About Me
Today, I was able to successfully pass the CompTIA CySA+ exam. For reference, I currently hold Certified Ethical Hacker (CEH) from EC-Council and a Security+ certificate. I am currently work in web application security with the vulnerability management group. Prior to that, I was a Product Security Engineer doing DevSecOps with embedded devices and web applications.
I did have experience with CompTIA exams through Security+ ,so I was familiar with in-person Pearson proctored exams and CompTIA style ‘simulation’ questions. This did make my CySA+ experience a little less intimidating because I knew how the test would be set up. If you have never taken a CompTIA exam, you start off with several simulation questions. These questions have you actively working on a breach, SIEM data, servers, etc. You will then answer questions based off of activities performed or data present.
Review
First, I love CompTIA, they make the test experience a bit more relaxed with nice proctors and easy to understand questions. I think CYSA+ is a little bit undervalued at the moment as it is an in-depth exam. It is also a GREAT price. If you are enrolled in college classes, you also get a discount! Just for some perspective, I really hated EC-Councils CEH exam. The proctors were incredibly rude, the direction was unclear and the test was badly translated. After I passed that EXPENSIVE exam, I just about swore off certifications forever.
The one issue I do have with the CYSA+ is that security analysts and engineers generally have a specialty. We are Web Application Analysts, Network Defenders, VM, SOC, etc. There is really not one exam that fits your specialty. I consider myself to *fortunately* have at least some experience in many domains. However, I am not an expert with enterprise network security (to which I have friends that helped me with sample test questions...so thank you if you are reading this). Basically, unless you have experience doing everything – this exam is hard for everyone. I wish there was a cost effective solution for an analyst certification that fit specialized groups.
Study Materials
I did not use too much, I kept it cost effective.
First, I used the LinkedIn Learning Course: CySA+ Cert Basics. Which answered many of my threat analysis questions. This course is free if you are a LinkedIn Premium member (if not you can join for 30$ or less). This course is easy to understand and breaks it down into sections so you can skip things that you feel you are an SME in.
Second, lots of practice exam questions. WARNING – there are many available free online but be cautious!! There are many instances of incorrect answers on uncredible sources like Quizlet. It may sound cost-effective to use someone else’s notecards but trust me — they can often be incorrect and cause you to go down a rabbit hole. Try Udemy or the CompTIA certmaster practice. Despite what many on reddit think, I really found value in doing this. If you do not have CompTIA experience, this is great because it is like the test.
Tips
Ah, most importantly, I’ve compiled some tips.
1. Threat and Vulnerability Management
- Read VM scans (like Qualys) on both Network Assets and Web Application
- Understand the difference between Agent and Agentless scans (including what the results look like)
2. Software & System Security
- Understand the SDLC – I have a page here that can help define this
- Understand Agile vs Waterfall and how it pertains to the SDLC
- Look at some secure design methods, hardening, segmentation (like VLANS)
3. Security Operations & Monitoring
- Understand how a SEIM works. It may help to watch a couple of youtube videos on SIEMS like splunk.
- Understand DLP
- Understand IPS vs IDS
- IMPORTANT! Understand Threat Intel, Threat Hunting and how that is done.
4. Incident Response
- Understand what the priorities are in active attacks (What are the first steps?)
- Understand the roles and responsibilities of Management, HR, CISO, CEO, etc.
5. Compliance
- Understand the difference between Policy, Guideline, Standard
- Understand how risk management works. What are you looking for in a risk? How do you prioritize them?
Exam Breakdown
| Domains | Exam Percentage |
|---|---|
| 1: Threat and Vulnerability Management | 22% |
| 2: Software and Systems Security | 18% |
| 3: Security Operations and Monitoring | 25% |
| 4: Incident Response | 22% |
| 5: Compliance and Assessment | 13% |
| Total: | 100% |
Finally, good luck!!! I wish you all luck in your infosec journey.
Related Links
May I simply say what a relief to discover someone who actually understands what they’re discussing
over the internet. You actually understand how
to bring an issue to light and make it important.
More people must look at this and understand this side of your story.
I was surprised that you’re not more popular given that you most certainly
have the gift.
Nice blog here! Also your website loads up fast! What host
are you using? Can I get your affiliate link to
your host? I wish my web site loaded up as quickly as yours lol
It’s amazing for me to have a web page, which is useful in support of my knowledge.
thanks admin
Hello colleagues, its great post regarding tutoringand entirely explained, keep it up all the time.
Excellent article! We will be linking to
this particularly great article on our site. Keep up the good writing.
Excellent article. I definitely appreciate this site. Thanks!
Simply wanna say that this is extremely helpful, Thanks for taking your time to write this.