This is the short tale of how I earned my CompTIA Security+ certification.
This certification has been a long time coming and I just recently got into the right headspace for personal professional development in a serious way (starting a bit back with AWS CCP).
Background:
I have a Bachelors in “Applied Business & Information Technology” and through the program I was able to fortunate enough to network and obtain my current position as a Software Tester. Also through networking there, I participated in a Cybersecurity Internship which obviously focused on security principles via popular penetration testing tools from Hak5. Additionally, I had taken a course dedicated to security (very hands-on via practicals, but not so helpful with specifics for the certification exam objectives). So most of the information included in the exam objectives for the SY0-501 exam I had seen before.
Methodology:
To start, I watched an ‘Accelerated’ course provided by ITPro-TV on the Security+ content from icollege.co from an older CompTIA bundle I purchased once upon a time. This course was about 11hrs vs. the 28hrs the ‘full’ course was. I watched this through on 2x speed. After finishing this I did not return to this material.
After the ITPro-TV video lecture, I had a copy of the Professor Messer course notes for the Security+ exam from a former coworker that I was able to find (he shared the notes more than a year previous). I read through the notes fully initially about a quarter of the way, and decided 100 pages was too much to read verbatim. I then started over and with a highlighter marked what I thought was important or that I couldn’t necessarily remember.
Next, it was time for practice tests. I scoured Reddit and settled on the Jason Dion set of tests on Udemy at https://www.udemy.com/course/comptia-security-practice-exams/. I didn’t do so hot my first time through, but I persisted. That said, I think there is definitely something to be said about subconscious question memorization.
Scores & breakdown on the 6 practice tests as follow:
DATE | Test 1 | Test 2 | Test 3 | Test 4 | Test 5 | Test 6 |
26 Jan | 72 | 10 (Partial) | ||||
30 Jan | 92, 98 | 69 | 64 | |||
31 Jan | 100 | 98 | 98 | 72, 98 | 70, 98 | |
1 Feb | 96 | |||||
2 Feb | 98 | |||||
3 Feb | 100 | 96 | ||||
4 Feb | 92 | |||||
5 Feb | 76 | |||||
7 Feb | 98 | |||||
14 Feb | 98 | 98 | 95 | 96 | 92 | 92 |
I also picked up the Pocket Prep iOS application. It was way expensive ($20 USD) and not at all reflective of the actual test. 2/10 would recommend at all, IF I was specifically asked about it. Otherwise, the app wouldn’t come up at all. That said, the Security+ part of the app contained 650 questions. By the time I took the exam I had answered 570 questions with an average of 76% (before retaking any of the “Missed Questions”). I was really hopeful for the app since it has sections for Net+, Project+, & a lot more… I just don’t think it was generally helpful to the exam aside from very general principles.
Sometime around the 31 Jan I decided I was ready for the exam and purchased my voucher with the intention on taking the exam Friday, 5-Feb. By the time I got my vouchers from CompTIA the timeslots were all taken. I slipped into ‘analysis paralysis’ for a week and really struggled with the confidence to schedule and take the exam. After a week of questioning, I decided on 12-Feb just to buck up & schedule. Since 15-Feb is Presidents Day and I’m off work, I figured I’d sit then. Looking at the timeslots and being impatient I decided to schedule for 14-Feb instead. I took the exam at 1945 HST & passed with an 817/900. I’m feeling very fortunate and blessed to have passed as, similar to most other testers experiences, I was not feeling very confident about half-way through. This is my THIRD certification exam, but only the second I’ve passed. My very first exam was for the CompTIA A+ 1001 which I failed. That was a kick in the butt and rather demotivating.
Up next on the docket I have the ISTQB for which I have study material from Udemy & I’ll plan on taking that exam following the course to enhance my knowledge for my day job.
If you’ve stayed this far thank you kindly for your time & have a great day!
-Leep