CompTIA CySA+ – The Test

Test Chalkboard

Nothing happens until something moves.

Albert Einstein

After studying for about 3 months, 1 month intensively, I sat for the CompTIA CySA+ exam today. For those of you going, “Wait, he hasn’t finished his blog posts on all of the objectives,” relax, they’re still in the works. So here are my thoughts on the experience keeping in mind my lens of never having taken a certification exam that wasn’t from Cisco.

First, signing up for the exam was the typical Pearson VUE process that I was used to with Cisco. Unlike Cisco, it was easy to find discounted exam vouchers online so I did that and saved 10%.

The exam itself was 70 questions long with mainly multiple choice questions. These questions tend to be wordy, but are very well written. Unlike many of my recent Cisco exams, the proofreading on this exam was excellent. I found all of the exam questions fair, but very tough. Kudos to CompTIA for writing a quality exam to make sure test takers really know the material. Beyond the multiple choice questions there were a few Performance-Based Questions (PBQ). You can check out an example PBQ on CompTIA’s website. These are very similar to Cisco’s simlet questions.

One thing that was definitely new for me, compared to Cisco exams, was the ability to go back and review questions. There was also a way to flag a question for review. At the end of the exam you could then go back to any question and the flags helped you hone in on the ones you wanted to take another look at. Use this to your advantage, the PBQs will take much longer than the multiple choice questions, flag them and skip them at first. Then come back and tackle them knowing how much time you have left. Thank you to the /r/comptia reddit for that tidbit.

So the bottom line… it was hard, it wasn’t pretty, and… I PASSED! After I finish the rest of the blog posts for the CySA+ I will be forging ahead into the two exams for the CCNA CyberOps. Back to my comfort zone with Cisco exams. Hopefully some of the CySA+ knowledge will translate well. I doubt this will be my last CompTIA exam, I have my eyes on some others in the Security domain including Pentest+.