Mock Exam 1 simulates the real CompTIA CySA+ (CS0-003) sitting: 85 original questions under a 165-minute clock, spanning all 4 domains and scored with a per-domain breakdown so you can see exactly which areas to drill next. Questions are written to the public objectives and fully explained on review.
Domain coverage
Objectives covered: 1.1 Explain the importance of system and network architecture concepts in security operations (encryption, PKI); 1.1 Explain the importance of system and network architecture concepts in security operations (encryption, TPM, root of trust); 1.1 Explain the importance of system and network architecture concepts in security operations (identity and access management); 1.1 Explain the importance of system and network architecture concepts in security operations (network segmentation); 1.1 Explain the importance of system and network architecture concepts in security operations (sensitive data protection, DLP); 1.1 Explain the importance of system and network architecture concepts in security operations (zero trust); 1.2 Given a scenario, analyze indicators of potentially malicious activity (application-related: application logs); 1.2 Given a scenario, analyze indicators of potentially malicious activity (data exfiltration indicators); 1.2 Given a scenario, analyze indicators of potentially malicious activity (email analysis); 1.2 Given a scenario, analyze indicators of potentially malicious activity (host- and identity-related indicators, credential access); 1.2 Given a scenario, analyze indicators of potentially malicious activity (host-based, ATT&CK technique mapping); 1.2 Given a scenario, analyze indicators of potentially malicious activity (network-related: beaconing); 1.3 Given a scenario, use appropriate tools or techniques to determine malicious activity (DNS reputation, sinkholing); 1.3 Given a scenario, use appropriate tools or techniques to determine malicious activity (email analysis); and more.