Online Exam Joining Instructions - VA+ exam
Please use the instructions below to help you organise your remote exam.
Please contact us if you have any queries.
Taking an Online Exam at The Cyber Scheme – what you need to know.
Access to a stable internet connection on the day of your exam (30 Mpbs or greater is preferable) with unfiltered outbound internet access. Restricted or heavily locked down corporate devices may be unsuitable. A wired connection is preferable to ensure a consistent connection but a reliable WiFi connection should be fine also. Mobile device tethering is not recommended, however.
The WireGuard VPN client installed on your device. This must be the same device where your vulnerability scanner is installed to ensure your scans can run successfully over the VPN connection.
A VPN configuration will be provided at the start of your exam.
A Teams meeting link will be sent to you the day prior.
WireGuard VPN
Please install the Wireguard VPN client before the assessment.
Please note activating the VPN client outside of the assessment timeslot will cause your device to lose access to the internet. This is by design. Simply turn off the VPN to re-enable your internet access. You can only use the internet through the Cyber Scheme VPN during the assessment time slot, not before or after.
Windows
Browse to: https://www.wireguard.com/install/
Download and install the client then import the .conf (configuration file supplied by the Cyber Scheme).
Linux
apt update
apt install wireguard
You will be sent a config file from the Cyber Scheme.
FAQs
Where should I install Nessus? – in Windows is fine.
What Nessus licence do I need? – any is fine, we recommend the free essentials licence. Please note Nessus Essentials has a limit to 5 IPs Addresses that can be used for vulnerability scans and only lasts for 30 days now.
Can I use any vulnerability assessment software? – Yes, use any you like. Alternative software is available.
Do all candidates get their own network / devices to scan? – yes you cannot affect the other candidates.
Taking an Online Exam at The Cyber Scheme – what you need to know.
You will need to connect to a video conferencing solution.
Please have vulnerability assessing (VA) software available on your device ready for the exam. We recommend the use of Tenable Nessus for the assessment; however other options are available if required.
Please have available during the assessment:
- A webcam
- A microphone and speakers (ideally a headset)
- Photo ID – passport or driving licence.
Only one display screen is allowed during the exam so either a laptop with no external monitors or a desktop with a single display.
Assessment Marking Criteria Matrix
All candidates will get feedback and this marking and feedback matrix will be used:-
Pass / Success Criteria:
Software Assessment – 4 out of 5
Soft Skills Assessment – 4 out of 5
Technical Interview – 4 out of 5
Multiple Choice Quiz – 18 out of 30.
The assessment is in three parts, practical (including scope and scanning), technical interview and multiple-choice quiz.
Assessment Marking and Feedback
Criteria | Fail | Pass | Comment |
Software Assessment |
|
| PASS/FAIL |
Scanned all devices in scope |
|
|
|
Did not scan out-of-scope devices |
|
|
|
Found a critical-risk or high-risk issue |
|
|
|
Scanned for default credentials |
|
|
|
Configured both Windows and Linux credentials successfully |
|
|
|
Soft Skills Assessment |
|
| PASS/FAIL |
Candidate was polite and professional throughout the assessment |
|
|
|
Explained technical issues to both technical and non-technical audiences |
|
|
|
Was able to summarise findings and prioritise what an executive would care about |
|
|
|
Mitigated risks before the vulnerability assessment |
|
|
|
Understands the laws and ethics associated with cyber security (including permission to scan before the vulnerability assessment) |
|
|
|
Technical Interview |
|
| PASS/FAIL |
Understands networking protocols (ICMP, TCP, UDP etc) |
|
|
|
Gave good mitigation advice |
|
|
|
Gave good defence in depth advice |
|
|
|
Gave good pushback / follow up advice |
|
|
|
Could answer a technical question around current vulnerabilities |
|
|
|
Multiple Choice Quiz |
|
| PASS/FAIL |
Score equal to or above 18 |
|
|
|
Additional notes | |||
| |||
Final Grade: PASS/FAIL | |||
Remote Assessments and Reasonable Adjustments
The Cyber Scheme will, where possible, make provision for any additional time or support that might be required. Please contact The Cyber Scheme at least 3 working days ahead of the exam to ensure appropriate adjustments are made and the assessor is properly briefed.
You will need to provide adequate information about your needs in order for the appropriate adjustments to be made. The Cyber Scheme takes seriously the management of sensitive PII and as such will not make a formal record or retain any information provided other than to support any preparation an Assessor might need to undertake, and a record of any additional time allowed. All provided PII information will be deleted after the conclusion of the assessment.