Kirkian Computing

Month: January 2021

  • CySA+ (CS0-001)

    In March 2020, I took CompTIA’s CySA+ (Cybersecurity Analyst) exam. Along with PenTest+, this bridges the gap between Security+ and CASP. In simple terms, PenTest+ is about “red team” activities (attack) whereas CySA+ is about “blue team” activities (defence). This certification was launched in 2017 as CSA+, but it was rebranded in January 2018 because someone else had already registered “CSA” as a trademark. The exam (CS0-001) stayed the same, although this was retired in October 2020.

    NB The CS0-002 exam was launched in April 2020, giving a 6 month overlap, but this blog post covers the older exam. I noticed a bit of overlap between CS0-001 and PT0-001 (possibly because CySA+ launched first), so I’m guessing that CS0-002 will make them more distinct, but I can’t confirm that.

    Thinking about the target audience for this certification, it seems to cover a hybrid role. Some of the objectives cover hand-on skills, e.g. configuring a firewall or doing forensic analysis on a PC that’s infected with malware. Other objectives are on the management side, e.g. risk assessments and data classification.

    (more…)

  • Palo Alto Networks Certified Cybersecurity Associate (PCCSA)

    Palo Alto Networks make security products. In particular, they sell firewalls (physical and virtual), and their Panorama software will let you manage multiple firewalls centrally (e.g. for branch offices). Their certification program has 3 tiers:

    • Entry level
    • Administrator
    • Engineer

    Palo Alto Networks offer free training for all of these, although you have to pay for the exam. Even if you don’t do the exam, the training might be worthwhile on its own merits.

    In December 2019, I took the entry level exam. At the time, that was the Palo Alto Networks Certified Cybersecurity Associate (PCCSA). However, that exam is being retired at the end of this month (2021-01-31), to be replaced by the Palo Alto Networks Certified Cybersecurity Entry-level Technician (PCCET). This is basically a rebranding exercise; I assume that it was confusing to have “Associate” (PCCSA) and “Administrator” (PCNSA) certifications which both ended with an A. According to the FAQ: “PCCSA certified individuals will have their credentialing status grandfathered into the upgraded PCCET certification framework.” The syllabus has been revised at the same time, to keep it up to date, but it looks much the same as before.

    In brief, this exam is “what” rather than “how”, i.e. it’s all about the concepts rather than the implementation. In that respect, it’s quite similar to Microsoft 365 Fundamentals, and both exams are a similar price ($100/£70). When I did the training, the videos were about 50% advertising for Palo Alto Networks products; the pdf (ebook) was a bit more restrained, but there was still quite a bit of marketing/advocacy in there. E.g. the course will describe what WildFire and GlobalProtect are used for, but not how to configure them. By contrast, the exam was much more general, so there was a lot of overlap between this, Security+, and the SSCP.

    (more…)

  • CCNA R&S

    Cisco have offered the CCNA (Cisco Certified Network Associate) since 1998, but it’s been through a few variations over the years. They’ve changed the syllabus and the number of exams:

    Year Part 1 Part 2 Combined
    1998 CCNA (640-407)
    2000 CCNA (640-507)
    2002 CCNA (640-607)
    2003 INTRO (640-821) ICND (640-811) CCNA (640-801)
    2007 ICND1 (640-822) ICND2 (640-816) CCNA (640-802)
    2013 ICND1 (100-101) ICND2 (200-101) CCNA R&S (200-120)
    2016 ICND1 (100-105) ICND2 (200-105) CCNA R&S (200-125)
    2020 CCNA (200-301)

    From 1998-2016, this all applied to Routing and Switching. Meanwhile, Cisco gradually offered a range of other certifications, e.g. “CCNA Wireless” and “CCNA Security”. In 2020, these all got merged together into a single CCNA certification (except for CyberOps). This blog post covers the old R&S syllabus (2013 and 2016), not the new 2020 syllabus.

    (more…)