Review of Sec+ 401 and training material
Hello everyone, for those who don't know me I'm HC and I just recently passed the Security+ 401 exam with a score of 803. I'm writing this post to talk about my experience with Security+ and review the exam and training material I used for it. So with that said let's dive on in.
The Exam
The Security+ exam accomplishes what I expected of it, testing to make sure that individuals understand basic security concepts, terms and technologies. If A+ is your intro to the IT world as a whole, and Net+ is your intro to the network nation that resides in the IT world then Sec+ is your intro to the neighboring security nation that resides in the IT world. DO NOT THINK that having this cert will at all qualify you for an actual security position in the IT world (except maybe as a very low level entry position). That's not the purpose of this exam, the purpose is to provide you with the basic security knowledge that ALL ITs should know. Think of it as a foundation to build upon if you truly wish to pursue a career with the Security nation that resides in the IT world.
I'm not going to go into how many questions are on the exam, or how long the exam is or how much time per question you should spend (there are other resources for that). What I will say is that I had enough time to read each question twice, spend a fair amount of time on the sim questions and review exactly 2 questions before my time ran out (I did finish the exam but only with 45 seconds left). So while you do have enough time for everything you DO need to make sure you don't panic and keep moving forward.
ALL of the questions on this exam are situational based questions. What I mean when I say that is that on the 401 Sec+ exam you'll never be asked a question like "What does VPN mean? What is an SQL? etc." Instead you'll be asked "You're the (Admin or whoever) and this stuff is broken/wrong, what do you do to fix it if it does need to be fixed?"
I actually prefer/like these questions better since 1. It's more realistic job wise and 2. It tests whether you actually understand the terms and concepts. In an actual work environment you're not going to have to know the exact word for word definition of malware, worm etc. you're going to have to be able to identify the problem and a solution to fix it. Of course this does open itself up to the problem of subjective, basically the idea that two solutions can be equally valid in the real world and that it ultimately comes down to the person's preference which one they want to try first. And while this can be frustrating I felt Comptia did enough to show why their answers were the right one.
This brings me to the simulation questions. Now I know "simulation" is a big scary word, trust me I was scared too but I want to stress this point. The simulation questions for the 401 Sec+ exam are JUST drag and drop questions!!!!! That's it, while they are indeed the most difficult questions you will encounter on the exam, that's just because drag and drop questions are naturally harder than multiple choice base questions (even more so when they're situational based questions). You won't be asked to program, set-up equipment, or do anything way out of left field. You'll be asked a situational based and question and then have to drag and drop the right answer/s to their proper positions and that's it. You don't need to do any special studying for these questions.
Study Material
1. Gibson's Security+ ( https://www.amazon.com/CompTIA-Security-Certified-Ahead-SY0-401/dp/1939136024 ) = This was the primarily material I used for this exam and it was BY FAR the best. As someone who has little experience in the IT field (before this I had taken both a A+ and Net+ type class) his book will explain every term, concept and thing you need to know for the exam. Not only that but I found his practice questions to be the closest to the type of questions you will have on the exam, aka situational based questions. Not only that but his answer key not only tells you why the correct answer is correct but why the other choices were wrong. Now with that being said his questions are easier then the ones on the exam. To give you an example a Gibson question might be
"You're a network Admin and want to implement a technical control to reduce the thief of company laptops. Which of these would do that?"
In this question you're only being tested on one concept, aka technical control, and most of Gibson's questions are like this. On the exam however you're more likely to encounter a question like,
"You're a network Admin implementing technical controls for your network when you notice an unusual number of reports from your IDS regarding the baseline from one of your back-end databases regarding users responses to login. Following up on this while still keeping to your current implementation schedule what do you do?"
This question requires you to understand several terms and concepts at once to pick the right answer, aka tecknical control, IDS, recognizing that this could be an SQL attack and then knowing how to help block against an SQL attack. Now please don't think these are actual exam/book questions, trust me those are actually put together well and make sense but the idea is the same. Gibson's questions test you only one concept at a time while the exam will normally test you on several at a time.
With all that being said I do still highly recommend his book as the only study material you need. It's more then worth it's twenty bucks on amazon and having read two to three chapters a week I was able to take this exam in two months.
2. The phone app "PocketPrep Sec+" = This app is just a booklet of practice questions in phone form. The app gives you I want to say 50 free questions free before it asks you to pay 10 dollars (roughly) for it. So Pros = I did like that it gave me the option to take 10 questions or an entire exam (80) questions at a time and that I could have it immediately tell me whether I got a question right or wrong. For on the go studying or getting in a quick 10 minute study session this did well. Negative = Everything else sadly. The questions asked are not set up AT ALL like the questions on the exam. The questions are all set up like your classic, "What is malware, what is a worm, how do you defend against an SQL attack etc." which as explained above are NOT have the actual exam questions are set up.
Worse while the app does explain (to some extent) why an answer is correct it doesn't explain why an answer is wrong (and uses a very bare bones/minimal explanation in my opinion). So you're not always given enough info to know WHY an answer you picked was wrong which is CRUCIAL to passing the exam. Worse YET the app would ask questions that had nothing to do at all with the material you need to know for the 401 exam. There were several times the week before the exam when I got frustrated because it was asking me material that Gibson did not cover or go over at all so I wasn't sure which source was reliable but now after taking and passing the exam I can confidently say that no, Gibson is right and pocketprep was wrong. To be fair though it is possible that pocketprep updated it's question bank for the 501 exam but in that case it should have alerted me to this. In any case with all the other issues I can't recommend this as a good study material for the exam.
3. Last but not least is Professor Messer = So things to keep in mind with this review is that A. I didn't actually fully watch his videos and B. I'm basing my opinion on his paid study notes and C. The videos themselves are free and he does a lot for the community and I respect him for that.
With all that being said I felt Messer's videos are (for lack of a better word) fragmented information. Originally I was planning on using his videos as my primarily training however when I watched his network video I had a hard time following along. At first I thought this was simply because I wasn't good enough, I didn't have the knowledge to keep up with his level of training so I switched over to Gibson's book as my primary since I could understand that much better. However when I went back after reading Gibson's book I still found his video hard to understand but in a different way, so to me it was trying to read a book with words missing from the sentences. While I could follow along now, that was due to the fact I had read Gibson's book and already knew the concepts he was trying to explain.
This point was finally hammer home to me when I purchased his notes, thinking maybe the problem was simply that I wasn't an audio learner and needed to see words and read things at my own pace. Messer's notes are, to put bluntly, garbage in my opinion. Now to be fair maybe I just had a bad set of videos and the videos themselves are designed to be as short and quick as possible, easy to digest bites. With that being said I STRONGLY believer that is absolutely the WORST way you can teach for this exam. This exam is made up of ALL situational based questions, if you try to get by by just recognizing keywords and terms you ARE GOING TO FAIL!
You need to be able to understand not only what these terms and concepts mean, but how they're used, why we need them in the first place, their weaknesses, their advantages and everything around them. Basically I need to be able to have a conversation about these things with you and in my opinion Messer doesn't teach/prepare to have a conversation, he gives you spark notes. If you don't have the background knowledge you won't understand him, however if you do have the background knowledge to understand him he's not really telling you anything you don't already know.
With all that being said I can't in good conscious recommend Messer.
Tips and Tricks
Here's a list of tips and tricks to help you with the exam in no particular order.
1. DON'T TAKE SHORTCUTS!!! There is no shortcut (besides cheating) you can take for this exam. If you buy Gibson's book don't be that guy that just studies his summary/notes section. Actually READ the entire book and answer all of the practice questions and then make sure WHY you got answers wrong. Relatively speaking Security+ doesn't ask you to know a lot of material, but it is expecting you to know it COMPLETELY, inside and out, backwards and forwards. And in order to learn that you have to sit there actually take the time to read and understand everything about the material.
Think of it like this, the key/most important points of the subjective material are like your core bricks. Without them the structure of your building of knowledge wouldn't be able to stand however each piece of knowledge, even the seemingly trivial, is an important brick you lay into the foundation and if you're missing too much of those bricks the moment your building of knowledge is challenged it's going to crumble like a house of straw.
To put simply the key points are designed to help trigger your memory of the entire section and everything about it, do not just try and memorize them word for word and completely forget about everything outside that sentence.
2. Attention to detail. A co-worker of mind told me he failed the Sec+ exam because he was asked a lot of "which of these are the BEST answer" questions and I can confirm the 401 Sec+ exam has a good amount of those on there. The good news though is that once you know about this these questions they can become the closest you get on this exam to a give-mee question. Pay EXTRA attention to whenever you see something that says "Fastest, backwards compatible, third party, overall etc." and make sure that if you see two items that do the same thing you know HOW AND WHY they're different. For example AES is the best overall encryption algorithm because it won a very important encryption competition hosted by a renowned security organization who in term deemed it the best overall algorithm however Blowfish is considered faster than AES due to the fact that AES uses a 128 block encryption while Blowfish uses a 64 block encryption however 3DES is the best algorithm to use with older systems, aka it's backwards compatible, because DES was one of the first original encryption algorithms but due to advancement of technology became insecure and I remember this because it was a big upset when 3DES lost to AES in the competition.
Do you see what I did just there? Basically what I said was AES is best overall, Blowfish is for speed and 3DES is backwards compatible. Those are the keypoints but I didn't just stop at there, I used those key-points as a jumping off point to go deeper. I knew WHY each of these things were the way they were and connected them to larger set-pieces. When you can talk, not even answer questions but just talk, about the subjective material like with what I just did you'll be ready for the exam and trust me you'll get their if you don't cut corners. I didn't know any of that stuff before Gibson's book but now it's just there.
Moving back to point though if you pay attention to the details those "best choice" questions will be your Ace in the hole, trust me I was praying for more of those questions on the exam.
3. Trust yourself. I can't remember if this pop up on the exam but while taking Gibson's practice questions every now and then he would purposefully ask about a term he didn't really go over. (In a good way) The point of these questions was to A. Test your knowledge on the three wrong choices and B. Break you out of the bad habit of meta reading the exam/forcing an answer to work for the question.
So for example if I were to ask you "What is Bob's Last name." And gave you the following choices, "A. Virus, B. Worm C. Jeb and D. Logic Bombs" I'm 1. Testing that you Know A,B and D aren't last names and 2. Teaching you to trust yourself. Don't overthink the problem, don't do mental hops to talk yourself into picking it, and don't doubt yourself. You know none of those 3 are the right answer so trust enough in yourself to pick the fourth one which you've never seen before.
4. Don't panic! Don't lose heart. It's not over to you get your score. Trust me, those first 20 questions I got felt like someone was taking a baseball bat to my face. They were rough and all throughout the exam I felt nervous and certainly wasn't expecting to do as well as I did. Here is the complete and logical truth, you DON'T know how you're doing until you get your score at the end so don't let doubt start to effect your performance. Treat EVERY question as if it's your make it or break it question, your first and last question.
The Exam
The Security+ exam accomplishes what I expected of it, testing to make sure that individuals understand basic security concepts, terms and technologies. If A+ is your intro to the IT world as a whole, and Net+ is your intro to the network nation that resides in the IT world then Sec+ is your intro to the neighboring security nation that resides in the IT world. DO NOT THINK that having this cert will at all qualify you for an actual security position in the IT world (except maybe as a very low level entry position). That's not the purpose of this exam, the purpose is to provide you with the basic security knowledge that ALL ITs should know. Think of it as a foundation to build upon if you truly wish to pursue a career with the Security nation that resides in the IT world.
I'm not going to go into how many questions are on the exam, or how long the exam is or how much time per question you should spend (there are other resources for that). What I will say is that I had enough time to read each question twice, spend a fair amount of time on the sim questions and review exactly 2 questions before my time ran out (I did finish the exam but only with 45 seconds left). So while you do have enough time for everything you DO need to make sure you don't panic and keep moving forward.
ALL of the questions on this exam are situational based questions. What I mean when I say that is that on the 401 Sec+ exam you'll never be asked a question like "What does VPN mean? What is an SQL? etc." Instead you'll be asked "You're the (Admin or whoever) and this stuff is broken/wrong, what do you do to fix it if it does need to be fixed?"
I actually prefer/like these questions better since 1. It's more realistic job wise and 2. It tests whether you actually understand the terms and concepts. In an actual work environment you're not going to have to know the exact word for word definition of malware, worm etc. you're going to have to be able to identify the problem and a solution to fix it. Of course this does open itself up to the problem of subjective, basically the idea that two solutions can be equally valid in the real world and that it ultimately comes down to the person's preference which one they want to try first. And while this can be frustrating I felt Comptia did enough to show why their answers were the right one.
This brings me to the simulation questions. Now I know "simulation" is a big scary word, trust me I was scared too but I want to stress this point. The simulation questions for the 401 Sec+ exam are JUST drag and drop questions!!!!! That's it, while they are indeed the most difficult questions you will encounter on the exam, that's just because drag and drop questions are naturally harder than multiple choice base questions (even more so when they're situational based questions). You won't be asked to program, set-up equipment, or do anything way out of left field. You'll be asked a situational based and question and then have to drag and drop the right answer/s to their proper positions and that's it. You don't need to do any special studying for these questions.
Study Material
1. Gibson's Security+ ( https://www.amazon.com/CompTIA-Security-Certified-Ahead-SY0-401/dp/1939136024 ) = This was the primarily material I used for this exam and it was BY FAR the best. As someone who has little experience in the IT field (before this I had taken both a A+ and Net+ type class) his book will explain every term, concept and thing you need to know for the exam. Not only that but I found his practice questions to be the closest to the type of questions you will have on the exam, aka situational based questions. Not only that but his answer key not only tells you why the correct answer is correct but why the other choices were wrong. Now with that being said his questions are easier then the ones on the exam. To give you an example a Gibson question might be
"You're a network Admin and want to implement a technical control to reduce the thief of company laptops. Which of these would do that?"
In this question you're only being tested on one concept, aka technical control, and most of Gibson's questions are like this. On the exam however you're more likely to encounter a question like,
"You're a network Admin implementing technical controls for your network when you notice an unusual number of reports from your IDS regarding the baseline from one of your back-end databases regarding users responses to login. Following up on this while still keeping to your current implementation schedule what do you do?"
This question requires you to understand several terms and concepts at once to pick the right answer, aka tecknical control, IDS, recognizing that this could be an SQL attack and then knowing how to help block against an SQL attack. Now please don't think these are actual exam/book questions, trust me those are actually put together well and make sense but the idea is the same. Gibson's questions test you only one concept at a time while the exam will normally test you on several at a time.
With all that being said I do still highly recommend his book as the only study material you need. It's more then worth it's twenty bucks on amazon and having read two to three chapters a week I was able to take this exam in two months.
2. The phone app "PocketPrep Sec+" = This app is just a booklet of practice questions in phone form. The app gives you I want to say 50 free questions free before it asks you to pay 10 dollars (roughly) for it. So Pros = I did like that it gave me the option to take 10 questions or an entire exam (80) questions at a time and that I could have it immediately tell me whether I got a question right or wrong. For on the go studying or getting in a quick 10 minute study session this did well. Negative = Everything else sadly. The questions asked are not set up AT ALL like the questions on the exam. The questions are all set up like your classic, "What is malware, what is a worm, how do you defend against an SQL attack etc." which as explained above are NOT have the actual exam questions are set up.
Worse while the app does explain (to some extent) why an answer is correct it doesn't explain why an answer is wrong (and uses a very bare bones/minimal explanation in my opinion). So you're not always given enough info to know WHY an answer you picked was wrong which is CRUCIAL to passing the exam. Worse YET the app would ask questions that had nothing to do at all with the material you need to know for the 401 exam. There were several times the week before the exam when I got frustrated because it was asking me material that Gibson did not cover or go over at all so I wasn't sure which source was reliable but now after taking and passing the exam I can confidently say that no, Gibson is right and pocketprep was wrong. To be fair though it is possible that pocketprep updated it's question bank for the 501 exam but in that case it should have alerted me to this. In any case with all the other issues I can't recommend this as a good study material for the exam.
3. Last but not least is Professor Messer = So things to keep in mind with this review is that A. I didn't actually fully watch his videos and B. I'm basing my opinion on his paid study notes and C. The videos themselves are free and he does a lot for the community and I respect him for that.
With all that being said I felt Messer's videos are (for lack of a better word) fragmented information. Originally I was planning on using his videos as my primarily training however when I watched his network video I had a hard time following along. At first I thought this was simply because I wasn't good enough, I didn't have the knowledge to keep up with his level of training so I switched over to Gibson's book as my primary since I could understand that much better. However when I went back after reading Gibson's book I still found his video hard to understand but in a different way, so to me it was trying to read a book with words missing from the sentences. While I could follow along now, that was due to the fact I had read Gibson's book and already knew the concepts he was trying to explain.
This point was finally hammer home to me when I purchased his notes, thinking maybe the problem was simply that I wasn't an audio learner and needed to see words and read things at my own pace. Messer's notes are, to put bluntly, garbage in my opinion. Now to be fair maybe I just had a bad set of videos and the videos themselves are designed to be as short and quick as possible, easy to digest bites. With that being said I STRONGLY believer that is absolutely the WORST way you can teach for this exam. This exam is made up of ALL situational based questions, if you try to get by by just recognizing keywords and terms you ARE GOING TO FAIL!
You need to be able to understand not only what these terms and concepts mean, but how they're used, why we need them in the first place, their weaknesses, their advantages and everything around them. Basically I need to be able to have a conversation about these things with you and in my opinion Messer doesn't teach/prepare to have a conversation, he gives you spark notes. If you don't have the background knowledge you won't understand him, however if you do have the background knowledge to understand him he's not really telling you anything you don't already know.
With all that being said I can't in good conscious recommend Messer.
Tips and Tricks
Here's a list of tips and tricks to help you with the exam in no particular order.
1. DON'T TAKE SHORTCUTS!!! There is no shortcut (besides cheating) you can take for this exam. If you buy Gibson's book don't be that guy that just studies his summary/notes section. Actually READ the entire book and answer all of the practice questions and then make sure WHY you got answers wrong. Relatively speaking Security+ doesn't ask you to know a lot of material, but it is expecting you to know it COMPLETELY, inside and out, backwards and forwards. And in order to learn that you have to sit there actually take the time to read and understand everything about the material.
Think of it like this, the key/most important points of the subjective material are like your core bricks. Without them the structure of your building of knowledge wouldn't be able to stand however each piece of knowledge, even the seemingly trivial, is an important brick you lay into the foundation and if you're missing too much of those bricks the moment your building of knowledge is challenged it's going to crumble like a house of straw.
To put simply the key points are designed to help trigger your memory of the entire section and everything about it, do not just try and memorize them word for word and completely forget about everything outside that sentence.
2. Attention to detail. A co-worker of mind told me he failed the Sec+ exam because he was asked a lot of "which of these are the BEST answer" questions and I can confirm the 401 Sec+ exam has a good amount of those on there. The good news though is that once you know about this these questions they can become the closest you get on this exam to a give-mee question. Pay EXTRA attention to whenever you see something that says "Fastest, backwards compatible, third party, overall etc." and make sure that if you see two items that do the same thing you know HOW AND WHY they're different. For example AES is the best overall encryption algorithm because it won a very important encryption competition hosted by a renowned security organization who in term deemed it the best overall algorithm however Blowfish is considered faster than AES due to the fact that AES uses a 128 block encryption while Blowfish uses a 64 block encryption however 3DES is the best algorithm to use with older systems, aka it's backwards compatible, because DES was one of the first original encryption algorithms but due to advancement of technology became insecure and I remember this because it was a big upset when 3DES lost to AES in the competition.
Do you see what I did just there? Basically what I said was AES is best overall, Blowfish is for speed and 3DES is backwards compatible. Those are the keypoints but I didn't just stop at there, I used those key-points as a jumping off point to go deeper. I knew WHY each of these things were the way they were and connected them to larger set-pieces. When you can talk, not even answer questions but just talk, about the subjective material like with what I just did you'll be ready for the exam and trust me you'll get their if you don't cut corners. I didn't know any of that stuff before Gibson's book but now it's just there.
Moving back to point though if you pay attention to the details those "best choice" questions will be your Ace in the hole, trust me I was praying for more of those questions on the exam.
3. Trust yourself. I can't remember if this pop up on the exam but while taking Gibson's practice questions every now and then he would purposefully ask about a term he didn't really go over. (In a good way) The point of these questions was to A. Test your knowledge on the three wrong choices and B. Break you out of the bad habit of meta reading the exam/forcing an answer to work for the question.
So for example if I were to ask you "What is Bob's Last name." And gave you the following choices, "A. Virus, B. Worm C. Jeb and D. Logic Bombs" I'm 1. Testing that you Know A,B and D aren't last names and 2. Teaching you to trust yourself. Don't overthink the problem, don't do mental hops to talk yourself into picking it, and don't doubt yourself. You know none of those 3 are the right answer so trust enough in yourself to pick the fourth one which you've never seen before.
4. Don't panic! Don't lose heart. It's not over to you get your score. Trust me, those first 20 questions I got felt like someone was taking a baseball bat to my face. They were rough and all throughout the exam I felt nervous and certainly wasn't expecting to do as well as I did. Here is the complete and logical truth, you DON'T know how you're doing until you get your score at the end so don't let doubt start to effect your performance. Treat EVERY question as if it's your make it or break it question, your first and last question.
Comments
-
cemen777 Member Posts: 21 ■□□□□□□□□□Wow, what a post, .
Good job!
Congratulations and Happy Holidays! -
lo_____ol Member Posts: 7 ■□□□□□□□□□Thanks for posting this! I'm gearing up to take the exam next month so this was extremely helpful and reassuring.
-
sensitivestoic Member Posts: 77 ■■■□□□□□□□Thank you so much for the thorough post! Gearing up for my Security+ exam this weekend and your post is a brilliant guide. I have to agree with you in regards to Professor Messer and his Security+ coursework. For whatever reason his Security+ Course seems disjointed or incomplete. In fact in certain areas he and Mr. Gibson disagree on standards/details. With all due respect to Mr. Messer for his community work, Darril Gibson has been much more beneficial for me in my studies as well.Certs Achieved: CompTIA A+ | Net+ | Sec+ | Project+ | MCSA Windows 10
Currently Studying: MCSE Server 2016Future Goals: CAPM/PMP -
Cisco Inferno Member Posts: 1,034 ■■■■■■□□□□late on this but congrats and thanks for the detailed post.2019 Goals
CompTIA Linux+[ ] Bachelor's Degree