**PASSED** this afternoon.
goforthbmerry
Member Posts: 244
in Security+
Woot!!! I passed the Security+ exam this afternoon. I scored a 855 so I am very excited about it. I know the score doesn’t matter once I get the pass but it feels good to have done well after I was so concerned about it.
The reason for my concern was twofold. First, the practice tests I was taking were giving me mixed results. I did okay on most of them but the Transcender questions were rough. There were things on those that I had not read about in any of the books I had used to prepare or any of the classes I had taken. (I have an AAS in Network management and Security and a MMIS in Management of Information Security - not a technical degree but really the management side of IT). Some of the questions seemed bizarre. Here is a sample question that really threw me: “You are examining a TCP packet that traveled through your router today. The protocol field of the IP Header contains a value of 115. Which protocol did this packet use?” The explanation reads: “The packet used the Layer 2 Tunneling Protocol (L2TP). L2TP operates at the Data-Link layer of the OSI model. A value of 6 would indicate the TCP protocol. A value of 17 would indicate the UDP protocol. A value of 1 would indicate the ICMP protocol and. A value of 2 would indicate the IGMP protocol.”
I knew that L2TP operated at layer 2 but I had never seen anything about the protocol field of packets. It makes sense that they do indicate individual protocols. I was just stunned by the question.
Second, this test is notorious for poorly or strangely worded questions. I cannot disagree with that. Of the 100 questions I knew 75 without any doubt. Of those remaining I would say that there were 15 questions that were confusing by the wording. It seemed that either of two answers could be correct depending on the context they were coming from. There was at least one question that the Grammar Application Protocol (GAP) was not in effect. I had to read it several times and still couldn’t really figure out what it was asking. I finally used key words to try to make an educated guess. There was another 10 that I just hadn’t considered important when I studied or otherwise couldn’t quite pull out enough to be 100% sure about. There were 9 questions that had multiple answers, however, the exam did tell you how many it was looking for.
I used the Syngress and Sybex books that so many people here in the forum suggest. I also used the Exam Cram2 book. I didn’t find it as useless as some people found it but it wasn’t the best. I also used Security+ Guide to Network Security Fundementals, 2nd Edition by Mark Ciampa. It was my text for both the AAS degree and the Master’s degree. Actually, I found this to be the least helpful for the exam. I really liked the Technotes from this site a lot. If I were to do it all again I would just use the Technotes, Syngress and Sybex books to prepare. Obviously, I did use practice tests. I found the Sybex material on the CD included with the book useful. Even the Transcender tests were helpful. Never anything wrong with learning to much or being over prepared. The test were actually very good with the exception of the more unusual questions. I would say that it is safe to assume that if you can pass Transcender, you are ready to go.
My goal is to get the MCSA: Security (assuming it is still available by the time I finish). I will do either the Vista 70-620 or the Server 2003 70-290 (I don’t enough about 2007 yet to brave it right now. I need to find a way to play with it.). I hope to have the MCSA done before next March. Then I will go for the CEH and ITIL certifications.
Sorry for such a short post put I a getting ready for a beer. If anyone has any questions that I am allowed to answer just let me know.
Hey- My 100th post.
:P
The reason for my concern was twofold. First, the practice tests I was taking were giving me mixed results. I did okay on most of them but the Transcender questions were rough. There were things on those that I had not read about in any of the books I had used to prepare or any of the classes I had taken. (I have an AAS in Network management and Security and a MMIS in Management of Information Security - not a technical degree but really the management side of IT). Some of the questions seemed bizarre. Here is a sample question that really threw me: “You are examining a TCP packet that traveled through your router today. The protocol field of the IP Header contains a value of 115. Which protocol did this packet use?” The explanation reads: “The packet used the Layer 2 Tunneling Protocol (L2TP). L2TP operates at the Data-Link layer of the OSI model. A value of 6 would indicate the TCP protocol. A value of 17 would indicate the UDP protocol. A value of 1 would indicate the ICMP protocol and. A value of 2 would indicate the IGMP protocol.”
I knew that L2TP operated at layer 2 but I had never seen anything about the protocol field of packets. It makes sense that they do indicate individual protocols. I was just stunned by the question.
Second, this test is notorious for poorly or strangely worded questions. I cannot disagree with that. Of the 100 questions I knew 75 without any doubt. Of those remaining I would say that there were 15 questions that were confusing by the wording. It seemed that either of two answers could be correct depending on the context they were coming from. There was at least one question that the Grammar Application Protocol (GAP) was not in effect. I had to read it several times and still couldn’t really figure out what it was asking. I finally used key words to try to make an educated guess. There was another 10 that I just hadn’t considered important when I studied or otherwise couldn’t quite pull out enough to be 100% sure about. There were 9 questions that had multiple answers, however, the exam did tell you how many it was looking for.
I used the Syngress and Sybex books that so many people here in the forum suggest. I also used the Exam Cram2 book. I didn’t find it as useless as some people found it but it wasn’t the best. I also used Security+ Guide to Network Security Fundementals, 2nd Edition by Mark Ciampa. It was my text for both the AAS degree and the Master’s degree. Actually, I found this to be the least helpful for the exam. I really liked the Technotes from this site a lot. If I were to do it all again I would just use the Technotes, Syngress and Sybex books to prepare. Obviously, I did use practice tests. I found the Sybex material on the CD included with the book useful. Even the Transcender tests were helpful. Never anything wrong with learning to much or being over prepared. The test were actually very good with the exception of the more unusual questions. I would say that it is safe to assume that if you can pass Transcender, you are ready to go.
My goal is to get the MCSA: Security (assuming it is still available by the time I finish). I will do either the Vista 70-620 or the Server 2003 70-290 (I don’t enough about 2007 yet to brave it right now. I need to find a way to play with it.). I hope to have the MCSA done before next March. Then I will go for the CEH and ITIL certifications.
Sorry for such a short post put I a getting ready for a beer. If anyone has any questions that I am allowed to answer just let me know.
Hey- My 100th post.
:P
Going for MCSE:security, Intermediate ITIL, PMP
Comments
-
gojericho0 Member Posts: 1,059 ■■■□□□□□□□Congrats on the pass. You understand that the L2TP is its own application correct and that is why it has its own TCP/IP Stack. It just is implemented at layer2 when encapsulating the original IP packet
-
dynamik Banned Posts: 12,312 ■■■■■■■■■□Nice writeup, and congratulations on the pass!
What's your drink of choice? I'm going with Session lager tonight. -
Sie Member Posts: 1,195Congratulations! Have a few for me!Foolproof systems don't take into account the ingenuity of fools
-
goforthbmerry Member Posts: 244I actually found out about the separate application running after I got that question. Google is a wonderful thing. I think I was just surprised by the level of detail the question was looking for. I think it was definately beyond what the security+ requires. I have never come across that in any of my studying. Like I said, nothing wrong with learning too much of being over prepared.
Thanks for the replies!
EdGoing for MCSE:security, Intermediate ITIL, PMP -
gojericho0 Member Posts: 1,059 ■■■□□□□□□□goforthbmerry wrote:I actually found out about the separate application running after I got that question. Google is a wonderful thing. I think I was just surprised by the level of detail the question was looking for. I think it was definitely beyond what the security+ requires. I have never come across that in any of my studying. Like I said, nothing wrong with learning too much of being over prepared.
Thanks for the replies!
Ed
Absolutely not, understanding that whole application tcp/ip stack thing will do you wonders to really comprehend more networking\security stuff!
If you have any yuengling, drink one of those for me! -
astorrs Member Posts: 3,139 ■■■■■■□□□□gojericho0 wrote:If you have any yuengling, drink one of those for me!
-
dynamik Banned Posts: 12,312 ■■■■■■■■■□I agree. I actually like that about Transcender. I'm annoyed at first since those odd questions usually wreck a nice streak, but it's nice that they fill in the gaps. I use it more as another study resource than simply a practice test.
On an unrelated note, why are you squeezing the CEH in between the MCSA and MCSE? I think you'll find that you'll want to go from 291 to 293. Also, I believe there is some *nix material in the CEH, so you might want to brush up on that a bit before taking it. -
goforthbmerry Member Posts: 244The CEH is really for my personal interest. If the overlap in the test justify rearranging the order of my test taking, I have no problem doing that. I have finally established my foot firmly planted in the door to network security. Security has always been my area of interest. I think I chose the paths that lead to the most certifications. I understand that certifications are no substitute for real experience but I am trying to lace my resume with both.
I am happy with my current job for now but I know that I will want to move on to a position dedicated to security after gaining some experience. I think the CEH shows good technical skills and knowledge. I have not spent enough time actually looking at the objectives of the tests for the MCSE yet. I have not equated that into my testing order. I will definately consider the option you are suggesting. Thanks for the tip.
EdGoing for MCSE:security, Intermediate ITIL, PMP -
jarjar Member Posts: 60 ■■□□□□□□□□Congrats! And thanks for the info on your experience. I award you 17 Karma Points (redeemable at death).
-
goforthbmerry Member Posts: 244So I got that going for me.....Going for MCSE:security, Intermediate ITIL, PMP