Barely passed Security+

Gennosuke HIGAKIGennosuke HIGAKI Member Posts: 68 ■■□□□□□□□□
I've just cleared this hurdle. My socre was 788, not good, you say?
I anticipated that the real exam would be much more technically
written but mostly conceptual and conventional in asking on security.

I remember no multiple answers being asked. Anyway, this is my 6th
win in Comptia series since last October.

I thank you all flocking to this forum.

Comments

  • janmikejanmike Member Posts: 3,076
    Congratulations!
    "It doesn't matter, it's in the past!"--Rafiki
  • RussSRussS Member Posts: 2,068 ■■■□□□□□□□
    Congrats
    www.supercross.com
    FIM website of the year 2007
  • bighornsheepbighornsheep Member Posts: 1,506
    congrats!

    Very nice list of certificates....considering anything else now?
    Jack of all trades, master of none
  • SlowhandSlowhand MCSE: Cloud Platform and Infrastructure / Core Infrastructure, MCSA: Windows Server 2003/2012/2016 Bay Area, CaliforniaMod Posts: 5,161 Mod
    Good job. And I never really worry about "just barely" passing scores. If you passed, you're well-versed enough to earn the cert. If you don't feel like you did as well as you'd hoped, study more. (But make no hesitations about whipping out that nifty wallet-card when people ask you if you know about security.)

    Free Microsoft Training: Microsoft Learn
    Free PowerShell Resources: Top PowerShell Blogs
    Free DevOps/Azure Resources: Visual Studio Dev Essentials

    Let it never be said that I didn't do the very least I could do.
  • princess4peaceprincess4peace Member Posts: 286
    Congrats
    Knowledge is life
  • Gennosuke HIGAKIGennosuke HIGAKI Member Posts: 68 ■■□□□□□□□□
    For your reference, I review my approach to this bit tougher exam.

    As for computer security, I had learned, practiced, and applied basic techniques so far in home and office LANs. I had used SAINT vulnerability scanner and other Perl scripts in Linux. (I have never behaved “script kiddy.”) I hadn’t gone further because bosses appointed me a Web developer in Microsoft world.

    For this exam, I did brush myself up and gain new thoughts and techniques. Laws, regulations, and practices on computer security are being polished and more and more instituted, as you know? New technologies like Wireless LAN came to be applied widely. (I still don’t trust Wireless LAN.) Rat race never ends between security specialists and underground dwellers.

    1. Materials:

    Johan’s nice TechNotes, quite helpful to focus and target the exam scope.

    Microsoft Security+ Certification: plain, concise, and intelligible. Attached CD ROM presents 100 toughest scenario based questions on which the text least comments or twists awfully.

    Sybex CompTIA Security+: comprehensive and abundant. Review tests are rich and pointed.

    Several books: mostly Unix/Linux based security guidance and applications

    2. Prep Exams

    Various free exams available in Internet or commercial ones; say, uCertify PrepLogic

    3. Supplementary references

    Whenever I faced questions or new topic, I sought queues, hints, and answers in Internet.

    Though I gained 60% in average from an onset, as I made the above cycle, scores rose up over 90%. It took nearly 2 months.

    I assumed real exam would mainly ask technical issues, for instance, details on IPSec, cryptography, authentication by Kerberos or Radius, firewall rules, IDS types and deployments, and more, otherwise, similar to awful Microsoft styled scenarios. Against my expectation, I think 70% were conceptual or superficial ones on so-called computer security.

    Approx. 5 questions were vague and tricky for me. I remembered seeing the rest somewhere in prep exams or texts. I thought I could go over 800 but in vain. I lost 12 points in total. There might be different interpretations on a subject. For instance, scanning, sniffing, footprinting, fingerprinting, enumeration, information gathering. Or man-in-the-middle, snooping, spoofing, eavesdropping. One prep test marks enumeration right but another wrong. Anyway, you don’t have to stick to those nuts-and-bolts. Birds-eye-view and a well-balanced approach will guide you to a success. Oh, one thing I advise is you should be able to distinguish WEP, WAP, WPA in a wireless environment.

    I am basically OpenSource minded, so LPI-2 looks quite challenging. Otherwise, in order to make use of my old shabby powerless CICSO
    2501 router, CISCO series may be next targets.

    Thanking you all and looking forward to your challenge and success I remain.
  • Non-Profit TechieNon-Profit Techie Member Posts: 418
    thanks for the nice review. looking forward to the test soon.
Sign In or Register to comment.