Just told we have to get Security+, no experience or knowledge

I have been working the same job for 11 years. I started out as Desktop support and three years in, moved up to Sys. Admin., then Sys. Admin. II.

Now, we have been told we have to get Security+ certified by the end of December. Not only that, but they are not sending us to a Comptia 5 day course. Initially they said they were going to have a trainer come to our work and do a 2 day cram course. That alone seemed nuts, but now come to find out that they can't find a trainer that will agree to do it in two days.

That tells me that my employers expectations are ridiculous. I don't think they understand the time it would take to properly study for this test when all many of us have done are Sys. Admin type stuff.

Any advice on where I should start? Does it sound like we are being set up to fail or is there hope? Any study guides that are that good?

Find more posts tagged with

Comments

NavyMooseCCNA

I've read about company's pulling that stuff. It is unrealistic to be ready for that exam in such a short time. I studied for that exam for over six months, while working full time, and barely passed.

I strongly suggest getting Darril Gibson's book and subscribe to his premium website for the actual practice questions. Cybrary has a video course for the Security+. If you're a Veteran or in the reserves, you can access FedVTE, which has a great video course.

Make sure to purchase study material for the same version of the exam you're going to be taking. CompTIA just released the newest version, but the 401 will be available until Summer 2018.

Good Luck!

boxerboy1168

I recommend the Mike Meyer's books and Udemy course material.

Honestly the Security+ has a lot of everything covered by the Net+ it's basically a little deeper in the obvious areas like cryptography and other best practice situations but knowing the Net+ material gives you a serious edge on the Security+. I already read the book and watched the videos but had to change course for WGU.

PC509

Definitely agree with the Darril Gibson book. It was my #1 resource. That said, you have some experience and knowledge. Some of it you've worked with as desktop support and sys admin. There is no way you haven't been exposed to at least some of it. So, that helps putting things they mention into context. Going through the book, a lot of it was review for me. The rest was memorization and different terms/methods of things. I had a similar background as you. Desktop support to systems admin.

With the 5 day course, the Darril Gibson book, and some studying, you should be able to nail it. It's not easy, it's not overly difficult, but it's a great certification.

NetworkNewb

With you're experience you should already know most of the material on the test. Could pass it within a couple weeks easy.

Get the Gibson book, skim through it, go over areas you don't know everything.

beads

Completely doable with the caveat of how do you handle taking certification tests. For people who have either lost the "groove" of taking commercial tests or have never taken a certification test - these can be a bit stressful.

Find a copy of Gibson's book and maybe an old copy of Newton's telecom if you have one laying around or can barrow one, all the better. Some terms you may not have seen for a while or may be new, hence the Newton's.

Most of the material will likely be familiar to rote in nature but you still responsible for it. Calm down, relax. Learn to study in short blocks of 20 minutes at a time, take a quick break to clear you mind. Think about what you just read. Quiz yourself or explain the topic to yourself and work through anything you stumble. Rinse and repeat till your ready to find an online quiz and cement the information to the point where your bored with the tears and then go take your test.

Of course this board is rather active so feel free to ask questions - we are happy to help.

- b/eads

techfiend

This is a good move by the employer as it will expose the slackers that aren't serious about their career.

I passed Security+ after 2 weeks (~20 hours) of study with a month of Desktop Support experience. With 11 years of experience aim for the end of November. It's not that difficult of a test and relatively fun to study.

I used WGU's resources for it, which was Gibson's book with mini quizzes within the chapters and a lengthy quiz at the end of each chapter. Dedicating 2 hours a night with a few breaks is what I did.

mikey88

techfiend wrote: »

This is a good move by the employer as it will expose the slackers that aren't serious about their career.

But a more realistic time frame should be given. Yes, it is doable to pass in a month, but not everyone learns at the same pace. In a classroom setting, this is a 3 month course.

NetworkNewb

mikey88 wrote: »

But a more realistic time frame should be given. Yes, it is doable to pass in a month.

Sounds like they gave them 2 months. That should be doable by anyone who is half serious imo. I guess you could say it is around the holidays that makes it a little annoying.

I passed it in 2 weeks like techfiend did. If someone was brand new to IT, they might need the full the 2 months.

techfiend

The employer likely wants to employ quicker learners as well, this tests for that. Frankly, there are things in Security+ that every systems admin should know but so few do, principle of least privilege is an example.

One of the biggest issues I've seen in IT is employees getting comfortable at low level positions. Tier 1 help desk making more than admins and engineers because of the length of time with the company is a shocking reality. It prevents entry level employees from getting in, it can impede more motivated employees from being promoted (which comes cheap to the employer) and it prevents companies from paying their higher level employees what they deserve so they take the cheapest option.

TheFORCE

I'm sorry but anyone with 11 years in IT Helpdesk should be able to pass Security+, let alone someone with 11 yeara as sys admin. Security+ will ask you questions like what is port 53 used for and if you don't know that you shouldn't be a sys admin.

Have you looked at the Security + syllabus? I'm sure if you do your stress will go away. Seems like you are stressing for no reason for someone with your experience.

I can't imagine how you would feel if they asked you to go test for the MCSA or MCSE thats more appropriate for a sys admin.

cyberguypr

I wont rehash what these guys said but if there's one test that I consider super easy for anyone with a technical IT bachround is this one. I was a desktop support monkey when I took it and I think I just studied for 30-35 days. The only way you will fail is if you really have zero interest and see this as just a mandate from management. Grab the bull by the horns, use the resources listed above, and you wil prevail.

Please, at least tell me they are paying for the cert and at least the book.

NotHackingYou

I studied for this test for 2 weeks using only the Gibson book and passed. I would think for someone with your experience, 2 months is more than enough.

scaredoftests

I agree about Gibson's book. It helped me gain 200 points after I failed the first time. A fantastic resource..

srocky26

I agree, after 11 years you should know most of the material. It only took a week of reading Gibson's book and taking notes while working full time, etc. You should have no issues passing in two months. Study and take the test a mid-December to give yourself some time for a retake.

SteveLavoie

I think it is certainly doable in 1-2 month by an motivated experienced sysadmin with 11 years. But what shocked is the lack of vision of this company. They are asking for this requirement with very "short" notice, and don't really support the goal by not offering training or study time. I dont know how many team member they want to certifiy but I would not expect more than 33% successfully getting Sec+ by Dec 2017. I won't bet on the success of this project. Sure some person will get it, but most will not have time/motivation to get it.

coldbug

It depends on the type of company you work for and your position. I doubt if the employer would ask a Desktop Support team to take Security+ since they don't work on servers. You must be a hard and obedient employee who contributes a lot of what you know to your work. I see you made to Sys Admin in 3 years!! Did you ever do Networking or straight to Sys Admin?
Now you are in Sys Admin II and dealing with server environments (what the big dogs do!), you will surely need to know about Security especially if you never worked in Networking field.
I'm glad that your employer is asking for this because what you are doing with data is very important to protect and to show to court and lawyers that they told you to take the cert when they are being sued for leaked data..remember OPM breach and the Director kept blaming on the IT at the congressional hearing..lol.
Good Luck!

TechGuru80

coldbug wrote: »

I'm glad that your employer is asking for this because what you are doing with data is very important to protect and to show to court and lawyers that they told you to take the cert when they are being sued for leaked data..remember OPM breach and the Director kept blaming on the IT at the congressional hearing..lol.
Good Luck!

Just to be clear...Security+ isn’t going to save a company from lawsuits.

SteveLavoie

I think it is more a requirement to get a new contract...

beads

SteveLavoie wrote: »

I think it is more a requirement to get a new contract...

If not something in the same vein, perhaps keeping staffing levels at a certain level to maintain a contract. Being an end of year contract I could see this going either way.

In any regards the OP works in the wonderful world of IT. Spelled out in long form IT is pronounced: "Change". Not liking the long form is akin to saying you don't like or cannot adapt to change.

Its my dictionary so I can define any word I want any way I want. My dictionary states that IT is the acronym for the word "Change".

- b/eads

[Deleted User]

That is a reasonable goal. Read the Gibson book as people mentioned and purchase his practice exam software. Also consider buying the Boson practice exams for Security+ and you should be good to go. In case you need it, go to the CompTIA marketplace and buy this bundle.
Save 49% on the CompTIA Security+ Deluxe Bundle

Best deal imo.
Good luck!

ThePawofRizzo

Two months is totally doable. I took CompTIA's Mobility+ and Storage+ back to back over a month's time, preparing barely two weeks for each. I crammed for CSA+ over a week and a half. So, I've been in your shoes. I do have a lot of IT experience which helped, but it sounds like you do as well. So, you're in a better place than a newbie having to rush and study.

If you like to read, going through a couple of the Sec+ books suggested by others should be doable in a week or two, reading a couple to few hours a day. Then, start doing every practice exam you can find. Sec+ is a lot of foundation IT Security terminology and theory, and much of it you've probably already heard of to some degree. When I took it to renew it again a few years ago, I had a few simulations, like setting up security settings on a wireless router type demos.

For my part, I think employers should require their students maintain some certs. I work with a couple sharp guys that have let a lot of their certs lapse....but I work with about a half a dozen desktop techs that could surely use A+, N+, and Sec+. Albeit, I'd probably set the goal for six months.