Hello fellow security professionals and those aspiring to be! Saurus here and excited to write to you on a new blog post. Being a consultant keeps me fairly busy. In addition to managing my workload I recently obtained my COMPTIA Security+ certification. While the experience of taking the exam is still fresh in mind, I wanted to draft up a blog post about some of the preparations I took before attempting the exam. Hopefully this will help someone who reads this blog to prepare for the exam. Some of the certifications I have achieved include:
The Cisco Certified Networking Associate(CCNA) and Approved Scanning Vendor(ASV). I also have been with RSM consulting since 2016 and working in the Information Security field since then. This allowed the concepts that Security+ covers to quickly become familiar. My experiences as a system administrator, and participating in red team assessments introduced me to some of the concepts. Then having a strong IT administrator background gave me a good networking foundation that Security+ further expanded upon.
The certification is issued and maintained by The Computing Technology Industry Association (COMPTIA). The Certification is recommended after the Network+ certification and is part of their core program for Industry certifications. The certification also meets Department of Defense 8570 compliance. The test did change back in the fall around October/November so the latest version you will be taking is the SYO-501 and you can no longer be taking the SYO-401 anymore. The structure of the test is mostly multiple choice questions with a small handful of practical questions. These are questions that have you apply concepts and are usually matching, listing, drag and drop, etc.
By about now you guys are probably like “Saurus what did you do to prepare? Give us the Holy Grail!” and unfortunately I don’t have the Holy Grail. What I do have is a lot of good tools and tricks That helped me out, maybe they’ll help you too. So let’s take a moment to go over all of the things that I did to pass the CompTIA Security+ exam.
Darril Gibson’s Book
This man has written probably one of the easiest text books I have ever read. His book CompTIA Security+ Get Certified Get Ahead: SY0-501 Study Guide book helped me out a lot and I picked it up off of Amazon for about $35 dollars. It has each section broken out into well thought out chapters. There was a pre assessment that I took and scored roughly about 60% on. Each chapter at the end has a 15 question exam at the end for you to take. This will help test your knowledge which after I was done reading I was getting around an 70-80% each one. Then there was a post assessment at the end of the book that I was able to score an 88%. All of these assessments and questions were also written to be similar to the exam. This made me go back to them after later chapters and redo the questions to get familiar with the style. Something he also does that I really liked was the “Remember This” sections in the book which are important points that will show up on the test usually. They‘re great to reread when you are going along to reinforce a point. When you’re reviewing the chapter those points stick out easier than searching through the text for what you want. He has a ton of resources available on his site(http://getcertifiedgetahead.com/) where you can purchase study guides, more practice questions, and audio versions of his chapters. All of this at fairly modest price points . I highly recommend this resource to use in your studying.
Cert Master By CompTIA
When I purchased my CompTIA exam there was a deal going on that included their CertMaster Study tool. This tool is an online modular base learning course. You essentially go through each of the points of the exam such as basics, attack types, etc. and its all questions you can answer in various ways. You can answer either you’re really sure, split between two answers, or you don’t know. Based on your answer, it will inform you if you were right or wrong. Eventually the tool will provide you with an explanation as to why you answered incorrectly. Then you will be asked the question randomly later in the section to retest your knowledge. This tool was handy to have while I had downtime at the office and could spare a few minutes to take some questions. While gaining knowledge at the same time. The price is usually $139 but in the deal with my exam. This was totaled to only about $400 dollars so if the CertMaster is on Sale I would say get it. There are also plenty of free options for practice questions.
Professor Messer Videos
One of the last good resources I want to mention is Professor Messer. He has a ton of good free youtube videos covering all the topics of the Security+. I like to pair this with the book I mentioned earlier as Professor Messer talks addresses the information in a different way. This was a good way to avoid burnout by having a video to sit and listen to. He has regular study sessions that you can attend. He also provides study questions and has a good course notes study guide for purchase. This course’s notes are $20 dollars to buy. I personally did not purchase the notes, but many others commented about how helpful they were. He also sells his videos but I always just watched them on YouTube. You can purchase all of his materials at https://www.professormesser.com/.
In addition to the materials, I have done a good amount of searching for free Security+ questions and found various sites to do practice questions on. I read through Darril’s book about 1.5 times, listened to all of of Professor Messer videos at least once, completed the CertMaster Training and did hundreds of practice questions. Doing practice questions helps not only in testing your knowledge, but learning the format and style the questions are going to be in. Getting that style down will help you easily identify which answer to select. I did about 2 Months of hardcore studying, reading a chapter every night up till the exam. There is also a Discord Server for CompTIA studying that you can join and get into study groups with others taking the exam. Then I took the exam in the morning and passed. This is about all I did for the Security+ certification. Until next time.