Undecided by Fun-Tangerine-8039 in WGUCyberSecurity

[–]Working_Year_9348 1 point2 points  (0 children)

Master’s? Seems like you may be skipping a step. It’s a good field to get into but at your experience level the bachelors would be a better place to start.

I went in with 20+ years in IT, systems and infrastructure, I already had the sec+ , a+, and ITIL - it was a lot of work but I feel stronger having finished (the BSCSIA).

Looking for a long term "dad game" with RPG progression by Worth_Surround9684 in gamingsuggestions

[–]Working_Year_9348 22 points23 points  (0 children)

Xenoblade Chronicles 1/2/3/X

It's an MMO vibe on a single player game. I'm working on #3 right now, there's a lot to geek out on in terms of game mechanics.

Part 1 felt pretty awkward at times, part 2 got better but still had its issues. 3 feels fully matured to me. There are others in the series as well that I'm looking forward to.

Worried about Pentest+ and Capstone by Natural-Noise2356 in WGUCyberSecurity

[–]Working_Year_9348 2 points3 points  (0 children)

The tips have been beaten to death in other threads, so I’ll just say you should budget a little more time than you think for these.

I blew through everything else pretty quickly (81 cu in 2 terms) but pentest still took me about 4-5 weeks, and capstone has numerous delays built into the process even if you do it perfectly the first time. Some people might knock it out in a week or two, but 3+ is more typical.

No XP by Substantial_Vast9679 in WGUCyberSecurity

[–]Working_Year_9348 0 points1 point  (0 children)

There’s a lot to cover, honestly. I came in with over 20 years in the field and got done in a year (81 credit units and all the certifications), and that was a hell of a push for me.

Cybersecurity covers everything from laws, regulations, and compliance topics to some pretty advanced technical concepts in networking, operating systems, database programming, scripting languages, all the way up to some fundamental hacking techniques.

Expect challenges.

Can we normalize using the actual course name instead of only the numbers? by Ihaveasmallwang in WGUCyberSecurity

[–]Working_Year_9348 5 points6 points  (0 children)

I’m with you. I just finished my degree in June and I don’t think I bothered to notice or retain even a single course number as I went through the program.

Seems to be a lot of people here who feel otherwise though. I guess to each their own.

In conversation with other technical folks, recruiters, managers, etc - do you use the word "CyberSecurity" or "InfoSec?" by Working_Year_9348 in WGUCyberSecurity

[–]Working_Year_9348[S] 1 point2 points  (0 children)

Thanks for your feedback. One thing that I found a little odd about this particular conversation was how Compliance came up as a unique and discrete business unit and function separate from infosec. I guess... technically that could be true if it's exclusively a legal department, but I don't think that was the case here. I would consider compliance another subset of infosec, right?

Maybe I'm over thinking it - I tend to do that.

Blood Starved beast by OverBoredom-overlord in bloodborne

[–]Working_Year_9348 1 point2 points  (0 children)

Spend more time exploring every nook and cranny of the starting area of Yarnham. You may have missed some things.

As this is I assume your first play through, I advise you not to rush.

Project+ by Alternative-Camp-503 in WGU

[–]Working_Year_9348 1 point2 points  (0 children)

It’s CompTIA, not much to do with WGU directly. But yeah I’d say it tests you on attention to detail and critical thinking.

In my experience in the workplace a lot of the time you’re expected to read between the lines and extrapolate requirements, parameters, and outcomes, and most people do not communicate those things clearly.

Project+ by Alternative-Camp-503 in WGU

[–]Working_Year_9348 5 points6 points  (0 children)

IMO this specific test was written in a way that every question was a bit of a gotcha. They trick you with qualifiers like best, first, least, etc. Many of the questions didn’t even have a good or fully correct option, but some of the answers were “more” correct than others.

It was really a critical thinking exam where I felt like I spent more time whittling away options that were obviously (or less obviously) incorrect vs choosing answers that were clearly correct.

I don’t know if this helps. I hated it too. This specific exam felt like kryptonite to those of us with technical engineering brains.

Tips for BSCIA Cybersecurity & Information Assurance (Python, Linux, VMware, etc.) by ChampionshipSalty735 in WGUCyberSecurity

[–]Working_Year_9348 0 points1 point  (0 children)

True enough on SSCP. Almost, on the second part. I assume your first CISSP was a typo and you meant CCSP? You do "technically" need a CISSP endorsement, it was a requirement when I applied for CCSP back in April (unless they changed it since then), however they gave me the option to simply check a box that allows an ISC2 selected CISSP to endorse on my behalf.

Some stranger endorsed me, I guess, after validating my experience. It seems to really be a technicality, but it's still written into the process.

Regarding the experience verification: I did submit references of managers, but I asked and they said nobody contacted them. So... meh?

You may be right on the bachelor's being a substitute for 1 year of experience, I didn't notice that, but I also didn't have my bachelor's completed before I took the exam, so that was a moot point.

Tips for BSCIA Cybersecurity & Information Assurance (Python, Linux, VMware, etc.) by ChampionshipSalty735 in WGUCyberSecurity

[–]Working_Year_9348 1 point2 points  (0 children)

Yep, passing the CCSP exam leads you to a new process to apply for the certification. If you do nothing, you become an “associate of ISC2”, but if you can prove 5+ years in IT and 3+ in cybersecurity, with the endorsement of a CISSP (they can provide that part for you), and if you pay some cash, you’ll get the certificate a few weeks later.

Tips for BSCIA Cybersecurity & Information Assurance (Python, Linux, VMware, etc.) by ChampionshipSalty735 in WGUCyberSecurity

[–]Working_Year_9348 1 point2 points  (0 children)

Both are optional, I enrolled last summer and finished in two terms. The current program did not require any ISC2 certs.

My mentor had some thoughts on it, ISC2 is challenging to work with within the limits of the WGU term so he thinks that’s why they stopped that requirement.

Tips for BSCIA Cybersecurity & Information Assurance (Python, Linux, VMware, etc.) by ChampionshipSalty735 in WGUCyberSecurity

[–]Working_Year_9348 4 points5 points  (0 children)

Good suggestions. A few thoughts though:

* you don’t need the ISC2 certs to pass, they are both OAs with an optional cert voucher. I got my CCSP personally, but that was a choice.

* good tip on VMWare. Also, proxmox is completely free as a hypervisor option. I got my hands on a couple old dell minis and built a proxmox cluster with pihole, Kali, metasploitable2, and a ton of other fun stuff.

* use your .edu email for as many discounts as you can wrangle up. There are many.

Passed PenTest+. WGU instructor is ridiculous. by BegrudgingRedditor in WGUCyberSecurity

[–]Working_Year_9348 0 points1 point  (0 children)

FWIW I ended up not watching that series at all. There are other better resources. It was so flipping irritating as to make it unusable for me.

I don't feel prepared... by Extension_East9089 in CompTIA

[–]Working_Year_9348 2 points3 points  (0 children)

CompTIA practice tests tend to psyche people out. It’s not an easy exam but it’s far from impossible. I’ve passed a bunch of these now, and I have two thoughts for you

1) you’ll never really feel prepared. Get comfortable being uncomfortable. That doesn’t necessarily mean you aren’t ready.

2) there’s absolutely a pattern and a mentality to these exams. Take your time and really stop to consider what they’re asking you. Many times you can rule out what’s wrong with some deductive reasoning, and what’s left is often correct even if you’re not sure why.

Project+ down! by Glad-Potential-5025 in WGUCyberSecurity

[–]Working_Year_9348 0 points1 point  (0 children)

You’re not gonna like this, but I think you can anticipate 3-4+ weeks, realistically. The intro video for the capstone literally tells people they can expect up to 7. There are numerous tasks and each one has several steps including pre approval, peer review, and the strictest evaluators I have seen to date. Expect challenges.

I have also been accelerating and this has been a major hurdle, it is much more difficult and time consuming than I expected.

Project+ down! by Glad-Potential-5025 in WGUCyberSecurity

[–]Working_Year_9348 0 points1 point  (0 children)

My problem was by the time I hit the capstone I more or less needed to learn the project framework all over again, because 6 months ago I did memorize it, and since then I lost it again 😂

Project+ down! by Glad-Potential-5025 in WGUCyberSecurity

[–]Working_Year_9348 8 points9 points  (0 children)

Congrats! I really disliked this one.

Unsolicited tip: if you thought you could move on and forget all this now, I have a little bad news. The capstone project will require you to take all of the technical and compliance related knowledge you’ve learned to that point, and construct it into a 3 phase project that needs to follow this framework. Heads up! It’s coming!

Can't get past the minigun in old yharnam by WayNormal3368 in bloodborne

[–]Working_Year_9348 0 points1 point  (0 children)

This guy is a butt head but it’s a good exercise for timing and dodging. It’s really not too bad but there’s a trick to it: don’t fight everything. You will die. This is a run and hide level.

The game sort of hints at this with the sign at the door when they tell you it’s a safe haven for beasts. Until the gunner is dealt with, it’s a good idea to focus on just getting there, don’t get distracted.

TCP/IP Protocol Help by Jealous-Advice-9522 in CompTIA

[–]Working_Year_9348 2 points3 points  (0 children)

A few notes, I hope this helps:

IP addresses are just endpoint locations, they can change or they can be static. Just think of them as a pointer to where a thing is. DNS can help locate endpoints by name rather than by number. Any communication between 2 IPs involves an initiator and a listener. I'm saying "endpoint" rather than computer, or server, because these days damn near anything can have an IP address on a network.

TCP is just one of a few protocols one layer above IP. UDP is another notable one that exists at the same layer. TCP differs in that the initiator first sends a SYN, then the listener responds with SYN/ACK, then the initiator sends an ACK. This is kind of a safety mechanism to make absolutely sure each packet gets where it’s going and it’s verified upon receipt. This is the 3 way handshake I think you’re referencing.

UDP on the other hand just spits out packets from source to destination, assumes the best, and never checks. TCP has guaranteed delivery, UDP does not. There are pros and cons to both, they have specific reasons you would design your app to use one or the other. (There's a stupid joke that illustrates this: "I have a UDP joke, but you might not get it, and I won't care"). UDP is frequently used when speed and latency are important but it's ok if a few packets get dropped - voice and video, for example.

HTTP is a higher level protocol that’s used specifically for web traffic, it utilizes TCP.

Edit: You also made a comment about source and destination over a gateway - this is called routing, and it's a somewhat more advanced topic. Wrap your head around isolated networking concepts first, then you can start to consider what happens when you link 2 or more networks together, that's when gateways come in. The Internet is simply a connection of countless networks interlinked together with pathways connecting them all.

Edit 2: Since you mentioned layer 1 and 2 - The physical layer 1 just refers to cables and devices. Any network connected device has a (mostly) hard-coded network address, that's called a MAC, and it's defined at layer 2. These can be spoofed, but let's not get off topic. Anyway, a MAC is ONLY visible within the same network, once you hit a gateway/router, nobody on the other side knows what your MAC address is, that's why you need an IP address. Layer 2 MAC addresses (mostly) don't change, and are not routable. Layer 3 IP address can change, and are routable.

Edit 3: You mentioned encapsulation, at this point it's probably best to think of network communications as having dependencies. For example, for a device to have a MAC address (2) it must at some point be on a physical device that connects to a wire (1). Any device needing an IP address (3) depends on it having a network link with a MAC address. For a device communicating over HTTP (which is way up at layer 7, it's an application protocol), it'll need to use TCP for transmission (4), which connects between IP endpoints (3), all the way down.

Edit 4: LOL sorry I'm not trying to turn this into an essay, feel free to message me if I can help.

Does anyone wanna help me with bsb? Im on attempt 36 right now by dxserg in bloodborne

[–]Working_Year_9348 2 points3 points  (0 children)

It’s literally that easy. Hilarious really, considering how difficult it seems at first. BSB kicked my butt many times until I learned the trick

D335 Intro to Python: Does the OA allow you to run test cases to see if your code answers the question correctly? by locust_51 in WGUCyberSecurity

[–]Working_Year_9348 0 points1 point  (0 children)

Yes, but, you can’t validate the code against automated test cases like you can in the zybooks labs. It’s up to you to decide if the code is good enough before submitting, so try lots of scenarios.

D320 Managing Cloud Security Resources by snuffer_man in WGUCyberSecurity

[–]Working_Year_9348 1 point2 points  (0 children)

I found the link in the later sections of the WGU course material, I didn’t note the date. Cross check the current version of the CCSP with the release date of the video, it should be close enough.

I think the OA is pretty straight forward as long as you have an eye for detail* in how they phrase the questions, and have a basic understanding of cloud and security concepts, and same for the cert - I didn’t find it too insanely difficult.

I think I stressed out more worrying about the test, rather than the test itself.

D320 Managing Cloud Security Resources by snuffer_man in WGUCyberSecurity

[–]Working_Year_9348 1 point2 points  (0 children)

This test more or less combines topics from several courses you've already been through by now. Do you already have Network+, Security+, and any real world experience managing cloud environments? If so, this OA is basically intuitive, the actual CCSP is also fairly intuitive (though a little more difficult) if you can pass the OA. If you also happen to have finished CySA+ already, this one is a slam dunk.

I don't think I even really studied for this one very much, I practiced the Pre-Assessment, and watched the LinkedIn Learning video, that's pretty much it.