How I passed the Security Blue Team Level 1 exam with 90% by Amaryah Halo

Here’s my experience on what I did to pass the 24-hour exam on my first attempt. I sat the exam November 2023.

Before the exam:

• I focused heavily on the practical side/labs/tools in the course material.
• I went through some labs a second time. If you have extra lab time, use it to clear your answers and retake labs for tools you’re not comfortable with.
• I tried to go through labs without referring to any notes.
• I took notes of any queries etc that I thought would be helpful in the exam.
• For tools I wasn’t comfortable with, I took notes from how to load the tool to how to use the tool.
• I completed extra labs from Blue Team Labs Online — Cyber Range (BTLO). Here’s a great Medium article I’ve read on how to pass How to prepare for the BTL-1 exam | by 0xBera | Medium. They reference the best BTLO Practice and External Resources for each section. If you follow them it will prepare you well.
• I familiarized myself with the Blue Team Lab Environment as the exam is in a lab format.

Beginning of the exam:

• I read through everything thoroughly and made sure I understood the exam as best as I could.
• I went in seeing this as an opportunity to apply my skills and what I’ve learnt in a controlled environment.

During the exam:

• This was crucial for me — I took breaks when I hit mental blocks. There were times when I felt like giving up and using the second attempt, but I kept on going. This is one of the main reasons I passed.
• When I came back from a break I either attacked the same question or moved on.
• I wrote down notes when I was confused.
• I enjoyed all the ‘aha’ moments and embraced all the challenging ones.
• I googled concepts I wasn’t familiar with during the exam. There is enough time to learn something you aren’t familiar with.
• I re-checked all my answers to make sure I didn't miss anything, got over my nerves and submitted it.

After the exam:

It was automatically marked so I got my results straight after submitting it which was nice. There is the option to remark but I was happy with my result.

A few other comments from my experience:

• Start the exam at a time that works the best for you. It’s 24 hours so you can schedule in a night's sleep or choose to knock it out at once.
• Make sure you have a strong and stable internet connection. I had to reload the lab because my connection died but luckily my answers were saved.

It’s a challenging but rewarding exam and I highly recommend it. Good luck!