Category: Certifications

Posted on

CISSP Certification Unlocked!

So I took the plunge. I am officially a CISSP member. I know a lot of people don’t put a lot of stock in the certification from a technical perspective but I am happy with the achievement and really, that is all that matters!

Thoughts on the CISSP Exam

I spent some time reading the subreddit for CISSP and there seems to be a lot of anxiety around taking the exam. In all honesty, this was the first exam that I have taken where it just ends without you knowing whether you passed or not until you get the paper from the guy at the desk out front.

The exam itself has a minimum of 125 questions and a maximum of 175 questions which is taken during a 4 hour block. I went into the exam telling myself that if I was around the 130-140 range when the exam shut off, I would be in good shape. Once it got higher than that, I felt that I would need to be more diligent with my answers and potentially read the questions more thoroughly. I wasn’t really sure what to expect but this was the plan that I was going with.

I kept looking at the question numbers as I got a new question so I could keep an eye on that 125 mark. Once I hit question 125 and answered it, the exam shut off. At that point, I thought there was no possible way I could’ve passed. But once I got outside with my results, I was extremely happy and confused. I have heard stories of people getting all the way to question 175 and passing but others where they also failed at 175. I just didn’t think it was possible to pass at the minimum but looking back, it’s entirely plausible and possible. Reddit was a good way to see that I was not alone.

I thought the exam was tough but not incredibly difficult. Depending on your experience and study habits, it is worth a shot. (ISC)2 offered up a free retake if you took the exam for the first time by the end of October so I jumped on that. Thankfully, I didn’t need to ask for a retake voucher but it was worth it nonetheless.

My Study Materials

What did I use to study? Since this was more of a cram session due to time constraints, I had to be a little more deliberate with my studying. I chose to start with “Eleventh Hour CISSP: Study Guide” which really helped as it’s only about 200 pages. The Official Guide is much thicker and a better option if I plan on studying for a few months but the one I used was sufficient and to the point.

I also found a guy on Twitter who provides CISSP-type questions each day and then provides the answer the next day. His name is Adam Gordon and I thought those helped me a great deal as well. Obviously, they do not appear on the exam or exactly worded the same but they contain the content that might be on the exam. It was definitely a good addition to my studying.

There are so many other options from boot camps to the Official Guide but these are what helped me. I do have a few years working in the IT industry where I’m exposed to these topics so experience can sometimes allow you to know what the question is asking.

Are You Certified After Passing the Exam?

Short answer is no. There are more things that must be done but the hard part, in my opinion, is over once you have been given the official pass from (ISC)2 and then, it becomes more of a waiting game.

Once I received my official pass, I had to find an existing CISSP member to endorse me. Luckily, I had someone who I work with that was willing but if you do not have someone, you can let (ISC)2 do that for you. I did read that it could take a little longer but it can be done.

After you are endorsed by an existing CISSP member, you will just have to wait until the organization can review the endorsement. It took me approximately 2.5 weeks before I was notified but I also took it at a time where they offered the free retake so I’m sure they had an influx of applications to review.

Finally, I paid my maintenance fee which was $125 and I got my official notification that I was a member! At that time, you can download your digital certificate but your digital badge doesn’t come until a few days later. It was about 3-4 business days for me. They notified me that my official packet will arrive at my house in 8-12 weeks but that’s ok since I like having the digital versions right away.

I’m Officially a CISSP. What to do?

Well, you’ll need to 120 Continuing Professional Education (CPE) credits to keep it up but that will be over a 3 year period. The official website has an entire CPE portal and pages devoted to help with this. This is a bit better than having to take the exam over again like most renewals so I’m happy with it.

I would take a gander at the site once you are official to see some of the benefits that are afforded to you.

What’s Next?

Since we’re at the end of 2022, I’m going to take the rest of the year to relax and maybe do some TryHackMe streaming on my Twitch channel which is uploaded to my YouTube channel. The Advent of Cyber challenge should start in December for anyone who is interested! I’ll also start reading some of the books that seem to be stacking up on my bookshelf.

This is also the time of year where I decide what I want to accomplish in 2023 and look back on what I accomplished in 2022. These help keep me honest but also allow me to appreciate the work I put in throughout the year.

Hopefully, this post helps anyone who is looking to tackle this certification but also reduce some of the anxiety and scariness of the exam and process. Good luck!

Posted on

Becoming Certified! – Passed the 402 Exam!

So the journey is now complete or at least until the renewals come around. I really had no idea that I would have gone this far in the process about a year and a half ago. But, I learned a lot throughout the process and can finally say that I have both 400-level F5 certifications!

Thoughts on the 402 Exam

The hardest part for these 400-level exams is the lack of practice exams to prepare you for what you might experience when you sit for the real one. I understand why there are not any exams but it does make it tough to browse the internet looking for F5 K articles or write-ups for a lot of the topics on the blueprint. Taking two months to study was probably the best thing for me so I didn’t feel rushed in the normal 30-day timeframe that I did with the 300-level exams. With that being said, the exam was tough and really focused on the cloud space, which I enjoyed.

Journey to the 402

If you’re interested in taking the 402 exam, the below graphic should paint a good picture on the pathway to get there. You will need to pass the 101 and 201 exams to achieve the BIG-IP Certified Administrator certification. Then you’ll be able to take both LTM exams (301a and 301b) and the BIG-IP DNS exam (302). This will give you the certifications in both LTM and BIG-IP DNS. These are definitely achievable to anyone with hands-on experience with the modules and LTM is a pretty common module, if you have any BIG-IPs deployed. I would suggest enjoying the journey and not just focus on the end result. It will not feel so overwhelming that way.

Those Study Materials

Like I did with the 401 exam, I tried to create a document that has all the blueprint objectives and any links I found that might apply to those objectives. Since there are no practice exams, this was the best I came up with. Now, I did not find links for every objective but what I did find helped me a great deal. I have provided a link to my Github repo that has the document and I also put it in the markdown file.

https://github.com/CoolPoole/f5-402-exam

I also wanted to call out the link below that provides some really good links to help with this exam. ArvinF from the F5 SIRT team provided his experience on the exam and his reading list. I would suggest using this as well.

https://community.f5.com/t5/technical-articles/f5-402-exam-reading-list-and-notes/ta-p/297746?sf259361488=1

Hopefully, you will find these helpful on your journey!

What’s Next?

I’m not really sure where I want to go from here, specifically. I find myself learning more and more on the security front so maybe that’s where I’ll head? For now, I’m just decompressing from this exam and will figure out what’s next shortly. I’m definitely in no rush.

Thank you for reading!

Posted on

Becoming Certified! – BIG-IP DNS Edition

Ok. So I know I said that it’s over but I don’t think learning is ever over. I’m proud to say that I’m officially BIG-IP DNS (formerly GTM) certified! It’s been almost a year since I took my last certification exam so I needed one to get back into the swing of things and seeing that “Passed” is always a nice feeling.

Thoughts on the Exam

This exam covered the BIG-IP DNS module which focuses mainly on DNS functionality. While I did not think this exam was terribly difficult, I did not get every question correct and I have some experience with this particular module. I felt the questions were pretty straight-forward and helped introduced some items or objects that you may or may not be using within your environment. For example, I have used BIG-IP DNS to resolve more than just A records such as MX, SRV, and TXT records in one environment, but in another environment, I’ve only used this module to handle Wide IPs. There are so many ways to utilize BIG-IP DNS that every environment will likely introduce something new which is always nice to see. There’s a lot of information in this module so make sure to use the blueprint to your advantage.

Getting 100% is not the goal. You get the same certification if you score 70% or 100%. A Pass is a Pass.

How Do I Become BIG-IP DNS Certified?

The exam required to become BIG-IP DNS certified is the 302 exam. As usual, F5 does a really nice job of providing a visual of this pathway :

As with any 300-level certification, you must first pass both the 101 and 201 exams to become a BIG-IP Certified! Administrator. Once you have gone that far, all 300-level exams become available to you.

Study Material

Operations Guide

What did I use to study? Like I mentioned earlier, I do have access to this module in a production environment and responsible for management of the device. Even with that level of access, I built a lab environment in AWS so that I could play around with some of the settings as I went through the Operations Guide and some F5 articles. One of the things that really helped me was looking at the GUI and then looking for a F5 article that talked about the settings in a particular section so I could better understand them. This section of the Operations Guide talks about DNS services:

Operations Guide – DNS Services

There are too many F5 articles to list out but building a lab is necessary, in my opinion. It allows you to screw things up and understand why you screwed it up. You can build out a lab in Azure as well since F5 has Virtual Editions in their marketplace. Please use whatever is comfortable to you and make sure to keep an eye on those charges, if you end up using one of these cloud environments.

Practice Exams

Practice exams are vital and should be considered a necessity when attempting any 200 or 300-level exam. As I’ve said in other blog posts around these certifications, they give you a similar experience as you have on exam day even if the questions are not on the exam. I love having these available to me and you can purchase 1 practice exam for $25 or 2 for $40 dollars. You have 90 days to use them. I, typically, take one at the beginning of the process and then one about a week or so before exam day so I can get an idea on how I’ll do on the exam. The practice exams are offered here:

Exam Studio – F5 Practice Exams

What’s Next?

Well, I’m on the path to taking the 402 and becoming an F5 Certified! Solution Expert – Cloud. I plan to take this exam at the end of September so we’ll see how it goes. This exam is focused more around cloud technologies and how F5 will fit into these architectures. Cloud is all about sizing and the larger you go with a particular VM, the more expensive it becomes. So I’m interested in learning more about cost-efficiency and what changes now that you don’t have access to Layer 2 anymore.

Until next time!

Posted on

Becoming Certified! – The Road to 401 is Complete!

It’s finally over gang! As you can see above, I was successful in passing the 401 exam and achieving that nice looking blue badge. I’ll admit that I wasn’t a fan of the color changes to the badges but I have come around and really like that blue.

Thoughts on the Exam

Overall, I thought it was a tough exam. I think the toughest part of the exam was trying to answer questions on technologies that I do not actively use or have experience in but I understand why you might be tested on those. This certification exam tests your knowledge on all things F5 and while during the 300-level exams, you are tested on configurations for a given module but here, you need to know everything so you can education or influence your customer on the right solution. It only makes sense so once your understand that, you’ll be fine. The exam itself is tough and can make you question yourself as an engineer but like anything, it will be worth it once you pass.

I won’t say what is on the actual exam but the blueprint does a good job of pointing all that information out so that’s a good place to start.

The lack of practice exams is a killer!

So You Want To Take That 401?

Here is a visual of what you will need to achieve to be able to sit for the 401:

It’s a long journey but you will learn so much if you put the time into it. Overall, you will take 6 exams to become eligible for the 401 exam which results in 4 certifications so it is not like you are taking all 6 exams with nothing to show for it. The one great thing about the process is that each higher level exam will renew the one below it. For example, a 300-level exam will refresh the 201 and a 400-level will renew every certification that is required for it.

What Did I Use to Study?

With the lack of practice exams for 401 and not really knowing how the questions might be asked, I created my own study guide comprised of a combination of F5 resources and Youtube videos. I placed the word document in a repository on my Github but also copied it into a ReadMe file on that repository as well. You can find it below:

https://github.com/CoolPoole/f5-401-exam

Where Do I Go From Here?

I think I’m done taking F5 exams for the rest of the year, so I think I’ll plan to learn some things that I’ve been putting off. I like to play around on TryHackMe and I really want to learn some Node.js and Javascript as well as play around in Azure. I also want to build out some labs in Azure and AWS so really I will just continue to learn.

I really hope these posts will help someone but at least, I can look back and just exhale on what I’ve accomplished in 2021. Take care and keep learning new things!

Posted on

Becoming Certified! – F5-CTS BIG-IP APM Edition

Yep. If you were paying attention, I passed 301b just a couple of weeks ago and since I enjoy punishment, I decided to schedule 304 immediately after it. I was a little cautious since I do not care for taking exams so close together but I’ll explain later in the post as to why I needed to take it so quickly. But before I do that, I will go through my experience with APM and what I used to pass this exam. I hope you enjoy it and find it helpful.

Working with APM – A Real Mystery

I was introduced to Access Policy Manager back in 2015 on version 11.6 by John Bailey and John Alam (two visionaries!). I had no clue on what it was or how I could use it in our environment. I was lucky enough to have a great Manager, Mike Walter, who I could always go to if I felt I needed training (which I did a lot with F5). I spent a lot of time in New York City on 33rd street taking F5 trainings which were really good to get you started as well as also providing a nice lab book that could walk you through some configurations. I think we only used APM to provide logon pages for applications that could do lookups against Active Directory and do queries for group memberships, then allowing should the query return successful. That was really it but there was so much more to it that we never explored.

Once I moved on, I was able to see APM in all of its glory. I saw Portal Access being used, Kerberos for SSO, and SAML Authentication, both as an Identity Provider and a Service Provider. I was also exposed on the configuration for On-Demand Certificate authentication and SSL VPNs. These items were foreign to me from a configuration concept or how they could be leveraged but I soon began to see them in action. Those configurations are only a small sample of what APM can do for an application.

I do not really see a lot of commentary on Access Policy Manager, especially with F5 pushing Nginx, SSL Orchestrator or the new acquisition of Volterra.   It definitely has a place with respect to securing applications fronted by the BIG-IP.

What Do I Need To Do? Let’s Talk Requirements

The requirements to be eligible to take this exam are really straight forward, like all the other exams. You only need to have passed 201 and be a BIG-IP Certified Administrator to be eligible. That certification allows you to take 301a, 302, and 303 in addition to 304. Here is a great illustration that shows the path and can be found here:

My Lips Are Sealed

I cannot tell you what is specifically on the exam but you can expect to be asked anything and everything that Access Policy Manager provides so knowing the big topics like AAA (Authentication, Authorization, and Accounting) or Portal Access will likely be needed as they are such a big part of APM.

I am lucky enough to have access to APM in a production environment but you could easily spin up a virtual machine in AWS or Azure and provision APM so that you could just look at the GUI to see what is available. But remember, this exam is based on code version 12.1 according to the blueprint. So use the blueprint to make sure you are studying the material needed for this exam.

My Study Materials

Practice Exams

I love the practice exams provided by F5 and Exam Studio Online. As I mentioned in my previous post, I like to take one before I start studying so I can see where I am the weakest so I can spend a little more time there. You can find them here. They are fairly inexpensive with one exam costing $25 and two costing $40. You will need a F5 Candidate username to log in though.

Operations Guide

I’ve mentioned AskF5 in my previous blog post, Becoming F5-CTS BIG-IP LTM Certified!, but AskF5 has an operations guide for Access Policy Manager which goes over licensing, use cases, high availability, and security. It is really comprehensive and is a good starting point for those who have not accessed APM in some time or are new to the module. It can be found here.

So What’s Next?

So I alluded to this earlier in the post but my Application Security Manager certification is up for renewal next month so instead of renewing it, I decided to see if I can get 401 certified before ASM expires. So yeah…I love punishment. I’ve scheduled it for the end of the month and with no practice exams available, it will be a challenge. 

Regardless of the outcome, I'll be sure to write another blog post about it.  Fingers crossed!

Posted on

Becoming F5-CTS BIG-IP LTM Certified!

Yes! I can finally say that I have survived the one thing that haunts me and that is a certification that involves passing two exams and one that requires you pass the first exam to be eligible for the second exam. I have always preferred the one exam per certification route but I can say that I learned a lot with this path. I will try to provide what I used for both exams in the hope it will help someone who is looking to tackle this certification.

My F5 Background

Let us begin by saying that I am not new to the F5 BIG-IP nor to many of its modules. I was exposed to the BIG-IP as a SQL developer where our main relational database was being load balanced behind one of its virtual servers. One day, I had the opportunity to log in (basically the only one who was around) and had no idea how to navigate. A few years later, I would have the opportunity to manage one. This eventually turned into fourteen but things tend to multiply.

I was lucky enough to get plenty of hands-on with Local Traffic Manager, BIG-IP DNS (GTM for the old people – me included), Access Policy Manager, and Application Security Manager. This definitely made it easier for me to learn how the BIG-IP worked and how each module fit into the overall plan F5 has with making applications go faster and become more secure (applications, not the control plane CVE in 2020). It’s not impossible to pass an exam without having physical access to the BIG-IP but it definitely helps.

Let’s Talk Exams

There are two exams required to achieve the LTM certification, which is at the 300-level. The certification team at F5 actually does a great job at providing the necessary info on requirements as well as resources to study materials. While there are no official study guides for the 300-level exams, the F5 certification team provides exam blueprints as well as access to practice exams for each exam. I’ll explain where to find those later but here is an interactive guide to prerequisites for each exam.

Exam 301A – Where It All Begins

This exam will measure your ability to set up a BIG-IP device in multiple ways (i.e. Standalone, Active/Standby, or Active/Active), architect the BIG-IP so that it fits into an existing network, as well as deploying applications behind it using the many configuration options the device provides.

If you have experience in onboarding a BIG-IP into an existing network, deploying applications behind different types of virtual servers, setting up high availability with multiple BIG-IP devices, you should not have an issue with at least being in the ball park to pass this exam (minimum score of 245). Depending on your environment and exposure will determine how much you need to study.

I started out in an environment where everything was simple and had very little segmentation so no way I was passing this exam. I am no in an environment where I am exposed to more than just a standard virtual server and round robin load balancing. The Exam Blueprint can be found here so take a peek and see if there are any items that you need to do some more research.

ProTip:  If you pass 301A, I would not post that you are 301A certified.  Dr. Ken will be in your comments quickly to tell you this.

Exam 301B – Last Person Standing

Passing this exam will get you pass the finish line and that really nice looking purple badge! I mean that’s really what you’re after right?

This exam will test your ability to troubleshoot issues with the BIG-IP devices and application configurations. This can be anything from consolidation of redundant or unused items in an existing configuration, deploying custom alerting (I see you MIBs), upgrades and rollbacks (ouch!), and profile modifications. Time is not your friend on this one. Troubleshooting can be time consuming and these questions are no different. Again, having some experience in a production environment will help (a lot) but still not impossible if you have access to a lab. But remember, passing this will get you that fancy badge so good luck!

Oh…before I forget, you can find the Exam Blueprint here but there was a nice blog post that I found where someone was kind enough to put some information to some of the items in the blueprint. I would personally like to give “Erik” a shoutout because his blog actually filled in some gaps for me. Check it out (not spam!).

Other Study Items That Really Help…I promise!

Practice Exams

There is a practice exam for each F5 exam so both 301A and 301B both have their own exams. My personal method is to buy two ($40) and while there is only one exam, I take one early on in the study process and one before I take the exam. The questions do not appear on the exam but they do, at least, give you an idea on how the questions are formatted. This is a big part of the exam process, in my opinion. They are provided by Exam Studio Online and are located here. I do believe that this ties in with your candidate login information but don’t quote me on that. It’s been a bit since I signed up and I can barely remember my password and username.

I do recommend at least purchasing one ($25) unless you like to live dangerously and if that is the case, rock on!

Labs

While I’m lucky to have access to actual devices, I know some don’t. However, I have deployed some personal devices in Amazon Web Services where you can only pay for the time that they are running (so make sure to turn them off!). This can be helpful to learn the GUI or run TMSH commands to help with learning. You are definitely going to want some hands-on experience with these because as you navigate through the GUI and command line, you can see how items relate such as how “/sys” at the command line corresponds to the “System” section in the GUI or how “/net” allows you to list the interfaces on the BIG-IP similar to how you can see them in the “Network” section. See where I am going? It helps…trust me.

AskF5

The last resource I used and really in conjunction with the labs section is AskF5. This is a great resource that will explain configuration options for a profile, tell you the default value, and even provide some “gotcha” items in the event you plan to change a value on a profile, for example. I used these quite a bit when I wanted to learn more about certain items in a given profile or configuration that you do not configure regularly or at all. Here is an example of what it might look like:

What I like most is that you can see how often it’s updated and which version of the BIG-IP software it might apply to.

In Conclusion

My only hope for this blog post is to provide some sort of insight into what it takes to become certified with Local Traffic Manager as well as give some tips that helped me pass these exams while also minimizing spelling and grammar errors.

At the end of the day, you should take these exams because you want to and not because you feel like you have to. I use certifications as a way to keep me honest while I am learning, otherwise I feel like I would not put as much effort into it. Take them for yourself because you want to learn and not because you feel like it will validate what you know. 

Thank you for taking the time to read this post and I wish you good luck!

Posted on

What I Used to Pass CompTIA Security+ SY0-501

Yes! I passed the CompTIA Security+ SY0-501 exam!

Passing this exam was something I had on my list of things to do in 2020 and as usual, I waited until the final month of 2020 to mark it off my list. But it’s off my list and that’s the most important thing, at least for me. While I do have some experience in IT, I’m really glad I decided to go after this certification. I will not get into the degree versus certification discussion as I think everyone has their own opinion and we’ll leave it at that. One thing I am a firm believer in, is the ability to take whatever path you choose but make sure you can understand the basics before attempting higher level knowledge. You don’t have to go after things like CCIE or OSCP starting out but having basic networking and security knowledge is a great help when it comes to troubleshooting and making decisions around configuring systems or architectural designs.

My reasoning for taking the Security+ exam was to ensure that I do have a solid foundation of security concepts but also I plan to move into the Information/Cyber Security job space permanently (hopefully in 2021). Having the Security+ certification also helps if you are planning to work in the government sector as they follow DoD Directive 8570 so make sure to check that out if you are looking to move toward that space.

Since the exam doesn’t expire until July 2021 and there aren’t as many resources available for the new SY0-601 exam, I opted for the SY0-501. I also wanted to achieve the certification before 2021, so I gave myself about 30 days to study which is fairly aggressive but I did not feel like I needed to study every subject area thoroughly as I did with Cryptography. I also followed my usual study method of watching videos, reading the book, and taking practice tests. Doing those three things has always helped me when studying for a certification. I’ll go through each and give a review on the tools I used so hope this is helpful.

Books

I always use books as my main source of study aid when I’m looking to chase a certification or learn a new thing. For the Security+, I used the CompTIA Security+ Get Certified Get Ahead by Darril Gibson. Books tend to have so much more information and detail that really helps drive home some concepts that might be tough to consume. This book, in particular, has a pre-assessment test in the beginning and practice questions after each chapter. By purchasing the book, I believe there are some other study tools that come with it but I didn’t use them. For the book itself, this one was really good and easy to understand. The book isn’t too expensive but if you’re into reading on a Kindle, there is a Kindle version for $10.

Videos

Videos are really nice to give an overview on a topic but it’s not going to give you the detail and understanding you need in 10 5-minute videos. However, it does partner well with a book and that’s how I tend to use them. I usually watch the videos first, then read the corresponding section to really drive it home. I opted to use Mike Meyers videos on Udemy which were really good and he’s a bit animated so that helps keep my attention as you know, sitting and watching an hour’s worth of videos on security foundations might not be the most interesting thing to do. Since I had a shortened timeline for this certification, I only focused on certain videos and topics such as Cryptography or Wireless since I felt those were really important to understand the detail.

Practice Tests

In my opinion, practice tests are a must and vital to getting in that testing mindset. For this, Udemy had 3 practice tests by Mike Meyers. I took all three during the last week leading up until the test but I did take them multiple times so I really could understand why I wasn’t answering some correctly. One method I have always used with these tests, is to make sure you can explain or understand why a provided option of a multiple-choice question is the wrong answer more so than finding the right answer. If you can do this fairly well, you should have a better chance on questions you might not know the answer to on the actual exam. These practice tests on Udemy actually grades the test and provides the answers. You can filter by ones that you answered incorrectly, correctly, or just by all the questions. They do provide a bit of detail for each option on a question and why they are correct/incorrect. So this does help you study and see where you need more work.

Additional Online Material

Some additional online material that helped me came from Professor Messer. He has a few various tools that are really beneficial and most importantly, they are FREE! I’ve listed these below but in short, he has a monthly study group where he goes over practice questions, posts sample questions on his Instagram page, and offers some sample questions on his website. I used these as fillers when I didn’t feel like reading or watching a video. The study group on YouTube is something you can just listen while you do other things. I really enjoyed them.

I’m sure this is a lot of information and a lengthy post but my hope is that someone finds this helpful as they try to study for the Security+. One thing to remember though…there is no one right way to do it and you should always understand that sometimes the most direct path isn’t the most rewarding one.

Thank you for reading and Good Luck!