Security+ Exam Experience
Hi All -
I passed the Security+ SY-301 exam today with a score of 834 and thought I would share some notes from my experience.
The exam was much more difficult than I expected, and in hindsight I went in more confident than I should have. While I apparently passed with some breathing room, about a half-hour into the exam I began wondering how I was going to explain to my co-workers how I failed what is described as an "entry-level security certification".
From a training material perspective, my main source of information was Darril Gibson's "Get Certified Get Ahead" text. As mentioned elsewhere, the book is very well-written and covers the majority of the topics I saw on the exam. I read the book through one time and then referenced it countless other times while conducting my own self-study. I would say that the exam questions are significantly more difficult than the practice questions included in Darril's book, primarily in that the exam questions are longer, much more ambiguously written, and many times the true nature of the question is difficult to discern (what really are they asking here?). I am usually good at picking out context clues in these types of exams, but struggled with that on the Security+.
A few suggestions:
ACG
I passed the Security+ SY-301 exam today with a score of 834 and thought I would share some notes from my experience.
The exam was much more difficult than I expected, and in hindsight I went in more confident than I should have. While I apparently passed with some breathing room, about a half-hour into the exam I began wondering how I was going to explain to my co-workers how I failed what is described as an "entry-level security certification".
From a training material perspective, my main source of information was Darril Gibson's "Get Certified Get Ahead" text. As mentioned elsewhere, the book is very well-written and covers the majority of the topics I saw on the exam. I read the book through one time and then referenced it countless other times while conducting my own self-study. I would say that the exam questions are significantly more difficult than the practice questions included in Darril's book, primarily in that the exam questions are longer, much more ambiguously written, and many times the true nature of the question is difficult to discern (what really are they asking here?). I am usually good at picking out context clues in these types of exams, but struggled with that on the Security+.
A few suggestions:
- Memorize the common port designations, including TCP vs. UDP. You will be glad for the "gimmes" come exam time.
- Print out the official Exam Objectives and reference them continually during your study. If it is listed in the objectives, it is fair game for the exam, and trust me, when you sit for the exam you are certain to see the items that you glossed over or were never totally comfortable with.
- If you are up for it, create your own study guide covering all of the stated objectives. Write an explanation of each objective in your own words. This is time consuming, but will force you to really understand the objective, rather than just reading about it.
- Conduct your own research (e.g., general Google searches) on topics you may not be totally comfortable with and read about them. This will help add some real-world context to a difficult objective. For example, read a product review for a real-world product, or an article describing a recently-identified security vulnerability. Try not to treat the exam like a purely academic exercise.
- Along the same lines, if you have time, listen to security-related podcasts (Security Now!, InfoSec Daily, etc.). Again, understanding how the concepts you will be tested on play out in the real world is far more effective than just jamming a bunch of facts into your brain.
- Take the sample exam offered on the Comptia website. While some have said that the sample questions are more difficult than the actual exam, I felt like they were a good representation, and if anything will make you realize that the exam is for real. The question wording on the sample mimics the style in the real exam.
ACG
Comments
-
billiardnut
Registered Users Posts: 2 ■□□□□□□□□□
thanks for the inside scoop on the test. I just recieved my associates in Computer Info Systems, I have taken about a month off and now ready to hit the CompTIA certifications. -
tprice5
Member Posts: 770
A few suggestions:- Memorize the common port designations, including TCP vs. UDP. You will be glad for the "gimmes" come exam time.
This is a fact. Know your ports!
I passed the Security+ SY-301 exam today with a score of 834
Good job and congrats!Certification To-Do: CEH [ ], CHFI [ ], NCSA [ ], E10-001 [ ], 70-413 [ ], 70-414 [ ]
WGU MSISA
Start Date: 10/01/2014 | Complete Date: ASAP
All Courses: LOT2, LYT2 , UVC2, ORA1, VUT2, VLT2 , FNV2 , TFT2 , JIT2 , FMV2, FXT2 , LQT2 -
blng_blng
Member Posts: 6 ■□□□□□□□□□
Appreciate the feedback...
I have picked up and put down, then picked up against studying for the Security+...
Would using books that are 2-3 years old hurt my chances on this test? -
Darril
Member Posts: 1,588
Congratulations on the pass. Great suggestions for studying. -
Darril
Member Posts: 1,588
Would using books that are 2-3 years old hurt my chances on this test?
Depending on your level of knowledge and experience, you may be able to do this. However, you'll have the best chance of succeeding if you use a book for the current version. -
onionman1
Member Posts: 2 ■□□□□□□□□□
I would not suggest using old study material. From a sheer financial investment perspective, the Get Certified Get Ahead text that covers the latest exam objectives is very reasonably priced. If you have a Kindle reader, even more so. Why risk not passing (and having to shell out another ~$250) when you can spend a fraction of that to ensure what you are learning is relevant to the current exam? As I suggested in my original post, Darril's book plus independent study on topics that you are shaky on is the way to go (IMO).
Andy
