passed CySA+

dsp2267dsp2267 Posts: 22Member ■□□□□□□□□□
This exam was, in a way, quite different for me. I enjoy learning, and prefer learning via textbook and labbing rather than videos and practice exams. And I usually hate the usual CompTIA gamesmanship with question structure ("Which of these wrong answers is the LEAST wrong?").

My primary study tools were the textbook by Abernathy and McMillan, the practice exams that came with it, and a practice exam on Udemy. They were all good, but the textbook in particular will only get you to about 70%. Since I have a pretty broad education in IT and security, I was able to wing it on stuff I didn't get from the text. And of course I have a ton of experience with cert exams, which helps with making educated guesses.

The Pearson practice exam testbank had way too many questions along the lines of "What is the 4th step in an incident response procedure?" Reading log messages, understanding ACLs, understanding the impact of network topology on security should be the focus.

The exam itself was quite enjoyable, in a way. The PBQs were interesting, very hands-on and practical (be able to understand source and destination IPv4 addresses, port numbers, server roles, log messages, etc). Having held CCNA for the better part of a decade definitely helped.

I don't understand why the appointment was so long, IIRC I finished in about 80 or 90 minutes.

No telling how the job market will react to CySA+. I think after another year or two when better textbooks are available, passing CySA+ will be a very good indicator of value to employers, more so than Sec+ or CASP IMHO.

Comments

  • NetworkNewbNetworkNewb They are watching you Posts: 3,132Member ■■■■■■■■□□
    Congrats on the pass!
  • PCTechLincPCTechLinc Senior Member King City, CAPosts: 566Member ■■■■□□□□□□
    So it looks like you already had Sec+ and CASP prior to taking this? Did you see much overlap/new material?
    Master of Business Administration in Information Technology Management - Western Governors University
    Master of Science in Information Security and Assurance - Western Governors University
    Bachelor of Science in Network Administration - Western Governors University
    Associate of Applied Science x4 - Heald College
  • spiderjerichospiderjericho Senior Member Mojave DesertPosts: 834Member ■■■■□□□□□□
    Congrats on the CompTIA security trifecta.
  • roxerroxer Posts: 130Member
    Congratulations on the pass!!
    2018 Goals:
    To Complete: CISSP-ISSAP | CCSP | CAPM
    Start Master's Degree: WGU - MBA.ITM

    B.S., Business Studies in Computer Information Technology | SNHU
  • PsychoData91PsychoData91 Posts: 138Member ■■■□□□□□□□
    dsp2267 wrote: »
    I don't understand why the appointment was so long, IIRC I finished in about 80 or 90 minutes.

    Yeah, I was similar. Finished WAY ahead of the completion time. I think that since many of the questions required looking through a paragraph or log they may have made it longer in case you read every line. Even though on many you could look at the question, and just see the relevant lines.
    dsp2267 wrote: »
    No telling how the job market will react to CySA+. I think after another year or two when better textbooks are available, passing CySA+ will be a very good indicator of value to employers, more so than Sec+ or CASP IMHO.

    The DoD 8570 has already strongly embraced the CySA+. Much better than something like Sec+, SSCP. Plus many will already have an A+, Net+, or Sec+, being lower of the same provider.


    fJQN0rC.png
  • jwdk19jwdk19 Posts: 55Member ■■■□□□□□□□
    I think it is a good cert. My CySA+ exam had a ton log based questions. Yes it is primarily multiple choice but you have to have some type of prior experience, knowledge of what you are looking at in the logs in order to know what is taking place and thus answer the question correctly. I like the path that CompTIA is taking with Cysa and PenTest+.

    I think the CySA+ will gain popularity in the next couple of years.
  • nisti2nisti2 Posts: 443Member ■■■□□□□□□□
    Congratulations!!
    2018 Year goals:
    CCNA Cyber Ops [Done!]
    Extra goals: VCP6-DCV [1%] , CCENT-CCNA [2%]
    "Certs... is all about IT certs!"
  • dsp2267dsp2267 Posts: 22Member ■□□□□□□□□□
    PCTechLinc wrote: »
    So it looks like you already had Sec+ and CASP prior to taking this? Did you see much overlap/new material?

    Sure. Always keep in mind that CompTIA has been recycling exam questions for 15+ years. How many times do I have to prove that I know that SSH uses port 22 by default? And now that I mention it, during all of the numerous cert exams I've taken, only one very recent exam even mentioned the possibility that a service might use a non-default port number. IMHO, CompTIA absolutely needs to add some new questions to Sec+ on that issue.

    I'm terrible about remembering what was on exams except for the occasional stumper and the PBQs, but I would guesstimate that 25% of the questions were Sec+ level and material, 25% were CASP type managerial. What was neat on the exam (vs the textbook) was the practical stuff; ACL rules, log entries, ports and services. Since I'm current on CCNA, definitely an advantage there.

    Thankfully not too much "product knowledge" stuff like knowing some obscure application program is an IPS. Likewise I don't recall much on 27000/1/2, OWASP, etc etc. Which is why I passed; bulk memorization is not my gift.

    A last note on the PBQs; kudos to CompTIA, the PBQs ran smoothly and were easy to navigate and understand.
Sign In or Register to comment.