As requested, here is the start to the CySA+ series! This series is based on the CSO-003 version. You can find the link to the complete exam objectives in the description. If you're looking for the Security+ practice questions you can find them on my channel in the Security+ Playlist. Thank you so much for being here, can't wait to hear you passed!
Congrats on your Security+! Yeah, I plan on doing CySA+ practice questions and then moving on to Pentest+ practice questions after that. How's your studying been for the CySA+ so far?
@@ImCyberJames It's been pretty decent. Not gonna lie, this exam is pretty much what I imaged the security+ to be when I was first studying for it. Just slightly more in depth with the concepts rather than touching up on the basics. I'm using Jason Dion's udemy course like I did for the S+. I plan on taking it within the next month or two.
Yeah, my personal experience was that the CySA+ was somewhat easier than the Security+. But that was my experience. Something that came up quite a bit were questions regarding the incident response phases. I used the Jason Dion Udemy course for every single CompTIA exam I've done and while I'm not a fan of his practice exams the course content is some of the best@@Jamesytech22
@@ImCyberJames Passed it today! I did better on this exam then the S+ with an 809! I liked the technical aspect a lot more and the PBQs were pretty fun.
Breaking 800 on a CompTIA exam is no easy feat! Congratulations. CySA+ was probably the most fun in my opinion. Bu that's awesome, what's next?!@@Jamesytech22
I don't like Q3. While C would be correct in the sense that you can't block all malicious websites, B is the incident RESPONSE procedure, meaning it deals with the fallout of another attack once an incident has been recorded. Note that dealing with the fallout better doesn't PREVENT similar attacks from happening again.
Yeah the question was dumb, what I'm theorizing is that an incident response is considered "collected data" from past events so technically would be used to aid and prevent a phishing attack. But really this is more of a psychology question than a cyber question to be honest.
good video and questions. I would like to add for anyone taking it - you're not expected to answer 75 lengthy word problems like this. Maybe 30 will be long word problems, a couple lab-based activities, and then the rest are multiple choice "term" questions. i.e. what is the difference between NIST and MITRE frameworks
I have a doubt with question 3, for me the correct answer would be B since it's the least effective in preventing a similar incident from happening again, as it doesn't directly address prevention, but rather how to respond if another attack occurs.. it’s true that attackers use different domains anyway it’s still a better mitigation than B cuz been in a incident response escenario means that the incident has occurred again🤔
I agree with you, web filtering can significantly reduce the chance of malicious email get into user box, so users would not have chance to click the link unleased they open SPAMS
I disagree, if we compare B " ..include procedures for social engineering attackS..." and C " known malicious attacks ..." it's clear that in the futur the web filtering is least effective because we will be filtering only a portion of domains, whereas by including procedures for social engineering attacks our defence surface is broader and more effective since the IR plan will include most if not all the social engineering methods
i passed sec+ and your Q&A is actually more harder than the actual exam. i did some match and if you can do 80% from your practice test you should be able to pass it, thanks a lot now i'm doing CYSA+.
I will be doing Pentest+ after the CySA series and there's a good chance I'll do A+ then Network+ after that. I have the A+, Network+, Security+, CySA+, and Pentest+ so I plan on eventually covering all of them to help out
How is question 3 C? The first 2 questions you went step by step to explain your thought process as to why its not the other options, this one you just jumped to C because you knew it was the answer but I don't think you necessarily agreed. B makes the most logical sense, as IRP would be after an incident has taken place, so it would be the least effective in preventing it. If I am wrong, please someone explain but I don't see how it can be C.
IRP is all about how incidents are handled. A crucial (and arguably the most important) part to a successful IRP is preparation. That’s what B directly refers to. The question asks “which would be the LEAST effective in preventing a similar incident from happening again?” B, updating the incident response plan to include procedures for social engineering attacks is absolutely necessary for preventing this again, and would directly align with preparation. C would be the least effective for many reasons, one being that links are ALWAYS changing. And I don’t know the answers when doing these videos, I study the exam objectives almost daily for all the exams I cover as I also volunteer to help students outside of TH-cam pass their exams.
Hi, can anyone please tell me whether the actual exam also contains similar difficulty? I have a master's degree in cyber security and brief SOC experience. I found this practice test relatively easy (17/20) without any prior knowledge of CySA+. Any tips would be appreciated.
Congrats! That's a hard question to answer. I guess it depends on what your end goal is. If you're looking to break into Cybersecurity I would say they're absolutely worth it. If you're looking for career advancement, there's other alternatives out there.
All these questions are from the actual exam test, right, James? I am also planning for the exam by this 2024 as well! Thanks for your Video and Tips! If these questions are in the actual test, I will not miss even one question! 😀
Hi, these aren’t questions from the actual exam as that would be cheating. They’re formatted in a similar way and are based around the exam objectives though. It’s to help you get an understanding on how the multiple choice questions will be asked.
@@PhannaPH30 oh my God congratulations! did you only use this TH-cam channel practice questions that helped you pass or you use other resources as well??
As requested, here is the start to the CySA+ series! This series is based on the CSO-003 version. You can find the link to the complete exam objectives in the description. If you're looking for the Security+ practice questions you can find them on my channel in the Security+ Playlist. Thank you so much for being here, can't wait to hear you passed!
That's a crazy coincidence that I passed the S+ after finding you and now I'm working on my CYSA+ and you've started doing practice tests on it.
Congrats on your Security+! Yeah, I plan on doing CySA+ practice questions and then moving on to Pentest+ practice questions after that. How's your studying been for the CySA+ so far?
@@ImCyberJames It's been pretty decent. Not gonna lie, this exam is pretty much what I imaged the security+ to be when I was first studying for it. Just slightly more in depth with the concepts rather than touching up on the basics. I'm using Jason Dion's udemy course like I did for the S+. I plan on taking it within the next month or two.
Yeah, my personal experience was that the CySA+ was somewhat easier than the Security+. But that was my experience. Something that came up quite a bit were questions regarding the incident response phases. I used the Jason Dion Udemy course for every single CompTIA exam I've done and while I'm not a fan of his practice exams the course content is some of the best@@Jamesytech22
@@ImCyberJames Passed it today! I did better on this exam then the S+ with an 809! I liked the technical aspect a lot more and the PBQs were pretty fun.
Breaking 800 on a CompTIA exam is no easy feat! Congratulations. CySA+ was probably the most fun in my opinion. Bu that's awesome, what's next?!@@Jamesytech22
fantastic video - keep up the great work
I don't like Q3. While C would be correct in the sense that you can't block all malicious websites, B is the incident RESPONSE procedure, meaning it deals with the fallout of another attack once an incident has been recorded. Note that dealing with the fallout better doesn't PREVENT similar attacks from happening again.
Yeah the question was dumb, what I'm theorizing is that an incident response is considered "collected data" from past events so technically would be used to aid and prevent a phishing attack. But really this is more of a psychology question than a cyber question to be honest.
Updating our procedures after an incident is a sort of prevention
good video and questions. I would like to add for anyone taking it - you're not expected to answer 75 lengthy word problems like this. Maybe 30 will be long word problems, a couple lab-based activities, and then the rest are multiple choice "term" questions. i.e. what is the difference between NIST and MITRE frameworks
did his serious help you pass?
what resources helped u pass?
I had 4 PBQs 😭
I have a doubt with question 3, for me the correct answer would be B since it's the least effective in preventing a similar incident from happening again, as it doesn't directly address prevention, but rather how to respond if another attack occurs.. it’s true that attackers use different domains anyway it’s still a better mitigation than B cuz been in a incident response escenario means that the incident has occurred again🤔
Exactly my thought. Incident Response comes after an incident has happened so updating IRP wouldn't prevent anything.
I agree with you, web filtering can significantly reduce the chance of malicious email get into user box, so users would not have chance to click the link unleased they open SPAMS
I disagree, if we compare B " ..include procedures for social engineering attackS..." and C " known malicious attacks ..." it's clear that in the futur the web filtering is least effective because we will be filtering only a portion of domains, whereas by including procedures for social engineering attacks our defence surface is broader and more effective since the IR plan will include most if not all the social engineering methods
Thank you so much. Please do more of CySa+
Of course! There’s a second video on my channel for CySA
MORE 😂😂😂😂
@@ImCyberJames moree :D
i passed sec+ and your Q&A is actually more harder than the actual exam. i did some match and if you can do 80% from your practice test you should be able to pass it, thanks a lot now i'm doing CYSA+.
Congrats!!!!
Hi James, do you do videos on CompTIA A+ and CompTIA Network +? Thanks.
I will be doing Pentest+ after the CySA series and there's a good chance I'll do A+ then Network+ after that. I have the A+, Network+, Security+, CySA+, and Pentest+ so I plan on eventually covering all of them to help out
Thank you!!
Thanks James!
🔥 videos, please continue this series!
Can you please do more videos on the Cysa+ 003 series. This was awesome.
Hi there do you do any pbq questions that are realistic for this exam
Thanks
I’m going to take this test in the next couple months. Thanks for this!
did u pass?
@@safizzle8 I ended up enrolling into PJPT as I found blue teaming boring to be honest with you.
@@alechernandez5506so can you tell me about the pbq
How is question 3 C? The first 2 questions you went step by step to explain your thought process as to why its not the other options, this one you just jumped to C because you knew it was the answer but I don't think you necessarily agreed. B makes the most logical sense, as IRP would be after an incident has taken place, so it would be the least effective in preventing it. If I am wrong, please someone explain but I don't see how it can be C.
IRP is all about how incidents are handled. A crucial (and arguably the most important) part to a successful IRP is preparation. That’s what B directly refers to. The question asks “which would be the LEAST effective in preventing a similar incident from happening again?” B, updating the incident response plan to include procedures for social engineering attacks is absolutely necessary for preventing this again, and would directly align with preparation. C would be the least effective for many reasons, one being that links are ALWAYS changing.
And I don’t know the answers when doing these videos, I study the exam objectives almost daily for all the exams I cover as I also volunteer to help students outside of TH-cam pass their exams.
Re question 10, option B would be a good compromise if IPS is used instead.
Hi, can anyone please tell me whether the actual exam also contains similar difficulty? I have a master's degree in cyber security and brief SOC experience. I found this practice test relatively easy (17/20) without any prior knowledge of CySA+. Any tips would be appreciated.
I passed it today thank you score 803
Congrats!
wow! ive gotten only 4 questions wrong! i love your explanations, thank you!
Thank you so much..
So questions are so helpful.
I just passed the security plus. Should this cert be my next? Any input would be welcomed . I currently work In the DoD world
Where are these questions or practice test engine?
Huge help dude ty
Thanks, this is very helpful!
Are Cysa+ and Pentest+ worth taking? Just passed my sec+... cheers
Congrats! That's a hard question to answer. I guess it depends on what your end goal is. If you're looking to break into Cybersecurity I would say they're absolutely worth it. If you're looking for career advancement, there's other alternatives out there.
@@ImCyberJames Yes, looking to break in to cybersec and get my first job!
@@RandomFaxx they both got their merits. I definitely recommend CySA+, i am currently doing PenTest+ and so far is good.
Good stuff. I recently passed CySA+ also. I would have used these videos but i just found them. Great Job though!
Thanks and congrats!
Can you tell me about the pbq if that’s ok with you
@Piyano-bh7rh I have some resources in my Channel. Have you checked them out?
All these questions are from the actual exam test, right, James? I am also planning for the exam by this 2024 as well!
Thanks for your Video and Tips! If these questions are in the actual test, I will not miss even one question! 😀
Hi, these aren’t questions from the actual exam as that would be cheating. They’re formatted in a similar way and are based around the exam objectives though. It’s to help you get an understanding on how the multiple choice questions will be asked.
@@ImCyberJames Best noed and thanks again!
did you pass?
@@safizzle8 I did! since June😍
@@PhannaPH30 oh my God congratulations! did you only use this TH-cam channel practice questions that helped you pass or you use other resources as well??
thanks
No problem