CompTIA Cybersecurity Analyst (CySA+) is an IT workforce certification that applies behavioral analytics to networks and devices to prevent, detect and combat cybersecurity threats through continuous security monitoring.

Why is it different?

  • CompTIA CySA+ is the only intermediate high-stakes cybersecurity analyst certification with both hands-on, performance-based questions and multiple-choice questions.
  • CySA+ focuses on the candidates ability to not only proactively capture, monitor, and respond to network traffic findings, but also emphasizes software and application security, automation, threat hunting, and IT regulatory compliance, which affects the daily work of security analysts.
  • CySA+ covers the most up-to-date core security analyst skills and upcoming job skills used by threat intelligence analysts, application security analysts, compliance analysts, incident responders/handlers, and threat hunters, bringing new techniques for combating threats inside and outside of the Security Operations Center (SOC).
  • About the exam

    As attackers have learned to evade traditional signature-based solutions, such as firewalls and anti-virus software, an analytics-based approach within the IT security industry is increasingly important for organizations. CompTIA CySA+ applies behavioral analytics to networks to improve the overall state of security through identifying and combating malware and advanced persistent threats (APTs), resulting in an enhanced threat visibility across a broad attack surface. It will validate an IT professional’s ability to proactively defend and continuously improve the security of an organization. CySA+ will verify the successful candidate has the knowledge and skills required to:

  • Leverage intelligence and threat detection techniques
  • Analyze and interpret data
  • Identify and address vulnerabilities
  • Suggest preventative measures
  • Effectively respond to and recover from incidents
  • CompTIA CySA+ meets the ISO 17024 standard and is approved by U.S. Department of Defense to fulfill Directive 8570.01-M requirements. It is compliant with government regulations under the Federal Information Security Management Act (FISMA). Regulators and government rely on ANSI accreditation because it provides confidence and trust in the outputs of an accredited program. Over 2.3 million CompTIA ISO/ANSI-accredited exams have been delivered since January 1, 2011.


    Behind two people at computers.

    What Skills Will You Learn?


    Threat and Vulnerability Management

    Utilize and apply proactive threat intelligence to support organizational security and perform vulnerability management activities


    Software and Systems Security

    Apply security solutions for infrastructure management and explain software & hardware assurance best practices


    Compliance and Assessment

    Apply security concepts in support of organizational risk mitigation and understand the importance of frameworks, policies, procedures, and controls


    Security Operations and Monitoring

    Analyze data as part of continuous security monitoring activities and implement configuration changes to existing controls to improve security


    Incident Response

    Apply the appropriate incident response procedure, analyze potential indicators of compromise, and utilize basic digital forensics techniques

    Organizations that have contributed to the development of CySA+


    Jobs that use CompTIA CySA+

    Security analyst

    -Tier II SOC analyst
    -Security monitoring

    Threat intelligence analyst

    Security engineer

    Application security analyst

    Incident response or handler

    Compliance analyst

    Threat hunter

    Exam Details

    Exam Codes
    Launch Date 
    April 21, 2020 
    Exam Description
    The CompTIA Cybersecurity Analyst (CySA+) certification verifies that successful candidates have the knowledge and skills required to leverage intelligence and threat detection techniques, analyze and interpret data, identify and address vulnerabilities, suggest preventative measures, and effectively respond to and recover from incidents. 
    Number of Questions
    Maximum of 85 questions
    Type of Questions
    Multiple choice and performance-based
    Length of Test
    165 minutes
    Passing Score
    750 (on a scale of 100-900)
    Recommended Experience
    Network+, Security+ or equivalent knowledge. Minimum of 4 years of hands-on information security or related experience. 
    English, Japanese, TBD - others 
    TBD – Usually three years after launch 
    Testing Provider
    Get Practice Questions and Exam Objectives
    I'm interested in receiving:

    CompTIA CySA+ CS0-002:
    What’s in this version

    The new exam has been updated to address industry changes, as well as the need for security analysts to focus on software security and be more proactive with their defense and threat intelligence. Security Analysts must also ensure their tasks comply to IT regulatory standards that affect their daily work. With the end goal of proactively defending and continuously improving the security of an organization, CySA+ will verify the successful candidate has the knowledge and skills required to:

  • Leverage intelligence and threat detection techniques
  • Analyze and interpret data
  • Identify and address vulnerabilities
  • Suggest preventative measures
  • Effectively respond to and recover from incidents
  • How Does CompTIA CySA+ Compare?


    EC-Council Certified Security Analyst (ECSA)
    GIAC Continuous Monitoring Certification (GMON)
    Certified Information Systems Auditor (CISA)
    Performance Based Questions

    Vendor Neutral
    Experience Level
    Exam Focus
    Security analytics, intrusion detection and response
    Pentesting Methodology
    Defensible security and continuous security monitoring
    Auditing and vulnerability assessment


    Exam Preparation

    CompTIA offers a wealth of certification training that is designed for exam success. Find out more and explore all training options.

  •  eLearning
  •  Virtual Labs
  •  Exam Prep
  •  Study Guides
  •  Video Training
  • Instructor-Led Training
  • eLearning with CompTIA CertMaster Learn for CySA+

    Train anywhere, anytime. Master all exam objectives through learning content that is enhanced with videos, flash cards and performance-based questions. Confirm your learning progress with an included practice test.


    Learn More

    Interactive Labs with CompTIA Labs for CySA+

    Supercharge your certification training with hands-on, browser-based virtual lab environments. Jump into the role of an administrator, complete basic to advanced tasks and quickly understand the impact of the system changes you make.


    Learn More

    Exam Prep with CompTIA CertMaster Practice for CySA+

    Go into your CySA+ certification exam with confidence. Adaptive exam preparation in this intelligent online training companion will reinforce what you already know and fill the gaps in areas you need to improve.


    Learn More

    Study Guides for CySA+

    Developed by CompTIA for the CompTIA certification candidate, Study Guides are available in print or eBook format and packed with informative and engaging content tied to exam objectives.



    Video Training with ITProTV for CySA+

    Together with our partner ITProTV, CompTIA offers videos moderated by CySA+ experts who explain the exam objectives of CySA+ in a talk show format that is easy to follow.


    Learn More

    Instructor-Led Training

    Whether you’re looking for in-classroom or live online training, CompTIA offers best-in-class instructor-led training for both individuals and teams. You can also find training among CompTIA’s vast network of Authorized Training Partners.


    Training for You   Training for Your Groups   CompTIA Training Partners 


    Keep your certification up to date with CompTIA’s Continuing Education (CE) program. It’s designed to be a continued validation of your expertise and a tool to expand your skillset. It’s also the ace up your sleeve when you’re ready to take the next step in your career.

    Get the most out of your certification
    Information technology is an incredibly dynamic field, creating new opportunities and challenges every day. Participating in our Continuing Education program will enable you to stay current with new and evolving technologies and remain a sought-after IT and security expert.

    The CompTIA Continuing Education program
    Your CompTIA CySA+ certification is good for three years from the date of your exam. The CE program allows you to extend your certification in three-year intervals through activities and training that relate to the content of your certification.

    It’s easy to renew
    You can participate in a number of activities and training programs, including higher certifications, to renew your CompTIA CySA+ certification. Collect at least 60 Continuing Education Units (CEUs) in three years and upload them to your certification account, and your CompTIA CySA+ certification will automatically renew.

    Want more details? Learn more about the CompTIA Continuing Education program.

    iconHowToRenew CySA+ can be renewed.


    CEUs needed for renewal

    Renew Now

    CompTIA Cybersecurity Analyst (CySA+) (CySA+ CS0-002) Purchase Options

    CompTIA Cybersecurity Analyst (CySA+) (CS0-002) Exam Voucher
    CompTIA Cybersecurity Analyst (CySA+) (CS0-002) Exam Retake
    eBook – The Official CompTIA CySA+ Self-Paced Study Guide (CS0-002)
    CompTIA CertMaster Practice for Cybersecurity Analyst (CySA+) (CS0-002)
    CompTIA CertMaster Integrated Learn + CompTIA Labs for CompTIA Cybersecurity Analyst (CySA+) (CS0-002)



    Basic Bundle



    Exam Prep Bundle



    eLearning Bundle




    Everybody in technology should have this [CySA+]. It should be mandatory if you’re going to stay in IT over the coming decade.

    Jim Lucari,
    Senior Manager, Certification Solutions Development, HP Enterprise

    We’re coming up on catastrophic conditions – if we’re not already there – in the labor market in terms of the gap between companies unable to find or breed (internally) or have sufficient talent available to them to do what they want to do.

    David Foote,
    Co-founder of IT employment research firm Foote Partners