210-255 SECOPS Exam Review
snowchick7669
Member Posts: 69 ■■■□□□□□□□
in CCNA & CCENT
Just sat and passed this exam this afternoon. Wow, what a weird exam. If you're doing the scholarship program then I will warn you - you will need additional materials.
Cisco did an odd one with the course for the second half of the qualification. Roughly 50% of the course isn't even mentioned in the exam outline and a bunch of other things are covered in detail (whilst they only had a sentence or two in the official course). My recommendations for those taking the exam;
Main bit of advice is be aware the wording and questions can be a little strange with this one. Don't get thrown! Just apply logic and re-read as many times as you need. The time you have for the exam is adequate.
This exam is a lot more about practical application, rather than memorisation as the first exam was. I don't know if you could get away with passing this exam if you haven't had practical experience in some areas.
Cisco did an odd one with the course for the second half of the qualification. Roughly 50% of the course isn't even mentioned in the exam outline and a bunch of other things are covered in detail (whilst they only had a sentence or two in the official course). My recommendations for those taking the exam;
- Do the majority of your exam prep from the topics in the exam outline.
- Get as much practical experience with certain topics on the exam as you can (you'll get this in the labs, but for those who don't take the official course make sure you have used the tools mentioned in the topics i.e. Wireshark).
- One of the main exam topics is incident response and they mention the NIST documentation in the exam outline. I found it easier to go straight to the source for the NIST documents.
- Read the question and re-read it. Honestly the wording is pretty horrific in places.
Main bit of advice is be aware the wording and questions can be a little strange with this one. Don't get thrown! Just apply logic and re-read as many times as you need. The time you have for the exam is adequate.
This exam is a lot more about practical application, rather than memorisation as the first exam was. I don't know if you could get away with passing this exam if you haven't had practical experience in some areas.
Comments
-
p@r0tuXus Member Posts: 532 ■■■■□□□□□□Firstly, congratulations. I greatly appreciate that you came here to give your account of this experience. The exam has piqued my interest and I think with more experience I may be able to challenge it without the course.Completed: ITIL-F, A+, S+, CCENT, CCNA R|S
In Progress: Linux+/LPIC-1, Python, Bash
Upcoming: eJPT, C|EH, CSA+, CCNA-Sec, PA-ACE -
JoJoCal19 Mod Posts: 2,835 ModCongrats on the pass!
I've heard elsewhere the second exam is "off". I'm still debating whether I'm going to go with the class based on stuff I'm working on now. The cert isn't going to help in my current position, nor in one I would consider in the future. I may just open a spot for someone else at the end of the year.Have: CISSP, CISM, CISA, CRISC, eJPT, GCIA, GSEC, CCSP, CCSK, AWS CSAA, AWS CCP, OCI Foundations Associate, ITIL-F, MS Cyber Security - USF, BSBA - UF, MSISA - WGU
Currently Working On: Python, OSCP Prep
Next Up: OSCP
Studying: Code Academy (Python), Bash Scripting, Virtual Hacking Lab Coursework -
OctalDump Member Posts: 1,722Congrats on the pass! Thanks for the review.
I'm trying to understand the make up of these exams in a broad sense. Would you say that SECFND is Security basics, like Sec+, and SECOPS is more the hands on tools?2017 Goals - Something Cisco, Something Linux, Agile PM -
nisti2 Member Posts: 503 ■■■■□□□□□□Thanks for sharing your experience!! Whats next?2020 Year goals:
Already passed: Oracle Cloud, AZ-900
Taking AZ-104 in December.
"Certs... is all about IT certs!" -
snowchick7669 Member Posts: 69 ■■■□□□□□□□Congrats on the pass!
I've heard elsewhere the second exam is "off". I'm still debating whether I'm going to go with the class based on stuff I'm working on now. The cert isn't going to help in my current position, nor in one I would consider in the future. I may just open a spot for someone else at the end of the year.
In all honesty, I wouldn't do it then. The course was good and I found it interesting, but I would say 75% of it was stuff I already knew or had done with other courses. It was a lot of work and time sacrificed in order to get the course done in 3 months, but the first exam was very straightforward and the second exam didn't have half the stuff you were taught. Bit frustrating.
Considering you've got your GCIA etc, I'm not really sure what else it would teach you that you don't already know. -
snowchick7669 Member Posts: 69 ■■■□□□□□□□Thanks for sharing your experience!! Whats next?
I have the ISO27001 Lead Auditor course in 2 weeks and then I will potentially take a break. Might either finish my CCENT towards the end of the year, or get my eCPPT. -
snowchick7669 Member Posts: 69 ■■■□□□□□□□Congrats on the pass! Thanks for the review.
I'm trying to understand the make up of these exams in a broad sense. Would you say that SECFND is Security basics, like Sec+, and SECOPS is more the hands on tools?
Thank you! Yeah that's exactly how I'd explain it. SECFND was common security sense and SECOPS was about interpreting logs/detecting suspicious network activity. -
WastedHat Member Posts: 132 ■■■□□□□□□□Congrats on the pass! Did you do it through the scholarship program and what material did you use for the thoery? I seen the offical cert guides aren't out yet.
-
Prog Snob Member Posts: 57 ■■□□□□□□□□Congrats to you!
I was thinking of taking those exams since I have always wanted to get into security, but it won't be until next year since I'm tackling the CCIE right now. I saw the exam topics and it seems to cover topics I've studied in penetration testing/ethical hacking. Did you come across such topics when you were studying or taking the class? -
securityorc Member Posts: 58 ■■■□□□□□□□Thank you for sharing your exam impressions, I have mine next week and I am a bit worried about the discrepancy between the exam objectives and the course materials + the question wording. For study, I am using the mentor materials and my own notes, but I don't know if it'll be enough. I will take your advice and read the NIST document, and I'll also go through the regex site mentioned in the study guide.
-
Replicon Member Posts: 124 ■■■□□□□□□□snowchick7669 wrote: »Just sat and passed this exam this afternoon. Wow, what a weird exam. If you're doing the scholarship program then I will warn you - you will need additional materials.
Cisco did an odd one with the course for the second half of the qualification. Roughly 50% of the course isn't even mentioned in the exam outline and a bunch of other things are covered in detail (whilst they only had a sentence or two in the official course). My recommendations for those taking the exam;- Do the majority of your exam prep from the topics in the exam outline.
- Get as much practical experience with certain topics on the exam as you can (you'll get this in the labs, but for those who don't take the official course make sure you have used the tools mentioned in the topics i.e. Wireshark).
- One of the main exam topics is incident response and they mention the NIST documentation in the exam outline. I found it easier to go straight to the source for the NIST documents.
- Read the question and re-read it. Honestly the wording is pretty horrific in places.
Main bit of advice is be aware the wording and questions can be a little strange with this one. Don't get thrown! Just apply logic and re-read as many times as you need. The time you have for the exam is adequate.
This exam is a lot more about practical application, rather than memorisation as the first exam was. I don't know if you could get away with passing this exam if you haven't had practical experience in some areas.