Security+ for seasoned professionals?

bcairnsbcairns Member Posts: 280
Hello all -

I have been reading a lot of people seem to fail this exam the first time around...just wondering if the exam is that bad or if those failing it have the book smarts but lack real world experience?

Just curious what other seasoned computer professionals think about the Security+ exam? Alot of the concepts seem like review for me, but some of them are brand new.

The fact that so many people have problems with this test bothers me, for an entry level cert it seems to have a sharp learning curve.

As for me, I have been a computer programmer for 10 years and a network admin for about 5, just now getting around to focusing on certifications.

Plan on getting an MCSE and then a MCPD when the new microsoft certs are offically out.

I started out with A+ and just finished Network+ both of which I knew most of the major concepts but lacked knowlege of the little details (like the OSI 7 layer model - never needed to know them in order but knew of them).

Comments

  • Vask3nVask3n Member Posts: 517
    I too am worried about what I have read on these forums. If I hadn't I believe I would be much more confident, not to say that I would pass right away. I will be taking the exam this coming Friday, and am going over the material from 3 different books (Passport, Exam Cram, Syngress)
    Working on MS-ISA at Western Governor's University
  • bcairnsbcairns Member Posts: 280
    vizv wrote:
    I too am worried about what I have read on these forums. If I hadn't I believe I would be much more confident, not to say that I would pass right away. I will be taking the exam this coming Friday, and am going over the material from 3 different books (Passport, Exam Cram, Syngress)

    I am using
    All in One Security+
    Exam Cram 2 Security+
    Test Out Security+ video series

    I seem to absorb the information faster from the videos but can't help but think they are skipping things that will be on the exam. All the labs are for windows 2003 and have to remind myself that CompTIA is not vendor specific.
  • Vask3nVask3n Member Posts: 517
    Well good luck with your studying....It is quite obvious that with this test, multiple sources are imperative...I just hate it when different books don't agree with certain subjects, and say the opposite of the other books.
    Working on MS-ISA at Western Governor's University
  • bcairnsbcairns Member Posts: 280
    vizv wrote:
    Well good luck with your studying....It is quite obvious that with this test, multiple sources are imperative...I just hate it when different books don't agree with certain subjects, and say the opposite of the other books.

    Ya i have been getting a lot of that icon_sad.gif
  • supertechCETmasupertechCETma Member Posts: 377
    bcairns wrote:
    The fact that so many people have problems with this test bothers me, for an entry level cert it seems to have a sharp learning curve.

    Security+ is NOT an entry-level certification. It is targeted at the technician with 2 years of SECURITY experience. Similar to the Server+ exam, it is an advanced certification.

    I think this is the point that most people seem to miss. They think it is an entry-level exam.
    Electronic Technicians Association-International www.eta-i.org
    The Fiber Optic Association www.thefoa.org
    Home Acoustics Alliance® http://www.homeacoustics.net/
    Imaging Science Foundation http://www.imagingscience.com/
  • keatronkeatron Member Posts: 1,213 ■■■■■■□□□□
    Hi guys, I'll try to provide a little insight here. I am a seasoned security professional also, however I did still have to properly prepare for this exam. Seasoned security pro can mean several things. For example, a person who's been a application security professional, or a firewall specialist for 7 years is by most measures a seasoned security pro, but there's some things we have to consider about Security+.



    1. It's vendor neutral.

    2. It covers many different topics (relatively speaking).

    3. It's very concept focused. In other words, you won't be expected to configure a firewall, but you'll be expected to know which ports need to be open to allow HTTP traffic through.

    4. The passing score is considerably higher than for A+, and Network+
    Security+ is NOT an entry-level certification. It is targeted at the technician with 2 years of SECURITY experience. Similar to the Server+ exam, it is an advanced certification.

    I think this is the point that most people seem to miss. They think it is an entry-level exam.

    Security+ is NOT by any measure an advanced certification examination. At the most, it would classed an intermediate level exam. Advanced security certifications would include the likes of CCIE /s, CISSP, CCSP etc.

    As always make sure you download the official objectives from Comptia which can be found here http://www.comptia.org/certification/Security/objectives.aspx?sent=1
    Make sure you understand ALL of them completely and you'll greatly improve your chances of passing. Concerning the conflicting information from different sources; I'd say you've already made a right step by using more than one source. If you see a conflict, email the authors/publishers, post the conflict here so that we might comment on it and assist you in getting the correct answers. Also, make sure you check any book for information concerning errata. I didn't find this exam to be extremely difficult by any means. Just a good deal of material. I will admit that some of Comptia's questions for Sec+ are either obscure or poorly written, but if you're able to nail down the things that are absolutes, you wont struggle nearly as much.

    Good luck to you guys.
  • Vask3nVask3n Member Posts: 517
    Wow...that helps a lot, Keatron. I actually am (and have been) going through the objectives for about a week now, making sure I know as much as I can. I just hope, despite what everyone on the forums says, that I won't get nailed by granular details.

    Thank you once again for the great summary of the exam. Friday is eagerly awaiting me...
    Working on MS-ISA at Western Governor's University
  • WebmasterWebmaster Admin Posts: 10,292 Admin
    I agree with Keatron, and based on lot of private discussions Keatron and I had about this exams, I think he put it very nicely.

    It is targeted at the technician with 2 years of SECURITY experience.
    This is nothing more than something CompTIA wants you to think*. In reality there's no truth in it whatsoever. I'm sure you know that most people who go for security+ don't have 2 years of security experience. In practice CompTIA certs are, in general, entry-level certs. Simply because people who enter the IT industry often start with CompTIA certs. Besides that reason, they are entry-level because you don't need any prerequisites nor any previous knowledge to start studying for CompTIA exams. The material itself is entry-level, and quite frankly far below acceptable standards, but that's another story... Certainly it becomes a lot more doable if you do have experience, but people prove every day that it is by no means required.
    I think this is the point that most people seem to miss. They think it is an entry-level exam
    You have a good point here though. Many people do underestimate the Security+ exam. But in the infosec arena, Security+ is as entry-level as it gets.


    *It's like Volkwagen saying they target their cars at people who've driven a Mercedes for two years. That won't make a Mercedes driver buy a "V-Dub", nor stop anyone who just got a driver's license from buying it.
  • bcairnsbcairns Member Posts: 280
    Everyone brings up good points :D

    A lot of the concepts are not new to me by any means (remember using Fraggle and Smurf with friends in college to see who could kill each others connections the fastest).

    One thing that I keep thinking is this test seems a bit more focused - even if it is vendor independant....

    For Network+, the books I read were 90% Windows and the Unix / Mac / Linux was added in as an after thought....needless to say the actual test was mostly the 7 Layer OSI and How to connect Mac and Linux boxes together - on the entire test I had only one question about Windows - and 6 on antenna types....if I had not known the OSI, I would have failed.

    Looking at the Security+ objectives, most of them seem to not interact with the OS as much as they do the 7 Layer OSI - and just plain common sense....but as we all know all operating systems are vunerable to different things...some are stronger then others, but at the end of the day that box is only secure as the person operating it....or the restrictions placed on it.

    Just got me wondering if there are any questions like "Linux is vunerable to which attack..." or "During install Mac computers need what installed to be considered hardened"...

    Well back to my studies icon_eek.gif
  • WebmasterWebmaster Admin Posts: 10,292 Admin
    You can get an idea of the actual questions by trying CompTIA's own sample questions:
    icon_arrow.gifwww.comptia.org/certification/security/samplequestions.aspx
  • Vask3nVask3n Member Posts: 517
    Any idea as to whether the questions resemble the actual ones? They seemed too easy
    Working on MS-ISA at Western Governor's University
  • WebmasterWebmaster Admin Posts: 10,292 Admin
    Yes, they resemble the actual questions very well, but in the actual exam they throw in a couple of odd (badly worded, ambigious, and even absolute plain nonsense) ones in it. With the high number of questions and passing score it can become tough. Personally I agree with you though.
  • bcairnsbcairns Member Posts: 280
    Webmaster wrote:
    You can get an idea of the actual questions by trying CompTIA's own sample questions:
    icon_arrow.gifwww.comptia.org/certification/security/samplequestions.aspx

    Slaps self in the forhead - knew i should have checked CompTIAs site before posting that
  • Danman32Danman32 Member Posts: 1,243
    I wish the actual test questions were as straight forward as that. I would have gotten somewere in the 800's. Actual test questions are more ambiguous than the samples.
Sign In or Register to comment.