Passed CySA+

Deáthmáge85

Passed the CySA+, onward to CASP, then back on the VCP6-CMA and VCP7-CMA bandwagon.

nicolettean

Congrats! What did you use for study material?

Spread Love

Congrats. Can you please elaborate how you prepared. Thanks

Deáthmáge85

Spread Love wrote: »

Congrats. Can you please elaborate how you prepared. Thanks

Official Study guide by Synex, Udemy Videos, a $180 used Toshiba laptop from ebay with a 240GB SSD w/ Kali Linux on it with wifi pinapple, alfa network board, hackrf one, ubertooth one, metasploit, wireshark, nmap, nessus, and then a bunch of exploitable VM's I found on the OSCP forum. Then I just hacked into all of my IoT's and my wireless, the VMware lab, customer networks (with permission) to see what vulnerabilities they had.

The exam really pooled more knowledge than the book could teach though, really was meant for a security guy who knows systems, network, and virtualization to be able to decode some of the questions.

But I'm onward to CASP, and after reading a few pages glad I took CySA 1st, a lot of overlap and a lot of more in-depth discussions.

PsychoData91

Jeez, sounds like you're probably about ready to try Pentest+ too

Deáthmáge85

PsychoData91 wrote: »

Jeez, sounds like you're probably about ready to try Pentest+ too

Maybe I will. Gotta pass CASP 1st and then take VCP7-CMA.

DAVIS NGUYEN

Congrats!

GeeLo

Congrats on passing! I have CySA+ also.. it's a good one. All of that blue team SOC related goodness

roxer

Congrats on the pass!!

Markos4

Deáthmáge85 wrote: »

Official Study guide by Synex, Udemy Videos, a $180 used Toshiba laptop from ebay with a 240GB SSD w/ Kali Linux on it with wifi pinapple, alfa network board, hackrf one, ubertooth one, metasploit, wireshark, nmap, nessus, and then a bunch of exploitable VM's I found on the OSCP forum. Then I just hacked into all of my IoT's and my wireless, the VMware lab, customer networks (with permission) to see what vulnerabilities they had.

The exam really pooled more knowledge than the book could teach though, really was meant for a security guy who knows systems, network, and virtualization to be able to decode some of the questions.

But I'm onward to CASP, and after reading a few pages glad I took CySA 1st, a lot of overlap and a lot of more in-depth discussions.

do you think all you learned was required for the exam?? I am asking because I know people with no experience who have sat for the cysa+ exam and pass it after reading 2 cysa books and taking a practice test

Silverquick

Markos4 wrote: »

do you think all you learned was required for the exam?? I am asking because I know people with no experience who have sat for the cysa+ exam and pass it after reading 2 cysa books and taking a practice test

Then they got lucky and got an easy test.

I just passed it too with a 820, but most people are scoring in the 760-790 range and barely passing. Out of 3 books and 2 online courses only about 20% of any of that was on test. But that has to do with how the test works. You can't "memorize" your way through this one. You have to actually know and be able to understand enough to both make recommendations... AND outright find actual hacks and attacks in code in the logs.

You can't learn that from any of the courses.

Like people hacking you with Linux tools and base OS, to things like java or http web code, and hidden within it is a SQL, LDAP, or XXL attack. To IDS entries that say one thing, but actually are doing another, etc...

Finding false positives, and false negatives in a Vulnerability tool, etc.

This stuff is really in the weeds stuff.

For the record here, I actually have a friend who obtained answers to some of the CASP things, I could answer those off the top of my head without any study...

CYSA+... study didn't help much, you either knew it or you don't, and none of the current courses can teach you that.