CySA+ Beta Exam

sephiroth66

Woohoo! 🥳
I just registered for this (taking on the last day available 1/9/2020.. lol) so we'll see how this goes.
This is one I wanted to have under my belt eventually, and you can't beat that price!

I'm assuming I should probably study the current test plus the new domains as much as possible?
I know this probably isn't meant for new takers, but I do better under pressure anyways. 🤷‍♂️

PC509

Just got back from it. It's one that requires some thinking (ports, source/destination, data types, etc.) as well as thinking about the various situations. Some questions have a word in there that can change an answer. I loved the simulations and am very sure I nailed every one of those. Many of them aren't just a "What's this?" and you have a-d. It's much more applied knowledge, which I like. 

All in all, it was a great test. I feel that it really encompasses what it's aimed for and for a Cybersecurity Analyst role. I think I did well on it. 

JDMurray

I just took the CySA+ beta too. I took a little under two hours. (You are given 190 minutes to complete 95 exam items.) This exam is just about what I did as a SOC analyst in a very large corporation and what the security analysts I manage do now.

The sims were first and they were fun and familiar to people who troubleshoot networks using tools and logs. There were also a lot of exam items about how business and security operations decisions are made. It's really good to see these types of items. I'm still pondering how someone would study for (or teach) for these types of process scenarios.

A lot of exam item stems were very long and somewhat tedious to read just to find the bits of information needed to select the correct answer option. I wasn't happy with the vague wording of some items and felt some didn't have enough detail for me to confidently select the correct answer. Anyway, I had fun with the first 50 or so and the last 20 or so were just a blur.

Here are some non-NDA-breaking tips:

• Know all the acronyms (what they do and are used for) in the CySA+ beta exam objectives. 
• Know the native Windows and Linux tools used for network recon, troubleshooting, and working with log files.
• Know how to read the output from these tools including a few very popular 3rd-party tools listed in the objectives. 
• Know all the standards, frameworks, and procedures (for Incident Response, Digital Forensics, Vulnerability Management, etc.) listed in the objectives too.
  
• As someone else already said, "Just learn all the stuff in the exam objectives and you'll do fine."

jwdk19

Agreed. Some of the wording was confusing and a little difficult to know what they were asking for. I loved the Sims. Very relevant to the role of a Security Analyst.

wogmail

Took it today, the sims were a lot of fun.  Some questions regarding incident response I felt like there wasn't a "right" answer.  It took me a little over 2 hours, but I took my time and was just taking it for fun.  

Ertaz

Looks like the sims are well received.  I hope the ones I helped with made it in. 

bigdogz

@JDMurray
Thanks for the information!

FluffyBunny

JDMurray said:

I just took the CySA+ beta too. I took a little under two hours. (You are given 190 minutes to complete 95 exam items.) This exam is just about what I did as a SOC analyst in a very large corporation and what the security analysts I manage do now.

Many folks here often provide very useful information and support, but you are just about always a shining beacon JDMurray

Thank you for being consistently awesome. 

JDMurray

FluffyBunny said:

Thank you for being consistently awesome. 

Whoa, thank you! 

FluffyBunny

JDMurray said:

I'm still pondering how someone would study for (or teach) for these types of process scenarios.

The reason is probably what I also said about PenTest+: it relies upon you actually having done this particular job for a while. It's not just down to studying, it's down to experience. Soooo I'm doubtful that I'll actually pass the test, because I've never done security incident response Lots of security stuff, but not this. 

EDIT: Looking at the objectives, it reminds me a lot of the CFR-310 beta I took a year ago. I managed to snag that one, so maybe there's hope for me On the other hand, I did just get an email a few weeks ago saying that CFR-310 had kind of lost its accreditation.

JDMurray

I've never known anyone who has a CertNexus certification or an employer or contract that required one. Their CFR-310 page shows the cert being certified ISO/IEC 27014. CFR is also on the DoDD 8570 list. The CFR cert has only been out one year too.

FluffyBunny

JDMurray said:

I've never known anyone who has a CertNexus certification or an employer or contract that required one. Their CFR-310 page shows the cert being certified ISO/IEC 27014. CFR is also on the DoDD 8570 list. The CFR cert has only been out one year too.

I took the beta-exam for sh*ts and giggles, because I really enjoyed the PenTest+ beta-exam. So... It wasn't a great experience, the exam was "myeh". But I enjoy betas, for fun and the challenge.

Anyway, I received an email from CertNexus a few weeks ago, which included the following:

As part of an effort to make taking our certifications easier for our customers, CertNexus delivered the beta exam and several live exams via an online proctored platform, called Examity. Unfortunately, this delivery method did not meet ANSI’s requirements under the standard, and any examination that was taken through Examity will not be acknowledged by ANSI as an accredited certification.
 
What does this mean for me?

• Your CyberSec First Responder (CFR) certification is no longer valid as an accredited certification—though it is valid as a non-accredited certification.

tahjzhuan

Was told that current CFR-310 holders could take the newly accredited CFR-310 (and a retake) for no additional cost. Passed that Beta, but ended up skipping the Pentest+ as I had no pentesting experience. Taking CySA+ Beta Saturday.

FluffyBunny

I sat the beta this morning. Here's my review of the whole thing.

TLDR: It's a solid exam, with challenging questions that manages to test for real experience and insights. I enjoyed most of the PBQs and didn't find any of the questions frustrating (except for one whose wording I found overly complicated). 

tahjzhuan said:

Was told that current CFR-310 holders could take the newly accredited CFR-310 (and a retake) for no additional cost.

Thanks for pointing that out. If I have spare time, I could consider re-taking the exam. But it's certainly not anywhere on my priorities list.

tahjzhuan

Took the beta Saturday and agree 100% with the TLDR assessment. My experience was much more enjoyable than my CS01-001 attempt. Not sure if I passed, but will study for this when the material is available.

scaredoftests

what are 'pbqs'?

shochan

performance based questions, basically having to configure/drag n drop types of questions instead of multiple choice

bigdogz

...that's multiple guess!

FluffyBunny

bigdogz said:

...that's multiple guess!

Not at all. 

The "simulations" have you go over different sets of data and entering your interpretation into multiple fields. There's no guessing, you have to come to specific conclusions and type out your answers. 

Maybe you were joking and I'm taking you too literally

bigdogz

FluffyBunny said:

bigdogz said:

...that's multiple guess!

Not at all. 

The "simulations" have you go over different sets of data and entering your interpretation into multiple fields. There's no guessing, you have to come to specific conclusions and type out your answers. 

Maybe you were joking and I'm taking you too literally

Correct... I was just joking.

shochan

usually anything from Borat, is joking...lol

scaredoftests

Just took that exam today. I 'think' I did okay.  Now the waiting part. 

bigdogz

I took the exam today as well. Now I wait fir the email.

scaredoftests

What did you think about it @bigdogz? I thought there'd be more simulation.I got only 4.

JDMurray

1/9/2020 was the last day to take the CySA+ beta exam. I know two people who did on the last day and they both said they had four sims as well. Of course, this fun fact has no bearing on the content of the actual CySA+ 002 exam.

scaredoftests

oh was yesterday the last day? 

Ertaz

scaredoftests said:

oh was yesterday the last day? 

Yep.  I'll be in Downers Grove for the cut score workshop the week of the 27th.  

bigdogz

scaredoftests said:

What did you think about it @bigdogz? I thought there'd be more simulation.I got only 4.

I only had one. It was a little more involved but it was rather easy. I felt myself looking a little deeper for the answer when it was a simple solution. I solved this by looking at the question, the answers, and the scenario. I found it easier to answer the questions correctly with more focus.

I had to fill out a survey that was approximately 15 minutes which I thought was rather lengthy. At times I thought that was tougher than the exam LOL!!!

scaredoftests

Yes, I hate those surveys.

shochan

yeah, I took cysa+ beta on 9th...I had 4-5 pbq's on mine, they were a whole lot better than pbq's on CS0-001 exam...I actually felt like I passed the beta, but who knows, we shall see sometime in April.