Just passed CySA+. It wasn't clear from anything on the exam documentation that it was v1 or v2 but it must have been v2 since it had cloud questions which v1 supposedly doesn't have.
It was about as hard as I thought it would be- the hardest IT cert exam I've ever taken. I scored about just under what I was scoring on the practice tests. Required passing score is 750 out of 900 (83.33% if equal weighted Q)
Preparation:
- used the 650pg Sybex book and the practice test book and scored mid-high 80s range. Got the Sybex book as kindle and read on PC which was nice as you can create organized highlighted sections and flashcards. Much better (and cheaper) than paperback IMO. YMMV.
- used the MeasureUp practice tests which are borderline garbage IMO but at least they offered a different perspective and a free voucher if I failed. I won't buy anything from measureup again
- read the 650 pg Sybex book pretty much cover to cover and completed each chapter's quizzes online
- used the practice test book's 2 main practice exams (85 Q each) and scored I think about 88-90% avg between them. I could have kept going but at some point you just memorize the question/answer combo vs really testing your knowledge of the material
- Total study time was roughly 4 weeks, 5 tops. Probably took 500+ unique practice test questions across all media and, with retakes, I prob answered 1000+ test questions
The TEST:
- I only had 70 questions but perhaps #2 below influenced that since they had many parts to them that could be construed as individual answers totaling 85 Q
- The first two questions floored me- they were long scenarios with two parts that were difficult, real-world stuff. The first was 4 web servers each which two NMAP commands run against them and a screen cap of that output was presented. You were required to note if the servers had the minimum required version of apache on them and if they had the min ver of TLS on them. Part 2 of Q1 was open-ended and had 3 dropdowns where you had to recommend remediation steps to bring them into compliance (some items to address beyond what part 1 wanted).
- The remaining part of the test was a mixture of basic questions and multiple-choice answers like you'd see on a typical practice test and some log review questions that ask to interpret what type of attack or what is required as next steps
- 2 linux command scenarios and 1 powershell question
- I had plenty of time for test with about 3hrs given and finished about 2hrs in, taking my time, marked prob 20-25 questions for review. Reviewed those questions and then did a complete pass through the entire exam 1-70. @ 25min remaining ended the exam.
My 2c:
All the test prep material went into a lot of detail on SDLC models and test methods, Sec/Risk frameworks, and asked too many questions that were rote memorization like what step comes after step 3 in this risk model. The Sybex book rightfully has labs and asks you to download and run the tools like nmap, tcpdump, Nikto, etc and the exam had probably 10 examples where they wanted you to read a firewall/SEIM/Router/tcpdump/wireshark logs and interpret it. If you haven't used the tools and become familiar with reading the logs, you probably won't pass.
ISC2 recommends minimum 4 years of hand-on experience prior to taking the test. I tend to agree; it's a very hands-on, technical test that without that level of experience or
extensive lab work for those without it, it's unlikely they would pass.
Best of luck to anyone taking it.
On to my CISSP prep!
