Hi. Passed Sec+. Here are my thoughts

momolicious

Hey everyone,

Before I get into the post, I'd like to make a quick introduction. I'm a 27 year-old military contractor (electronics), currently living and working out of Japan. I've been a guest lurker for the past month or so, and have found the guidance from you all, incredibly insightful. I really just wanted to create an account to thank everyone.

So, from the bottom of my heart, thank you.

Now back to this post's topic.

So, I recently passed my CompTIA Security+ exam (SY0-401). I passed it on September 4, 2015, and scored an 803 (in case you're interested).

This was my first-ever CompTIA exam, and therefore, am pretty stoked I'm certified in something.

I also just wanted to share what I ended up doing to pass, and hopefully, help other lurkers like my once-self join this great community. At the very least, I'd like to share my thoughts and pass on some encouragement.

So a few things, I'm not a great test taker, nor did I even need to take the exam (not required for my job). I just wanted to start on something.

I finished my BS in ISS (AMU/APUS) over a year ago, and well, noticed I was getting way too complacent at work.

This is where the techexams community came through for me. I started Googling questions about career paths and master programs, and the people here just motivated the hell out of me. This community really just pushed me to go after something, anything...

I chose Security+ as it was something I didn't feel I needed to study for. At work, I deal with the repair of electronics, but in doing so, end up working on several technologies, such as Linux (RHEL, CentOS), Microsoft Servers, and Networking. This all takes place in a secure building (Secret Clearance). Therefore, we're all pretty aware of best practices for security.

However, because this cert was a personal endeavor, I ended up paying out of pocket. So, I ended up studying so I wouldn't risk the money. Spoiler - I'm so glad I did.

I studied for about 3 weeks before taking the exam. I used a combination of Professor Messer Videos, CompTIA Security+ Study Guide by Dulaney and Easttom, and Get Certified Get Ahead by Gibson. I also made flash cards (hand written).

Personally, going through the material was more of a refresher. However, I owe a lot of that due to the 8+ years I spent in the military, and of course, my current job. Oddly enough though, I would have probably failed if I had not studied - I truly believe that.

This is what I wanted to chime in on. Don't worry, it won't get anywhere near the NDA realm.

(SNIP)


Anyway guys, I hope this helps. I also hope I'm not sharing too much of the exam. I don't think I am. If so, I apologize. For those of you with CompTIA certs, what do you think? Do they all have the same kind of vibe? I did take my ITIL V3 Foundations cert a while back, and felt that test to be way more straight-forward. No tricks.

I'm not sure what cert I want to go after next. I'm really, really, interested in the CCENT/CCNA. However, buying the equipment is sort of a turn-off. It's not due to cost, but space. I sort of live in a very small studio (Japan can suck).

I'm sort of thinking about Linux+ or Network+. I've been looking at certain jobs that I'd like to do and I think I'd like to get into networking. I'm sort of a hardware type of guy and really enjoy some of the stuff I get to do at work. However, because everything is in production, I can't really go around messing with things.

What do you guys recommend?

OctalDump

Congrats!

Good news about CCENT and CCNA is that you don't need the gear. You can get the skills you need using PacketTracer or other network simulator tool. Network+ is a good grounding if you haven't studied networking formally. There is some theoretical content not in the Cisco training, so it complements. It's a good starting point generally. If you passed Security+, then you'd be familiar with some of the content of Network+

Linux+ is, well, it's good and bad. Because it tries to cover the breadth of Linux, you need to know a lot more than you would typically need in the real world. For example, you use RHEL, so you get familiar with yum and rpm. If you're using a recent version of RHEL, then networking and system daemons are a bit different. However, the test needs you to know about the other side, apt-get and dpkg etc.

The other thing about Linux+, and it's some of the other Linux certs as well, is that the entry level exams cover a lot of stuff that you don't do day to day, but the advanced exams do. So, for example user creation and modification isn't something that you do much on servers, but it is part of Linux+. Yes, you do need to know how to create a user, but it's not something you do often. On the other hand, something like modifying Bind Zone files is 'advanced' but you might find yourself doing that fairly regularly, or working with Apache, or MySQL. So, it can actually be harder for people who are "Linux Admins" to pass lower level certs.

Generally, it's good to have some network and some OS stuff as a base.

Exams generally are something that you get better at as you learn how to do exams.

greg9891

Congrats!

Fulcrum45

Congrats on the pass! I started studying for Sec+ and so I'm hoping to join you soon.

momolicious

Thanks OctalDump,

I did some research and there are two similar simulators used; PacketTracer and GNS3. Which would you recommend? Is there anything web-based out there? I'd love to try this at work on the computer. However, we're not allowed to install apps.

I hear ya on the Linux+. I'd still get it, but you may be right. I should try to go after Network+ as I'm coming off my Security+. I hear a lot of people say it's usually the other way around in terms of which you get first. I may just go after the CCENT now and CCNA; The jobs I want seem to specifically ask for the CCNA, where as the Network+ is recommended but not required.

Thanks for the response!

momolicious

Greg9891, Thank you!

Fulcrum45, Right on! Good luck and let us once you've passed!

DFTK13

Konnichiwa, Tomodachi! (sorry for the attempt at japanese, I really enjoy japanese culture, haha)

Anyways, congratulations on the pass!!! Thank you so much for sharing your experience on the Security+ test! It always feels good to have another cert hammered down for sure. But be careful, it may turn into an addiction!

I'm also pursuing the Security+ as well, I have a copy of Darril Gibson's book, very good stuff. You did an awesome job on your study plan. It looks like you really thoroughly research your stuff before you pursue something. That will take you a VERY long way indeed.

I have the Network+ cert, I can attest that it really helped to lay down the foundation concepts that helped me to understand the ideas that CCENT/CCNA are trying to convey. Some will say that its a worthless cert and you should go straight to CCNA and some will say you should get it. Personally, I believe that if you know next to nothing about Networking and have the funds to spare, Get it. Then move on to the CCENT/CCNA. I went through the Cisco academy, and honestly you can pass the CCENT/CCNA without equipment. I was given packet tracer and it really helped me to understand many concepts thoroughly and I would've never passed the CCENT without it. I can't speak for GNS3, I've tried to use it and found it very awkward and weird to use, and I didn't really enjoy the fact that you have to add router and switch IOS images to the program in order to use the router/switch or whatever on there(I may be wrong but it was my experience).

Anyways, to pass the CCENT/CCNA, Packet tracer is MORE than enough and it will help you understand many networking concepts just fine. I also suggest Wendell Odom's 100-101 and 200-101 books. I've also read the CCNA 1-4 books in the Cisco academy and while they were helpful, Odom's books just simply expounded and explained topics way better, I cannot recommend them enough.

I'm also interested in Linux+ too, I have the Sybex Linux+ book and I hate the way the book is set up. So it kind of put my studying for the exam out of order. So what I've been doing to learn linux is by reading "The Linux Command Line" by William Shotts. That book is EXCELLENT! The format, and the way it's set up is far superior to the Sybex book. Short chapters, quick but relevant information about what you really need to know. My suggestion is if you're gonna learn Linux, LEARN THE COMMAND LINE FIRST! You can do everything from there and then the GUI will be easy pickings from there. My hope is that they'll improve the Linux+ objectives to have better work experience priorities.

Good luck on your future pursuits!!!

Стрелок

I recommend you CISSP- ISSEP Information Systems Security Engineering Professional.
Good luck on your future pursuits!

fuz1on

congrats! sec+ was my first comptia cert too! i'd go net+ then linux+ then ccent/ccna. that would give you a good path to keep on building on top of your newly gained skill-set(s).

Dakinggamer87

Congrats on pass!!

momolicious

DFTK13,

That's some nice Japanese man! Keep it up! Oh, and thanks for the feedback. I think getting Network+ would be ideal as I'm sure it'll help with CCENT/CCNA. I recently tried GNS3, and I too felt it was a bit more work (loading images).

I'll definitely look into Packet Tracer. Judging off the YouTube clips, the program looks a bit more simplistic. Thanks again and good luck on your Sec+

momolicious

fuz1on,

Thanks for the post. I think I may take your advice. Coming off of S+, N+ seems ideal. Unfortunately, I didn't really look into the CE program, as far as which certs end-up maintaining others.

Do you know if taking N+ ends renewing S+? Or is vice-versa the only way?

Since passing S+, I've been mainly studying Linux+. However, it seems they've just recently updated their exams. I may just wait until fresher study material comes available.

Network+ seems to be the next one. I'm just really hesitant as I've probably screwed myself with the CE program. I had a co-worker tell me that I should have done A+, wait 2 years, do N+, wait 2 years, then do S+. I told him I'd be an idiot if I waited that long to jumpstart my career. The money I would have saved would not have been worth any stretch of time.

Anyway, thanks man!

fuz1on

momolicious wrote: »

Do you know if taking N+ ends renewing S+? Or is vice-versa the only way?

NP momolicious! Only higher certs renew lower ones though(except for Cloud+/Mobility+).

Renewing Multiple Certifications

How to Renew Your CompTIA Certification

Mkroadrush

What do you recommend for the exam? did you use all the time on the exam?

twodogs62

My first thought was go for CISSP.

but seems you are just starting with certs and interested in networking.

if so, I'd recommend network+ next for you.
i wouldn't worry too much about comptia renewals.
use the comptia for foundations and once you get a higher cert, non comptia, the comptia will not matter. However keep listing them as completed until you get the higher certs and always use to show professional growth. You don't lose either way.

after network+ and you still like networking, go the ccna route.

if you like system administration, decide on Linux or windows.

good luck and congrats on your security+ pass!!!!!

Armitron77

momolicious wrote: »

Greg9891, Thank you!

Fulcrum45, Right on! Good luck and let us once you've passed!

Does the Darril Gibson's book come with any CD or DVD of any kind? How many chapters does the book contain? I keep hearing that the book is a very good one and comes highly recommended. Please let me know. Thanks.

bjpeter

I bought the Kindle version which doesn't come with any. It is really good.

I finished the book in 10-11 days and read one chapter a day. There are 11 chapters, if I recall.

momolicious

Mkroadrush,

Sorry I'm late. Just got back from a 30 day vacay. Anyway, to answer your questions.

Yes, I did use all of the time. I recommend this even if you're done with the exam a bit early.

I definitely recommend flagging what you don't know or aren't sure of. It may seem like you're flagging a lot of questions, but that second go-around definitely helped me out.

momolicious

I had the ebook, so it didn't come with the disc. Nonetheless, I really enjoyed the way things were explained in Gibson's book though.

I think he did a good job covering the big and important stuff, while still briefly covering things that were probably not going to be on the test.

He sort of explained that even though these outdated technologies and practices were less likely to be on the test, IT professionals still needed to know ABOUT them. So that they can distinguish the old from the new.

Knowing just enough to distinguish them is key.

Mkroadrush

momolicious wrote: »

I studied for about 3 weeks before taking the exam. I used a combination of Professor Messer Videos, CompTIA Security+ Study Guide by Dulaney and Easttom, and Get Certified Get Ahead by Gibson. I also made flash cards (hand written).

I find it hard to believe you study for 3 weeks, only 3 weeks and went in and passed without cheating the exam (online sources that provide the exam questions). So I'm putting an (*) asterisk on this.

Maybe one day you will tell us for how long you REALLY study.

TallDude7

only 3 weeks of study? I studied for 2 months. There is too much material and the exam is difficult. CompTIA made it harder to ****. when I enrolled at New Horizons I was warned not to use **** because students were failing miserably on their first tries. So the students that failed had to pay $302 out their pockets for retakes.

Mkroadrush

TallDude7 wrote: »

only 3 weeks of study? I studied for 2 months. There is too much material and the exam is difficult. CompTIA made it harder to ****. when I enrolled at New Horizons I was warned not to use **** because students were failing miserably on their first tries.

Yep, that's what I said.....

momolicious

Mkroadrush wrote: »

I find it hard to believe you study for 3 weeks, only 3 weeks and went in and passed without cheating the exam (online sources that provide the exam questions). So I'm putting an (*) asterisk on this.

Maybe one day you will tell us for how long you REALLY study.

Whoa. Honestly, ego aside or whatever, 3 weeks isn't a big deal. However, you should realize that I work in a secure environment, where much of what was on the test is what we practice.

I also have a BS in IT Security. It isn't really worth mentioning on its own, but with regards to the security+ exam, made much of what I studied - more of a brush-up. I wasn't learning all of this from scratch or without experience.

I'd also like to mention something. I'm not the smartest person I know, but I am super persistent. When I say I studied for 3 weeks, I mean I took 4-6 hours a day, studying. I ignore the gf, ignore the hobbies, ignore the beer nights, and make the exam my one and only priority.

I've had co-workers say this is ridiculous. They go and pass their exams with very little effort. However, that's not me.

So, my only recommendation is to assess where you're at. Everyone is a little bit different. You may have tons of experience. You may just need a 3 days. You may have no experience at all. You then may need a few months.

Renee Simons

Mkroadrush wrote: »

I find it hard to believe you study for 3 weeks, only 3 weeks and went in and passed without cheating the exam (online sources that provide the exam questions). So I'm putting an (*) asterisk on this.

Maybe one day you will tell us for how long you REALLY study.

Wow. Sorry but everyone learns at their own pace. Everyone also has their own experience they bring to the table. Like momolicious, I've also worked in networking for years so the concepts and terminology are familiar to me. I'm currently studying for my Security+, and a first pass at a practice exam had me passing with 20+ points.

Don't be so quick to judge others success. What you can accomplish and what others can accomplish are not always the same.

fuz1on

I passed the exam 12 hours after I registered so anything can be done - I only studied for 6+ hours.

I passed all my other CompTIA exams very quickly as well - some only a few days from each other. If you have experience, you can whiz by...

It's cool not to accuse others - everyone has their own skill-set and test-taking ability.

hannism

Congratulations on the pass. I'm also a military contractor. Now, that you've passed the Security+, you meet the requirements of DoD 8570. This should open up more employment opportunities.

I was in a similiar dilemma as you. I thought after getting the Security+, should I do the Network+ or go after the CCENT/CCNA.

I'm a little bit older than you (I'm almost 40). Based on the advice of the networking staff, they all (except one) told me to go for the CCENT/CCNA. Their feelings were that the Network+ was generic/vendor neutral and not very technical.

The one person that said I should go for the Network+ said it would be a good catalyst into learning networking, and it would prepare me for the CCENT/CCNA.

Both viewpoints are right. The cost of CCENT is $150. The cost of Network+ is roughly $277.

You could take the ICND1/ICND2 and pay $300, versus the $277 for the Network+. In my humble opinion, the ICND1 is more respected than the Network+ and cheaper.

One advantage of taking the Network+ is that when you update the CEUs for the Security+ (which is 50 units in three years), you'll also keep your N+ current.

My situation and perspective is different. And what I wrote down are only my opinions.

The advantage you DO have is your age. You have plenty of time to comfortably expand your skills and your knowledge base.

Do what feels right to you.

momolicious

hannism,

Thanks for the feedback. Regarding both certs, I totally agree.

I decided a few weeks back to knock Network+ out. I'm with you about the CCENT/CCNA route. As you mentioned, it's more cost effective and in my opinion (or both of our opinions), more marketable than Network+.

However, the reason I went with Network+ is because of how much more work I'd have to do. I see Network+ as a great way to prep me for the Cisco exams. I mean, I'm not super new to networking, but I'm also no Lazaro Diaz (funny, yet knowledgeable instructor on youtube).

I do still plan on taking the ICND1/ICND2 after Network+, but I definitely feel I'm going to need more time to feel confident with CCENT/CCNA. So, I figure I'd knock Network+ and see how I feel afterwards.

I've already purchased my Network+ voucher and even paid the extra for the bundle, which includes CertMaster & the retake voucher (total was $364). The CE definitely helps justify the initial cost as I plan on getting more comptia certs down the line.

I went with the bundle for extra assurance though. I'll be taking my exam November 2nd, which was only about 2 weeks worth of study. Conceptually, I think I'm sound. This weekend will be telling if I feel good about going in or not (I can always push it to the right).

I know this isn't ideal, but I'm just trying to do this before the holidays start rolling in. Of course, there's nothing like having a set date to get you motivated and focused.

Good luck on your CCNA and please let us know when you've passed!


Wish me luck!

hannism

momolicious,

Good luck on the Network+. Please let me know how it goes. For me, I will be taking the ICDN2 on November 16. I'll be going for the CCNA Security on November 30, and the CCNA Wireless on December 12.

I'll let you know how I do.

The only other piece of advice I have for you is to really master subnetting and binary math. Know it backwards and forwards. Basically, you should be able to subnet a problem in less than a minute.

A couple of good resources would be Chris Bryant's book on subnetting, called "CCNA Success: Mastering Binary Math and Subnetting."

The Kindle version is .99, and it's very good in its explanations. It's not the fastest way though.

I got the CBT Nuggets from Keith Barker on IPV4 Subnetting. This was invaluable after I learned the Bryant method, or what I call the long method.

I'm not sure how many subnetting questions you will see on the Network+, but 30 percent of the ICND1 was subnetting.

It took me quite a while to get subnetting. Once I got it, it was like magic. I could explain the topic to people, teach them how to do it, and seemed like a wizard. So, if subnetting isn't coming easy, don't worry about it. If it were easier, everyone would be doing it.

Again, best of luck, brother.

OctalDump

Mkroadrush wrote: »

I find it hard to believe you study for 3 weeks, only 3 weeks and went in and passed without cheating the exam (online sources that provide the exam questions). So I'm putting an (*) asterisk on this.

Maybe one day you will tell us for how long you REALLY study.

I'll add my 2 cents here as well. If you are working regularly with the things tested, you often need very little study. I've passed exams, legitimately, with much less than 3 weeks study, sometimes only a day or two prep. Other areas, where I don't have much experience, I've studied for weeks, a couple of months... and then failed. It depends on how much new knowledge you are trying to cram in.

Security+ is entry level. If you have any significant training or broader experience in Info Sec, you can likely do no more than 3 days of revision and comfortably pass.

For example, if you are responsible for implementing crypto, then remembering that AES is better than DES, or that 3DES has a 168bit key, or that they are both symmetric, is much easier than if you've never heard of AES before starting to study for Sec+. Similarly, TLS is much easier if you deal with PKI or web site hosting regularly. ACLs are easy if you are a system admin, or configure firewalls. Policy is easy if you are in a medium to large enterprise with lots of policy documents flying around.

ccnpninja

Congrats on the pass!

joemysterio

Congrats on the pass. I've been on Sec+ since Sept 1st, and today I'm barely half way through chapter 12 and I don't remember a darned thing. I'm going to struggle heavily with this exam... I was supposed to take my exam (thru WGU) 3 weeks ago.

So far, I really don't like security.