My second attempt

endersftd

After having failed Sec+ by probably one question about 6 months ago, I have finally willed myself to cough up the money and take it again. I have used these past months to study off and on. I'm scheduled to take it July 8th.

Two things I'm going to take special effort to focus on these next two weeks:

-Encryption Algorithms (including their usage, ie Tunneling, Key exchange,etc.)
-Well-known TCP and UDP ports

I feel pretty confident, but I don't want to waste more money. Thanks in advance to TechExams.net and all those who are active on the forums.

EDIT:
Ah yes, materials I used:
Sybex Sec+ Guide (sucks)
Sybex Fast Track Guide (also sucks)
Syngress guide (way over the top, but better than anything else I used)
TechNotes (naturally)
Wikipedia (for more in-depth understanding of particular things, like public key infrastructure)

Of course, having already gotten A+ and Net+, that knowledge is helpful towards Sec+.

jescab

GOOD LUCK buddy...........

sprkymrk

I thought the Sybex book was pretty well liked by others here. I have it, but haven't opened it yet (using Exam Cram and Dummies and Tech Notes first) so can't give an opinion. What was it you liked/didn't like about it? Thanks.

janmike

Good luck!

endersftd

I dunno. Seemed like it was really hap-hazardly put together. I seem to remember it saying something like, "You don't need to know this for the exam..." and it was on the exam (although I can't remember what it was). The Syngress, though, is sooo thorough.

Oh yeah, that silly testing engine it comes with is crap. It'll ask you a question asking for 2 or more answers, but will only let you choose one, so you immediatly get it wrong. It's been so long ago, I just felt like there were some contradictory things and it left out some important things. Maybe I had an earlier edition or something. If I think of something specific, I'll post it.

sprkymrk

Thanks for the info. I appreciate it. Good luck!

Danman32

Neither Syngress or Sybex covered the IP protocols for AH and ESP of IPSec, and it was covered on the exam. I knew about them, but I hadn't covered that detail since I didn't think it was going to be tested (maybe it was one of the ungraded questions?)

So it seems not any one source is the best.

I'd say my average for average test scores overall is around 800.

endersftd

I just checked my Syngress book and you're correct.


Isn't that protocols 50 and 51?

Danman32

Yup, next is to remember what order. Webmaster has it in his study notes.

Syngress seemed to skip some of the 12 attack types, like the Birthday attack. It's mentioned at various points later in the book, but if I hadn't read it in Sybex, I might have glossed over that. Weak keys and Mathematical attacks are also skipped in chapter 2.

endersftd

I suppose it's the unfortunate result of not being able to copy out things from the exam directly - all you have to go on is the objectives. Which is why nearly all Sec+ (and other cert books) are all structured the same way - in order to stay in line with the objectives list. Of course, this doesn't always make sense, as earlier objectives will require knowledge of later objectives to make sense to those not already familiar.

endersftd

Alright, I was supposed to take the Sec+ exam Saturday. So I get in my car and drive 45 minutes to the testing center. Once I get there, the lady manning the office is like, "We're having problems with our server and I can't bring any of the tests up. We can reschedule you for Thursday evening."

I wasn't happy. So the new date will be the 13th. Think I should contact Pearson VUE and ask for some kind of discount?

(On an aside, the lady was like, "I tried to call you, but I can't get through!" She tried dialing my house number and as soon as she got done punching in the numbers, the phone made a tone for about 10 seconds. Somehow, she doesn't know that she needs some kind of long-distance access code to make long distance calls.)

sprkymrk

Ouch, tough luck endersftd!
Good luck on Thursday though.
And I wouldn't bother trying to get some compensation for your wasted trip. It will only add to your stress and most likely won't result in any kind of discount.

Megadeth4168

Sorry to hear about that. They were having trouble when I went in for my last test but apparently all was working for the exam I was taking....

Danman32

Interesting, since I originally planned to retake the test today, but decided to wait until next week since one of the guys who would have covered is on vacation. This would give me more time to study and take practice exams. The other guy was supposed to be here, but he didn't show up today, so I am the only one here.

God is certainly watching over me.

endersftd

UPDATE: I got a call from Executrain, which is the testing center providing my PearsonVUE test. They tell me that the software upgrade is still having problems and I have to reschedule AGAIN!

I was able to get a name for a contact that might be able to help me get some kind of compensation for all this trouble. I'll post if I hear anything.

To my knowledge, this "upgrade problem" is affecting all (or at least more than one) of PearsonVUE sites, not just the site I'm going to. Anyone testing with PearsonVUE soon might want to give them a call to see if they're having trouble or not.

sprkymrk

Wow, what a pain!
Fortunately I have always tested at Prometric centers. Aside from some crappy equipment at one center, I've never had a problem.

bcairns

endersftd wrote:

UPDATE: I got a call from Executrain, which is the testing center providing my PearsonVUE test. They tell me that the software upgrade is still having problems and I have to reschedule AGAIN!

I was able to get a name for a contact that might be able to help me get some kind of compensation for all this trouble. I'll post if I hear anything.

To my knowledge, this "upgrade problem" is affecting all (or at least more than one) of PearsonVUE sites, not just the site I'm going to. Anyone testing with PearsonVUE soon might want to give them a call to see if they're having trouble or not.

When I sat for the Security+ exam at my local Vue center, they had me on a different computer then normal because it was having issues...they did not say anything more and at the time I did not think anything about it.

Maybe it suffered from what you are describing?

endersftd

Alrighty, I just got off the phone with the Executrain people (again, the testing center I use for PearsonVue). Apparently when PearsonVUE upgraded their software and sent the update pack to Executrain, the software wouldn't work on their Windows 2003 Server Enterprise machine. They said that they'll be able to "right the wrongs" Monday. Until then, I'm also trying to contact VUE directly about getting some kind of compensation.

BTW, I have no loyalties to VUE - the only reason I originally scheduled with VUE is that Executrain (45 minutes away) was the closest center that was open during hours I wasn't working (meaning, they were open on Saturday). There's a testing center figuratively right down the street, but they're only open 9:00-5:00 or so, so I would have to try to get off work for it, which is difficult.

I'll post if any new developments occur.

endersftd

Just so I don't forget to mention it, the thing I was tested on that Sybex said I didn't need to know were the formulas on Loss Expectancy (page 470). Sybex book talks about it but says at the top "you will not be tested on these formulas." I had one question that asked about one of these formulas.

I'm re-re-scheduled to take the exam this evening, so I'll tell you all how it goes.

Danman32

MeasureUp had that on the practice questions. What's worse, it used the acronyms without expanding them.
So I was prepared for only having the acronyms in the formula.

BubbaJ

endersftd wrote:

Just so I don't forget to mention it, the thing I was tested on that Sybex said I didn't need to know were the formulas on Loss Expectancy (page 470). Sybex book talks about it but says at the top "you will not be tested on these formulas." I had one question that asked about one of these formulas.

I'm re-re-scheduled to take the exam this evening, so I'll tell you all how it goes.

This is a problem with studying for the exam. You should strive to learn the technology. The purpose of the exam is to test your knowledge of the technology withing the parameters of the exam objectives.

I have always found the best way to pass an exam is to get a copy of the exam objectives and learn the technology behind them. sometime, that may involve learning something not on the objectives (horrors) in order to be able to learn something on the objectives.

Danman32

Yes, but how deep does one need to go on those objectives? The concept itself, or do we need to know how to use every tool available to achieve the objectives? That's the problem we all get caught up in.

endersftd

Oh I agree that the certifications should show that you know technology, not just to know the exam. I was merely completing my argument earlier in the thread about where I said the Sybex book was crap. That's all.

Naturally, this is why I learned I must use multiple study sources rather than rely on just one (Sybex). I learned a LOT of useful stuff by looking up things on Wikipedia (and this site, of course).

BTW, I passed with an 860 today.

sprkymrk

endersftd wrote:

BTW, I passed with an 860 today.

Way to go endersftd!
You deserve it after all you went through. I was just going to suggest you change the name of this topic to "Security+: The Saga Continues".

PS - Make sure you remember to add it to your certs at the left!
<

---

DragonNOA1

Congrads. Well deserved.

janmike

Congrats on the pass!

endersftd

"The Saga Continues" LOL.

I'm rather glad that this particular saga is ended. It's been fun guys. Having the support of all you people on TechExams really does make things easier for me, if only because I'm not alone. Hehe. That was sappy.

Anyway, thanks again all! (I suppose I'll be moving to the iNet+ forum for a few weeks.)

Megadeth4168

Grats!