YEA...810 Security+ (2008) SY0-201
I would like to thank this forum and its members for helping prepare and pass the Security+ exam.
So you want to know how i did it?
Well... i currently attend NJIT in New Jersey and have completed three years of undergrad courses. I am currently enrolled in BS:Information Technology Concentration: Network Security. So i have been studying this as my major.
The thing is i wanted to complete the exam in Summer 08 but i had an internship and partly got lazy. So i started studying for it in Winter break 08 (about 1 month off) but i realized i would not get serious until I actually schedule it. Note: I have my own business and i am always busy, with NJIT academic in forefront of my mind. So i bought a voucher on ebay and scheduled it for the end of Feb09. However, after one month i still did not read/watch all of the resources i have. Then i got slammed with the hardest semester and with all of the extracurricular i am participating in. Then end of Feb 09 came and i was unprepared. The thing is i knew most of the concepts, but i rather know all of it and not regret it. So then i tried to schedule it again for the Summer 09, but the voucher was going to expire in April 09. That is why i got the voucher for cheap ($160) ... because it was going to expire soon. So i just scheduled it for today (04/07/09).
So how much did i study?
All of my schooling, experience (reading, implementing, internships, work), some prep during Summer 08, Prep during Winter 08... and a little more reading after semester started. Then i completely dropped the subject. However, i am taken courses that mention these topics in depth. Then just yesterday spent 8 hours reviewing and watching CBT. Woke up today and reviewed for about 5 hours of CBT and notes i had written up.
Material:
Syngress Security+ (SY0-101)
Security+ Guide To Network Security+ Fundamentals ... bought it for a course
Practice exams on this site and around the web
Previous course material
CBT Nuggets Security+ 2008 by Micheal Shannon
I watched most of the Nuggets in the past day (10 hours total)
Here is what i got wrong at least the topics
***THE QUESTIONS WERE WORDED HORRIBLY***
***YOU HAVE TO READ IT COUPLE OF TIMES AND TAKE A DEEP BREATH***
1. TACACS vs RADIUS ... which is better in a SECURE environments
2. Penetration testing vs vulnerability testing
3. 2 different inputs = the same hashed output.... what is the term ... something like that
---> i put collision metric ... but i believe the answer was collision avoidance
4. how to secure virtualization security (put them on different subnets? dl pathes?)
5. Know which encryption algorithm is used in which application
6. PKI ... regarding PGP and email security
7. Monitoring tools and detect anomalies
8. Disaster recovery (carbon dioxide? water? deluge?)
9. Organizational policies
10. Risk assessment, risk mitigation. (if the cost of mitigating the risk is more than the actualized cost of the data ... what would you do? reject the risk? accept? mitigate?)
I believe this post ... well what i wrote above, will help you a lot. As you can see i did not really study to much risk assessment and organizational security.
Good luck.
THANKS AGAIN TO ALL OF THE PEOPLE ON THIS BOARD.
CISSP ... NEXT YEAR.
So you want to know how i did it?
Well... i currently attend NJIT in New Jersey and have completed three years of undergrad courses. I am currently enrolled in BS:Information Technology Concentration: Network Security. So i have been studying this as my major.
The thing is i wanted to complete the exam in Summer 08 but i had an internship and partly got lazy. So i started studying for it in Winter break 08 (about 1 month off) but i realized i would not get serious until I actually schedule it. Note: I have my own business and i am always busy, with NJIT academic in forefront of my mind. So i bought a voucher on ebay and scheduled it for the end of Feb09. However, after one month i still did not read/watch all of the resources i have. Then i got slammed with the hardest semester and with all of the extracurricular i am participating in. Then end of Feb 09 came and i was unprepared. The thing is i knew most of the concepts, but i rather know all of it and not regret it. So then i tried to schedule it again for the Summer 09, but the voucher was going to expire in April 09. That is why i got the voucher for cheap ($160) ... because it was going to expire soon. So i just scheduled it for today (04/07/09).
So how much did i study?
All of my schooling, experience (reading, implementing, internships, work), some prep during Summer 08, Prep during Winter 08... and a little more reading after semester started. Then i completely dropped the subject. However, i am taken courses that mention these topics in depth. Then just yesterday spent 8 hours reviewing and watching CBT. Woke up today and reviewed for about 5 hours of CBT and notes i had written up.
Material:
Syngress Security+ (SY0-101)
Security+ Guide To Network Security+ Fundamentals ... bought it for a course
Practice exams on this site and around the web
Previous course material
CBT Nuggets Security+ 2008 by Micheal Shannon
I watched most of the Nuggets in the past day (10 hours total)
Here is what i got wrong at least the topics
***THE QUESTIONS WERE WORDED HORRIBLY***
***YOU HAVE TO READ IT COUPLE OF TIMES AND TAKE A DEEP BREATH***
1. TACACS vs RADIUS ... which is better in a SECURE environments
2. Penetration testing vs vulnerability testing
3. 2 different inputs = the same hashed output.... what is the term ... something like that
---> i put collision metric ... but i believe the answer was collision avoidance
4. how to secure virtualization security (put them on different subnets? dl pathes?)
5. Know which encryption algorithm is used in which application
6. PKI ... regarding PGP and email security
7. Monitoring tools and detect anomalies
8. Disaster recovery (carbon dioxide? water? deluge?)
9. Organizational policies
10. Risk assessment, risk mitigation. (if the cost of mitigating the risk is more than the actualized cost of the data ... what would you do? reject the risk? accept? mitigate?)
I believe this post ... well what i wrote above, will help you a lot. As you can see i did not really study to much risk assessment and organizational security.
Good luck.
THANKS AGAIN TO ALL OF THE PEOPLE ON THIS BOARD.
CISSP ... NEXT YEAR.
Comments
-
Andretii Member Posts: 210Congrats
I"ll be taking this exam next week and will definitively go back on those topics you mention.
I'm using: Sybex Security+ Deluxe Study Guide + Labs + Tests + CBT Nuggets S+ 2008 + TechNotes from here and somewhere else.
Almost done and then off to CBTsXBL: Andretii
"I have 16 Millions different ways of pinging myself. Sounded kind of dirty but that's not how I meant it." J. Conrad
Working on:
VCP4 » 0%
LPIC-1 » 0% -
Megadeth4168 Member Posts: 2,157Congrats!
You know...everyone seems to say that the questions were worded horribly for the Security+.... I personally didn't think so. maybe I just got a lucky pool of questions.
Actually, After taking as many MS exams as I've taken, taking the Security+ exam again would be a welcome change to the long winded MS questions. -
dj29152 Member Posts: 15 ■□□□□□□□□□Megadeth4168 wrote: »Congrats!
You know...everyone seems to say that the questions were worded horribly for the Security+.... I personally didn't think so. maybe I just got a lucky pool of questions.
Actually, After taking as many MS exams as I've taken, taking the Security+ exam again would be a welcome change to the long winded MS questions.
I meant to say that they questions were ambiguous. Meaning that from what the question states, there can be 2 answers. It depends how you read and understand the question. -
Kasor Member Posts: 934 ■■■■□□□□□□Two thing that I learned from this exam.
1) Must think like the textbook
2) general security concept and cover everything you need to knowKill All Suffer T "o" ReBorn -
murdatapes Member Posts: 232 ■■■□□□□□□□Great JOB! !
How many questions?Next up
CIW Web Foundations Associatef(Knock out some certs before WGU)
ITIL Intermediate Service Operations -
Killermac Member Posts: 93 ■■□□□□□□□□It always feels good when you study hard and pass these exams. Congrats and good luck with future certs.
KMKillermac
A+;Net+;XP,MCP, Security+, Win 7: 70-680 -
mamono Member Posts: 776 ■■□□□□□□□□Congrats! I didn't think the CompTIA Security+ SY0-201 exam was worded horribly, its just that you need to be really careful with reading each question. As some books mention, read the question twice, then answer it. Like how the question is worded, there are specifics that need to be understood before implementing a resolution. The same holds true for the real world, get a minor detail wrong or misunderstood and what you thought you had secured was in fact not properly secured and becomes a security flaw. Take your time, but budget your time.