Options
Passed SEC+ 501 Yesterday
Hello all! Passed the 501 yesterday... it was tough!!!! Here's how I did it... this is wordy so buckle up!
Professional Background
I come from a primarily public policy background. I do have experience in front-line help desk in a legislative office, so I was exposed to all the normal expected help desk problems and projects over the course of a couple years. Left politics and worked for a Systems Integrator as a program specialist (logistics and project coordination) for three years. I was exposed to lots of route/switch and networking topics, but never worked in a technical role. However, I did earn a PMP after getting some experience managing IT programs and projects. I can honestly say the Security+ is only slightly less difficult than the PMP. Anyway, I now work as an Information Security Analyst at a startup (they needed help with project management and offered to teach me technical security topics along the way, as long as I had the passion to learn), and have been working through SysAdmin and Linux administration as well as standard operational security hardening for the past six months. This helped immensely in preparing for the SEC+. If I didn't have this real world experience, I wouldn't have sat for the exam, but that's just me.
Study Plan
I'm pretty process oriented, so this may be a bit much for some people...
I used the Gibson book, watched Professor Messer videos, bought the Messer notes, and also bought the CompTIA package with the CertMaster platform. I also bought the Pocket Prep app, and the Mike Meyers simulators on udemy. Here's what I would do:
For example, Domain 1.2 (Compare and Contrast Types of Attacks) is mentioned in the Gibson book in chapters 3, 4, 6, 7, 9, and finally 10. There are 28 Messer videos dealing with domain 1.2. After I read Chapter 10 in the Gibson book, I knew that I needed to test out on domain 1.2, so I watched all the Messer videos (referencing his notes along the way), did the Chpt 10 Gibson test, then tested out on the CertMaster for domain 1.2. After that, I knew I had a good grasp on the topics of domain 1.2.
I did this for every domain over the course of about two months. I think it worked well for me. However, I also have a five year old and a newborn at home, so I really had to find the time to do my studies. It was a challenge.
I took Gibson's pre-test and got around 60%. I took the Gibson post-test and got 80%. The Mike Meyers/Total Seminars udemy practice tests were ok, they aren't as wordy as the actual test (the questions were really difficult - you need to really understand what they're asking for and choose the BEST answer). The night before the test I got a 76% on the final simulator.
I share what a lot of people on here and on reddit have said in that I thought for sure about 40 questions in that I failed the test. You need to have a thorough knowledge of each domain. I had questions about networking (know your ports!), but also a ton of scenario-based questions: "you have this person saying that there's a problem with XYZ, after knowing A, B, and C, what is the likely problem?" or they would show you an NMAP scan and ask "what's going on here?" This may come as a shock to some but the PBQs were the easiest part of my test. I had five or so questions about forensics which included knowing order of volatility. There were also some really easy questions sprinkled into the test like "what is a honeypot" or "which of the following is two factor authentication?"
Each person is different though, and each test is different.
Here's what the matrix looked like - "test out" points are highlighted green:
Good luck to everyone in their cert journey!
Professional Background
I come from a primarily public policy background. I do have experience in front-line help desk in a legislative office, so I was exposed to all the normal expected help desk problems and projects over the course of a couple years. Left politics and worked for a Systems Integrator as a program specialist (logistics and project coordination) for three years. I was exposed to lots of route/switch and networking topics, but never worked in a technical role. However, I did earn a PMP after getting some experience managing IT programs and projects. I can honestly say the Security+ is only slightly less difficult than the PMP. Anyway, I now work as an Information Security Analyst at a startup (they needed help with project management and offered to teach me technical security topics along the way, as long as I had the passion to learn), and have been working through SysAdmin and Linux administration as well as standard operational security hardening for the past six months. This helped immensely in preparing for the SEC+. If I didn't have this real world experience, I wouldn't have sat for the exam, but that's just me.
Study Plan
I'm pretty process oriented, so this may be a bit much for some people...
I used the Gibson book, watched Professor Messer videos, bought the Messer notes, and also bought the CompTIA package with the CertMaster platform. I also bought the Pocket Prep app, and the Mike Meyers simulators on udemy. Here's what I would do:
- Read a chapter of the Gibson book.
- Watch the relevant Messer videos based on domain in the relevant Gibson chapter
- "test out" on the individual domain in the Cert Master
- Create flash cards for emboldened topics
- Do a quick 10 or 20-question Pocket Prep quiz randomly throughout the week(s)
- rinse
- repeat
- Test simulators (I did 3 full simulation exams)
For example, Domain 1.2 (Compare and Contrast Types of Attacks) is mentioned in the Gibson book in chapters 3, 4, 6, 7, 9, and finally 10. There are 28 Messer videos dealing with domain 1.2. After I read Chapter 10 in the Gibson book, I knew that I needed to test out on domain 1.2, so I watched all the Messer videos (referencing his notes along the way), did the Chpt 10 Gibson test, then tested out on the CertMaster for domain 1.2. After that, I knew I had a good grasp on the topics of domain 1.2.
I did this for every domain over the course of about two months. I think it worked well for me. However, I also have a five year old and a newborn at home, so I really had to find the time to do my studies. It was a challenge.
I took Gibson's pre-test and got around 60%. I took the Gibson post-test and got 80%. The Mike Meyers/Total Seminars udemy practice tests were ok, they aren't as wordy as the actual test (the questions were really difficult - you need to really understand what they're asking for and choose the BEST answer). The night before the test I got a 76% on the final simulator.
I share what a lot of people on here and on reddit have said in that I thought for sure about 40 questions in that I failed the test. You need to have a thorough knowledge of each domain. I had questions about networking (know your ports!), but also a ton of scenario-based questions: "you have this person saying that there's a problem with XYZ, after knowing A, B, and C, what is the likely problem?" or they would show you an NMAP scan and ask "what's going on here?" This may come as a shock to some but the PBQs were the easiest part of my test. I had five or so questions about forensics which included knowing order of volatility. There were also some really easy questions sprinkled into the test like "what is a honeypot" or "which of the following is two factor authentication?"
Each person is different though, and each test is different.
Here's what the matrix looked like - "test out" points are highlighted green:
Good luck to everyone in their cert journey!
Comments
-
Options
cyber_pro
Registered Users Posts: 8 ■■□□□□□□□□
Hi. I am gathering the study material for security + now and I would love to see your matrix. Can you send it to my email?
-
OptionsAmeliaA
Registered Users Posts: 5 ■■□□□□□□□□
Hello, this is such a great study plan. My test is in a few days. I am very nervous about this. Aside from a concrete study plan I only used one simulator which is free and very user friendly. I only study the mistakes I made. Also, they have the latest exam too. I think with all honestly that my books became useless after trying this simulator. You can check examtopics.com and try it out too. If you decide to take other certifications like Cisco o Microsoft they have it all compiled! Indeed, a one stop website for us!