CompTIACS0-003

CySA+

Threat intel, vulnerability management, incident response.

Questions

85

Time limit

165 min

Passing score

750 / 900

Format

MCQ + PBQs

About this exam

What is CySA+?

CompTIA CySA+ targets the intermediate cybersecurity analyst role. CS0-003 covers security operations, vulnerability management, incident response & management, and reporting & communication. The exam emphasises hands-on analysis — log correlation, threat hunting, and forensic basics.

Prerequisites

Security+ recommended plus 4 years of hands-on security experience. Solid Linux + Windows admin skills required for the lab-style questions.

Career outcomes

Cybersecurity Analyst (Tier 2/3)Threat Intelligence AnalystIncident Response AnalystVulnerability Analyst
Exam blueprint

What the exam covers

Five focus areas with the weight each domain carries on the real exam. We have practice questions and PBQs for every domain.

Security Operations

Monitoring, threat hunting, log analysis, SIEM correlation.

33%

Vulnerability Management

Scanning, prioritization, remediation, validation.

30%

Incident Response & Management

Detection, containment, eradication, recovery, lessons-learned.

20%

Reporting & Communication

Reporting findings, stakeholder communication, metrics.

17%
On cert2hire

How we'll get you to pass

Curated MCQs

Hundreds of CySA+ MCQs aligned to every objective. Filter by domain, difficulty, or take a full timed exam.

6 PBQ simulation types

Firewall configs, log analysis, terminal investigations, network configs, drag-drops, troubleshoot wizards — exam-realistic.

Video lessons by domain

Walkthroughs for each CySA+ domain. Watch, then quiz yourself.

AI tutor on every question

Stuck? Ask the AI tutor. It's grounded in this cert's objectives, not generic web answers.

Flashcards with spaced repetition

AI-generated decks for each domain. Review the cards you keep getting wrong.

Per-domain analytics

See exactly which CySA+ domains need more work. Stop guessing what to study.

Suggested plan

A study path that works

Based on what we've seen work for CySA+ candidates. Adjust to your pace — most people land between 4 and 10 weeks.

1

Week 1–3

Security ops + log analysis (heaviest domain). Use our terminal-style PBQs.

2

Week 4–5

Vulnerability management — scanning tools, scoring (CVSS), prioritisation.

3

Week 6

Incident response playbooks + practice exams.

4

Week 7

Reporting & communication. Write up a few incident reports.

FAQ

CySA+ — questions we hear a lot

Is CySA+ harder than Security+?

Yes — CySA+ is intermediate. The exam is longer (165 min vs 90), the PBQs are more demanding, and you need real analysis skills, not just memorised concepts.

Does CySA+ count for DoD 8570 / 8140?

Yes — CySA+ is baseline approved for CSSP Analyst, Infrastructure Support, Incident Responder, and Auditor.

Often paired with

Related certifications

CompTIA

Security+

SY0-701

Threats, architecture, vulnerabilities & incident response.

Learn more

CompTIA

PenTest+

PT0-003

Planning, attacks, exploits & reporting.

Learn more

Cisco

CyberOps Associate

200-201

Security monitoring, host analysis, network intrusion.

Learn more

Ready to start your CySA+ prep?

50 free credits on signup. No credit card. Cancel anytime.

50 free creditsNo credit cardCancel anytime