As usual with most of my certification, my first location for information was Reddit for topics on the CompTIA CySA+ certification. I spent a lot of time researching for the best study materials other cybersecurity aspirants and professionals used and the one that populated the most was Jason Dion. His CySA+ videos were awesome and second to non.
I watched all of Jason's videos without taking notes because a lot of the information really builds off of Security+. So I was familiar with the terminology and technology in CySA+. I did some more research and made sure to purchase Mike Chapple and David Seidl Study Guide and Practice Tests. The study guide dug deeper into Jason's videos and the practice tests really exposed you to the way CompTIA develop their exam questions.
Here is a breakdown of my study plan:
1) I watched all of Jason Dion's CySA+ videos without taking notes.
2) I read the entire Mike Chapple and David Seidl's CompTIA CySA+ Study Guide and answered all the end of chapter questions.
3) I answered all 1000 questions from Mike Chapple and David Seidl's CompTIA CySA+ Practice Tests.
4) My next step was to find example of logs, attacks, and tools. I did not do too much hands on because the two books have a lot of data that cover these areas. You do need to know the different tools. This is very important!
5) I watched a Youtube video from ITProTv on Indicator of Compromise. I do not think this video is available on Youtube anymore but it was very interesting.
6) Re-watched Jason's videos and took notes in areas I was weak in.
Here is what I recommend for anyone that plan on taking this exam
1) Research your weak areas.
2) Know how to recognized abnormalities. If you see .exe files on web servers you should be on high alert. Anything with John, <SCRIPT>, =, UNION SELECT.
3) Learn how to read firewall logs.
4) Learn the concept of everything in your studies. You need to know how to prevent attacks, ie. having backups to combat ransomware. This is a big issue some states and cities are facing.
5) You are not going to be able to remember test questions and expect them to be on this test. If you do, you will fail. Dumps are illegal so don't use them.
Link for Log Analysis:
Happy studying everybody and good luck!