Prepare for the CompTIA Cybersecurity Analyst (CySA+) certification by CompTIA with free exam-style practice questions on CyberCertPrep. The CySA+ exam has 85 questions, a time limit of CySA+ hours 45 minutes, and a passing score of 75%.
Choose from Practice mode, Exam Simulation, Weak Areas review, and Daily Challenge. Track your progress with detailed analytics and study with flashcards.
CompTIA Cybersecurity Analyst (CySA+) Exam Domain
Focus your study on this domain with targeted practice questions. This domain accounts for 20% of your CySA+ exam score.
The Incident Response & Management domain is one of 4 exam domains on the CompTIA Cybersecurity Analyst (CySA+) certification exam by CompTIA. At 20% of the total exam, this is one of the most heavily weighted domains — mastering it is critical for passing.
The CySA+ exam consists of 85 questions with a time limit of 2 hours 45 minutes and a passing score of 75%. That means approximately 17 questions on your exam will come from the Incident Response & Management domain.
Access Control List (ACL)
A list of permissions attached to an object that specifies which users or system processes are granted access to resourc...
Single Sign-On (SSO)
An authentication scheme that allows a user to log in with a single set of credentials to access multiple applications a...
IPS (Intrusion Prevention System)
A network security tool that monitors network traffic flows to detect and actively prevent identified threats in real ti...
SIEM (Security Information and Event Management)
A software solution that aggregates and analyzes security data from across the organization — including logs from firewa...
SOC (Security Operations Center)
A centralized unit staffed by security analysts who monitor an organization's IT infrastructure for cybersecurity threat...
Malware
Malicious software designed to damage, disrupt, or gain unauthorized access to computer systems, encompassing a broad ca...
Ransomware
A type of malware that encrypts a victim's files or locks system access and demands a ransom payment (typically in crypt...
Phishing
A social engineering attack that uses fraudulent emails, text messages (smishing), or phone calls (vishing) to trick use...
These certifications also cover topics related to Incident Response & Management:
Business Continuity, DR & Incident Response — 10% of exam
Incident Response & Recovery — 14% of exam
Security & Risk Management — 16% of exam
Information Security Risk Management — 20% of exam
Governance & Management of IT — 17% of exam
Risk Response & Reporting — 23% of exam