The CySA+ is quickly gaining recognition for being a great intermediate level cyber security certification, but there is still a lack of information out there. Before I took the certification, I had a lot of unanswered questions and didn’t know if taking the CySA+ would help my cyber security career.
Should I take the CySA+? The CySA+ is a great intermediate level cyber security certification to hold. If you are working in the cyber security field or looking to enter the field of cyber security as an analyst, the CySA+ is a great certification. The CySA+ will build your skills and get your resume read.
Is the CySA+ Right for You?
There are a lot of well-respected certifications out there, how do you know if the CySA+ is the right cert for your career path. We are doing to take a deep dive into the certification and answer some common questions and concerns
Is the CySA+ Difficult?
The CySA+ is not an easy exam. The exam questions require an in-depth understanding of the cyber security analyst role. But, with the proper study strategy and materials, the student can develop an understanding of the required material and have success on this exam.
Who is the CySA+ Intended For?
The CySA+ is specifically intended for professionals following the cyber security analyst path. The CySA+ covers the following objectives (domains).
- Threat Management
- Vulnerability Management
- Cyber Incident Response
- Security Architecture
If you are an experienced blue-teamer the CySA+ is the perfect exam for you. While this exam does cover some red team topics, if you are a red-teamer or are looking to getting into offensive security, the Pentest+ will be a better option for you.
According to CompTIA the CySA+ Covers the Following Job Roles:
- Security operations center (SOC) analyst
- Vulnerability analyst
- Cybersecurity specialist
- Threat intelligence analyst
- Security engineer
- Cybersecurity analyst
What is a cyber security analyst?
Security analysts are ultimately responsible for ensuring that the company’s systems and network are protected from unauthorized access. Security Analysts are at the front lines in defending their organization against cyber threats.
CySA+ Job Relevance
When I got the CySA+ and I was a SOC Analyst. This certification was very relevant to the work that I was doing and I used the skills that learned every day on the job.
If you are currently working as a cyber security analyst, a lot of the information on the exam will be familiar to you.
The best part of the CySA+ is its relevance to the job, unlike a lot of exams that are more based upon theory, the CySA+ asks hands-on tool based questions.
Hands-On Tool Based Questions
A lot of the exam consists of interesting the output of common tools and logs. This is where I see the most value In the certification. The CySA+ will not tell you everything you need to know about a specific tool, but it will help you become familiar with tools when you encounter them in the field.
For the CySA+, you will get exposure to tools like (just to name a few):
Like I said before, you don’t have to become a master at these tools, but the CySA+ will introduce you to them and ultimately will help you when you encounter the tools on the job.
What Topics Do the CySA+ Questions Cover?
- Identifying Threats
- Network Security Measures
- Understanding Response and Countermeasures
- Threats, Vulnerabilities, and Risk
- Foot printing and Recon
- Threats to Confidentiality, Integrity, and Availability
- Controls to secure networks and endpoints
- Evaluation of Security Controls
- Information Gathering (passive and active)
You can expect questions to cover a range of areas. The ones I have provided above cover most of what you can expect on the exam.
Remember, the best source of information for the content that is actually going to be on the exam are the official CompTIA exam objectives.
Do I Need the Security+ before the CySA+?
The CySA+ falls after the Security+ in CompTIA’s Certification Career Path. While this path is recommended by CompTIA, the Security+ is not a prerequisite for the CySA+. While, there are no requirements to take the CySA+, the Security+ material will help you pass the CySA+.
With so many certifications out there is can be hard to choose which one is right for your career path. It is important to weigh all of the options so you can devote your time and money towards the best certification for you.
If you are looking to get into security administration, the ISC2 Systems Security Certified Practitioner (SSCP) may be a better option for you.
If you are either a red-teamer, or looking to become a penetration tester the CompTIA Pentest+ will better serve your needs.
If you have the budget, the GIAC Continuous Monitoring (GMON) is a great certification for your resume. I have personally taken a SANS course and while they are very expensive, they provide you the highest quality information. The GMON or the GCDA may be the right certification for you if your employer is picking up the tab.
The CySA+ is specifically intended for professionals following the cyber security analyst path. Before committing to this exam, make sure it aligns with your goals.
CySA+ Expected Salary
The CySA+ will help you get a position as a Cyber Security analyst. Depending on the area where you live and your experience, a cyber security analyst salary can range from between $64,000 – $120,000. This is a wide range but location and experience are key factors in determining an analyst’s salary.
Will the CySA+ Look Good on My Resume?
The CySA+ is a great resume booster. The certification is still relatively new, but it is quickly proving to be a certification that recruiters are looking for. Recruiters know that candidates who possess this certification have a solid foundation in cyber security and are ready to take on important roles at the company.
Companies are rapidly looking for qualified professionals to fill the cyber security skills gap. The CySA+ tells employers that the candidate possesses up to date knowledge and that they are ready for action.
How Can You Best Prepare Yourself for the CySA+?
Everyone is different when it comes to studying methods, but here at Cyber Career School we have really honed in on the approach of utilizing 3 main study methods.
- Reading the Book
- Watching the Video
- Taking Practice Questions
While it sounds simple, this proven approach is effective for visual learners, auditory learners, kinesthetic learners, and reading / writing learners.
What Is the Best CySA+ Study Material?
The best book on the market right now is the Sybex CySA+ study guide. I really appreciated the deapth of the information in this book and especially the practice questions. Sybex makes some of the most best practice questions out there for this exam.
If you are like me and you burn through practice questions, you should consider getting the Sybex Practice Exam book. I studied these practice exams and did them all multiple times and it really helped in my final preparation. I ended up with a final score of 823!
For the video component of our study method, I recommend Pluralsight. Pluralsight makes some of the best video courses out there. This course really helped emphasize the material that I learned through reading the book.
One other bonus about Pluralsight is the fact that it’s one flat membership to access all of their course content. This means that when you have passed the CySA+ you can watch any of their other cyber security courses or even use the platform for your next certification!
Does the CySA+ Need to Be Renewed?
Like most CompTIA certifications, the CySA+ needs to be renewed every three years. You can renew your certification by getting another one of CompTIA’s certifications (of a higher level) or you can complete 60 Continuing Education Units (CEUs). There is a $50 fee for submitting your CEU credits.
Should I take The CySA+ or The Security+ First?
We actually have a full article to help you decide whether the Security+ or the CySA+ should be your next certification. When choosing whether to take the CompTIA Security+ or the CySA+ you need to identify both your current knowledge and which path you are aiming for.
If you have previous experience in cyber security and are following the cyber security analyst path, then the CySA+ will be the better option for you. If you are new to the field and are looking for a good first certification, then you should start with the Security+.
The CySA+ is a great exam to add to your resume. If you have experience as a security analyst, it will validate your current skills while filling in the gaps and areas that you are weaker on. If you are looking to become a security analyst, the CySA+ is perfect for you. This exam is catered specifically for the role and will tell recruiters that you are ready for action.
If you choose to pursue the CySA+, follow the study strategy presented in this article and you will set yourself up for success!