The CySA+ exam is currently undergoing major changes. CompTIA estimates a 35% gap between the 2017 exam’s original release and the CS0-002 version. These changes more closely align the exam’s priorities with the skills required of today’s cybersecurity workforce. Analysts need to be able to predict what the updated version will look like.
CompTIA Cybersecurity Analyst is an intermediate-level workforce certification. According to the official website, it “applies behavioral analysis to networks and devices in order to prevent, detect, and combat cybersecurity threats.” It is generally a follow-up to the Security+ and Entry-level CompTIA Network+ certifications. CySA+ runs parallel with PenTest+. The former focuses on offensive “red teams,” while the latter is for defensive “blue teams” operations.
CompTIA allows for a six-month grace period to transition from the old version, which will be released in April 2020. Those who have already begun to prepare for the new version will still be able to pass the exam until October.
The test has a maximum of 85 questions. They are a mix of multiple choice and performance-based questions. Passing the test takes 165 minutes. It costs $359 USD.
Learn how to become a security expert with SPOTO’s Cybersecurity Training
Start training. CySA+ is certified to meet DoD 8570.01M requirements and meets the ISO 17024 standards.
Expect a harder CySA+ test
CompTIA asks that certification exams be updated every three years because of the changing security landscape. This allows employers to ensure that their employees have the right skills to do the job. The company conducted a beta test in preparation for the 2020 version’s launch.
All indications point to this version being more difficult than the previous iteration. Jason Dion, who took the beta exam, explained that version 2 is more difficult because it requires a more thorough approach to reading logs and performing analysis on the fly. He also made recommendations. His experience was that objectives were more complex and that simulations were also more in-depth.
Christine Smoley also found that it was necessary to have a greater understanding of all the combinations and options available for each command. Christine Smoley concluded that the exam was more “aligned” with her job experience. Anyone who is responsible for terminal output analysis or log analysis will likely be familiar with a lot of the exam material.
This was done to increase difficulty. CompTIA now recommends that you have four years of relevant experience, rather than the three years previously recommended. CompTIA explains that the exam is more difficult and professionals need to have more foundational knowledge in order to move on to security analytics.
This leads to two important questions. What changes did they make to their lives? Second, why did these changes occur?
Let’s see what happens.
Software Security: Change #1
The industry realized that software vulnerabilities pose major threats to workstations, networks, as well as the underlying infrastructure, since the 2017 release of the previous test. Software vulnerabilities are on the rise. Security analysts no longer have to worry about hardware and infrastructure.
The industry is adapting by paying more attention to security throughout the software development process and providing additional security education for developers. Security analysts are needed to determine if software is secure.
This resulted in the creation of a new job title, application security analyst. This position is responsible for mitigating software vulnerabilities and ensuring compliance with best practices for coding. CyS

CompTIA to Launch New CySA+ (CS0-002), in 2020