Passed CySA+

Deáthmáge85Deáthmáge85 Posts: 16Member ■□□□□□□□□□
Passed the CySA+, onward to CASP, then back on the VCP6-CMA and VCP7-CMA bandwagon.

Comments

  • nicoletteannicolettean Posts: 19Member ■■■□□□□□□□
    Congrats! What did you use for study material?
    2018 Goals - AWS Certified Solutions Architect


    Linkedin Profile : https://www.linkedin.com/in/andrew-nicolette-454721109/
  • Spread LoveSpread Love Posts: 2Registered Users ■□□□□□□□□□
    Congrats. Can you please elaborate how you prepared. Thanks
  • Deáthmáge85Deáthmáge85 Posts: 16Member ■□□□□□□□□□
    Congrats. Can you please elaborate how you prepared. Thanks

    Official Study guide by Synex, Udemy Videos, a $180 used Toshiba laptop from ebay with a 240GB SSD w/ Kali Linux on it with wifi pinapple, alfa network board, hackrf one, ubertooth one, metasploit, wireshark, nmap, nessus, and then a bunch of exploitable VM's I found on the OSCP forum. Then I just hacked into all of my IoT's and my wireless, the VMware lab, customer networks (with permission) to see what vulnerabilities they had.

    The exam really pooled more knowledge than the book could teach though, really was meant for a security guy who knows systems, network, and virtualization to be able to decode some of the questions.

    But I'm onward to CASP, and after reading a few pages glad I took CySA 1st, a lot of overlap and a lot of more in-depth discussions.
  • PsychoData91PsychoData91 Posts: 138Member ■■■□□□□□□□
    Jeez, sounds like you're probably about ready to try Pentest+ too
  • Deáthmáge85Deáthmáge85 Posts: 16Member ■□□□□□□□□□
    Jeez, sounds like you're probably about ready to try Pentest+ too

    Maybe I will. Gotta pass CASP 1st and then take VCP7-CMA. :)
  • DAVIS NGUYENDAVIS NGUYEN Posts: 1,472Member ■■■□□□□□□□
    Congrats!
  • GeeLoGeeLo Posts: 109Member
    Congrats on passing! I have CySA+ also.. it's a good one. All of that blue team SOC related goodness icon_smile.gif
    Vendor Neutral Certified in IT Project Management, Security, Servers, Workstations, Software, Networking, Windows, Unix and Linux and.. Cloud. :-)
  • roxerroxer Posts: 130Member
    Congrats on the pass!!
    2018 Goals:
    To Complete: CISSP-ISSAP | CCSP | CAPM
    Start Master's Degree: WGU - MBA.ITM

    B.S., Business Studies in Computer Information Technology | SNHU
  • Markos4Markos4 Posts: 19Member ■□□□□□□□□□
    Official Study guide by Synex, Udemy Videos, a $180 used Toshiba laptop from ebay with a 240GB SSD w/ Kali Linux on it with wifi pinapple, alfa network board, hackrf one, ubertooth one, metasploit, wireshark, nmap, nessus, and then a bunch of exploitable VM's I found on the OSCP forum. Then I just hacked into all of my IoT's and my wireless, the VMware lab, customer networks (with permission) to see what vulnerabilities they had.

    The exam really pooled more knowledge than the book could teach though, really was meant for a security guy who knows systems, network, and virtualization to be able to decode some of the questions.

    But I'm onward to CASP, and after reading a few pages glad I took CySA 1st, a lot of overlap and a lot of more in-depth discussions.


    do you think all you learned was required for the exam?? I am asking because I know people with no experience who have sat for the cysa+ exam and pass it after reading 2 cysa books and taking a practice test
  • SilverquickSilverquick Posts: 3Registered Users ■□□□□□□□□□
    Markos4 wrote: »
    do you think all you learned was required for the exam?? I am asking because I know people with no experience who have sat for the cysa+ exam and pass it after reading 2 cysa books and taking a practice test

    Then they got lucky and got an easy test.

    I just passed it too with a 820, but most people are scoring in the 760-790 range and barely passing. Out of 3 books and 2 online courses only about 20% of any of that was on test. But that has to do with how the test works. You can't "memorize" your way through this one. You have to actually know and be able to understand enough to both make recommendations... AND outright find actual hacks and attacks in code in the logs.

    You can't learn that from any of the courses.

    Like people hacking you with Linux tools and base OS, to things like java or http web code, and hidden within it is a SQL, LDAP, or XXL attack. To IDS entries that say one thing, but actually are doing another, etc...

    Finding false positives, and false negatives in a Vulnerability tool, etc.

    This stuff is really in the weeds stuff.

    For the record here, I actually have a friend who obtained answers to some of the CASP things, I could answer those off the top of my head without any study...

    CYSA+... study didn't help much, you either knew it or you don't, and none of the current courses can teach you that.
Sign In or Register to comment.