CySA+ Study Chronicles
So I embarked on a 14 week learning journey, with the CySA+ certification as the tangible end goal that started January 1, 2018. This post chronicles my choice of personal study resources and curriculum. It's an unproven curriculum as I haven't taken the exam yet. I do intend to score very highly on this exam though.
Why:
I've been working in information security for a bit over 2 years and have another year or so of information security related tasks experience from a job prior to that. Of the exam domain objectives, I'd say 90% of them are highly relevant to my day to day activities. I'm really amazed at how well the exam domains align with what I do at work.
As far as formal training, my degree is a generic information systems one and my formal information security training consists of the Security+ from a few years back, the eJPT, studying for the GCIH last year, and whatever I've picked up from various textbooks.
I estimate that right now I know probably 50-75% of the existing domain objectives on the CySA+ well enough to teach them. If I went into a testing center today, I might squeeze by with a pass as-is.
I don't want to squeeze by with a pass though. I have little need to obtain this cert for the piece of paper it represents from a career/resume perspective. The missing 25-50% in knowledge holes is what going after this cert is all about for me.
Initial Learning resources:
These might grow or shrink as I progress through my curriculum
Print:
The Sybex CySA+ Study guide by Mike Chapple
The material has been great so far. There are a few errors in the text and on the quiz questions. There is an errata page and I'd definitely suggest going through it with a pencil beforehand. Finding the Sybex/Wiley errata submission page is a complex adventure in patience. It's sort of here:
https://hub.wiley.com/community/support/sybex
CySA+ Certification Exam objectives
This is my ?8th? cert. Reading and rereading and rereading and rereading the exam objectives is super important and I attribute much of that learning technique to why I was able to pass the GCIH when I took no index and no textbooks to the exam center last year. I'm only a couple of weeks in and I've probably read the exam objectives 20 times collectively so far. I printed the 13 pages out and it's within arm's reach at almost all times.
NIST SP 800-115 Technical Guide to Information Security Testing and Assessment
This is the NIST pentesting guide. I might wait to read this closer to when I prep for OSCP or perhaps in CISSP preparation.
NIST SP 800-53 Security and Privacy Controls for Federal Information Systems and Organizations
There are a few other relevant NIST publications, but this one is probably the most relevant to the CySA+. I'm still not sure if I'm going to read this 400+ page guide now, or closer to next year in CISSP preparation.
Video Courses:
Udemy: CySA+ Complete Course and Practice Exam by Jason Dion
This course so far seems to take an acadamia structured approach, with some sysadmin/network admin insight perspectives thrown in here and there. It's very high quality and I recommend it based on what I've seen so far.
Udemy: Complete CySA+ - The Total Course by Brent Chapman
This course also seems to take an acadamia approach, with some DoD insight perspectives thrown in here and there. This is the All-in-One Mike Meyers endorsed video course. It's also high quality so far and I give it another recommend.
Safari Books Online: CySA+ Complete Video Course by Aamir Lakhani and Joseph Muniz
This is free with a Safari Books subscription. It feels less formal than the Dion/Chapman courses, but then it feels more personal at the same time. The material has some experienced security analyst/pentester insight perspectives thrown in here and there. I recognized Muniz/Lakhani's names from some Packt Publishing pen testing textbooks.
Labs:
CompTIA CySA+ Virtual Lab.
The lab is implemented through practice-labs.com, though I purchased it from cybrary.it and I log in through the cybrary portal. It consists of around 25 multi-part labs on live (virtualized I'm sure) equipment.
The material feels well though out and as if someone put a great deal of time into making it into a good quality product. On the down side, it can be a bit laggy. I'm probably several thousand miles away from the lab servers and latency can be an issue from my home. Plugging my laptop directly into my home router helps a bit.
I suspect that the lab guides were written by someone in which English is not his or her first language. Things like using a semicolon perfectly, but then blatantly misusing a comma are present. This is a very minor criticism though, since on the tech side the labs seem to be designed very well.
While many of the lab scenarios could be duplicated in a virtual home lab, some would be more of a challenge. For example, there are labs on a Cisco ASA firewall and an Alienvault SIEM appliance. I Look forward to these.
Study Routine:
I made a spreadsheet that mixes all the activities into a 6-day per week routine. Usually the activities are 45-90 minutes long per day, which has so far worked out to being a very reasonable 7-8 hours per week. I'll end up putting around 100-120 hours into this at the end.
I'll update this thread on occasion as I progress and or course the exam results for when I book in April this year.
Why:
I've been working in information security for a bit over 2 years and have another year or so of information security related tasks experience from a job prior to that. Of the exam domain objectives, I'd say 90% of them are highly relevant to my day to day activities. I'm really amazed at how well the exam domains align with what I do at work.
As far as formal training, my degree is a generic information systems one and my formal information security training consists of the Security+ from a few years back, the eJPT, studying for the GCIH last year, and whatever I've picked up from various textbooks.
I estimate that right now I know probably 50-75% of the existing domain objectives on the CySA+ well enough to teach them. If I went into a testing center today, I might squeeze by with a pass as-is.
I don't want to squeeze by with a pass though. I have little need to obtain this cert for the piece of paper it represents from a career/resume perspective. The missing 25-50% in knowledge holes is what going after this cert is all about for me.
Initial Learning resources:
These might grow or shrink as I progress through my curriculum
Print:
The Sybex CySA+ Study guide by Mike Chapple
The material has been great so far. There are a few errors in the text and on the quiz questions. There is an errata page and I'd definitely suggest going through it with a pencil beforehand. Finding the Sybex/Wiley errata submission page is a complex adventure in patience. It's sort of here:
https://hub.wiley.com/community/support/sybex
CySA+ Certification Exam objectives
This is my ?8th? cert. Reading and rereading and rereading and rereading the exam objectives is super important and I attribute much of that learning technique to why I was able to pass the GCIH when I took no index and no textbooks to the exam center last year. I'm only a couple of weeks in and I've probably read the exam objectives 20 times collectively so far. I printed the 13 pages out and it's within arm's reach at almost all times.
NIST SP 800-115 Technical Guide to Information Security Testing and Assessment
This is the NIST pentesting guide. I might wait to read this closer to when I prep for OSCP or perhaps in CISSP preparation.
NIST SP 800-53 Security and Privacy Controls for Federal Information Systems and Organizations
There are a few other relevant NIST publications, but this one is probably the most relevant to the CySA+. I'm still not sure if I'm going to read this 400+ page guide now, or closer to next year in CISSP preparation.
Video Courses:
Udemy: CySA+ Complete Course and Practice Exam by Jason Dion
This course so far seems to take an acadamia structured approach, with some sysadmin/network admin insight perspectives thrown in here and there. It's very high quality and I recommend it based on what I've seen so far.
Udemy: Complete CySA+ - The Total Course by Brent Chapman
This course also seems to take an acadamia approach, with some DoD insight perspectives thrown in here and there. This is the All-in-One Mike Meyers endorsed video course. It's also high quality so far and I give it another recommend.
Safari Books Online: CySA+ Complete Video Course by Aamir Lakhani and Joseph Muniz
This is free with a Safari Books subscription. It feels less formal than the Dion/Chapman courses, but then it feels more personal at the same time. The material has some experienced security analyst/pentester insight perspectives thrown in here and there. I recognized Muniz/Lakhani's names from some Packt Publishing pen testing textbooks.
Labs:
CompTIA CySA+ Virtual Lab.
The lab is implemented through practice-labs.com, though I purchased it from cybrary.it and I log in through the cybrary portal. It consists of around 25 multi-part labs on live (virtualized I'm sure) equipment.
The material feels well though out and as if someone put a great deal of time into making it into a good quality product. On the down side, it can be a bit laggy. I'm probably several thousand miles away from the lab servers and latency can be an issue from my home. Plugging my laptop directly into my home router helps a bit.
I suspect that the lab guides were written by someone in which English is not his or her first language. Things like using a semicolon perfectly, but then blatantly misusing a comma are present. This is a very minor criticism though, since on the tech side the labs seem to be designed very well.
While many of the lab scenarios could be duplicated in a virtual home lab, some would be more of a challenge. For example, there are labs on a Cisco ASA firewall and an Alienvault SIEM appliance. I Look forward to these.
Study Routine:
I made a spreadsheet that mixes all the activities into a 6-day per week routine. Usually the activities are 45-90 minutes long per day, which has so far worked out to being a very reasonable 7-8 hours per week. I'll end up putting around 100-120 hours into this at the end.
I'll update this thread on occasion as I progress and or course the exam results for when I book in April this year.
A+, Network+, CCNA, LFCS,
Security+, eJPT, CySA+, PenTest+,
Cisco CyberOps, GCIH, VHL,
In progress: OSCP
Security+, eJPT, CySA+, PenTest+,
Cisco CyberOps, GCIH, VHL,
In progress: OSCP
Comments
-
soccarplayer29 Member Posts: 230 ■■■□□□□□□□NIST SP 800-53 Security and Privacy Controls for Federal Information Systems and Organizations
There are a few other relevant NIST publications, but this one is probably the most relevant to the CySA+. I'm still not sure if I'm going to read this 400+ page guide now, or closer to next year in CISSP preparation.
Don't read this for exam prep. Focus on the other great materials you've already mentioned. If you're doing ISC2 CAP, FISMA, Assessment & Authorization (A&A) work then read this otherwise skip it.Certs: CISSP, CISA, PMP -
MitM Member Posts: 622 ■■■■□□□□□□Thanks for the post. I'm considering this exam myself. I purchased Brent's Udemy course and added Muniz one to my safari subscription.
I'll definitely try the virtual lab, -
yoba222 Member Posts: 1,237 ■■■■■■■■□□Just wrapping up week 9 and I've logged 57 hours and 45 minutes of study time, which works out to a little under 7 hours per week.
The NIST publications weren't that useful, though I did read the NIST cybersecurity framework once through. I'm really enjoying the Cybrary/practicelabs.com labs, though I bet much of the material isn't really needed to pass the exam. It's fun logging into a Cisco device for the first time in a couple of years.
I booked the exam earlier today for the beginning of April, which will be week 14. I probably could have done this exam in more like 6-8 weeks, but my current work/study/free time pace is balanced and I have enough to time for the gym 4-5 times per week in the morning this way.
Also enjoy that the exam was $220 with an .edu email instead of the full price of $346.
5 weeks to go.A+, Network+, CCNA, LFCS,
Security+, eJPT, CySA+, PenTest+,
Cisco CyberOps, GCIH, VHL,
In progress: OSCP -
yoba222 Member Posts: 1,237 ■■■■■■■■□□The exam is tomorrow and I just edged past the 90 hour mark of total study time. So that averages out to about 7 hours per week for 13 weeks. My rule was not to study the day before so I'm going to officially stop as of right now.
I feel as if my technical knowledge and abilities probably only grew by about 25%, but my confidence in what I know and can do basically doubled. Feels weird to deliberately stop studying for something.A+, Network+, CCNA, LFCS,
Security+, eJPT, CySA+, PenTest+,
Cisco CyberOps, GCIH, VHL,
In progress: OSCP -
yoba222 Member Posts: 1,237 ■■■■■■■■□□And a pass with an 815 out of 900.
Was hoping for a higher score, but this works for me considering most questions seemed to not be straightforward. The difficulty level reminded me a lot of the CCNA, in that some things just flat out were not covered in any of the official or unofficial study guides.
There were less log related questions than I expected and more snippets of HTML/JavaScript for analysis than I expected. Glad I didn't opt to memorize all the silly tenets/tiers of every framework that the Sybex questions obsess over.A+, Network+, CCNA, LFCS,
Security+, eJPT, CySA+, PenTest+,
Cisco CyberOps, GCIH, VHL,
In progress: OSCP -
stryder144 Member Posts: 1,684 ■■■■■■■■□□Congrats!The easiest thing to be in the world is you. The most difficult thing to be is what other people want you to be. Don't let them put you in that position. ~ Leo Buscaglia
Connect With Me || My Blog Site || Follow Me -
mokaiba Member Posts: 162 ■■■□□□□□□□snippets of HTML/JavaScript for analysis than I expected.
To do things like this?: https://www.hackthis.co.uk/levels/
https://www.youtube.com/watch?v=Za39tx0Vixw -
yoba222 Member Posts: 1,237 ■■■■■■■■□□To do things like this?: https://www.hackthis.co.uk/levels/
https://www.youtube.com/watch?v=Za39tx0Vixw
Cool website. I signed up.
Possibly in one of those somewhere. I mean the question would be a snipped of HTML with some JavaScript and sometimes even some SQL in it as well. Then you'd have to discern if it was an example of SQLi, XSS, CSRF, or something else. Or sometimes the HTML snippet was largely a distraction that had nothing to do with how to answer the question. They were more challenging than I expected. I didn't see anything think this is in any of the big 3 study guides.
Pretty sure reading the entire OWASP Test Guide 4.0 would have covered it, which is on my to-do someday list.
https://www.owasp.org/index.php/OWASP_Testing_Guide_v4_Table_of_Contents
There's a pdf version somewhere I can't find. I actually paid $11 for a print version. Of course spending money on a book takes much less effort than actually reading it.A+, Network+, CCNA, LFCS,
Security+, eJPT, CySA+, PenTest+,
Cisco CyberOps, GCIH, VHL,
In progress: OSCP