Certifications / Security

CS0-002 vs CS0-003: What's on the New CompTIA CySA+ Exam?

by Valerie Denny Hughes
CompTIA CS0-002 vs CS0-003
Follow us
Published on February 12, 2024

Getting CySA+ certified is a wise choice for any cybersecurity pro, whether you’re looking to validate existing on-the-job skills or make a career pivot into network security. Earning your CompTIA CySA+ certification is a great way to level up your career

Demand for information security analysts is projected to grow 32 percent through 2032, according to the US Bureau of Labor Statistics. Over the next eight years, there are 16,800 openings for information security analysts projected each year. In other words, pursuing a career in cybersecurity can offer a lot of job security.

And becoming a certified cybersecurity analyst is a great way to move into more advanced IT security roles (especially if you already have a few years of experience).

But with the recent introduction of the latest version of the exam, comparing the ways that the CS0-002 vs CS0-003 exams stack up with each other is a smart way to prepare ahead of test day. If you’ve already been studying for version 002, then you might not have far to go before you’re ready for the 003 exam.

The previous CompTIA CySA+ CS0-002 exam retired on December 5, 2023, and the current CS0-003 was released on June 6, 2023. If you’ve already started studying for the CySA+ exam using the CS0-002 materials, understanding the difference between the topics covered on the CS0-002 and CS0-003 exams can help you craft a study plan that’ll get you up-to-date on the exam materials before the test day. Let’s dive in to see what’s changed between the two versions of the exam.

CS0-002 vs CS0-003: What’s the Difference?

As cyberattacks become increasingly more sophisticated, CompTIA and other certification vendors continually update their best practices. The CySA+ is no different, and like other CompTIA exams, is scheduled to retire every three years so that the latest trends and security threats can be incorporated into the most recent version.

The format of the new Cybersecurity Analyst exam remains the same as previous versions and contains a maximum of 85 questions. The test takes 165 minutes and consists of multiple-choice and performance-based questions. A passing score will still be 750 on a scale of 100-900. Here are some of the most notable updates between the CS0-002 vs CS0-003 versions of the exams: 

The domains covered on the test are streamlined from five to four: 

  • Security operations (33%)

  • Vulnerability management (30%)

  • Incident risk management (20%)

  • Reporting and communication (17%)

The exam is first available in English and then will roll out in Japanese, Portuguese, and Spanish languages. The exam objectives on the CS0-003 now include:

1. Current trends: You should know about security analyst tools such as Security Information and Event Management (SIEM) systems, including automated features like Security Orchestration and Automated Response (SOAR). The test will also cover how to integrate other monitoring tools such as Endpoint Detection Response (EDR) and Extended Detection and Response XDR into your SIEM.

2. Cloud and Mobile: As cloud computing and mobile grow, there’s more in-depth coverage of cloud and mobile cybersecurity best practices, emphasizing zero-trust security.

3. Threat Intelligence: The test goes deeper on threat intel vs threat hunting, threat feeds vs threat incident reports, how to automate your threat intel, and how to prioritize your alerts for a more effective response.


Online Course
EARN A CERTIFICATION

CompTIA Cybersecurity Analyst CySA+ (CS0-003)


  • 149 Videos
  • Practice Exams
  • Coaching
  • Quizzes

MONTHLY

$59.00

USD / learner / month

YEARLY

$49.91

USD / learner / month


When Does the CS0-002 Retire?

The CS0-002 retirement date was December 5, 2023, and the CS0-003 was released on June 6, 2023. Generally, CompTIA retires its CompTIA CySA+ exams every three years to stay current on the latest cybersecurity best practices.

While you can no longer take the 002 version of the exam, you can schedule and take the CySA+ CS0-003 now through CompTIA.

What’s On the New CompTIA Cybersecurity Analyst Exam?

The role of a cybersecurity analyst is to monitor and spot vulnerabilities in a network. Job functions include planning, installing, configuring, and monitoring an intrusion detection system such as IDS or SIEM. Once installed and monitored, it’s the analyst’s responsibility to respond to any threats once they are detected.

As a baseline, you’ll want hands-on cybersecurity experience and familiarity with cloud security and the latest in automation before heading into the CySA+ exam. There’s an emphasis on more performance-based questions that take real-life scenarios into account. Test-takers must demonstrate their skills on the exam and may be asked to analyze output from a security tool to determine threats to a system.

The new updates on the CS0-003 exam focus on the latest security analyst techniques. These include automated incident response, threat intelligence, cloud-based software, and best practices for communicating and reporting incidents. In addition to your on-the-job experience, a solid CySA+ online training will help you prepare for these skills ahead of test day. 

What Prerequisites are Required for the CS0-003?

The prerequisites in the CySA+ certification path have not changed from CS0-002 to CS0-003. Because CySA+ is seen as an intermediate exam, it’s recommended that you have your Network+ and/or Security+ certifications under your belt (or equivalent) before heading into test day (or the equivalent of 4 years of hands-on experience in incident response or security operations). 

These trainings can help you prepare for the CySA+ certification:

CBT Nuggets trainer Erik Choron is working on an updated version of the CySA+ certification training that maps to the CS0-003 exam. It will be available to CBT Nuggets subscribers in early 2024.

RELATED: Where Should You Start: CompTIA CySA+ vs Security+

Who Should Take the CS0-003? 

Becoming a certified Cybersecurity Analyst is worth it if you want to pursue a career as a security engineer or in threat intelligence. CySA+ is relatively affordable ($392 for US-based test takers), and is from the well-respected, vendor-neutral CompTIA. Earning your CySA+ can validate on-the-job experience that you already have and help with job prospects — especially if you already have your Network+ and Security+ certifications under your belt.

But CySA+ is not for IT newbies. It’s recommended that you have at least 4 years’ experience in cybersecurity before taking the exam, as this is a mid-level certification that builds on the knowledge required to pass the Network+ and Security+ exams. You should be familiar with these three broad categories of cybersecurity tools before taking the exam:

  • Intrusion Detection System (IDS): Zeek and Snort

  • Packet Capture: Wireshark

  • Security Information and Event Management (SIEM): AT&T Cybersecurity/AlienVault OSSIM

CySA+ Exam Prep: Key Takeaways

Thinking of taking the new CySA+ exam? Here’s what you need to know about the updated CS0-003 before test day.

  • The CySA+ CS0-002 exam retired on December 5, 2023, and the CS0-003 was released in June of 2023. 

  • The CySA+ exam format remains the same: 85 questions max, and you have 165 minutes to answer a mix of multiple-choice and performance-based questions. To pass, you must score 750 on a scale of 100-900.

  • The prerequisites in the CySA+ certification path have not changed from CS0-002 to CS0-003. 

  • The domains covered on the test were streamlined from five to four: security operations (33%), vulnerability management (30%), incident risk management (20%), reporting and communication (17%).

  • 20% of the exam was updated to include now current trends in automation, cloud and mobile security, and threat intelligence.

Study Tips for Earning CompTIA CySA+ Certification

As you prepare for the new CySA+ exam, several resources can help you study successfully.  

  1. Review CompTIA’s official CySA+ certification study guide.

  2. Use training videos to learn the skills covered in the exam, like CBT Nuggets CySA+ online course. (CBT Nuggets will release CySA+ CS0-003 training in early 2024)

  3. Take practice exams to identify knowledge gaps so you can use your study time more efficiently.

  4. Practice good study habits that make training time intentional and enjoyable.

  5. Plan to give yourself about three months to prepare for the test, or less if you have more experience. Most CBT Nuggets learners who took the CySA+ say they needed between 1-2 months to study for the exam.

Learn what cybersecurity certification training CBT Nuggets has to offer!


Certification Guide - SecurityUltimate Security Cert Guide

By submitting this form you agree to receive marketing emails from CBT Nuggets and that you have read, understood and are able to consent to our privacy policy.


Don't miss out!Get great content
delivered to your inbox.

By submitting this form you agree to receive marketing emails from CBT Nuggets and that you have read, understood and are able to consent to our privacy policy.

Get CBT Nuggets IT training news and resources

I have read and understood the privacy policy and am able to consent to it.

© 2025 CBT Nuggets. All rights reserved.Terms | Privacy Policy | Accessibility | Sitemap | 2850 Crescent Avenue, Eugene, OR 97408 | 541-284-5522