How I Passed the CySA+ After Burn Out

For my second certification attempt, I decided to go for my CySA+.

There is a lot of overlap between the Security+ and the CySA+. However, the CySA+ strays from much of the technical networking questions found in the Security+. It is common for the CySA+ exam to give you a situation/premise, then ask something like, “What’s the best solution?” or “What should be done first?” This is where your honed cybersecurity analyst skills can be applied and shine!  

There are also practical questions, similar to Security+, so be familiar with reading different types of log output and the basics of incident response. For some reason, there isn’t much emphasis on the practical questions in any of the practice exams I took, but they are definitely in the CySA+ exam — so keep that in mind!

Okay, onwards!

For full disclosure:  I spent about 6 weeks in a cybersecurity bootcamp with Mike Chapple’s textbook, CompTIA Cybersecurity Analyst (CySA+) Study Guide Exam CS0-002, 2nd Edition. I mention this because what is listed below reflects the additional ~1.5 weeks of study leading to my CySA+ exam.  Other than that, I do not have a formal background in tech, at all.

Also note that the CySA+ CS0-001 was retired in October 2020, and Pearson OnVue currently offers the CySA+ CS0-002 only. Vouchers sold for the CySA+ are still valid for both exams, so I hope this limits any confusion as you schedule yours.

This post is organized into the following parts: readings, video courses, practice exams, and my study schedule.

Readings

• I used Mike Chapple’s textbook, CompTIA Cybersecurity Analyst (CySA+) Study Guide Exam CS0-002, 2nd Edition. For class, I read this entire book, and it was extremely helpful. I liked the textbook because it was easy to understand, and the language was very accessible. This was helpful coming from a non-tech background, and the information was organized in a way that made sense for me. I talk more about the quizzes included with the textbook below.
• CompTIA Cybersecurity Analyst (CySA+) Certification Exam Objectives  (For some reason, this document is really hard to find on the CompTIA testing site.) Of course, always review the exam objectives and use the terms and concepts listed as a mini-quiz for yourself.

Videos

• Linux Academy / aCloudGuru course: CompTIA CySA+ Certification with Tia Williams
  What I really loved about Linux Academy (RIP!) is that it had a course scheduler. You would input the hours you can commit to studying on a weekly basis, and then it calculates your projected course completion date. Seeing my progress boosted my morale, and allowed me to focus unit by unit. This course is taught by grouping similar concepts together, rather than teaching the objectives sequentially as listed by CompTIA CySA+ objectives document. This makes it hard to pinpoint specific concepts for review. Professor Messer seems to be the only one whose course outline is taught in the order of the objectives, however, he does not teach CySA+ on YouTube.
• Many people recommend Jason Dion’s course on Udemy, but I didn’t feel motivated to commit to yet another set of videos. At this point, my eyeballs were tired, so I leaned heavily on the Chapple textbook instead of starting a new video course. 
• I watched additional videos on YouTube about the Lockheed Martin Kill Chain and MITRE ATT&CK. Since the practice exams repeatedly indicated those frameworks were my areas of weakness, it was really helpful to review other sources to really internalize these concepts.

Practice exams

• I used Jason Dion’s practice exams on Udemy: CompTIA CySA+ (CS0-002) Practice Certification Exams . This is what my study group and I reviewed together on a daily basis. Again, reading the concepts in the answers portion to reinforce concepts is always the most helpful part of taking the practice exams. 
• The CompTIA Cybersecurity Analyst (CySA+) Study Guide Exam CS0-002, 2nd Edition allows 1 year of  access to a practice test and chapter quizzes hosted on the publisher’s website. In the quizzes, there were also some log analysis questions that were very helpful and similar to what you can expect on the CySA+. However, the user interface on the Wiley website is pretty annoying to use, it’s not very intuitive, but the question content is good.
• In hindsight, I can’t say that either one of these resources was that similar to the feel of questions you get on the actual CySA+ exam.

Study Schedule

Recovering from study burn out, I was more lax approaching my CySA+ exam compared to my Security+ preparation. Overall, I spent about a week and a half to review since I was very familiar with the Chapple textbook, and I relied heavily on previous knowledge from taking the Security+.

• Day 01: 
  • Linux Academy / aCloudGuru: CompTIA CySA+ Certification course with Tia Williams (Approximately 3-4 hours at accelerated playback)
  • Jason Dion Practice Test 1 – with my study group (with answer review)
  • Review chapters 1-2  Mike Chapple’s textbook and quizzes
• Day 02:
  • Linux Academy / aCloudGuru: CompTIA CySA+ Certification course with Tia Williams (Approximately 3-4 hours at accelerated playback)
  • Jason Dion Practice Test 2 – with my study group (with answer review)
  • Review chapters 3-5  Mike Chapple’s textbook and quizzes
• Day 03:
  • Jason Dion Practice Test 3 – with my study group (with answer review)
  • Solo drill of previously completed Jason Dion Practice Tests
  • Review chapters 6-9  Mike Chapple’s textbook and quizzes
• Day 04:
  • Jason Dion Practice Test 4 – with my study group (with answer review)
  • Review chapters 10-12  Mike Chapple’s textbook and quizzes
• Day 05:
  • Jason Dion Practice Test 5 – with my study group (with answer review)
  • Review chapters 13-15  Mike Chapple’s textbook and quizzes
• Day 06:
  • Jason Dion Practice Test 6 – with my study group (with answer review)
  • Review chapters 16  Mike Chapple’s textbook and quizzes
  • Solo drills Jason Dion Practice Tests
• Day 07:
  • Solo drills of all Jason Dion Practice Test (This took me about 9 hours to do in total.)
  • Practice exam included with Linux Academy / aCloudGuru: CompTIA CySA+ Certification course with Tia Williams 
• Day 08:
  • Solo drills using Jason Dion Practice Test 
  • Took exam at 8 p.m.

While not many job listings mention the CySA+ by name, the emphasis on log reading, elements of threat analysis, and critical thinking are definitely practical skills needed by defenders in enterprise environments. Overall, earning the CySA+ certification was significant to me because it marked an end to the formal guidance and training I received in my cybersecurity bootcamp. From this point forward, my earned certifications will be based fully on my own independent learning. It’s a daunting yet exciting tipping point in my cybersecurity career!

In the title, I mentioned burn out. As Q2 began, and we were painfully aware that we have been in quarantine for an entire year, I really needed a break. I was in the habit of overextending myself and signing up for everything – study groups, volunteer meetings, talks with potential mentors, every conference, trainings galore, and applications for future scholarships. I noticed that I wasn’t absorbing the materials I was studying as well. And after some thought, I had to admit that I was exhausted and not as focused. I really needed to take care of the many personal responsibilities I’d neglected due to poor study/life balance. 

So, I did that. I rested for a week, and I assessed my capacity. I was more mindful of the commitments I made. I refreshed my space. I checked-in with loved ones. I crossed things off my personal to-do list. I felt much better the week after. When I was feeling more able, I finally purchased my voucher and I scheduled my test date. I forgave myself for being weeks off my personal “target” CySA+ exam date, because the time I needed to gather myself was necessary.

I hope as you go forward, you remain vigilant of your personal needs in order to stay strong for the journey ahead. Make sure you rest and take care of yourself. Life happens, and the exams will always be there. As I prepare to tackle some AWS exams and the OSCP this summer, it’s definitely a new commitment I am making.

So, best of luck in your preparation, and your attempt at the CySA+! You’ve got this!