Passed CySA+

Deáthmáge85Deáthmáge85 Posts: 16Registered Members ■□□□□□□□□□
Passed the CySA+, onward to CASP, then back on the VCP6-CMA and VCP7-CMA bandwagon.

Comments

  • nicoletteannicolettean Posts: 19Registered Members ■□□□□□□□□□
    Congrats! What did you use for study material?
    2018 Goals - AWS Certified Solutions Architect


    Linkedin Profile : https://www.linkedin.com/in/andrew-nicolette-454721109/
  • Spread LoveSpread Love Posts: 2Registered Users ■□□□□□□□□□
    Congrats. Can you please elaborate how you prepared. Thanks
  • Deáthmáge85Deáthmáge85 Posts: 16Registered Members ■□□□□□□□□□
    Congrats. Can you please elaborate how you prepared. Thanks

    Official Study guide by Synex, Udemy Videos, a $180 used Toshiba laptop from ebay with a 240GB SSD w/ Kali Linux on it with wifi pinapple, alfa network board, hackrf one, ubertooth one, metasploit, wireshark, nmap, nessus, and then a bunch of exploitable VM's I found on the OSCP forum. Then I just hacked into all of my IoT's and my wireless, the VMware lab, customer networks (with permission) to see what vulnerabilities they had.

    The exam really pooled more knowledge than the book could teach though, really was meant for a security guy who knows systems, network, and virtualization to be able to decode some of the questions.

    But I'm onward to CASP, and after reading a few pages glad I took CySA 1st, a lot of overlap and a lot of more in-depth discussions.
  • PsychoData91PsychoData91 Posts: 138Registered Members ■■■□□□□□□□
    Jeez, sounds like you're probably about ready to try Pentest+ too
  • Deáthmáge85Deáthmáge85 Posts: 16Registered Members ■□□□□□□□□□
    Jeez, sounds like you're probably about ready to try Pentest+ too

    Maybe I will. Gotta pass CASP 1st and then take VCP7-CMA. :)
  • DAVIS NGUYENDAVIS NGUYEN Posts: 1,472Registered Members
    Congrats!
  • GeeLoGeeLo Posts: 109Registered Members
    Congrats on passing! I have CySA+ also.. it's a good one. All of that blue team SOC related goodness icon_smile.gif
    Vendor Neutral Certified in IT Project Management, Security, Servers, Workstations, Software, Networking, Windows, Unix and Linux and.. Cloud. :-)
  • roxerroxer Posts: 130Registered Members
    Congrats on the pass!!
    2018 Goals:
    To Complete: CISSP-ISSAP | CCSP | CAPM
    Start Master's Degree: WGU - MBA.ITM

    B.S., Business Studies in Computer Information Technology | SNHU
  • Markos4Markos4 Posts: 19Registered Members ■□□□□□□□□□
    Official Study guide by Synex, Udemy Videos, a $180 used Toshiba laptop from ebay with a 240GB SSD w/ Kali Linux on it with wifi pinapple, alfa network board, hackrf one, ubertooth one, metasploit, wireshark, nmap, nessus, and then a bunch of exploitable VM's I found on the OSCP forum. Then I just hacked into all of my IoT's and my wireless, the VMware lab, customer networks (with permission) to see what vulnerabilities they had.

    The exam really pooled more knowledge than the book could teach though, really was meant for a security guy who knows systems, network, and virtualization to be able to decode some of the questions.

    But I'm onward to CASP, and after reading a few pages glad I took CySA 1st, a lot of overlap and a lot of more in-depth discussions.


    do you think all you learned was required for the exam?? I am asking because I know people with no experience who have sat for the cysa+ exam and pass it after reading 2 cysa books and taking a practice test
  • SilverquickSilverquick Posts: 3Registered Users ■□□□□□□□□□
    Markos4 wrote: »
    do you think all you learned was required for the exam?? I am asking because I know people with no experience who have sat for the cysa+ exam and pass it after reading 2 cysa books and taking a practice test

    Then they got lucky and got an easy test.

    I just passed it too with a 820, but most people are scoring in the 760-790 range and barely passing. Out of 3 books and 2 online courses only about 20% of any of that was on test. But that has to do with how the test works. You can't "memorize" your way through this one. You have to actually know and be able to understand enough to both make recommendations... AND outright find actual hacks and attacks in code in the logs.

    You can't learn that from any of the courses.

    Like people hacking you with Linux tools and base OS, to things like java or http web code, and hidden within it is a SQL, LDAP, or XXL attack. To IDS entries that say one thing, but actually are doing another, etc...

    Finding false positives, and false negatives in a Vulnerability tool, etc.

    This stuff is really in the weeds stuff.

    For the record here, I actually have a friend who obtained answers to some of the CASP things, I could answer those off the top of my head without any study...

    CYSA+... study didn't help much, you either knew it or you don't, and none of the current courses can teach you that.
Sign In or Register to comment.