Everything You Need To Know To Pass The CompTIA CySA+
Vložit
- čas přidán 25. 07. 2024
- Hey Guys, I'm super excited to announce that I passed the CySA+ on my first attempt with a score of 823! In this video, I'm going to tell you how I did it!
Resources I Used:
amzn.to/2K3Z10f Sybex CySA+ -Study Guide
amzn.to/2YMxYek -Practice Exams
pluralsight.pxf.io/WPQAM - 10 Day Free Pluralsight Trial!
Check out my post where I break down the key differences between these two exams!
cybercareerschool.com/comptia...
EXAM LINK certification.comptia.org/cer...
Exam Objectives
Identify tools and techniques to use to perform an environmental reconnaissance of a target network or security system.
Collect, analyze, and interpret security data from multiple log and monitoring sources.
Use network host and web application vulnerability assessment tools and interpret the results to provide effective mitigation.
Understand and remediate identity management, authentication, and access control issues.
Participate in a senior role within an incident response team and use forensic tools to identify the source of an attack.
Understand the use of frameworks, policies, and procedures and report on security architecture with recommendations for effective compensating controls
Topic Overview
Incident Response
Forensic Tools
Incident Analysis and Recovery
Secure Network Design
Managing Identities
Security Frameworks
Cybersecurity Analysts
Reconnassiance Techniques
Security Appliances
Logging
Vulnerabilities (Managing and Remediating)
Secure Software Development
Job Roles
Security Analyst
Security Operations Center (SOC) Analyst
Vulnerability Analyst
Cybersecurity Specialist
Threat Intelligence Analyst
Security Engineer
Congrats on passing the CYSA+! This is the next certification I have in line for myself. I totally understand that suspenseful feeling before hitting the submit button and then the overwhelming joy to see the "Congratulations! You passed the ___ exam!" Best feeling ever.
Hi Colin, Thanks for taking the time to share your thoughts with us. Good luck with your career, though with your mindset and approach, I don't think you too much luck.
Congratulations! I just passed the Security+ a couple weeks ago and I'm going for the CySA+ next. Great video! I appreciate the tips! Looking forward to more videos, keep up the great work! -James
Thanks for the tips. Your cert videos are very helpful
Thanks for referencing my course on Pluralsight!
Congratulations! Hard work pays off, really inspiring! Keep posting my friend, your channel will grow like crazy :)
Thank you for this! The online question bank came in the clutch!
I passed the Cisa a week ago. I am so excited to get this achievement after passed my Security+ in May this year. Two certificates in 2020 is a dream comes true for me. Thanks God for that. Thanks for your feedback, information, and advice. It was very helpful to prepare both exams.
impressive score! taking mine July
CONGRATS Buddy! Your video helped me to get courage in taking SEC+ (I passed at first attempt few months ago). I have no experience or a degree in IT. Currently going through a short training on IT fundamentals/Cyber Security concepts (through a Govt funded program). Was wondering if you can reflect on getting into CySec career (remote) or how having SEC+ can help someone getting into Business Analyst fields.
Happy for you!!! Just passed my Security + today and I’m debating what to do next
Passed my today too and my next move is CySA+...I recommend you do the same
Congratulations my Brother!!!!
I'm planning to take mine again around the summer.
Score 823 is massive, congratulations. I Just passed security plus this WEEK, and I am going to begin study and grab material for CySA + right now.
Thanks man for the tips, I took security plus last year and it was super tuff. It was tuff because I no exp at all and that's the first exam I took. I failed the first time by one question went back home studied again for another 2 weeks, went back and passed it by one question lol. In that year I have gained a lot of knowledge, iam taking this exam with my cisco exam before December before I graduate from college. Now that I finally hit my cyber security courses everything makes a lot more sense. My advice if I had to do it all over again, start with A plus, go to Network plus. I would not recommend paying for the certs I would in fact just take a few practice tests and leave it at that. Than I would take the security plus and study every section in detail. Than move on to cysa, cisco ccna. From there you basically just wrote your own ticket, for me personally it will be landing a job and than taking CEH after 2 years and go full time into pen testing.
Lol bro I both love and haaate the pressure of my colleagues knowing I’m writing an exam. Thank you for this video my G
Pluralsight is God's gift to this universe
Congratulations! I've been a Cyber Security Analyst for a few years now. I'm glad you mentioned that ppl should study to know. I work with a few folks that are great on paper and absolutely horrible behind the keys. Good mention!
Hah, that's me. It's a terrible feeling.
I passed my sec+ 2 months ago and holy shit I know what you mean as far as being 20 questions in and thinking I failed this test
Danny Upton similar to network+ For the most part; I failed the Sec+ 2 years ago but recently passed the Cysa
I took my security+ this past weekend and thought I failed about 15 questions in and ended up passing 777/900
@@ace-x6m me too
Congratulations Colin! I'm eye-balling this exam now that I have Sec+ completed.
Awesome, congrats on your sec+!
Thanks for sharing!
Just bought the study guide, over 500 pages, hoping it helps for my exam coming up soon!
Nate O'Brien did it help?
@@MsOmgnowai2 no
Congratulations on the pass! I am studying for this right now with the Sybex book and Jason Dion course. I passed CEH and Security+ a few months ago.
What did u use for security plus and ceh
@@FBADC89 his brain
@@FBADC89 Use Jason Dion course for Security+ on Oreilly (for free for 10 days) and you will be fine.
I am here to tell you CEH is way harder than this cysa so your going to do well
Congrats bro - I got my Security+ this week as well. Good info for next steps.
Are you planning on taking the Pentest+ too or are you going to go another route/CASP next?
+1 for this. i wanna know as well.
I read when there's a big typo it's more than likely that's it's a "none credited question". They do this so they can see what they would include for a future test.
Colin I took the same exact exam you did. I remember the typo on the third simulation question. The server names did not match the IP addresses and one of the machines was missing the last IP number. Passed the exam regardless though . I told the exam lady and she said she will contact CompTIA. What’s weird is I also got a 823 .
Good for you.
Could you suggest me to how to pass it? I need guidance please
Congrats! Taking mine in a week hopefully! I also didn't know you could see the questions online! What cert are you looking at now?
@@ContractHacker hey Colin! Miss the videos. Are you still working on OSCP and HTB? I passed my CySA and have been studying for PenTest+
Good job!!! Whats your next step?
Congrats
Colin I'm really happy I found your channel. What study material would you recommend for a+ certification?
Hey John, If your not familiar with professor Messer I would look him up. He has some of the best videos out there. That's a great start
@@ContractHacker thank you Colin
@ColinKelly ever thought about taking the OSCP certification? It's super hardcore. I plan on taking it this year, but I know most people fail their first time even experienced professionals. So it's gonna be a challenge.
@@ContractHacker you would definitely have an upper advantage over the bad guys. The best way to stop the bad guys is to think like one. Although, the OSCP is extremely hard I think you can do it. More than 90% of IT professionals fail it their first try but pass it their second try. So don't feel discouraged if you don't pass it your first try.
I just got my A+ certification, and I thought I failed both tests. :) So I guess this might be more common.
Hi Colin, thank you for making informative videos. What do you think about the CISSP cert?
CISSP is arguably the most sought after certification in Infosec field, requires 5 years work experience and you need to submit proof of employment to write. You can write and get associate cert but you need to submit proof of employment within 6 years after getting associate or it becomes null and void. It is a difficult and thorough certificate for experienced security field individuals to prove their skill and round off knowledge.
@@Harkenzo Thank you for your response!
If you don't mind me asking, how long did you actually study for? I am trying to get a reference for an average amount to recommend peers. I understand that folks are different but just curious for your individual situation. Thank you so much for the information!!
Focus on the education, keep getting better at teaching others from experience. Learning tube is huge and this is useful
I was getting 90's on measure up practice test and read the McGraw Hill Book. Unfortunately, I didn't pass the exam and got a 730 which is an 81.1 percent. The majority of the questions where logs, logs, and more logs. First 5 questions of the exam are always simulations. Even having another technical certification from my college which requires you to do write ups on malware analysis, digital forensics, and more was not enough to pass this test. But I will try again soon!
Congratulations, how long did it take for you to prepare for it?
Can we do this certification without industry experience or without being in a current security related job?
What are my chances of landing a good paying SOC position with my A+ Net+ Sec+ and CySa+
how many PBQ's and logging questions did you get and what was your final score?
how long did u study for it?
Do you feel that the labs found in the Cybex CySA+ study guide properly prepared you for the exam? Did they help prepare you for the performance based questions?
What is the link to access the online Wiley resources?
about how long did you study? just passed sec+ with a 805 and want to go for Cysa before Version 1 expires
What CYSA book do you recommend to get. ?
Nice stuff Colin, Keep it coming! I plan to tackle CySA+ next very soon but also debating tackling Linux at the same time. Did knowledge of Linux help you or would have helped you attain and better understand the material in CySA+?
Hi Collin. Congrats on passing the exam! Recently passed Sec+ and thinking about pursuing this as my next cert. They said the beta exam has ended and the new version of the exam will be out in April so my question was do you think I could use the materials that are out now to start my preparation or wait a few weeks and get materials that line up with the new exam?
Dude, you're not wrong about that survey. I'm shaking every time (A+, Net+ and Sec+). I'll be taking the CySA in about a month. Probably be shaking then too. 😣
How many months did you study and how many hours per day?
I just took this particular CompTIA exam yesterday, and I did pass, but between the Security+ and the CySA+ exams, completely two animals! Security+ is very basics of cybersecurity and considered entry level, but the CySA+ is more like a high intermediate or low level expert. My recommendation is know about encryption, how that works with the proper protocols and know how to read the logs are presented to you. The simulations I found them to be pretty difficult, only cause you need to read them real closely and know what the question is asking you to find as the correct answer. Good Luck to all!
Colin, what part of the country are you in?
Literally, All I did to pass it was I took the online version of the sybex 1000 questions. I set the questions to 80 questions and Kept taking them until I was scoring over 80%.
when they give you the survey does it count as your time for test. ? I didnt know if it was when I was doing sec+ and was really scared to see if I was accountable . I cant ask question and cant talk to anyone at the test.
Hey David, luckily for us the survey comes after the exam has officially ended. Also one important thing to note about the CySA+ is that I felt that I was a lot less stressed for time than I was during the security+. Good luck!
Dude, when you study for cysa+ then took the exam! Is anything related to security and network +. I’m thinking go for cysa+ I have work IT experience little
It will get you through the door having the Cert even if you don’t have IT experience; especially if you’re looking for a job as a SOC analyst
But; try to build your IT experience as much as possible in the mean time; understand how everything works.
Having experience with the content makes the CYSA much easier; it may be too much if you don’t have experience
Just got my MS in Cybersecurity and Information Assurance. I'm going to start on this. Is two months of hard study good enough to go for the test?
Absolutely - since you already have your MS in Cybersecurity.
Hey bro there is a new cysa+ exam coming out in april 2020. My question is should i wait to take the new cysa+ exam or take the current one even if it expires next year?
The CS0-001 can be taken until October 2020. I think it's up to you whether or not you'll be ready by then.
I have the SSCP from isc2, should I go for the Cysa+ next or just buckle down and pay the 1200$ for the CEH? Or should I go back and get the Sec+ since noone in HR really knows what the SSCP is?
Edit- I only have 1.5/2 years experience otherwise I'd go for the CISSP or CISA.
I do a lot with compliance, and risk frameworks, but would like more technical skillset
Congratulations! also, oh my god the survey part is the worst.
Hey, I'm new to your channel
For someone just getting into IT with no IT work experience. Which cert would you recommend if my goal is to get into cybersecurity
Network + for sure. You have to understand how computers talk to each other if you want to work in the infosec field. Think of it as climbing a mountain. If you can climb a small mountain, then bigger mountains are a possibility. If you can't climb a small mountain, then maybe mountain climbing isn't for you. There are some great resources on CZcams to help you pass the Network +. Professor Messer: czcams.com/video/IErQm8wsaxg/video.html
Also Mike Myers:
czcams.com/video/WM9WV-NpDXw/video.html
@@nickgomes9370 thank you for this information! I really appreciate your response
@@nickgomes9370 - And Mike Chapple for Security+ helped a lot.
Lord of the Jungle that book helped me passed that test with a breeze
Have you taken the Network + exam
I am NOT looking forward to taking this exam, the school I am attending will be going over this exam, starting June 26 and I will be taking it about Sept 21st, so the course of study for this exam is about 12 weeks, but dam, this course and two additionally courses over two term. I am not sure if 12 weeks is enough time. I am expecting to take my SEC+ or or about June 20th or later, have about 7 weeks later for that exam. Do you think 12 weeks is enough?? I am only getting them, since there are offered as part of the program.. Shooot, $30K for an associate degree with SEC+/CySA+, I was already A+ and Net+, so I convinced them to purchase me Cloud Essentials and Cloud+, but still waiting on that, these I will take much later in the year.
Hello Collin, I am currently majoring in Information Science & Technology. I want to work in the cyber security field, either as a cyber security engineer or analyst. Do you recommend going straight for the CySA+? Or should I get the Security+ first? Ultimately I want to get the CISSP.
I work as a cyber security analyst currently. I will be honest. Security+ is best to help you get in the door. Some (not all) IT managers will wonder why you have a CySA+ and no job experience. Not saying that you won't get a job. Just be ready for the question. Also, with a CySA+ more may be expected of you.
Hey bro what route did you end up going?
I work as a security analyst for about 5 months, while still studying at uni and no certifications. I'm taking the cysa+ without taking security+ first (as adviced by my company). I believe that's due to security+ being too Introductory (everything in the syllabus was covered by my uni courses), so if you know the basics of cybersecurity and networking I'd advise you to go straight to the cysa+. Good luck!
the typo is still there. just took this test yesterday.
Can i really get into IT at 59 years old i want to take the exam i have a bachelors in information security will this help me???
It is never too late to begin and achieve your dream. Stay focused and avoid unnecessary distractions.
Yes. Your Bachelors degree will definitely help you.
Hells yeah you can. Do it my man, let nothing hold you back
I'll be honest, you're going to have to work really hard
Which certification would you recommend after the CySA+ so as to keep the same path of sec analyst?
Pentest+ I'm currently studying for the CySA+ and noticed "according to the study guide" that cybersecurity analyst can be tasked with conducting vulnerability scans against there cybersecurity networks looking for exploits to better enhance the defensive structure. Anything in pentesting seems logical.
Pen test+ and then CISSP and OSCP
CISSP because of its industry recognition and OSPC because it shows your live hands on skills
Most recognised Cyber Security Analyst-specific cert is the SANS SEC-503. It's open book, so it's all about making a thorough and complete index.
As @
Lawrence R mentioned, SANS SEC503: Intrusion Detection In-Depth "GIAC Certified Intrusion Analyst (GCIA)" has been one of the highly valued Security Analysts certs, and Colin mentioned SANS SEC511: Continuous Monitoring and Security Operations "GIAC Continuous Monitoring Certification (GMON)" which is great, and one I have. All of this really depends on what route you would like to take, are you interested in being Red Team(primarily Pen testing) or Blue Team(Actual SOC Analysts)? I'm Blue Team, which is far more challenging than Red Team. SANS makes a lot of great courses and certs, but they're also the most expensive and really out of reach of the average person that doesn't have an employer subsidizing their training. In the end you don't want to go cert crazy and get everything under the sun, you will be lost in a sea of CPE/CEU credit renewals and annual dues fees that will drive you crazy, especially if they span a multitude of companies. Most of the Analysts within my organization have let many of their certs lapse for this very reason, especially those that had Cisco certs(which require retesting regardless) & even many that had CEH's. Not discounting the value of any of those certs, just saying in the long run you might not care and will focus on renewing the relevant certs for the specific job you find yourself in. I've been doing this for 16 years and am a Sr.Cyber Security Analyst for one of the big telecom's and I only have Sec+ and GIAC (GMON), and a lapsed Sourcefire (SnortCP), though I will be taking SANS FOR578: Cyber Threat Intelligence (GCTI) in a couple months. I can tell you this, when we do job interviews and we are presented with several candidates where a couple have resumes loaded with certs all over the map but no security experience, and a couple with just one or two targeted certs relevant to our job role and also no security experience, we will lean toward the targeted certs. Obviously other factors play a role, such as attitude and character, and other things like military background can play a large role in selection.
I PASSED!!!!!! Ahh I'm so happy!
What did you use
Began studying for security plus about 3 and a half weeks ago and took the test today and passed with 794. Looking to start studying for this cert as well.
Damien Riven how did you study for the sec+ in 3 weeks and pass?
Allen H 7-11 hours a day of studying. For 5 days a week and 3-4 hours on a weekend.
Damien Riven how did you study for 7-11 hours a day I can only get up to 2 hours.
Damien Riven what’s your study method?
hey Colin how old are you ???
What do you think of the cissp a coworker told me to do that after the security +
You will need 5 years experience and a cosign from someone that is already certified to take the CISSP. By your 5th year in the industry you'll probably have more than the a Sec+ under your belt.
Yeah, don't jump from Sec+ to CISSP. There was a time that CISSP was the gold standard for Cyber Security, but as Colin stated it's always been a "Management" cert that a lot of folks jumped on to try an prove their savvy, or pad their resume. The CISSP is known as being a mile wide and an inch deep, the domains covered are not deep enough in nature to be very useful to the average SOC analyst. It's also a pretty expensive and long test, and notorious for being very complex with 4 of 5 answers being right but you needing to know the "most right" among them. If you're interest in (ISC)² certifications that are SOC useful I would suggest SSCP, which is only slightly harder than Sec+ but typically holds a slight advantage prestige wise. And above all it's inline with SOC Analysts job roles.
Gosh let me finish the Sec+ first!! It is challenging 🥺
Read the book by Darril Gibson, utilize his online resources and then watch all the videos from professor messer. It was super helpful for me and I passed it yesterday with an 817. You can do it!
@@dsatt13225 hello sir. Was it more technical part question?
I failed security+ twice. On the 3rd attempt I decided to read Darrell Gibson book and passed with a 760.
Colin Kelly lets start a CyberSecurity firm, using SIEM as our SaaS. In all seriousness
Can someone go for the CySA exam without having the security + certification
Yes but unless you know your material it is not recommended
Where shall I start off at ? A+ or sec A+ ?
It depends on your comfort level. Start with A+ if you're not familiar with computer hardware, how a computer actually works, etc. If you're already comfortable with these topics, then go for sec+. I went straight into sec+ without a+ and passed my first try. Flip through some a+ material and decide from there.
Do I need to know how to code for cyber security?
@@ContractHacker I'm looking at careers as a analyst. Also not sure if I should take all CompTIA certs or something else
Emphatically NO. But having a basic familiarity of various languages (Python, PHP, Java, JavaScript, C++) is helpful, especially when doing packet analyses and deeper dives. It can come in handy if you're crafting specialized IDS signatures or Splunk queries.
Not sure if this questioned was asked but did you use any virtual lab resources?
I did not really do any cysa+ specific labs
@@ContractHacker Thanks for the reply. Just wondering if it’s needed to invest in Cybrary or other virtual labs to pass the exam.
@@excessbeats7805 Testout has a course for CYSA know.
Cant decide between the CySA+ and the Security+? Check out this article where I break down the key differences. cybercareerschool.com/comptia-security-vs-cysa-start-here
I want to take my CYSA but I think due to where I live Linux+ will be better.
why CySA+ ? why not other advanced certifications like GIAC Security Essentials or some Cisco certifications?
CompTIA is vendor neutral and covers much more topics. Cisco is more towards routing and switching and of course, Cisco related. It depends of your career goals I guess.
@@jocamp5 Is it good to be vendor neutral?
Regarding your point about the typo in the exam, that's certainly nothing new. All four CompTIA exams I've done were full of typos. I remember the A+ exams (2010) in particular avoided the use of possessives all together. Something like 'the dog's mat' would be 'the dogs mat'!!!! That's really unprofessional. Why don't they just hire a decent proofreader?
It took me 2x to pass Sec +. The way CompTia words questions is like nothing I've seen before lol
My Cysa exam is tmrw
@@ContractHacker Passed =)
Where’s the content you promised us in the beginning of the vid?
Colin Kelly lol Ard cool
Ai?
The surveys for comtia exams are the worst
Just passed the CySA here.. 815
Some of the questions are so wordy and convoluted lol.
What I Did when I was studying was I studied the answers made sure I knew the definition and how the answer applied to Cyber security and then read the question After. This made it so when I made it to the exam I knew how they would word certain questions to lead you to choosing the correct answer.
When I first started I was hitting a lot of questions that were very hard so what I did was skipped all the hard questions until the end and then instead of getting super nervous about missing a ton of questions I filled out the questions I knew 100% and then after that I did the simulations and after doing the simulations I was confident. I then went back and thoroughly went through the questions that I was unsure about did my best answers and by the time I finish there was only 10 or 15 minutes left.
Instead of reviewing the multiple-choice questions again and maybe changing an answer to a wrong answer I went through my methodology on the simulations because I knew how heavily they were weighed, and I actually noticed a few that I Analyzed and changed answers slightly. (For example realizing that a Linux box was incorrectly showing a false positive for having a Windows printer related vuln & also realizing that I forgot that if you have a proxy between an asset and a firewall that you set firewall rules for the proxy IP and not for that asset because it then applies the firewall block to all assets behind the proxy; felt dumb about not realizing that 😂😂😂)
Honestly when I started it my heart was racing and my stomach dropped because I was so nervous that I was just going to fail.
I was still just as nervous submitting it and when the 815 came on the screen I was so damn happy. Definitely a gut wrenching exam to take no matter how much you prepare
NPC PinkHat what material did you use to study? The sybex study guide and the exam questions? Also how did you prepare yourself to read vulnerability scans and firewall logs? I’m studying for the Cysa+ now.
Allen H I understand firewall and vuln scanning because I work with firewall logs and vuln scanners at work; I’m a Infosec Analyst for a top 10 defense contractor. Big advantage for me working with the tech all the time.
I used some Comptia Cysa+ book my company provided, it also came with another book containing questions (both yellow books)
I then gathered random cysa test banks I found on the internet and studied those questions and answers too.
Read through the book; noted my weak areas and learned the terms and definitions for all that. After that it’s just cramming and repeatedly going through the questions until you know all the definitions of the answers for those questions.
Kinda sucked but its over now thank god lol
NPC PinkHat appreciate you I’ll give you an update when I pass ( 2 months from now)
NPC: How many simulations did you phase?
Somaliland Hardliner there were 4 simulations in the test and I’m fairly certain I got them mostly correct, they are weighed heavy so getting above and 800 means you did well on the simulations
I am doing text to speech so forgive me
Seems so strange to hear an American accent from a person called Colin Kelly. I'm Irish and this place is coming down with Colin Kelly's. LOL.
dude just blink
CompTIA has committed to diversity and equity, so NEVER indicate that you are White BEFORE seeing your score.
Don't tell story
..speak to the point