hanalei r. https://hanalei.dev an infosec portfolio Wed, 05 May 2021 17:50:10 +0000 en-US hourly 1 https://wordpress.org/?v=6.5.2 194918972 How I Passed the CySA+ After Burn Out https://hanalei.dev/2021/05/01/i-passed-the-cysa-after-burn-out/ https://hanalei.dev/2021/05/01/i-passed-the-cysa-after-burn-out/#respond Sat, 01 May 2021 05:05:56 +0000 https://hanalei.dev/?p=114 Read more "How I Passed the CySA+ After Burn Out"

]]>
For my second certification attempt, I decided to go for my CySA+.

There is a lot of overlap between the Security+ and the CySA+. However, the CySA+ strays from much of the technical networking questions found in the Security+. It is common for the CySA+ exam to give you a situation/premise, then ask something like, “What’s the best solution?” or “What should be done first?” This is where your honed cybersecurity analyst skills can be applied and shine!  

There are also practical questions, similar to Security+, so be familiar with reading different types of log output and the basics of incident response. For some reason, there isn’t much emphasis on the practical questions in any of the practice exams I took, but they are definitely in the CySA+ exam — so keep that in mind!

Okay, onwards!

For full disclosure:  I spent about 6 weeks in a cybersecurity bootcamp with Mike Chapple’s textbook, CompTIA Cybersecurity Analyst (CySA+) Study Guide Exam CS0-002, 2nd Edition. I mention this because what is listed below reflects the additional ~1.5 weeks of study leading to my CySA+ exam.  Other than that, I do not have a formal background in tech, at all.

Also note that the CySA+ CS0-001 was retired in October 2020, and Pearson OnVue currently offers the CySA+ CS0-002 only. Vouchers sold for the CySA+ are still valid for both exams, so I hope this limits any confusion as you schedule yours.

This post is organized into the following parts: readings, video courses, practice exams, and my study schedule.

Readings

  • I used Mike Chapple’s textbook, CompTIA Cybersecurity Analyst (CySA+) Study Guide Exam CS0-002, 2nd Edition. For class, I read this entire book, and it was extremely helpful. I liked the textbook because it was easy to understand, and the language was very accessible. This was helpful coming from a non-tech background, and the information was organized in a way that made sense for me. I talk more about the quizzes included with the textbook below.
  • CompTIA Cybersecurity Analyst (CySA+) Certification Exam Objectives  (For some reason, this document is really hard to find on the CompTIA testing site.) Of course, always review the exam objectives and use the terms and concepts listed as a mini-quiz for yourself.

Videos

  • Linux Academy / aCloudGuru course: CompTIA CySA+ Certification with Tia Williams
    What I really loved about Linux Academy (RIP!) is that it had a course scheduler. You would input the hours you can commit to studying on a weekly basis, and then it calculates your projected course completion date. Seeing my progress boosted my morale, and allowed me to focus unit by unit. This course is taught by grouping similar concepts together, rather than teaching the objectives sequentially as listed by CompTIA CySA+ objectives document. This makes it hard to pinpoint specific concepts for review. Professor Messer seems to be the only one whose course outline is taught in the order of the objectives, however, he does not teach CySA+ on YouTube.
  • Many people recommend Jason Dion’s course on Udemy, but I didn’t feel motivated to commit to yet another set of videos. At this point, my eyeballs were tired, so I leaned heavily on the Chapple textbook instead of starting a new video course. 
  • I watched additional videos on YouTube about the Lockheed Martin Kill Chain and MITRE ATT&CK. Since the practice exams repeatedly indicated those frameworks were my areas of weakness, it was really helpful to review other sources to really internalize these concepts.

Practice exams

  • I used Jason Dion’s practice exams on Udemy: CompTIA CySA+ (CS0-002) Practice Certification Exams . This is what my study group and I reviewed together on a daily basis. Again, reading the concepts in the answers portion to reinforce concepts is always the most helpful part of taking the practice exams. 
  • The CompTIA Cybersecurity Analyst (CySA+) Study Guide Exam CS0-002, 2nd Edition allows 1 year of  access to a practice test and chapter quizzes hosted on the publisher’s website. In the quizzes, there were also some log analysis questions that were very helpful and similar to what you can expect on the CySA+. However, the user interface on the Wiley website is pretty annoying to use, it’s not very intuitive, but the question content is good.
  • In hindsight, I can’t say that either one of these resources was that similar to the feel of questions you get on the actual CySA+ exam.

Study Schedule

Recovering from study burn out, I was more lax approaching my CySA+ exam compared to my Security+ preparation. Overall, I spent about a week and a half to review since I was very familiar with the Chapple textbook, and I relied heavily on previous knowledge from taking the Security+.

  • Day 01: 
    • Linux Academy / aCloudGuru: CompTIA CySA+ Certification course with Tia Williams (Approximately 3-4 hours at accelerated playback)
    • Jason Dion Practice Test 1 – with my study group (with answer review)
    • Review chapters 1-2  Mike Chapple’s textbook and quizzes
  • Day 02:
    • Linux Academy / aCloudGuru: CompTIA CySA+ Certification course with Tia Williams (Approximately 3-4 hours at accelerated playback)
    • Jason Dion Practice Test 2 – with my study group (with answer review)
    • Review chapters 3-5  Mike Chapple’s textbook and quizzes
  • Day 03:
    • Jason Dion Practice Test 3 – with my study group (with answer review)
    • Solo drill of previously completed Jason Dion Practice Tests
    • Review chapters 6-9  Mike Chapple’s textbook and quizzes
  • Day 04:
    • Jason Dion Practice Test 4 – with my study group (with answer review)
    • Review chapters 10-12  Mike Chapple’s textbook and quizzes
  • Day 05:
    • Jason Dion Practice Test 5 – with my study group (with answer review)
    • Review chapters 13-15  Mike Chapple’s textbook and quizzes
  • Day 06:
    • Jason Dion Practice Test 6 – with my study group (with answer review)
    • Review chapters 16  Mike Chapple’s textbook and quizzes
    • Solo drills Jason Dion Practice Tests
  • Day 07:
    • Solo drills of all Jason Dion Practice Test (This took me about 9 hours to do in total.)
    • Practice exam included with Linux Academy / aCloudGuru: CompTIA CySA+ Certification course with Tia Williams 
  • Day 08:
    • Solo drills using Jason Dion Practice Test 
    • Took exam at 8 p.m.

While not many job listings mention the CySA+ by name, the emphasis on log reading, elements of threat analysis, and critical thinking are definitely practical skills needed by defenders in enterprise environments. Overall, earning the CySA+ certification was significant to me because it marked an end to the formal guidance and training I received in my cybersecurity bootcamp. From this point forward, my earned certifications will be based fully on my own independent learning. It’s a daunting yet exciting tipping point in my cybersecurity career!

In the title, I mentioned burn out. As Q2 began, and we were painfully aware that we have been in quarantine for an entire year, I really needed a break. I was in the habit of overextending myself and signing up for everything – study groups, volunteer meetings, talks with potential mentors, every conference, trainings galore, and applications for future scholarships. I noticed that I wasn’t absorbing the materials I was studying as well. And after some thought, I had to admit that I was exhausted and not as focused. I really needed to take care of the many personal responsibilities I’d neglected due to poor study/life balance. 

So, I did that. I rested for a week, and I assessed my capacity. I was more mindful of the commitments I made. I refreshed my space. I checked-in with loved ones. I crossed things off my personal to-do list. I felt much better the week after. When I was feeling more able, I finally purchased my voucher and I scheduled my test date. I forgave myself for being weeks off my personal “target” CySA+ exam date, because the time I needed to gather myself was necessary.

I hope as you go forward, you remain vigilant of your personal needs in order to stay strong for the journey ahead. Make sure you rest and take care of yourself. Life happens, and the exams will always be there. As I prepare to tackle some AWS exams and the OSCP this summer, it’s definitely a new commitment I am making.

So, best of luck in your preparation, and your attempt at the CySA+! You’ve got this!

]]>
https://hanalei.dev/2021/05/01/i-passed-the-cysa-after-burn-out/feed/ 0 114
How I Passed the CompTIA Security+ Exam in 10 days. https://hanalei.dev/2021/03/15/how-i-passed-comptia-security/ https://hanalei.dev/2021/03/15/how-i-passed-comptia-security/#respond Mon, 15 Mar 2021 02:38:34 +0000 https://hanalei.dev/?p=5 Read more "How I Passed the CompTIA Security+ Exam in 10 days."

]]>
(Brace yourself, this is a fairly long post which includes my opinions on the materials used to prepare. If you’re up for that, continue!)

This post is organized into the following parts: readings, video courses, practice exams, my study schedule, exam logistics, and other tips that may be helpful for you.

First thing you have to know is that I spent about 6 weeks in a cybersecurity bootcamp reading Mike Chappele’s textbook, CompTIA Cybersecurity Analyst (CySA+) Study Guide Exam CS0-002, 2nd Edition. I mention this because there is about ~70% overlap between the CySA+ exam and the Security+ exam.  Other than that, I do not have a formal background in tech, at all.

Second, this was my first attempt at a cybersecurity certification ever. I skipped A+ and Networking+ (which is why I wasn’t as grounded in networking fundamentals, and my practice exam scores repeatedly indicated this). I was particularly anxious and rigid about my POA (plan of attack). I asked SEVERAL people how they passed, and I am grateful to each of them in pointing me to the best materials currently available, as well as the best routines to employ in my own preparation.

Third, I bought a discounted voucher from a legitimate bulk reseller site, and its expiration date quickly approached! (Keep in mind that your voucher’s expiration date is the last day you may schedule your exam on the Pearson OnVue site, the voucher’s expiration date is not the last day you may attempt the exam.) You have three (3) chances to re/schedule your exam. I picked a date, and felt the fire lit under me. I then created my 10 day study schedule, and attempted the Security+ on the 11th day. 

Here is a summary and mini-reviews of the materials I used. Onward!

Readings:

  • Professor Messer’s Security+ notes
    Because I am old, I needed to print these out, and I annotated them as I watched his videos. They were easy to follow along and very handy during the days I’d just want a quick review, easily flip through the material to reference, or when I just couldn’t bring myself to watch another video.
  • Ports, encryption types, hashing algorithms, and public/private key encryption process.
    I printed out my favorite image of public/private key encryption – yes, starring Alice and Bob so that I could internalize it better. I also made a quick reference grid in my notebook of common ports, symmetric vs. asymmetric encryption types, and listed the common hashing algos – and why they do or don’t work. This info can be easily gathered through a search!
  • CompTIA Security+ 501 Objectives and acronyms
    I reviewed these daily, along with the accompanying glossary SINCE THERE ARE SO MANY ACRONYMS.
  • I did not use a Security+ specific textbook to prepare.

Video courses I used:

  • Linux Academy (now hosted on aCloudGuru) CompTIA Security+ Certification Prep by Terry Cox
    16 hours of content – this took me about 3 days to complete at 1.75 playback speed. It provided a good foundation.
  • Professor Messer Security+ 601 YouTube playlist (Find it here.)
    This was really helpful since each of his lessons are aligned with the compTIA Security+ objectives, sequentially. Many of the other videos out there just cluster concepts together (like Mike Myers and Jason Dion’s videos). I found that these other instructors jump around and combine concepts as they see fit, so it would be hard to follow using the exam objectives as a guide. This might be awesome for a birds-eye view, but not for honing in on the specific objectives that I wanted to sharpen, examine more closely, or reinforce.  Prof. Messer’s took me about 3-4 days of 6-8 hour sessions to complete at an accelerated playback.
  • Mike Myers and Jason Dion Security+ video courses on Udemy
    I did have access to these, but after a couple of videos, I didn’t feel these instructors matched my learning style. Check them out to see if they’re a fit for you.

Practice Exams: 

  • I did daily practice exams, and I made sure to review the concepts in the answer key. When I was wrong, I returned to Prof. Messer’s Security+ videos to review, since the related objective is usually indicated.
  • Jason Dion’s CompTIA Security+ (SY0-501) Practice Exams with Simulations
    These were a pack of 6 practice exams on Udemy that I bought while on sale. This is what I practiced with on a daily basis with my study group. Then, I would do speed runs to see if I could score well on my own.
  • Professor Messer’s CompTIA Security+ Practice Exams
    Because his entire video course is free on YouTube, I am more than happy to promote this man. Link to his exams and course notes here.

    Great examples of the practical questions, and answer explanations for all questions. You get 3 full practice tests. While I found this exam to reflect the feel of actual CompTIA Security+ exam the most, it’s a .pdf, and of course it didn’t have the convenience/ease of use that a GUI with a bunch of radio buttons had. Despite that, I printed out all 400 pages, and went through the questions and answers on paper. In comparison to the other practice exams I used, Prof. Messer’s Security+ Practice Exams are the most similar to the type and rigor one can expect from the Security+.

  • Linux Academy/aCloudGuru – CompTIA Security+ Certification Prep by Terry Cox
    After each unit, there was a 15-30 question quiz covering the material from the section. Then, there is one 90 question practice exam at the end of the course. This was good to jog some concepts, but wasn’t as aligned with the types of questions that were ultimately on the Security+ exam. Still good for review and general concept mastery, though. 

What my study schedule looked like:

  • Day 01: 
    • Jason Dion Practice Test 1 – with my study group (with answer review)
    • Terry Cox Video Course on Linux Academy + unit quizzes (3-4 hours),
  • Day 02:
    • Jason Dion Practice Test 2 – with my study group (with answer review)
    • Terry Cox Video Course on Linux Academy + unit quizzes (3-4 hours),
  • Day 03:
    • Jason Dion Practice Test 3 – with my study group (with answer review)
    • Terry Cox Video Course on Linux Academy + unit quizzes (3-4 hours)
    • Started the Prof. Messer Security+ playlist on Youtube (3-4 hours)
  • Day 04:
    • Jason Dion Practice Test 4 – with my study group (with answer review)
    • Prof. Messer Security+ playlist on Youtube (3-4 hours)
  • Day 05:
    • Jason Dion Practice Test 5 – with my study group (with answer review)
    • Prof. Messer Security+ playlist on Youtube (3-4 hours)
  • Day 06:
    • Prof. Messer Practice Exam A + answer review
    • Prof. Messer Security+ playlist on Youtube (6 hours)
  • Day 07:
    • Prof. Messer Practice Exam B + answer review
    • Prof. Messer Security+ playlist on Youtube
    • Reviewed some concepts from Prof. Messer Networking+ playlist on Youtube
  • Day 08:
    • Jason Dion Practice Test 6 – with my study group (with answer review)
    • Prof. Messer Practice Exam C + answer review
    • Prof. Messer Security+ playlist on Youtube
  • Day 09:
    • Solo speed runs of all Jason Dion Practice Tests
    • Jason Dion Course Practice Exam – with my study group (with answer review)
      • I took it easy this day!
  • Day 10:
    • Prof. Messer Security+ playlist on Youtube
    • Took practice exam from the Terry Cox Course on Linux Academy
    • Solo speed runs of all Jason Dion Practice Tests
  • Day 11:
    • Reviewed my annotated Professor Messer notes
    • Solo speed runs of all Jason Dion Practice Tests
    • Took the Security+ exam around 2 p.m.

Exam logistics:

  • Scheduling wasn’t difficult with about 2 weeks notice. There were many available slots, and rescheduling was easy to manage in your account.
  • Check in as early as possible. I took a full 20 mins to download and run the latest version of OnVue, and take the various photos required. You can use any remaining time to get grounded while you wait for your online proctor.
  • My remote online proctors were kind of real sticklers. I sneezed and they told me I wasn’t allowed to cover my mouth or look away from the screen. Sure, fair…but I sneezed, an actual biological protective reflex. So be mindful of your body.

Other Tips:

  • Find someone to study with and/or create an accountability group. The group learning process is great, especially in pointing out the things you don’t know. 
  • Review any “practical” questions practice exams offer. Both the Jason Dion and Prof Messer’s exams had  a few helpful samples that helped me know what to expect.
  • Know your acronyms. I reviewed these daily just to get the hang of things. There is a glossary included in the CompTIA objectives pack.
  • Commit to studying for a solid block of time, but don’t overdo it! Block off a 45 minute sprint, take a 10 minute break, then go for another 45 minutes. One of my former lead instructors recommended a good 4-5 hours of focus (in total) for each work day, and that works for my capacity and attention span. Find out what works for you!
  • Print out what you can. Staring at screens all day is a challenge. I found printing out what I could and reading paper copies of things more motivating on my hard days.

Overall, it was a positive FIRST CERTIFICATION experience! I was extremely nervous, but this process allowed me to build my confidence in my discipline to learn and study new material on my own. I’m proud to have earned my Security+, which is a certification commonly listed in many job listings. Stay tuned for my CySA+ update, and best wishes on your own attempt to achieve your Security+ certification — YOU’VE GOT THIS! Please leave a comment below if you have any feedback on the material I listed above, or have additional resources you’d like to share.

Note:  I took the SY0-501 Security+ exam in March 2021. “The English version of the CompTIA Security+ SY0-501 exam will retire on July 31, 2021. At that point it will be completely replaced by SY0-601.” (From the CompTIA blog.)

]]>
https://hanalei.dev/2021/03/15/how-i-passed-comptia-security/feed/ 0 5