Do people actually pass the test after a week or two of study?

I'll admit I'm a slow learner, and the older I get, the slower I get. But I see posts where people say they study for a week or so and take the test. I s that true? Can any of it possibly stick? Or are people just out to get a certification?

Security+ is something I had to get, so maybe that make it a bit harder over something I want to get. Plus the pressure is on, without it, I don't have a job. But I'd like to learn the subject, not just pass the test. Yes, I'll take the pass, but I'd rather know it going in and a little while after the test.

Find more posts tagged with

Comments

apr911

It really varies and is heavily dependent on your experience as well. That being said everyone is different and the learning curve for somethings is steeper than others...

For example, Im great with Security and Windows... But when it comes time for my CCNA and RHCT, I plan on taking extended periods to review as my experience is much less than windows and security.

I studied for 2 months before taking my Security+ exam but 2 weeks before taking my CISSP exam. Both of which I passed.

For my MCSE stuff, I didnt study at all for WinXP, spent a month on 290, 2 weeks each on 291, 293, 294 and less than a week for 297 and 298... All of which I passed on the first attempt.

I enrolled in WGU at the beginning of September and I didnt really study (briefly familiarized myself with the material) for and of the CIW exams Ive taken so far (Assoc, Javascript, SiteDesigner)...

So bottom line is, your mileage may vary based on your experience, your learning style and your goals in obtaining the certification (i.e. Validating experience vs. learning new material/validating knowledge vs. cert'ing up/cramming)

MrAgent

Im a govt contractor so we were told a couple of months ago that we will have to start working on it. I bought the security+ book like 2 months ago. I got the book and highlighted all the answers in the final practice exam in the back, and maybe read 3 or 4 pages total. I decided on Oct 12th to take the exam on the 14th, and passed.

So yeah. It can be done. I also have 15+ years of IT experience, much of which was doing security. I also have a BS in IT Security as well. So it wasnt very complicated.

jayc71

MrAgent wrote: »

So yeah. It can be done. I also have 15+ years of IT experience, much of which was doing security. I also have a BS in IT Security as well. So it wasnt very complicated.

This makes a big difference. I've been working in gov't IT for over 12 years, so studying for the Sec+ was more of a refresher right before the exam than a learning exercise. I think I studied off and on for about two weeks total. If you're not in a position where you must be very security concious constantly, it will take longer to spin up. Everyone is different

superman859

jayc71 wrote: »

This makes a big difference. I've been working in gov't IT for over 12 years, so studying for the Sec+ was more of a refresher right before the exam than a learning exercise. I think I studied off and on for about two weeks total. If you're not in a position where you must be very security concious constantly, it will take longer to spin up. Everyone is different

I also agree. I had an internship with a gov't org doing security research over the summer, and probably half of the stuff on security+ were concepts that came out of the daily lives of those workers (and me at the time). Some of the stuff mentioned on sec+ might never be used or seen by a lot of regular IT people but in other positions everyone, even the janitors, have to know it and implement the practices every day...so it would be quite natural to pass the test with very little study.

As for me, I spent about 1-1.5 months on and off looking over the stuff and read two books on it, just because I wanted to be sure I'd pass and there were some concepts I still had not worked with before.

RobertKaucher

I studied for the Sec+ for just a few weeks and took the exam. I had only a couple of years experience as a computer tech and a little network admin consulting experience for SMBs. I have no hands on security experience other than the average admin might have. I passed with a very good score. If you have decent memory, you can pass pretty easily.

Daniel333

I got through Sec+ pretty quick. A month I think spent? Here is what I did to prepare before I started in on vtc.com video training and official courseware.
1) I was lucky I had taken classes on Microsoft 70-298 and 70-299,
2) a computer forensics course,
3) I listen to Security Now Podcast every chance I get
4) I had also recently done the CCNA:Security
5) pretty normally setup Cisco ASAs and Microsoft ISA Serve

Some people are attending bootcamps, these are basically a week of solid training and brain dumping.

Some people ****. Nothing we can do about that. Saw a guy pass his Sec+ when I was taking my ISA Server exam. We talked before the test and went in the at the same time. I was no more than 15 maybe 20 minutes into the exam when I saw him finish. Yeah, cheater no doubt.

Some people are just great test takers.

Anyhow, work at the pace that is right for you. This is just one of those things that you will get what you put into it. Take some time, setup a IDP/IPS, a couple firewalls, mess with VLANs and certificates and you'll have a lot more fun. When you are having fun with it, I think you'll get more from it. "fall in love with the material"

How many hours a day are you putting in? How about weekends?

earweed

If you put in 5-6 hours a day and more on weekends you could do it. It comes down more to total time spent studying and your experience level than the number of weeks spent. You could do it in a few weeks or spend months studying.
I spent just under a month with no security experience.

mypcrepairguy

brownwrap wrote: »

Security+ is something I had to get, so maybe that make it a bit harder over something I want to get. Plus the pressure is on, without it, I don't have a job. But I'd like to learn the subject, not just pass the test. Yes, I'll take the pass, but I'd rather know it going in and a little while after the test.

I did it, and I found the exam experience to be very easy.

The best advice numerous folks on this board have provided is to go out and purchase the Darril Gibson book. I did and I found the book to be a VERY quick read, very easy to understand...and most importantly...relevance to the material. Darril does a fantastic job of grabbing the readers attention, relating the material to real-life scenarios and at the end of it all I felt most of the information is retained. I red the book 2x did all the quizzes in the material and with some help from measureUP.com I felt very prepared for the exam.

Total cost involved for study prep:
30$ for the book
63$ for 30 day access to measureUP online test prep. (only needed about 7 days)

jayc71

Daniel333 wrote: »

Some people ****. Nothing we can do about that. Saw a guy pass his Sec+ when I was taking my ISA Server exam. We talked before the test and went in the at the same time. I was no more than 15 maybe 20 minutes into the exam when I saw him finish. Yeah, cheater no doubt.

Some people are just great test takers.

Some do ****, but not all. The Sec+ questions are, for the most part, very straightforward. If you know the material well, it doesn't take long to get through the test. I think I finished in about 25 minutes

chrisone

With such posts regarding the 2 week study plan and YAY i Passed!, i usually call bull$hit. However there are RARE scenarios where John Doe has been in the field for 10+ years and it comes easy for him regarding the subject. However i still find it hard to believe since you technically not only need to study the material but you have to study the testing format. For instance everyone knows Cisco exams have a certain flow and feel to it that you cannot learn within 2 weeks. It takes many days of going through chapter questions and practice tests (non-****).

my $0.02

apr911

Daniel333 wrote: »

Some people ****. Nothing we can do about that. Saw a guy pass his Sec+ when I was taking my ISA Server exam. We talked before the test and went in the at the same time. I was no more than 15 maybe 20 minutes into the exam when I saw him finish. Yeah, cheater no doubt.

While 15/20 minutes is almost certainly on the shy side of how long this 100 question 90 minute exam should take, the implication that the person cheated definitely does not always hold true.

When I took my CISSP exam for example, I left with all the people taking the 3 hour SSCP yet everything I read going into the exam was how it was going to take the full 6 hours to get through. I passed, I didnt ****, but I still finished in 1/2 the time expected.

Same goes for all of my courses so far at WGU. I dont think Ive spent more than 30 minutes on a single CIW exam yet, they arent high-powered exams true but they are all scheduled for 75 minutes. I took a 90 minute math exam in 10 minutes and I spent 45-60 minutes on the 90 minute Project+ exam.

I think this just shows you either know the material and the exam or you dont. If your knowledge is lacking on the material, your gonna be slower. If your knowledge is lacking on the exam (format, question verbage, or expected answer [vs real world answer]), your gonna be slower.

earweed

When I took the Sec+ I was out of there in just over 30 minutes. Your reading speed and how well you know the material come into play.

RobertKaucher

chrisone wrote: »

With such posts regarding the 2 week study plan and YAY i Passed!, i usually call bull$hit. However there are RARE scenarios where John Doe has been in the field for 10+ years and it comes easy for him regarding the subject. However i still find it hard to believe since you technically not only need to study the material but you have to study the testing format. For instance everyone knows Cisco exams have a certain flow and feel to it that you cannot learn within 2 weeks. It takes many days of going through chapter questions and practice tests (non-****).

my $0.02

Yes, you do have to consider the testing format and too many pople are treating this cert like it is something uber 1337. It's not. It is a simple test compared to most of the MCSE exams and very, very simple compared to the Cisco practice exam questions I have seen. If you have a good general knowledge of VPNs, what they are and what they do, general security like access control, etc. Taking this exam after just a few weeks of study is totally possible. I promise you, a person who works as a sec analyst could probably take this with just a few days of prep.

The pattern I see here is this: people who don't hold the cert are fond of talking about how you should dedicate months to it and people who take it are like "damn, I should have taken it months ago."

There is only so much you can do before it is overkill on this exam. You are NEVER going to be asked about the inner workings of setting up SNORT. You are only going to be asked general knowledge questions about the types of IDS systems. You are never going to be asked about the details regarding how to implement an SSL based VPN using Windows Server 2008 or Cisco gear. You are only going to be asked general knowledge questions about SSL, how it works and in which case you might use an SSL VPN over L2TP/IPSec or PPTP. And that is why it is easy. If you can understand the ideas behind the concepts and memorize some trivia regarding encryption, etc the cert is yours.

That is completely different from an MS cert where you might be presented with a simulated OS and asked to create a VPN that will not require further modifications to the company's firewall. You are then given a list of open ports. The knowledge required for vendor specific exams is far greater because you not only must have mastered the concepts but you must also have detailed knowledge about the implementation.

How many chapters in different books do you need to read before you have mastered the concepts behind DAC? The only way to learn more about it is to begin to look at how specific vendors implement it, and at that point it is over studying and you will be wasting time on material that does not pertain to the certification.

chrisone

RobertKaucher wrote: »

Yes, you do have to consider the testing format and too many pople are treating this cert like it is something uber 1337. It's not. It is a simple test compared to most of the MCSE exams and very, very simple compared to the Cisco practice exam questions I have seen. If you have a good general knowledge of VPNs, what they are and what they do, general security like access control, etc. Taking this exam after just a few weeks of study is totally possible. I promise you, a person who works as a sec analyst could probably take this with just a few days of prep.

Yep thats why i said there are those instances when someone with so many plus years of experience can pass such an exam after some weeks of study. However a newb with no experience and this is their first cert or second cert after obtaining an A+ , passing the exam within 2 weeks its suspicious. However this has nothing to do with the topic since we are not investigating the people who have obtained certs in 2 weeks. All opinions and theories here on a topic beaten to death on here hahaha

erpadmin

Security+ is not exactly rocket science. So many folks (and probably new folks are to blame) treat this exam like it's a CCIE or something. I myself thought this exam was going to be a rough one after I got A+ and Network+ 5 years ago. Truth is, between the amount of experience I have implementing certs and various other security (such as NTFS security), and reading a book like Get Certified, Get Ahead, I expected this exam to be rough after reading both the Amazon reviews of Darril's book AND here. If it weren't for the fact that Security+ was required for WGU (which made me want to get the lifetime trifecta/trinity/what-have-you), I could have lived without it.

I scored higher on Security+ than I did for both A+ and Network+ with the amount of prepping I did (which of course was Darril's book, Transcenders, etc.) But I have a bunch of experience with Security too. I didn't spend 20-30...it was about 50. But I remember not going back to review...I felt confident in the answers I chose and did not expect to score so high.

This exam is not a vendor exam...you are basically asked what is this, and what is that. Whether you used Darril's book or Sybex, you either remembered what you read, or you didn't. Many of the stuff was stuff I knew or remembered from the books. But a complete newbie could read Darril's book and pass this exam. I really don't understand why this exam is put on such a high pedestal. Yeah, it's a DoD cert and all, but my niece could pass this exam if I gave her Darril's book to study...I'd put money on it. (And she's not IT-centric...she know's how to work a PC, but not at an IT level, and she's not an idiot.

).

Don't get me wrong though...I like that I have Security+, but it's not going to get me more money than I already have. I didn't need it, personally...it was just a class requirement. I only wanted it before it expired by the end of the year. But the fact that so many people think this exam is "hard" is the reason I hang out here...to tell folks it isn't "hard"...as long as you know the objectives of the exam, whatever material you use...you should be able to pass it. Be it a week, 2 weeks, or a month.

Sabalo

...pass his Sec+ when I was taking my ISA Server exam. We talked before the test and went in the at the same time. I was no more than 15 maybe 20 minutes into the exam when I saw him finish. Yeah, cheater no doubt.

If I know my material, that's about how long most tests take me. I read extremely fast (paragraph by paragraph) so I'm usually answering the question before most people have read it. If being a good reader is cheating, I guess I ****.

Yes, you can prep for a test in a week or two, especially if you're a fast reader, having some experience in the topic, and you're familiar with the structure of the test. Ex: I've taken something like 15 Microsoft tests... so I don't have to worry so much about how MS asks questions anymore; I've seen most of their formats. I can focus on the actual learning bit.

And yeah, I can devote a fair bit of time every day to studying.

Hypntick

Sabalo wrote: »

If I know my material, that's about how long most tests take me. I read extremely fast (paragraph by paragraph) so I'm usually answering the question before most people have read it. If being a good reader is cheating, I guess I ****.

This right here. All three tests i've taken thus far have been like this. 20-25 minutes tops and that's with a review of every single question once i'm done answering. Some people read amazingly fast and those of us that do tend to test (especially multiple choice questions) very fast as well.

I did read a situation with someone that tested in the 15-20 minute range and got a letter from CompTia about possibly cheating because they got done so fast. This was someone with years of experience who was taking the refresher exams. Hopefully those of us who are fast test takers don't get the short end of the stick for not needing the full 1.5 hour time.

morepowerr

I Know how your feeling. I will be taking the test on Nov 29. I have next to no back ground in security. I got may A+ and NET+ in hope of someday soon opening my own shop. spent the last 12-15 years working on people PC and (soho) networks for next to nothing. Would have been nice to have my own shop. But the way things are here right now.

Just not in the cards.

Any way the Assessments & Audits and Cryptography keep kicking my head in.So I know how your feeling. All we can do is try our best and hope for a passing grade.:)

erpadmin

morepowerr wrote: »

Any way the Assessments & Audits and Cryptography keep kicking my head in.So I know how your feeling. All we can do is try our best and hope for a passing grade.:)

And if you read either Darril's book Or the Sybex, both of those are pretty much explained (though Darril is much more straight to the point).

Plus, the fact that you have A+ and Network+ will more or less carry you in the Security+ depending on how well you know PCs and Networks. But even independent of that, this exam is not very hard, provided you study and understand the material. Yes, the same can be said about a CCIE or CISSP exam, but the level of difficulty, IMO, simply isn't high.

Dryst999

I studied for two weeks, took 25mins to take the test and passed with an 880.. no braindumping and no IT security experience, just basic helpdesk. The comptia tests really aren't hard at all and in all honesty you don't even need to master the material for a good score, you can recognize keywords in the question and pick out the answer without reading the full question.

I watched the CBT nugget videos (15ish hours I believe), read all of Darril's book and did all the practice questions (Darril's book is a short read) then focused on the items that I missed in the practice questions.

I pretty much did the same thing with Network +, some questions I didn't even read fully... if it said "physical address" anywhere in the question and I saw "MAC" or "ARP" in the answer list 99% of the time that was the correct answer.

BTW i'm not advocating not mastering the material, you can ask me any question regarding any of the topics in the Net+ or Security+ and I can give you a detailed description of how it works... I just hate when people automatically think you **** just b/c you finish the test quickly or make a really high score. This really only applies to the Comptia exams from my experience, i'm working on the CCNA at the moment and it's night and day from the Net+... people who think they can BS their way through a Cisco or MS exam have some dissapointment coming to them lol.

erpadmin

Dryst999 wrote: »

...people who think they can BS their way through a Cisco or MS exam have some dissapointment coming to them lol.

+1 on that!

RobertKaucher

Dryst999 wrote: »

I studied for two weeks, took 25mins to take the test and passed with an 880.. no braindumping and no IT security experience, just basic helpdesk. The comptia tests really aren't hard at all and in all honesty you don't even need to master the material for a good score, you can recognize keywords in the question and pick out the answer without reading the full question.

I watched the CBT nugget videos (15ish hours I believe), read all of Darril's book and did all the practice questions (Darril's book is a short read) then focused on the items that I missed in the practice questions.

I pretty much did the same thing with Network +, some questions I didn't even read fully... if it said "physical address" anywhere in the question and I saw "MAC" or "ARP" in the answer list 99% of the time that was the correct answer.

BTW i'm not advocating not mastering the material, you can ask me any question regarding any of the topics in the Net+ or Security+ and I can give you a detailed description of how it works... I just hate when people automatically think you **** just b/c you finish the test quickly or make a really high score. This really only applies to the Comptia exams from my experience, i'm working on the CCNA at the moment and it's night and day from the Net+... people who think they can BS their way through a Cisco or MS exam have some dissapointment coming to them lol.

A perfect example of the point I am trying to make.

While I am also not arguing that the test candidate should not "not master" the material, I think master is a term that needs to be qualified. A person, like me, who took the exam to ensure he had a strong foundation in security concerns to build a sys admin career is going to have a very different idea of what "master" means than a person who is trying to build the foundations of a career in Info Sec.

kidainny

I find doing a cert a month is about right for me. I mean, i probably could have done one of them a bit quicker, but there's a balance to burning out too. I work full time like most and can get in about an hour or two a night of study and then do some more extensive stuff on the weekend.

However, if my employee were to let me go for whatever reason - then i would crank them out like it was a full time job as long as i understood them and could apply the knowledge.

earweed

RobertKaucher wrote: »

A perfect example of the point I am trying to make.

While I am also not arguing that the test candidate should not "not master" the material, I think master is a term that needs to be qualified. A person, like me, who took the exam to ensure he had a strong foundation in security concerns to build a sys admin career is going to have a very different idea of what "master" means than a person who is trying to build the foundations of a career in Info Sec.

And a person like me who took it as a college course following a Course of Study that had you labbing different things (hardening the OS, IDS/IPS) and doing a lot of extra reading may take longer. Most WGU students do the Security course as if they are studying for a test..I took it like it was a college class and then studied for the test.

brownwrap

kidainny wrote: »

I find doing a cert a month is about right for me. I mean, i probably could have done one of them a bit quicker, but there's a balance to burning out too. I work full time like most and can get in about an hour or two a night of study and then do some more extensive stuff on the weekend.

However, if my employee were to let me go for whatever reason - then i would crank them out like it was a full time job as long as i understood them and could apply the knowledge.

This is why I originally posted the question. Do you really retain anything after a month of study? I mean a month after the test, do you remember the subject matter?

Some of it I don't need to know. Of the machines I am responsible for, only four are Windows and the most I may have to do is reset a password. Everything is Solaris, so questions about group policies mean nothing to me. Rarely do I see anything in a practice test that talks about how this would be done in Linux or Unix, which is what I use.

I actually wish there were two tracks here, one for Windows and one for Unix/Linux.

erpadmin

brownwrap wrote: »

This is why I originally posted the question. Do you really retain anything after a month of study? I mean a month after the test, do you remember the subject matter?

Some of it I don't need to know. Of the machines I am responsible for, only four are Windows and the most I may have to do is reset a password. Everything is Solaris, so questions about group policies mean nothing to me. Rarely do I see anything in a practice test that talks about how this would be done in Linux or Unix, which is what I use.

I actually wish there were two tracks here, one for Windows and one for Unix/Linux.

Group Policy isn't exactly something that encompasses the entire Security+ exam though. For the most part, whatever study materials you are using, they're going to pretty much state what you need to know about GP as it pertains to the Security+ exam.

Sec+ isn't a cert that you need to lab for, even if you're a Unix guy. It's pretty much akin to a reading comprehension exam. (As are most CompTIA exams...). I'm pretty sure the Linux+ exam has items that focuses on Security. In fact, it does...it's 15% off the second of 2 exams in the Linux+ cert.

higherho

To answer your question. Yes. I studied for a week with DG's book and got a 89% on the exam. Its seriously not that hard. Just read each question carefully.

jmritenour

I got my hands on Darril's book yesterday. I got about 75% on the pre-read assessment test. Most of the protocol/port/ACL stuff looks to be pretty straightforward entry to mid-level network stuff. I admit, a lot of the forensic/evidence handling/physical security stuff are new concepts to me, but I was able to make educated guesses on a lot of it.

I've torn through the first 3 chapters of Darril's book. It's a pretty easy, relaxing, informative read. I expect to be done within the next few days, maybe by the end of the weekend if nothing comes up to eat up too much of my time.

I want to take the test by the end of the month, but with the Thanksgiving holiday, I don't know. I might bump it up if I finish the book soon and don't find the practice tests too hard.

Quick Links

All Categories
Recent Posts
Activity
Unanswered
Groups
Best Of