Should I take this exam?

Training DazeTraining Daze Member Posts: 6 ■□□□□□□□□□
First off...AWESOME website! I am indebted to the creators, moderators and members of this site for posting and sharing so much useful information.

I am a college student and have no background in this field. I crammed for both the A+ and Net+ earlier this year and passed both on my first attempt...and now Sec+ is soo tempting to take as my final compTIA cert. I am really nervous though b/c this test is scored 100-900 points and I would need a 764 to pass....so with my broken math skills that means I need to get about 85 out of the 100 questions correct to pass this thing. This is intimidating b/c I have struggled to get the $220 to take this (i.e. broke college student).

I guess to sum it up I really want to take this but am 2nd guessing spending so much on such a high fail rated exam. Perhaps it would be better just to move on to 70-270 and take advantage of the cheaper price tag and 2nd chance offer Microsoft is doing until the end of Jan. 08.

For prep work I've spent the past 2 months memorizing the sybex and most of the syngress books (syngress was really long and boring). Also the technotes on this site have been a huuuuge help. I went through the exam cram book at borders and got an 86% on the practice test....guess I am just nervous...I'll update this if I do take this exam and tell you all how it went.

Sorry for rambling ...great site again! I can't imagine how lost I would have been without it!

Greg

Comments

  • spree610spree610 Member Posts: 57 ■■■□□□□□□□
    this is an excellent entry cert. it especially makes you more marketable due to the growning requirement for IT security. Even the DoD requires that all IT administrators be security certified and this cert meets their requirement. Will this get you that 60-70k Job? probably not but it is a great start.
    "The secrecy of my job prevents me from knowing just what it is that I do."

    Next stop 70-291, 70-648, 70-646
  • MishraMishra Member Posts: 2,468 ■■■■□□□□□□
    You studied for it already. Don't let that time you spent go to waste and finish your studying and take the test.
    My blog http://www.calegp.com

    You may learn something!
  • bertiebbertieb Member Posts: 1,031 ■■■■■■□□□□
    Welcome! I'd suggest you carry on with the cert, it's obvious you've put a lot of effort in already and it's a decent one to have, IMO.

    Don't get too hung up on the score, some questions are not scored and some may be weighted differently, so you'll never know how many you really need to pass. Concentrate on knowing the material and you'll be fine. Put it this way, imagine how good it'll feel when you get that 'Pass' on screen after all the effort and worry.

    Good luck! :)
    The trouble with quotes on the internet is that you can never tell if they are genuine - Abraham Lincoln
  • Training DazeTraining Daze Member Posts: 6 ■□□□□□□□□□
    Thanks for the posts...I decided to take this exam...just waiting on Preplogic to email me my voucher #, hopefully i can get it done on Monday. It would be nice to pass but the information absorbed just studying for this exam really laid out a nice security foundation. I really feel comfortable with all of the terms and I am sure this will pay dividends with my future IT classes and certifications....

    For some reason my brain had trouble with remembering the cryptology material and keeping it all organized. I made a quick cram sheet that I quickly went over everyday before i was about to study and it really helped, feel free to correct it if you notice an error.

    I couldn't get the concepts associated with asymmetric, symmetric and hashing sorted so I came up with a quick pneumonic device which helped enormously. Use SHA (like the hash type) and CIA ( like conf., integrity and availability...except I switch availability for authorization)....so just line up..
    SHA==with==>CIA

    Symmetric ===>Confidentiality
    Hash=======> Integrity
    Asymmetric===>Authenication

    Also a quick way to know if the algorithm is asymmetric is
    ==>REED
    Rsa
    Ecc
    El-gamal
    Diffie-helman
    ........................if it's not 1 of these you know it's symmetric!


    Hashing (integrity)
    SHA – Secure Hash Algorithm
    - Ensures integrity of message
    - 160 bit hash value
    - More secure
    - One-way hash

    MDA - Message Digest Algorithm
    - One-way hash
    - 128 bit digest
    - MD5 most commonly used hash
    - MD5, MD4 & MD2

    Symmetric Algorithms (confidentiality)
    - Private key encryption
    - Use block/stream cipher

    DES - Data Encrypted Standard
    - 56 bit key
    - Outdated (replaced with 3DES)

    AES - Advanced Encryption Standard
    - Uses Rijndael algorithm
    - Supports 128, 192, and 256 bit keys

    3DES -Triple DES

    CAST - 40 and 128 bit keys
    - Fast and efficient

    RC -RC5 and RC6
    - Keys up to 2,048 bits
    - Block up to 128 bits
    - Strong system

    Blowfish – 64 bit block ciphers
    - Very fast, symmetric block cipher

    IDEA - International Data Encryption Algorithm
    - 128 bit key
    - 64 bit blocks
    - Used in PGP!!!

    Asymmetric Algorithms (authentication)
    - Uses two keys
    - Public and private
    - Used in PKI

    RSA - public key encryption & digital signatures
    - De facto standard
    - Used in SSL!!!!

    Diffie-Helman - doesn’t encrypt or decrypt messages
    - Used to securely transmit keys

    ECC -Elliptic Curve Cryptography
    - Used in mobile devices

    El Gamal - Transmits digital signatures and keys

    Digital Signatures - validates integrity of message and sender & authentication
    - Used to authenticate asymmetric keys
    - Uses message digest, hash value and pu/pr keys
    - Sender uses pr key to sign the message and receiver uses sender’s pu key to verify.

    PKI - Public Key infrastructure
    - Asymmetric (2 key) uses: CA, RA, RSA and digital certificates
    - Just a framework
    CA - Certificate Authority
    - Associates public key with an individual
    - Can be either public or private
    - RA (registration authority) helps out (can’t issue certificates though)
    - LRA helps too (local registration authority)
    x.509 - most popular certificate

    CP, CPS, CRL, OCSP

    Policy – rules and requirements which should be adhered to by an organization.
    - Contain conditions of expected performance and consequences of non-compliance
    Standards – detail rules and best practices that must be complied with, ARE MANDATORY
    Guidelines – similar to standards (both detail rules and best practices) but the guidelines ARE NOT MANDATORY
    Procedures – detail steps of how policies should be implemented w/in a production environment


    Hope this helps anyone struggling with the same stuff i was! I'll update my impression of the exam next week after i take it.[/b]
  • sir_creamy_sir_creamy_ Inactive Imported Users Posts: 298
    If money is tight don't even bother with this "certification". Your money will be better spent investing in textbooks that cover the topics in depth from the ground up.
    Bachelor of Computer Science

    [Forum moderators are my friends]
  • Training DazeTraining Daze Member Posts: 6 ■□□□□□□□□□
    Took the exam this morning and passed with an 825. Really happy I decided to go for it. The exam itself was pretty straightforward and the difficulty level was about what I expected. If you are planning on taking this I suggest taking all of the practice exams you can find and once you score at or above 85% on a consistent basis then take it. Time to mosey on over to the 70-270 forum and start the MCSA.
  • dynamikdynamik Banned Posts: 12,312 ■■■■■■■■■□
    Congratulations. Why is this your last Comptia exam though? Go for the Linux+ and get an introduction into Linux, and the Project+ will come in handy if you ever have/want any IT-related management responsibilities.
  • bertiebbertieb Member Posts: 1,031 ■■■■■■□□□□
    Well done :)
    The trouble with quotes on the internet is that you can never tell if they are genuine - Abraham Lincoln
Sign In or Register to comment.