My ISACA CSX-P Journey
Penguineer
Member Posts: 16 ■■■□□□□□□□
Happy New Year Everybody!
I decided to go through ISACA's CSX-P course while I wait for eLearnSecurity's IHRP course to be completed. I've searched around for reviews on this course/certification and there are less than a dozen out there. I will be documenting my progress through this course/certification so that it will (hopefully) help someone decide if it's the right choice for them.
Why did I choose this course?
1. I was looking for a hands-on blue team certification from a well-known organization
2. I was looking for a course that aligned with common cybersecurity frameworks, explained the frameworks, and showed how to implement them
3. I am currently between jobs and have some free time/money set aside for training
4. I am waiting for IHRP to be completed.
Outline of the course
The course is separated into 5 modules structured around the NIST cybersecurity framework (Identify, Protect, Detect, Respond, Recover). Each module has a few Lessons that teach you about the associated NIST cybersecurity framework domain. There are 17 lessons in total. There are also multiple labs interspersed between the lessons. At the end of each module, there is a challenge lab that tests your understanding of that module.
More information about the course outline can be found on ISACA's site (can't post the link right now)
Initial Impression of the Course
The good. The content of each Lesson.
I am absolutely satisfied with the content of each lesson. Each lesson begins with a slide that shows how the lesson maps to the NIST framework and other frameworks such as COBIT, CSC, 800-53, etc. One of the main reasons why I took this course was to learn more about these frameworks and I think that this course definitely checks that box. However, I haven't seen any tool demonstrations in any of the slides. It has mostly been tool overviews/introductions.
The middle? The Labs associated with each Lesson.
The labs are good in that they show you the tools/tasks that are needed to implement the associated part of the framework, but sometimes they don't align with the slides. For example, a slide will mention tools x, y, and z, but the labs will only have x and leave out y and z. Another thing that I dislike about the labs is that it sometimes tells you to run a command without telling you why. Other times it will tell you to refer to the man pages associated with a command. I wish that they would put a video before each lab that covers each tool used in the lab in more depth.
Another thing that I dislike is how unforgiving the grading software can be. If you don't close all windows before submitting you will lose points. On the plus side, some of the labs include a walkthrough video that demonstrates each step and is useful if you are stuck or fail a task.
The bad. The lessons use a weird slide/audio player.
Each lesson usually consists of 14 or more slides that are accompanied with audio. You are first presented with a slide and the audio plays when you press the play button. There are three problems I have with this slide/audio player: 1) The audio and slides are sometimes not in sync. There is usually about 5 - 10 seconds of dead air between each slide. 2) You have the option to play the audio at 2x speed but that functionality isn't working at the moment. 3) There is no auto-play? I have to click next after each slide to move on to the next slide and start the next slide's audio. A little nit picky? Sure.
I purchased the course on December 29, 2017 and I have already finished 7/17 of the lessons. However, I read a review that said this cert is similar to the OSCP in that I would have to do additional research/labbing outside the course to pass. I plan on completing all lessons by Jan 7 and I will do additional labs/research until I take the test. I want to take the test before March 1st so that I can switch over to the IHRP. I'm not in a rush to get this cert because the whole reason for buying the course was to learn more about the frameworks.
I decided to go through ISACA's CSX-P course while I wait for eLearnSecurity's IHRP course to be completed. I've searched around for reviews on this course/certification and there are less than a dozen out there. I will be documenting my progress through this course/certification so that it will (hopefully) help someone decide if it's the right choice for them.
Why did I choose this course?
1. I was looking for a hands-on blue team certification from a well-known organization
2. I was looking for a course that aligned with common cybersecurity frameworks, explained the frameworks, and showed how to implement them
3. I am currently between jobs and have some free time/money set aside for training
4. I am waiting for IHRP to be completed.
Outline of the course
The course is separated into 5 modules structured around the NIST cybersecurity framework (Identify, Protect, Detect, Respond, Recover). Each module has a few Lessons that teach you about the associated NIST cybersecurity framework domain. There are 17 lessons in total. There are also multiple labs interspersed between the lessons. At the end of each module, there is a challenge lab that tests your understanding of that module.
More information about the course outline can be found on ISACA's site (can't post the link right now)
Initial Impression of the Course
The good. The content of each Lesson.
I am absolutely satisfied with the content of each lesson. Each lesson begins with a slide that shows how the lesson maps to the NIST framework and other frameworks such as COBIT, CSC, 800-53, etc. One of the main reasons why I took this course was to learn more about these frameworks and I think that this course definitely checks that box. However, I haven't seen any tool demonstrations in any of the slides. It has mostly been tool overviews/introductions.
The middle? The Labs associated with each Lesson.
The labs are good in that they show you the tools/tasks that are needed to implement the associated part of the framework, but sometimes they don't align with the slides. For example, a slide will mention tools x, y, and z, but the labs will only have x and leave out y and z. Another thing that I dislike about the labs is that it sometimes tells you to run a command without telling you why. Other times it will tell you to refer to the man pages associated with a command. I wish that they would put a video before each lab that covers each tool used in the lab in more depth.
Another thing that I dislike is how unforgiving the grading software can be. If you don't close all windows before submitting you will lose points. On the plus side, some of the labs include a walkthrough video that demonstrates each step and is useful if you are stuck or fail a task.
The bad. The lessons use a weird slide/audio player.
Each lesson usually consists of 14 or more slides that are accompanied with audio. You are first presented with a slide and the audio plays when you press the play button. There are three problems I have with this slide/audio player: 1) The audio and slides are sometimes not in sync. There is usually about 5 - 10 seconds of dead air between each slide. 2) You have the option to play the audio at 2x speed but that functionality isn't working at the moment. 3) There is no auto-play? I have to click next after each slide to move on to the next slide and start the next slide's audio. A little nit picky? Sure.
I purchased the course on December 29, 2017 and I have already finished 7/17 of the lessons. However, I read a review that said this cert is similar to the OSCP in that I would have to do additional research/labbing outside the course to pass. I plan on completing all lessons by Jan 7 and I will do additional labs/research until I take the test. I want to take the test before March 1st so that I can switch over to the IHRP. I'm not in a rush to get this cert because the whole reason for buying the course was to learn more about the frameworks.
Comments
-
fitzlopez Member Posts: 103 ■■■□□□□□□□Hi do you mind sharing your other sources for studying, I was thinking of giving this exam a try. I was planning on skimming thru the CySA+ and Pentest+ books and installing all the software on the CSX-P list.Cheers,
-
Penguineer Member Posts: 16 ■■■□□□□□□□fitzlopez said:Hi do you mind sharing your other sources for studying, I was thinking of giving this exam a try. I was planning on skimming thru the CySA+ and Pentest+ books and installing all the software on the CSX-P list.Cheers,
-
SteveLavoie Member Posts: 1,133 ■■■■■■■■■□So, how much did it cost you? Do you think it is worth it?
-
Penguineer Member Posts: 16 ■■■□□□□□□□I finished all of the lessons today and I'm now going to start my second pass through of the material. This week I will be reviewing the Identify.Asset Management subcategory of the Cybersecurity Framework. This subcategory maps to CSC 1 & 2 and includes the following tools:
- Nmap & Zenmap
- Wireshark & tshark
- Foremost
- Scalpel
- SiLK
- Spiceworks and SysAid IT Asset Management were also mentioned for asset management, but I might not use them (depends on how much time I have)
- NIST Cyber Security Framework 1.1 PDF and Excel document
- CIS CSC v7 Document
- Alienvault "Free and Commercial Tools to Implement the SANS Top 20 Security Control" blog post
I have used most of the tools mentioned above before, so this week should be more of a review for me. I am going to be using eLearnSecurity's labs for most of these tools. I also have a subscription to Cybrary Insider Pro and will be using any related labs that I can find.
- Nmap & Zenmap
-
Penguineer Member Posts: 16 ■■■□□□□□□□It looks like ISACA might be updating the CSX-P soon because I can't buy a voucher anymore. The "Purchase Exam" button has been replaced with "Coming Soon". I'm not really sure what to do at this point... Is anyone else studying for this exam?