CompTIA’s New Cybersecurity Analyst (CSA+) Certification

December 26, 2016 | Views: 13414

Begin Learning Cyber Security for FREE Now!

FREE REGISTRATIONAlready a Member Login Here

In August I had the opportunity to take the CompTIA Cybersecurity Analyst+ (CompTIA CSA+) beta certification exam. CompTIA intends this to be a new vendor-neutral certification path between CompTIA’s Security+ and the CompTIA Advanced Security Practitioner (CASP). Similar to other CompTIA exams, this exam consists of both multiple choice and performance-based questions. My exam had a total of 103 questions and 5 of the questions were performance based. The total test time allotted for the beta exam was 165 minutes. CompTIA plans to release the final exam on February 15, 2017, so the makeup may be slightly altered when the exam is released to the public.

The performance based questions rely on the test taker’s ability to analyze snippets of log files and using that information to determine what is occurring within the network or with an external source. You could be faced with questions to review a scan and answer the questions (e.g. determine false positives and scan type), review network traffic/workstation/server logs to determine the host containing malware and the infected process. These are more detailed than the CompTIA Security+ performance based questions so prepare yourself and budget your time.

The multiple choice questions have the typical CompTIA wording flavor. The questions are to the point but remember to look for the specific keywords that are essential to answering the with the best answer. The multiple choice questions included but limited to Incident Response Management, Security Information and Event Management (SIEM), choose the correct open source tool invocation to perform a task, identify what has occurred based on a snippet of network traffic. The tools in the exam and log files are based on common open source software tools available to security analysts. CompTIA’s examples from their website include:

  • Open Source Software Description URL
  • Wireshark
  • Bro and/or Snort
  • AlienVault Open Source SIEM (OSSIM) with Open Threat Exchange [OTX])

We will need to wait and see if  CSA+ will be identified in the DoD 8570 or DoD 8140 Approved Certification list but ultimately it will be in CompTIA’s best interest if it is included. Security+ and CASP have IAT and IAM levels well covered so maybe it will fall in with the  CND-SP certifications.

This certification is intended for professionals with a couple of years of cyber analyst experience and hands-on tool experience. I found the beta exam to be refreshing and if the final is similar to the beta exam then I believe that CompTIA will have a decent exam for Cyber Security Analysts. Based on the beta exam, I recommend keeping eyes open for the release of the final exam when it is released in February 2017.

Share with Friends
Use Cybytes and
Tip the Author!
Share with Friends
Ready to share your knowledge and expertise?
  1. Does Cybrary provide the course for CompTIA CSA +?
    I’ve been looking for it for a while and it seems it is not.

    • I have not seen one but when I took the exam there also were also no study guides or books. I found that the the knowledge I have from Security+ in combination with the Penetration and Ethical Hacking course offered by Cybrary was sufficient to pass the exam. YRMV

  2. Get the book for now Sybex CSA. Just read all.. and inside the book are bonuses of other resources you can leverage. As of now we wish Cybrary has a lot of resources and tr that you can go through as part of CSA+

  3. Hey, I want to start preparing for this certification, can you suggest where should I start from? Any book or online training, anything is good.
    Thanks for sharing this, quite helpful.

  4. Thanks for the heads up, I am working towards to take the csa+

Page 2 of 2«12
Comment on This

You must be logged in to post a comment.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Support Cybrary

Donate Here to Get This Month's Donor Badge


We recommend always using caution when following any link

Are you sure you want to continue?