Another Security+ professional is born...

JDMurrayJDMurray Admin Posts: 13,099 Admin
I just passed the Security+ with a score of 796 in 45 minutes. I took the exam at my usual testing center at a heliport in Southern California and everything proceeded as expected.

This was my fifth CompTIA exam and I must say it was not only the toughest I've taken so far, but the quality of the questions and their wording was clearly the best yet. The choice of answers for many of the questions, however, was sometimes rather disappointing. Many of the answer selections were quite straightforward, almost to the point just being common sense (these are the ones that worry me the most). There were the usual, pick the "most correct" answer, and several with silly answers that gave me a chuckle. There were (at least) three questions where NONE of the answers seemed applicable. I ended up having to choose what I felt was the "least incorrect" answer for those questions. I didn't see any surprise subjects on the exam, and there were only a two questions in which I didn't have the knowledge to answer.

There were a noticeable number of questions on the topics of: certificates, PKI, public/private key encryption, network infrastructure security (VPN, VLAN, routers, firewalls, switches, etc.), access models, and security practices. A fair number of questions also required knowledge of port numbers and the internal of protocols (IPSec, SSL, CHAP, etc.) and how they are used (tunneling, transport, encapsulation). Know all your attacks (Dos, DDos, MITM, sniffing, etc.) and popular applications that are used in attacks (NetBus, BackOrifice, and a few others I've never heard of).

I would say there were about 10 questions that could have easily been on the Network+ or I-Net+ exams, and maybe three or four that were like those on the Server+ exam. And unlike on all of the commercial practice exams I’ve taken, there were no multiple-choice answers on the actual Security+ exam.

After completing the initial pass of the exam in 45 minutes, I reviewed several of my answer answers selections and ended up changing two. I had time to review all of my answers, but I opted for an early lunch instead. I probably would have gotten a higher score if I had bothered to apply "due care" (or is it "due diligence?") and just reviewed the whole thing; I advise that you take the time to review ALL of your answers.

All that being said, I used the following study guides listed here in recommended order:

1. Tcat Houser's full Security+ certification study guide.
2. All three Boson Security+ practice tests.
3. CBT Nuggets training video (2 CDs).
4. Tcat's Security+ practice exam (beta release).

I also read through many web sites filled with security information, skimmed Security+ books from Sybex, Cue, Microsoft, and Meyers, and tried a few Security+ sample practice exams. No single reference I looked at closely resembled the style of questions on the Security+ exam. You’ve really got to use a wide variety of resources to study for Security+.

I also highly recommend that anyone pursuing any security cert read the book Crypto by Steven Levy. It's a factual hacker novel about the historical evolution of cryptography, and is a fun read if you are really and truly interested in computer information security. I enjoy all of Levy's books.

Comments

Sign In or Register to comment.