Sample CompTIA CySA+ test questions with answers

Going for your CompTIA CySA+ certification? Test what you know before taking the exam with these sample test questions on vulnerability assessment output.

As malware and ransomware attacks grow in volume and sophistication, many organizations are looking to hire cybersecurity professionals who are well versed in threat detection and mitigation. One way to prove to potential employers that applicants have the skills needed to fulfill demand is through industry certifications.

CompTIA's Cybersecurity Analyst (CySA+), for example, can not only help hiring organizations evaluate potential employees, but also help certified individuals improve job prospects and showcase their network and device security analyst skills.

A step beyond CompTIA's Security+ and Advanced Security Practitioner, the CySA+ certification is geared toward those interested in becoming a security operations center analyst, incident responder or handler, threat hunter, threat intelligence analyst, security engineer, application security analyst or compliance analyst.

This exam covers five domains:

  1. threat and vulnerability management
  2. software and systems security
  3. security operations and monitoring
  4. incident response
  5. compliance and assessment

Test-takers have 165 minutes to complete the $370 exam composed of up to 85 multiple-choice, drag-and-drop and performance-based questions. To receive a passing grade, candidates must score a minimum of 750 on a scale of 100-900. The CompTIA CySA+ exam can be taken in person at a Pearson VUE testing site or remotely through the Pearson VUE online testing service.

The current version of the exam, CS0-002, has no formal prerequisites. It is recommended, however, that applicants have completed the CompTIA Security+ or Network+ exam and have three to four years of cybersecurity experience.

Those planning to take the exam can use the following questions to test their knowledge of analyzing the output of a vulnerability assessment. Excerpted from Chapter 4 of CompTIA Cybersecurity Analyst (CySA+) CS0-002 Cert Guide, Second Edition, written by Troy McMillan and published by Pearson, these questions cover must-know topics, from web application scanners to enumeration. Download a PDF of Chapter 4 to learn more about vulnerability assessment output and complete review questions.

Cover of CompTIA Cybersecurity Analyst (CySA+) CS0-002 Cert Guide CompTIA Cybersecurity
Analyst (CySA+) CS0-002
Cert Guide
by Troy McMillan

More on CompTIA Cybersecurity Analyst (CySA+) CS0-002 Cert Guide

Learn more about this title from Pearson.

Read a Q&A with McMillan for advice, study tips and information on the benefits of the CySA+ certification.


Troy McMillanTroy McMillan

About the author
Troy McMillan is a product developer and technical editor for Kaplan IT and a full-time trainer. He became a professional trainer 20 years ago, teaching Cisco, Microsoft, CompTIA and wireless classes. He has written or contributed to more than a dozen projects, including authoring CISSP Cert Guide (Pearson) and CompTIA Advanced Security Practitioner (CASP) CAS-003 Cert Guide (Pearson). McMillan was a prep test question writer for CCNA Wireless 640-722 Official Cert Guide (Cisco Press) and a contributing subject matter expert for CCNA Cisco Certified Network Associate Certification Exam Preparation Guide (Kaplan). He also creates certification practice tests and study guides for CyberVista. He lives in Asheville, N.C., with his wife, Heike.

Next Steps

Apple's M1 silicon brings new challenges for malware defenders

Dig Deeper on Careers and certifications