After three months of on-and-off studying, I passed the Certified Vulnerability Assessor exam last week with a 79%. Not a perfect score, but I'll take it. I want to share what worked because honestly the prep resources out there are kind of scattered and I wasted a lot of time early on.
The biggest thing that moved the needle for me was drilling with a CVE practice test every few days rather than just re-reading the material. I was scoring in the low 60s on my first attempts and kept failing the vulnerability classification questions specifically. Once I started timing myself and reviewing every wrong answer (not just skimming), my scores crept up steadily over about six weeks. The CVSS scoring sections tripped me up way more than I expected — there's a lot of nuance between the metric values that you really have to internalize.
If you're just starting out, don't skip building a solid CVE study guide from day one. I kept notes on every domain as I went and it became my main review doc the last two weeks. What's everyone else using for prep? Curious if anyone found specific resources for the remediation prioritization section.