full image - Repost: CySA+ (CS0-003) Passed - D483 (from Reddit.com, CySA+ (CS0-003) Passed - D483)
Mining:
Exchanges:
Donations:
Howdy night owls!Passed CySA+ yesterday afternoon on my first attempt with a 775. I always like reading about others' experience with their tests as I prepare for my own, so here's a rundown of my experience with the exam and the preparation process.I looked into almost every resource made available to me to prep, but didn't end up completing all of them. I started with the 14 Certmaster lessons, taking semi-detailed notes on stuff I didn't know and quickly jotting down stuff that was already familiar to me. This ended up being about 70 pages of notes, although most of it was more detailed than needed. I did the practice questions in Certmaster after I had finished the notes as a means of reviewing, and then the PBQs. I did every lab available in the WGU coursework as I finished each corresponding lesson in Certmaster, although I did blow through a few of them quickly because they felt redundant or like I wasn't getting much out of them.I then moved to the Dion stuff. I ended up going through lesson 27 of his course before I realized it probably wasn't the best use of my time. He spends too much time going in depth on topics that are outside the scope of the course. It was good for contextualizing a lot of the important stuff, but too much of his course was preceded by him saying "you won't actually need to know this for the course, but...". I took 3 out of his 7 practice tests and found them to be pretty mediocre--compared to the questions I got on the actual exam, his questions are way too detailed and had me worrying about stuff I didn't need to know. The formatting of his course also doesn't align with the Certmaster stuff, so it made it difficult for me to go through and supplement each topic as I learned more about it. The thing I liked most about Dion's content were the lab demonstrations he did, but I'm not sure how much they actually helped for the CySA+ exam. Overall, I felt like Dion's course was way longer than it needed to be and would be best used to supplement areas where you're weak.In my experience, the Mike Chapple question bank and the CyberVista questions were most similar to the actual test. The Certmaster questions were also in a similar style. I didn't do these until I scored 90% on all of them, but I did go through each question bank in its entirety and then review the wrong answers. Dion's practice tests were the furthest away in style and content, but still helped solidify some things for me. I figured that the more broad my studying was, the better I would do on the test, and I do think this held true.On the actual test, I had 66 multiple choice questions and 3 PBQs. I'd say around 60% of the multiple choice were "gimmes" that I was could answer immediately, 30% were a toss up between two likely answers, and the remaining 10% had stuff I wasn't sure about and had to guess on. One PBQ involved reading nmap scan results and checking devices for alignment with theoretical company requirements (easy), one was on identifying device characteristics and services on a network with nmap through a command line terminal (moderate), and one was analyzing an email phishing attack and answering questions about the scope of the attack based on several log sources (moderate/hard). I felt pretty good overall when I was submitting, and didn't feel like I was way out of my league at any point.I stressed way too much about learning all the different tools and what they're used for. I didn't get a single question on ScoutSuite, Prowler, Arachni, Nessus, etc. I have like 1.5 pages of notes on these tools and didn't see them on the test--however, keep in mind there might be some versions of the test where these questions do show up. This was just my experience. Also didn't get any questions on regex formatting, which I put some time into learning. The biggest topics I ran into were identifying attacks (directory traversal, injections, XSS, etc.) based on logs, the incident response process, intelligence gathering, threat models (Diamond and Kill Chain), and general security best-practices like sanitizing user input.So, if I had to do it again knowing what I know now, I would:Start by going through all the Certmaster lessons and taking notes on anything unfamiliar.Do all the Certmaster labs, PBQs, and practice questions until scoring 90% or higher.Go through the entire Cybervista and Mike Chapple question banks until comfortable with most of the stuff there.Cherry pick topics from Dion's lessons to improve areas where my understanding was weak.Review the fundamentals--common port numbers, protocols, authentication methods, access controls, and other stuff you probably already know from ISC2 CC.I didn't bother with the flash card feature in any of the learning resources because they weren't formatted in a way that made it easy for me to study; it wouldn't be clear what they were asking me to identify and I'd get it "wrong" even though I understood the topic they were addressing. I've also read in several places that people don't think the Certmaster PBQs are very helpful--I disagree. They weren't the exact same style as the PBQs on the actual test, but they definitely helped reinforce my understanding of stuff I needed to know.I have no background in tech. No IT or security experience, but I did get my Network+ to gain entry into the MSCSIA because my undergraduate degrees weren't in a STEM field. Other than that, I only had the ISC2 CC certification from previous coursework to help me out.I'm sure I missed some stuff, so I might be back to update this post as I remember. I'm also happy to answer any questions!
Social Media Icons