WGU MSCIA: Thoughts after 18 days
Blucodex
Member Posts: 430 ■■■■□□□□□□
Enrollment
The enrollment process was pretty easy but there were some slight hiccups. I originally reached out April with the goal of starting 9/1. They claim there is a $65 application fee but I am fairly certain that gets waived in a high amount of applications since there always seems to be a waive the application fee special going on.
I just had a transcript sent over through my college and uploaded proof of my CISSP (one of a few qualifying certs). There were some small annoyances regarding student loans and because they process everyone a couple weeks before starting date I barely made the 8/1 deadline they pushed me for. What irritated me was that I could have had everything lined up months in advance but they didn't let me know some things that they were aware off. Part of being a non-profit and allowing everyone to work from home is a disconnect but all in all it wasn't a major deal. Everyone was polite and helpful--I just think it could be improved on.
Mentor
My mentor meeting didn't start off too hot and I have to take at least partial blame if not most. I was in Las Vegas for Blackhat and Defcon when my mentor called. They were concerned I hadn't finished the orientation yet. I explained I had been out of town the week and would return in a few days and finish up. They also asked if I had put a plan together for when I would study. I said no because I have ample time throughout the week as I already was studying 20+ hours a week for the OSCP and had finished my BA while working full-time so it wouldn't be a problem. I was asked if I wanted to push the start date back because I hadn't put a study plan together which was pretty annoying and afterwards I had a call from my mentor's boss to discuss concerns... Another concern was the background noise on the call (sounded like I was distracted). Well, I did say I was in Las Vegas for a conference.
In hindsight I should have played their game and been a yes man. For those looking to attend just feed them the lines they want to hear.
Classes
I really like the layout. You login and then go to the class you want to focus on. There are a bunch of resources available and even templates for some classes. Every class has a rubric so there is no excuse on not knowing what is required for each class assessment. Assessments are essentially papers or a certification if your class requires it.
My default first semester was just JIT2/Risk Management and TFT2/Cyberlaw, Regulations, and Compliance. Since I already studied for the CEH (C701/Ethical Hacking) a few months ago I had that added to my course plan and attacked it first. The material was pretty much all review for me at this point so I signed up for it immediately and passed last Saturday 8/12. Here's a brief opinion on the CEH exam: http://www.techexams.net/forums/ec-council-ceh-chfi/128584-passed-8-12-a.html
I submitted my assessment for JIT2 yesterday morning was was 490th in queue. This morning I was alerted that I passed. Out of the rubric I received mostly competent scores with a few highly competent. Both are passing so although I could have done better a pass is a pass. I probably spent 3 hours on the paper so I am pretty happy. I was expecting it to be returned with a few sections needing improvement. JIT2 can be done in a weekend if you sit down and knock it out but they also provide a 10 day guide. I feel like somewhere between 2-5 days is enough for someone putting forth effort.
I think I'm going to try to finish two more classes by mid September. Extend my OSCP lab access for 30 days and then take my test which is currently scheduled for the third week of October, and then finish another 2 classes by end of January (end of my first term). That would put me at 6 classes down with 4 to finish semester 2.
Conclusion
So far I am impressed with the competency based model. For those who are self-motivators I think this is a very good option. It's nationally accredited and extremely affordable!
___________________________________________________________________________________________________
Classes Completed
C701 - Ethical Hacking (CEH Certification) 8/11
JIT2 - Risk Management 8/17
C700 - Secure Network Design 8/24
TFT2 - Cyberlaw, Regulations, and Compliance 8/28
C706 - Secure Software Design 8/31
In Progress
C688 - Cyberwarfare
Remaining
C702 - Forensics and Network IntrusionFXT2 - Disaster Recovery Planning, Prevention and Response
FXT2 - Disaster Recovery Planning, Prevention and Response
VLT2 - Security Policies and Standards - Best Practices
LQT2 -Information Security and Assurance Capstone Project
The enrollment process was pretty easy but there were some slight hiccups. I originally reached out April with the goal of starting 9/1. They claim there is a $65 application fee but I am fairly certain that gets waived in a high amount of applications since there always seems to be a waive the application fee special going on.
I just had a transcript sent over through my college and uploaded proof of my CISSP (one of a few qualifying certs). There were some small annoyances regarding student loans and because they process everyone a couple weeks before starting date I barely made the 8/1 deadline they pushed me for. What irritated me was that I could have had everything lined up months in advance but they didn't let me know some things that they were aware off. Part of being a non-profit and allowing everyone to work from home is a disconnect but all in all it wasn't a major deal. Everyone was polite and helpful--I just think it could be improved on.
Mentor
My mentor meeting didn't start off too hot and I have to take at least partial blame if not most. I was in Las Vegas for Blackhat and Defcon when my mentor called. They were concerned I hadn't finished the orientation yet. I explained I had been out of town the week and would return in a few days and finish up. They also asked if I had put a plan together for when I would study. I said no because I have ample time throughout the week as I already was studying 20+ hours a week for the OSCP and had finished my BA while working full-time so it wouldn't be a problem. I was asked if I wanted to push the start date back because I hadn't put a study plan together which was pretty annoying and afterwards I had a call from my mentor's boss to discuss concerns... Another concern was the background noise on the call (sounded like I was distracted). Well, I did say I was in Las Vegas for a conference.
In hindsight I should have played their game and been a yes man. For those looking to attend just feed them the lines they want to hear.
Classes
I really like the layout. You login and then go to the class you want to focus on. There are a bunch of resources available and even templates for some classes. Every class has a rubric so there is no excuse on not knowing what is required for each class assessment. Assessments are essentially papers or a certification if your class requires it.
My default first semester was just JIT2/Risk Management and TFT2/Cyberlaw, Regulations, and Compliance. Since I already studied for the CEH (C701/Ethical Hacking) a few months ago I had that added to my course plan and attacked it first. The material was pretty much all review for me at this point so I signed up for it immediately and passed last Saturday 8/12. Here's a brief opinion on the CEH exam: http://www.techexams.net/forums/ec-council-ceh-chfi/128584-passed-8-12-a.html
I submitted my assessment for JIT2 yesterday morning was was 490th in queue. This morning I was alerted that I passed. Out of the rubric I received mostly competent scores with a few highly competent. Both are passing so although I could have done better a pass is a pass. I probably spent 3 hours on the paper so I am pretty happy. I was expecting it to be returned with a few sections needing improvement. JIT2 can be done in a weekend if you sit down and knock it out but they also provide a 10 day guide. I feel like somewhere between 2-5 days is enough for someone putting forth effort.
I think I'm going to try to finish two more classes by mid September. Extend my OSCP lab access for 30 days and then take my test which is currently scheduled for the third week of October, and then finish another 2 classes by end of January (end of my first term). That would put me at 6 classes down with 4 to finish semester 2.
Conclusion
So far I am impressed with the competency based model. For those who are self-motivators I think this is a very good option. It's nationally accredited and extremely affordable!
___________________________________________________________________________________________________
Classes Completed
C701 - Ethical Hacking (CEH Certification) 8/11
JIT2 - Risk Management 8/17
C700 - Secure Network Design 8/24
TFT2 - Cyberlaw, Regulations, and Compliance 8/28
C706 - Secure Software Design 8/31
In Progress
C688 - Cyberwarfare
Remaining
C702 - Forensics and Network IntrusionFXT2 - Disaster Recovery Planning, Prevention and Response
FXT2 - Disaster Recovery Planning, Prevention and Response
VLT2 - Security Policies and Standards - Best Practices
LQT2 -Information Security and Assurance Capstone Project
Comments
-
mgeoffriau Member Posts: 162 ■■■□□□□□□□It's nationally accredited and extremely affordable!
Good review, but I just wanted to correct this point.
WGU is regionally accredited with the Northwest Commission. (Certain individual programs also have related accreditation.)
National accreditation bodies tend to either be for trade- or licensure-based programs, or for for-profit schools (diploma mills and the like).
Regional accreditation is how conventional non-profit schools are accredited.
https://www.wgu.edu/why_WGU/WGU_accreditation#CISSP || A+ || Network+ || Security+ || Project+ || Linux+ || Healthcare IT Technician || ITIL Foundation v3 || CEH || CHFI
M.S. Cybersecurity and Information Assurance, WGU -
Blucodex Member Posts: 430 ■■■■□□□□□□Thank you for the correction.
Edit: If you do your research regional accreditation is superior to national accreditation. WGU is regionally accredited with the Northwest Commission. -
mgeoffriau Member Posts: 162 ■■■□□□□□□□I try to resist my natural OCD tendency to nitpick about details, but since it concerns the reputation of the school, I figured it was worth mentioning.
Anyway, best of luck with the program -- I am also in the MSCSIA program, working on my Capstone now. 8/31 is my term deadline, so I'm hoping to have it wrapped up in a few days.CISSP || A+ || Network+ || Security+ || Project+ || Linux+ || Healthcare IT Technician || ITIL Foundation v3 || CEH || CHFI
M.S. Cybersecurity and Information Assurance, WGU -
Blucodex Member Posts: 430 ■■■■□□□□□□Working on TFT2 right now. Task 2 has passed and Task 1 had to be resubmitted. I tried to use new password guidelines that NIST has drafted but it wasn't considered industry standard. A case of trying to think progressively. Should get a pass today.
That leaves me with two more tasks for TFT2 and I've met my semester goal. I guess I will have the next 5 months off!
Haha, I don't think so. Took the pre-assessment for secure network design and got a pass. I found the content to be very basic for me. I'm going to request C700, C702, and C706 be added to this term. They all appear to be performance based (no papers) and should be fairly easy to pass IMO.
Current goal is to have all 4 of the remaining classes done by 10/1. Which would leave me with 2 classes and capstone to finish. And 3 full months left in my first term. -
Blucodex Member Posts: 430 ■■■■□□□□□□C702 - Secure Network Design assessment scheduled for 8/24 @ 7pm.
TFT2 Task 1 accepted, leaves me tasks 3 and 4 to finish class. -
devilbones Member Posts: 318 ■■■■□□□□□□C702 - Secure Network Design assessment scheduled for 8/24 @ 7pm.
TFT2 Task 1 accepted, leaves me tasks 3 and 4 to finish class. -
518 Member Posts: 165 ■■■□□□□□□□I feel like I'm stuck on Cyberwarfare Task 2. Submitted task but returned because "An explanation for how each policy or procedure will raise information assurance levels could not be located."
For example, on DiD enclave bounday, I have written down what devices can protect the boundary (firewall, F5, proxy server, router ACL), but still asking for "how those can raise the IA level." Do I need to write "the policies for these devices will raise the information assurance level of the organization?"
The same thing with Computing Environment part, I have the HBSS with DLP, HIPS, Application Control, and AV. But, the reviewer said the same thing, "An explanation for how each policy or procedure will raise information assurance levels could not be located."
What am I missing? -
devilbones Member Posts: 318 ■■■■□□□□□□I feel like I'm stuck on Cyberwarfare Task 2. Submitted task but returned because "An explanation for how each policy or procedure will raise information assurance levels could not be located."
For example, on DiD enclave bounday, I have written down what devices can protect the boundary (firewall, F5, proxy server, router ACL), but still asking for "how those can raise the IA level." Do I need to write "the policies for these devices will raise the information assurance level of the organization?"
The same thing with Computing Environment part, I have the HBSS with DLP, HIPS, Application Control, and AV. But, the reviewer said the same thing, "An explanation for how each policy or procedure will raise information assurance levels could not be located."
What am I missing? -
Blucodex Member Posts: 430 ■■■■□□□□□□I don't mind if anyone posts questions in here. I'm all about helping and sharing knowledge.
So far in my limited exposure to writing papers for WGU I've found that it could be very easy to over think these papers. Tasks 1 and 2 for me in TFT2 were extremely short.
The rubric tells you exactly what they are asking of you. Follow it!!! For TFT2 tasks 1 and 2 I used a modified version of the Risk Management (JIT2) template. As weird as the headings were for me (A1, A1a, etc.) I believe it helps match your content up to the rubric for easier grading.
They are looking for quality (matching the rubric) not quantity. Don't over think it! -
518 Member Posts: 165 ■■■□□□□□□□devilbones wrote: »Yes, just write that and how it increases the security posture. Might want to make your own thread for questions since this is his progress thread.
I cant believe that did the trick. I was under the impression that the reviewer can realize that the controls I had raises the IA level. Apparently, I had to spell it out.
Blucodex, thank you for letting me post. And you are correct, I tend to over think these tasks. Thanks again. -
Blucodex Member Posts: 430 ■■■■□□□□□□Phew, started to get sick last night and pushed on through work as it got worse and worse. Stuffed nose and couldn't taste my dinner
Anyway, sat for Secure Network Design. Not feeling well so wasn't 100% sure of my answers. Submitted my exam and got the message "your mentor will discuss your results with you". Uh oh, doesn't sound good, lol.
Exit proctor site and log into my WGU student control panel. Passed!
Next up, to hopefully finish TFT2 this weekend and get cracking on Secure Software Design. -
NotHackingYou Member Posts: 1,460 ■■■■■■■■□□Great progress!When you go the extra mile, there's no traffic.
-
Blucodex Member Posts: 430 ■■■■□□□□□□Thanks. I believe the first 6 classes or so go by very quickly for experienced people in the field. I'm expecting the remaining 3-4 to be a grind.
-
devilbones Member Posts: 318 ■■■■□□□□□□Phew, started to get sick last night and pushed on through work as it got worse and worse. Stuffed nose and couldn't taste my dinner
Anyway, sat for Secure Network Design. Not feeling well so wasn't 100% sure of my answers. Submitted my exam and got the message "your mentor will discuss your results with you". Uh oh, doesn't sound good, lol.
Exit proctor site and log into my WGU student control panel. Passed!
Next up, to hopefully finish TFT2 this weekend and get cracking on Secure Software Design. -
Blucodex Member Posts: 430 ■■■■□□□□□□TFT2 Task 3 submitted last night, should be able to finish Task 4 tonight or tomorrow.
-
Blucodex Member Posts: 430 ■■■■□□□□□□Task 3 has passed. Task 4 is 37th in queue. Hopefully I can get that passed in the morning and have Secure Software Design lined up for this week.
-
Blucodex Member Posts: 430 ■■■■□□□□□□TFT2 Task 4 passed! On to Secure Software Design. Assessment set for Thursday.
-
Blucodex Member Posts: 430 ■■■■□□□□□□Woot!, passed Secure Software Design. Just. Barely. But a pass is a pass.
-
jibtech Member Posts: 424 ■■■■■□□□□□Congrats!
As my acceleration toward the BSITSec is nearing its end, I am thinking hard about the MSCIA next. I am finding myself referring to this thread more often now.
So keep it coming! -
Blucodex Member Posts: 430 ■■■■□□□□□□I added C688 Cyberwarfare to my program. I just turned in task 1.
My WGU studies will probably slow considerably until 10/22. I will still be working on papers but just not nearly as much as I prepare for my OSCP exam and go through MalwareUnicorn's malware reverse engineering tutorials. https://securedorg.github.io/RE101/section1/ -
Blucodex Member Posts: 430 ■■■■□□□□□□Task 1 is complete. Task two is in progress. Took it easy the last week as a reward for the quick wins. Looking to finish task 2 this weekend and start task 3 next week.
-
Blucodex Member Posts: 430 ■■■■□□□□□□Task 2 submitted. Will probably work on shoring up a template for Task 3 tonight and maybe even get a few sections written down. Should be submitting task 3 no later than Sunday evening.
-
Blucodex Member Posts: 430 ■■■■□□□□□□Bluecodex, how often do you get in touch with the CM?
It was every Thursday at first. Now it's every other Thursday and it's only a 5 minute call. Because of my progress there isn't really much to discuss! -
Blucodex Member Posts: 430 ■■■■□□□□□□Task 2 complete and task 3 submitted. Should be ready to grab my 7th class no later than Friday. Only question I have is do I pickup Forensics and Network Intrusion – C702, Security Policies and Standards - Best Practices – VLT2, or Disaster Recovery Planning, Prevention and Response – FXT2.
I am leaning towards C702 since I am now working as a SOC Analyst. -
devilbones Member Posts: 318 ■■■■□□□□□□Task 2 complete and task 3 submitted. Should be ready to grab my 7th class no later than Friday. Only question I have is do I pickup Forensics and Network Intrusion – C702, Security Policies and Standards - Best Practices – VLT2, or Disaster Recovery Planning, Prevention and Response – FXT2.
I am leaning towards C702 since I am now working as a SOC Analyst. -
ITSec14 Member Posts: 398 ■■■□□□□□□□I'm thinking about starting this program beginning of January.
Can you provide insight on what the workload is like? Is it mainly more writing intensive or do you get opportunities for some hands on exercises as well? -
Blucodex Member Posts: 430 ■■■■□□□□□□It's all papers or tests. There is really no hands on. 5 classes requires 2-3 papers each. 4 classes are tests to pass. Then you have your capstone which I believe is a paper and presentation.
-
ITSec14 Member Posts: 398 ■■■□□□□□□□Thanks! I kind of figured it was all papers and exams being a masters program, but wasn't 100% sure as I'm not familiar with the competency based approach.
How have the papers been? Typical minimum page length or do they grade on quality over quantity? -
Blucodex Member Posts: 430 ■■■■□□□□□□C688 passed! I decided to go for C702 while I prepare for my OSCP on 10/20. Not very confident in my OSCP after taking so much time off but it is what it is.