How Many Questions Are on the CompTIA CySA+ Exam? Complete 2026 Guide

The CompTIA CySA+ exam contains up to 85 questions with a 165-minute time limit and a passing score of 750 out of 900 (~83%). CySA+ is CompTIA's intermediate-level cybersecurity certification focused on SOC analyst skills — threat detection, log analysis, vulnerability management, and incident response.

CySA+ bridges Security+ and CASP+, targeting blue team defensive security roles. Approved for DoD 8570/8140 CSSP Analyst positions. With ~2 minutes per question, CySA+ reflects the complexity of its scenario-based format. SOC analyst roles pay $75,000-$110,000.

85
Max Questions
165 min
Time Limit
750
Passing (/900)
$392
Exam Cost

CySA+ Domain Breakdown

Domain%~QuestionsKey Topics
Security Operations33%~28SIEM, log analysis, threat intelligence, monitoring, automation
Vulnerability Management30%~26Scanning, assessment, CVSS scoring, remediation prioritization
Incident Response20%~17IR lifecycle, containment, eradication, recovery, forensics
Reporting and Communication17%~14Metrics, KPIs, vulnerability reports, stakeholder communication
Highest-Impact: Security Operations (33%) and Vulnerability Management (30%) = 63% of the exam.

Question Types

Scenario-Based MC (70-75%)

Realistic SOC situations analyzing log excerpts, scan outputs, and threat intelligence data.

PBQs (4-6)

CompTIA Security Pathway

LevelCertQuestionsFocus
EntrySecurity+90 / 90 minFundamentals
IntermediateCySA+85 / 165 minBlue team analysis
IntermediatePenTest+85 / 165 minRed team testing
AdvancedCASP+90 / 165 minArchitecture

Key Skills to Master

SIEM and Log Analysis

Read and interpret logs from firewalls, IDS/IPS, web servers. Correlate events across sources. Identify anomalous patterns.

Vulnerability Management Lifecycle

Asset discovery → scanning → analysis → prioritization (CVSS + business context) → remediation → verification → reporting.

Threat Intelligence

OSINT, commercial feeds, ISACs, IOCs/IOAs, diamond model, kill chain, MITRE ATT&CK framework.

Study Preparation

Security+ holders need 8-12 weeks at 2 hours daily:

Frequently Asked Questions

How many questions?

Up to 85 in 165 minutes including scenario-based MC and PBQs.

Passing score?

750/900 (~83%).

Harder than Security+?

Yes. Intermediate analysis skills including log analysis and threat hunting.

What jobs?

SOC analyst, threat analyst, vulnerability analyst, incident response.

DoD approved?

Yes, CSSP Analyst and IAT Level II.

Study time?

8-12 weeks for Security+ holders.

CySA+ vs PenTest+?

Blue team (defensive) vs red team (offensive).

Current version?

the current CySA+ exam.

Practice CySA+ Questions

Build SOC analyst skills with adaptive practice questions.

Start Free Practice Test →

Related Resources