I am happy to announce I have taken and passed the examination for the CYSA+ examination. While I should be relaxing I’m finding myself in the typical position of being unable to shake the feeling I should be doing something productive so inspired by an article I read during my preparation for this exam I’m going to dive into how I studied, practiced and prepared.
Theory
This is a big one since at it’s core the CYSA+ exam is predominantly a theory based exam. Sure I learnt that you can secure cloud access using a CASB or an effective method of defending against a DDOS attack is by implementing a sinkhole, the exam doesn’t ask me to set up or configure them.
From my Security+ qualification I already had a pretty strong theory foundation, however the CYSA+ exam stepped it up. A lot more ambiguous, scenario based and log based questions.
I started by watching the entire CYSA+ course by Jason Dion from Udemy. This wasn’t a small task as the course has over 32 hours. Some areas I found myself already familiar with while some others were totally new. CompTIA exams tend to be content packed so rather than creating my usual question list I attempted less of this and only covered areas I wasn’t reasonably certain with. This reduced my overall question list from 1000+ to around 500.
From there I started the process of continually reminding myself about each unfamiliar concept while moving onto practice exams. I bought the CYSA+ practice exams, again from Jason Dion and went through each exam in intervals. I found these relatively unhelpful as Jason likes to cover things in excruciating detail and while I agree with the concept of knowledge-in-depth the exam is too broad to be able to spend time learning Regex or memorising the breakdown of each NIST security recommendation. In these exams I typically scored around 66%, performing well on definitions and struggling more on scripting, scenario based questions and Software Security.
So back to the drawing board, covered my notes again and went into detail in some more specific areas I’d overlooked. Examples of random snippets covered here included that C+ has functions susceptible to buffer overflows, he string command can be used in reverse engineering.
At this point I would be remis not to mention my bible during this section. The CYSA+ 002 study guide by Mike Chapple became my go to resource when looking up things I didn’t understand or needed reminding of. I didn’t read it cover to cover, I don’t have the attention spam for that but I did read a good chunk of it in stops and starts based on questions missed.
The next go to was the accompanying question bank from the Sybex study guide. 450 odd questions covered in the space of a couple of weeks. Then finally I took the practice exams by MeasureUp with another 300 odd. Doing this and by checking the study guide on each incorrect answer led me to be relatively confident coming up to the big days.
Practical
As you have hopefully seen from this site I like to get into the thick of things and I did the same for this.
My previous articles and practice from Security+ had me relatively confident with my basic Linux and any nmap questions were a breeze.
As part of my course I had access to livelabs where I was able to practice a variety of cybersecurity practices such as vulnerability scanning, patching, IDAM and others.
From there it was simply tryhack me and I’ve also had the opportunity to practice this within my organisation. With the rollout of Windows Defender endpoint protection I have had the opportunity to integrate cybersecurity as part of my job.
Conclusion
While its taken a lot of time from practice I am happy to have undertaken and passed the CYSA+ course. The examination was difficult and one of the most intense periods ever, however the knowledge passed has been a massive boost.