passed CySA+

dsp2267dsp2267 Member Posts: 22 ■■□□□□□□□□
This exam was, in a way, quite different for me. I enjoy learning, and prefer learning via textbook and labbing rather than videos and practice exams. And I usually hate the usual CompTIA gamesmanship with question structure ("Which of these wrong answers is the LEAST wrong?").

My primary study tools were the textbook by Abernathy and McMillan, the practice exams that came with it, and a practice exam on Udemy. They were all good, but the textbook in particular will only get you to about 70%. Since I have a pretty broad education in IT and security, I was able to wing it on stuff I didn't get from the text. And of course I have a ton of experience with cert exams, which helps with making educated guesses.

The Pearson practice exam testbank had way too many questions along the lines of "What is the 4th step in an incident response procedure?" Reading log messages, understanding ACLs, understanding the impact of network topology on security should be the focus.

The exam itself was quite enjoyable, in a way. The PBQs were interesting, very hands-on and practical (be able to understand source and destination IPv4 addresses, port numbers, server roles, log messages, etc). Having held CCNA for the better part of a decade definitely helped.

I don't understand why the appointment was so long, IIRC I finished in about 80 or 90 minutes.

No telling how the job market will react to CySA+. I think after another year or two when better textbooks are available, passing CySA+ will be a very good indicator of value to employers, more so than Sec+ or CASP IMHO.

Comments

  • NetworkNewbNetworkNewb Member Posts: 3,298 ■■■■■■■■■□
    Congrats on the pass!
  • PCTechLincPCTechLinc Member Posts: 646 ■■■■■■□□□□
    So it looks like you already had Sec+ and CASP prior to taking this? Did you see much overlap/new material?
    Master of Business Administration in Information Technology Management - Western Governors University
    Master of Science in Information Security and Assurance - Western Governors University
    Bachelor of Science in Network Administration - Western Governors University
    Associate of Applied Science x4 - Heald College
  • spiderjerichospiderjericho Registered Users, Member Posts: 890 ■■■■■□□□□□
    Congrats on the CompTIA security trifecta.
  • roxerroxer Member Posts: 130 ■■■□□□□□□□
    Congratulations on the pass!!
  • PsychoData91PsychoData91 Member Posts: 138 ■■■□□□□□□□
    dsp2267 wrote: »
    I don't understand why the appointment was so long, IIRC I finished in about 80 or 90 minutes.

    Yeah, I was similar. Finished WAY ahead of the completion time. I think that since many of the questions required looking through a paragraph or log they may have made it longer in case you read every line. Even though on many you could look at the question, and just see the relevant lines.
    dsp2267 wrote: »
    No telling how the job market will react to CySA+. I think after another year or two when better textbooks are available, passing CySA+ will be a very good indicator of value to employers, more so than Sec+ or CASP IMHO.

    The DoD 8570 has already strongly embraced the CySA+. Much better than something like Sec+, SSCP. Plus many will already have an A+, Net+, or Sec+, being lower of the same provider.


    fJQN0rC.png
  • jwdk19jwdk19 Member Posts: 70 ■■■□□□□□□□
    I think it is a good cert. My CySA+ exam had a ton log based questions. Yes it is primarily multiple choice but you have to have some type of prior experience, knowledge of what you are looking at in the logs in order to know what is taking place and thus answer the question correctly. I like the path that CompTIA is taking with Cysa and PenTest+.

    I think the CySA+ will gain popularity in the next couple of years.
  • nisti2nisti2 Member Posts: 503 ■■■■□□□□□□
    Congratulations!!
    2020 Year goals:
    Already passed: Oracle Cloud, AZ-900
    Taking AZ-104 in December.

    "Certs... is all about IT certs!"
  • dsp2267dsp2267 Member Posts: 22 ■■□□□□□□□□
    PCTechLinc wrote: »
    So it looks like you already had Sec+ and CASP prior to taking this? Did you see much overlap/new material?

    Sure. Always keep in mind that CompTIA has been recycling exam questions for 15+ years. How many times do I have to prove that I know that SSH uses port 22 by default? And now that I mention it, during all of the numerous cert exams I've taken, only one very recent exam even mentioned the possibility that a service might use a non-default port number. IMHO, CompTIA absolutely needs to add some new questions to Sec+ on that issue.

    I'm terrible about remembering what was on exams except for the occasional stumper and the PBQs, but I would guesstimate that 25% of the questions were Sec+ level and material, 25% were CASP type managerial. What was neat on the exam (vs the textbook) was the practical stuff; ACL rules, log entries, ports and services. Since I'm current on CCNA, definitely an advantage there.

    Thankfully not too much "product knowledge" stuff like knowing some obscure application program is an IPS. Likewise I don't recall much on 27000/1/2, OWASP, etc etc. Which is why I passed; bulk memorization is not my gift.

    A last note on the PBQs; kudos to CompTIA, the PBQs ran smoothly and were easy to navigate and understand.
Sign In or Register to comment.