

  • Robert

    Tuesday, March 20, 2018

    Hello Everyone, If I have my CASP CE should I go for this cert as well? thank RJ

  • Tuesday, March 27, 2018

    Hi, Robert! Which certification to take varies from person to person. CompTIA Cybersecurity Analyst focuses on the skills needed to identify vulnerabilities and secure the network. About 25-30 percent of the content in CySA+ overlaps with CASP, so if you are looking to improve your analyst skills, CySA+ could be a good option. Good luck!

  • Shahwaz majeed

    Friday, March 30, 2018

    sir i have network plus and i have security plus i m doing ccna as well can i take this certificate ?

  • Monday, April 2, 2018

    Hi, Shahwaz! Everyone's career path and knowledge base are different, so it's up to you when you take CompTIA Cybersecurity Analyst. It's recommended that you have three to four years of hands-on cybersecurity experience before taking it. Download the exam objectives and practice questions to see if you're ready, and if you're not, what you need to work on before getting certified. Good luck! https://certification.comptia.org/certifications/cybersecurity-analyst#examdetails

  • Brock

    Wednesday, April 11, 2018

    I recently passed the CySA+ exam. However, when I received my PDF certificate, it said CSA+. Will the names ever be married up so there is only one name? Will I be issued a new certificate to reflect the new name?

  • Wednesday, April 11, 2018

    Hi, Brock! Thanks for your comment. We recently changed the acronym for CompTIA Cybersecurity Analyst from CSA+ to CySA+, and it's taking some time to get everything changed. Pearson VUE, Certmetrics and BFC will be updated by April 17, so in just a few days. At that time, anyone who has received the CSA+ fulfillment kit will be queued another one with the new acronym and logo, CySA+.

Leave a Comment

Boost your Career with a Certification

Find out more about our Certifications

How to get Certified

4 Steps to Certification

Already certified? Let us and others know!

Share Your Story