Exam in 3 weeks ish. But I'm done studying..(+Questions)

ScytheX10ScytheX10 Member Posts: 28 ■□□□□□□□□□
So due to some issues at the only testing center around my area, I have to wait until July 11th ish to take my exam.

I've finished Darril's book, but haven't taken the final practice exam. I've taken a lot of the practice exams I've found on the net and I'm getting 85% or above.(Errors = not reading)

I've watched all the CBT nuggets videos.

Does anyone have any suggestions on what to do until then? Should I maybe skim read Darril's book again?

Also I had some misc questions:
What ACTUALLY qualifies as a brain ****? I've heard practice exams called ****. AFAIK it's ACTUAL test questions from a point in time, but people throw the term **** around so much it's confusing.

Does anyone know where I could grab some *CHEAP* practice exams?

I MUST pass this exam on my first attempt. Money is really tight at the moment and I saved up the 219 for this test. Is Darril's book + CBT videos enough to pass?

Thanks :)

Comments

  • demonfurbiedemonfurbie Member Posts: 1,819
    i passed with less than that

    i just used some youtube vids and "the good book"

    one thing to remember is before you click start write down every think on that little sheet they give you at the start ie ports, ip classes, stuff you can memorize then look back at the sheet once you click start

    comptia offers some free ones
    http://certification.comptia.org/Training/testingcenters/samplequestions.aspx
    wgu undergrad: done ... woot!!
    WGU MS IT Management: done ... double woot :cheers:
  • louisevlouisev Member Posts: 22 ■□□□□□□□□□
    Hi, I am registering to take the test Monday. I have found some rather poor tests online (ProProfs has so many errors in them it's impossible to even understand some of the questions, plus they dont specify whether it's a single answer or more than one answer, and that is not how Darrill's book is laid out.

    You didn't say if you are taking SY0-201 or SY0-301. If it's SY0-301, there have been new videos posted by Professor Messer Professor Messer's Free CompTIA SY0-301 Security+ Training Course |
    but since I'm planning on taking the SY0-201, I haven't seen the older test on that site. I have been studying for the past 10-12 days or so, and it is really out of my subject area, so I made flash cards for the protocols and each of the services and the layers they run on, and run through the cards. You could take the end-of-book practice test, which is laid out in chapter order, and see which ones relate to which chapters. If I had 3 weeks to go before taking it, I would go back and reread Darrill's book and focus on those chapters which have the highest concentration of unfamiliar or memorization-based stuff, like cryptography and topology stuff. Then right before the exam, take the practice exam in Darrill's book again, but it is also worthwhile to set the thing down since you have the luxury of time and see how well your memory takes with certain stuff. I'll also let you guys know how I do on Monday based on my very close study of Darrill's book... everyone vouches for it, so I stuck very close to it. It is also quite clearly written - the guy is a very savvy instructor.

    SSL - S is for session layer -
    TLS - T is for transport layer

    L2TP comes before PPTP and 1701 comes before 1723 and those things just become hard to forget once you got them.
  • ScytheX10ScytheX10 Member Posts: 28 ■□□□□□□□□□
    louisev wrote: »
    Hi, I am registering to take the test Monday. I have found some rather poor tests online (ProProfs has so many errors in them it's impossible to even understand some of the questions, plus they dont specify whether it's a single answer or more than one answer, and that is not how Darrill's book is laid out.

    You didn't say if you are taking SY0-201 or SY0-301. If it's SY0-301, there have been new videos posted by Professor Messer Professor Messer's Free CompTIA SY0-301 Security+ Training Course |
    but since I'm planning on taking the SY0-201, I haven't seen the older test on that site. I have been studying for the past 10-12 days or so, and it is really out of my subject area, so I made flash cards for the protocols and each of the services and the layers they run on, and run through the cards. You could take the end-of-book practice test, which is laid out in chapter order, and see which ones relate to which chapters. If I had 3 weeks to go before taking it, I would go back and reread Darrill's book and focus on those chapters which have the highest concentration of unfamiliar or memorization-based stuff, like cryptography and topology stuff. Then right before the exam, take the practice exam in Darrill's book again, but it is also worthwhile to set the thing down since you have the luxury of time and see how well your memory takes with certain stuff. I'll also let you guys know how I do on Monday based on my very close study of Darrill's book... everyone vouches for it, so I stuck very close to it. It is also quite clearly written - the guy is a very savvy instructor.

    SSL - S is for session layer -
    TLS - T is for transport layer

    L2TP comes before PPTP and 1701 comes before 1723 and those things just become hard to forget once you got them.

    Taking the SY0-201 since that's what studied for. One of the best techniques I've learned is that you should be able to explain WHY the other questions are wrong and the right ones are right. Once you can do that you're golden. To be honest, I think every professor should give their tests in that fashion: Multiple choice, 4 points each, 1 point for getting the question right, 3 more for explaining why the other ones are not.

    I agree, Darril is a great instructor though. Would love to sit in on some of his classes if I could :)
  • SlowhandSlowhand MCSE: Cloud Platform and Infrastructure, MCSA: Windows Server 2003/2012/2016, CCNA Routing & Switchi Bay Area, CaliforniaMod Posts: 5,161 Mod
    ScytheX10 wrote: »
    Does anyone have any suggestions on what to do until then?

    One suggestion would be to see if there's anything you can lab out. Go through the book, the CBT Nuggets videos, and anything else you can find and see what you are able to set up at home to practice with. Any software you can download for free or as a trial to play around with is good, and anything you can do to help better cement in those concepts with hands-on practice is going to do you a world of good.

    If you've got three weeks, then you've got all the time in the world to play with packet sniffers, encryption programs, mess around with ACLs in Windows and possibly on routers/switches, etc. There's lots and lots of information covered on the Security+ exam, the fewer topics you only have theoretical knowledge of, the better your chances are of passing the first time around. Not to mention, the better your chances are of being able to do security-related work in the field.

    Free Microsoft Training: Microsoft Learn
    Free PowerShell Resources: Top PowerShell Blogs
    Free DevOps/Azure Resources: Visual Studio Dev Essentials

    Let it never be said that I didn't do the very least I could do.
  • DevilsbaneDevilsbane Member Posts: 4,212 ■■■■■■■■□□
    Anything but sit still. You don't want that knowledge to start falling out of your head. Rereading Darril's book might not be a bad idea, lots of good information and it should go quickly (I would reread it myself, but I'm waiting for the next edition to drop). I personally wouldn't spend any more money on this (at least not in the hundreds of dollars like the nuggets would be). I've heard there are some videos on youtube that you could get for free.
    Decide what to be and go be it.
  • louisevlouisev Member Posts: 22 ■□□□□□□□□□
    Hi there, having just come from the exam, I can tell you that rereading Darrill's book would not go amiss. Make sure you fully understand the purpose and application of the information you're reviewing, and for me, it involved a lot of practice testing and most importantly, taking your time and reading questions carefully to find out what it is they are asking you.

    I found some inexpensive practice tests which are quite similar to Darrill's tests, the interface for them is not all that fancy but I think they are consistent with Darrill's approach and won't muck you up too badly.

    Practice Tests -questions: CCNA, A+ Certification, Network+, CCNP; MCSE examcram and practice exams. CCENT, Security, Server+, CIW.
  • DevilsbaneDevilsbane Member Posts: 4,212 ■■■■■■■■□□
    Digging this out of an old post. Some terms that weren't covered in Darril's book that could be on your exam. They came up because I had some Transcender questions that used them. I talked to Darril about it and he intentionally didn't cover them because he didn't believe they were on the test. I don't recall if they were or weren't, but it doesn't hurt to have a gander.
    From my notes (think straight from sybex book)

    Armoured Virus - designed to make itself difficult to detect or analyze. Cover themselves with protective code that stops debuggers or disassemblers from examining critical elements of the virus. Some aspects of the programming act as a decoy to distract analysis while the actual code hides in other areas in the program. The more time it takes to deconstruct, the longer it can live, meaning the more time it has to replicate.

    Companion Virus - attaches itself to legitimate programs and then creates a program with a different filename extension. When a user types the name of the legitimate program, the companion virus executes instead of the real program, effectively hiding the virus from the user.

    Macro Virus - exploits the enhancements made to many application programs. They can infect all the documents on your system and spread to other systems via email or other methods.

    Multipartite Virus - attacks your system in multiple ways in the hope that you won't be able to correct all the problems and will allow the infestation to continue.

    Phage Virus - modifies and alters other programs and databases, infecting all the files. The only way to remove this virus is to reinstall the programs that are infected. If you miss even a single incident of this virus, the process will start again and infect the system once more.

    Polymorphic Virus - change form in order to avoid detection. It will attempt to hide from your antivirus software by encrypting parts of itself to avoid detection. When it does this it's referred to as mutation.

    Retrovirus - attacks or bypasses the antivirus software installed on a computer. They can directly attack your antivirus software and potentially destroy the virus definition database file.

    Stealth Virus - attempts to avoid detection by masking itself from applications. It may attach itself to the boot sector of the hard drive. When a system utility or program runs, the stealth virus redirects commands around itself in order to avoid detection. They can also move themselves from fileA to fileB during a virus scan.
    Decide what to be and go be it.
  • louisevlouisev Member Posts: 22 ■□□□□□□□□□
    Hi there,

    And someone else mentioned cross-site scripting is also on the test, and I can confirm that!
  • chrisonechrisone Senior Member Member Posts: 2,205 ■■■■■■■■■□
    You are never done studying until your exam is passed.


    Just my way of viewing exams icon_thumright.gif
    Certs: CISSP, OSCP, CRTP, eCTHPv2, eCPPT, eCIR, LFCS, CEH, AZ-900, VHL:Advanced+, Retired Cisco CCNP/SP/DP
    2021 Goals
    Courses: eLearnSecurity - PTXv2 (complete), SANS 699: Purple Team Tactics (completed), PentesterLabs Pro (ongoing)
    Certs: eCPTXv2, AZ-500, SC-200 (fail 1st attempt), EnCE, Splunk Core Power User
  • ScytheX10ScytheX10 Member Posts: 28 ■□□□□□□□□□
    Practice exams on TE are harder than Darril's book, that's for sure. Getting 75% on the practice tests on this site icon_study.gif

    The biggest thing I hear about the security+ is: READ READ READ the question. Guess I'll have to keep that in mind.
  • louisevlouisev Member Posts: 22 ■□□□□□□□□□
    ScytheX10 wrote: »
    Practice exams on TE are harder than Darril's book, that's for sure. Getting 75% on the practice tests on this site icon_study.gif

    The biggest thing I hear about the security+ is: READ READ READ the question. Guess I'll have to keep that in mind.

    absolutely true.

    However, Darrill recommends that before hitting "Start" on the exam, to write down the entire chart of logical ports, and the OSI model and put the protocols into the OSI model on the notepaper they provide you with. I found I didn't need to consult the ports but having protocols assigned to layers of the OSI model came in handy a couple of times when I was racing through questions, I didn't have to stop and try to recall it under pressure of a specific question. It does help. More than this - I dare not say!!!
Sign In or Register to comment.