Passed SY0-201 but Disappointed with Cert

ephemericephemeric Member Posts: 13 ■□□□□□□□□□

Got 840/900 last Tuesday for the exam. I know I could have done better but I didn't want to spend another week preparing for this exam. I just wanted it ASAP. I have five years experience as a Systems Administrator and a Linux+ cert with security as a hobby mostly, up until now.

Used Sybex Security+ Deluxe Study Guide and Mike Myers Passport to Security+. Firstly, let me say that I would have probably barely passed, or failed had I not studied all the notes on this site for Security+. They are the most technically competent notes I came across. Thanks. Well done, keep up the good work. Maybe I can write an article someday?
One guide, no matter what publisher, is not enough unless you have extensive experience and reading/studying time under your belt already. For me, I love FOSS and therefore haven't any Microsoft experience security wise from Windows 98 onwards. Sybex wasted too much time on irrelevant content and Myers was way too little, although the exam tips were spot on most if not all of the time.
However, Transcender (or other practice exams) is what got me hopping.

If I had to do it all over again, here is what I'd do: do this and you will do very well, I think this is one of the most effective ways to go about this business. I used Transcender in my example but I'm sure any reputable vendor will suffice.

Do a practice exam, get a feel for what they're asking. Remember, you don't need to know the whole world of security, all you need to do is answer THEIR questions correctly at the end of the day (I am not for one second advocating that one learn as little as possible to just pass, you're only hurting yourself). Trying assessment questions is not enough, do a full exam BEFORE you start studying.

Skim one study guide through quickly, making note of the most pertinent sections. Then go through ALL of the [Transcender] questions, study the answers, explanations AND the references on each question whilst referring to the study guide, exam objectives, domains as necessary.

Do that and you'll get a perfect score. Questions I know I got wrong I went and searched for and they all came up in the Transcender references (I copied about half of the reference links, anyone wants them, please let me know).

That's it. You know you have mastered the content when you understand the algorithms used by Transcender (or others) in constructing the practice exams. They tend to cover all of the possible angles in each question by cramming in a lot of necessary knowledge required to answer correctly. They have to do this in order to guarantee you pass. For example, one of the questions on this site asks what is the most common key size for symmetric algorithms? 128-bits. That means you have to know a lot about all of the various symmetric ciphers to answer correctly. See what I mean? One question like this can test your knowledge of a dozen block ciphers. Like what key is used for signing and what key for encrypting mail, how and when, in what order, symmetric, asymmetric etc.
Protocols like IPSec can get you, four modes, a whole lot going on with encryption, authenticity, integrity, key exchange, security associations etc. Make sure you know your tunneling protocols well.
I realised how little I knew after trying the questions on this site. I went back and studied Internet security, cryptography and e-mail security with a vengeance. Ironically, those areas turned out to be my strong points! In the exam, READ THE QUESTION AT LEAST TWICE! Like my accountancy teacher used to say (she was one of the best teachers I've ever had): if all else fails, read the question. I marked questions for review and upon seeing them the second time realised I'd misread the question first time round. Be careful, take your time, not too much time but be careful. Don't be proud and think you can finish in 45 minutes. You can, but very few people can work that fast under pressure. You can know your work inside out but come exam day and you get too nervous and misunderstand, rush and cock-up the whole exam just because you forgot how to read.

I'm not ashamed to admit it, during studying I had to pull out my dictionary and re-learn certain words for accuracy. How many of you know the exact differences between an iris and a retina? Biometrics for example; bio, meaning life and metrics meaning measure, the measurement of life, makes so much more sense to me now when constructing effective mnemonics. Some advice, a regular dictionary is probably no good for most of the computing terms, acronyms and jargon used.
Take the word integrity for example, a typical definition: noun 1 uncompromising adherence to a code of esp moral or artistic values. No good to us, for all intents and purposes we need to know that integrity ensures that the message has not been altered or modified in any way whatsoever in our security context, be that what it may be.

I have to say I am however very miffed about this exam and CompTIA in general. I have two of their certs, waste of money.

Some pertinent questions:

Is this a Security+ or a Network+ exam?
The exam to me seemed more like a Sysadmin+.
Security AND Safety+. Putting out different types of fires? Personally I don't care, but it might save my life now one day.
Wording is still a big issue here, someone said that many of CompTIAs questions raise more questions than answers.

I must admit that I am biased when it comes to security, I've only always been interested in pen testing, maybe a bit of defensive host- and network-based security, buffer overflow exploits, shellcode etc. If you really want to know security, just read Phrack. Period.

Lastly, cost. Here in South Africa it costs a fortune. I paid for everything myself. Let's say study guide R1000, practice exams another R1000 (purchased online and downloaded), the exam is about R1800. Let's call it an even R4000 (which would include traveling and time off work on exam day). That's $400 for an entry level cert! For someone with two years experience in IT (as a junior) in this country the average salary is R8000. You do the math.


  • Options
    NetAdmin2436NetAdmin2436 Member Posts: 1,076
    Congrats on your pass!
    ephemeric wrote: »
    Maybe I can write an article someday?

    If you do, PLEASE start using some paragraphs. icon_wink.gif
    WIP: CCENT/CCNA (.....probably)
  • Options
    ephemericephemeric Member Posts: 13 ■□□□□□□□□□
    Congrats on your pass!

    If you do, PLEASE start using some paragraphs. icon_wink.gif

    I have used paragraphs, why is the spacing breaking when I post?
  • Options
    BulletzBulletz Member Posts: 159
    good work mate, and you post is really helpful am looking forward on taking Sec+.
    Show me the way to go
  • Options
    sboykinssboykins Member Posts: 12 ■□□□□□□□□□
    can you supply me with the Transcender reference links...Thanks...Congrats on your passing.
  • Options
    amtt81amtt81 Member Posts: 48 ■■□□□□□□□□
    i am interested in those links as well, please
  • Options
    mamonomamono Member Posts: 776 ■■□□□□□□□□
    Congrats! :) Time to focus all that energy onto something else! ^^
  • Options
    topdolla23topdolla23 Member Posts: 1 ■□□□□□□□□□
    Yes, please do share the Trancendors list. I plan on doing this cert in 3 weeks time. TechExams, thanks for the notes. This is my first posts, but I have been a long time fan surfing annonymously!
    To Be Or Not To Be!
  • Options
    KillermacKillermac Member Posts: 93 ■■□□□□□□□□
    Wow thanks for the info and congrats on the cert.

    Killermac :)
    A+;Net+;XP,MCP, Security+, Win 7: 70-680
  • Options
    tphmom35tphmom35 Member Posts: 1 ■□□□□□□□□□
    I would be interested in getting the references you have. I am not to excited about studying for a test for months to find out I could have just memorized something.. There are other certs I am wanting to work on if you know what I mean.

    I appreciate any suggestions!
Sign In or Register to comment.