I have recently passed the CompTIA Security+ exam so I thought I would write down some quick thoughts about what I have been learning, and how I have been learning it, as well as giving some exam tips that may help if you’re taking Security+, or indeed other CompTIA certs.
Study Materials
Jump to exam tips. I signed up with The Learning People, a distance learning provider. Please note this isn’t a recommendation and there are plenty of choices. I’d prefer you to do your own research, but if you want to chat about the different options, just drop me a message. Contact me
To give you an idea of the sort of package you might get, this is what The Learning People provide. The main study material consists of custom video content from Skillsoft, being slides presented by experienced cybersecurity professionals. You have a specific career path and I’m studying the cybersecurity path so the certifications I can take are A+, Network+, Security+, Pentest+ and CySA+. There is also an ethical hacker career path where you get CEH instead of CySA+ I believe.
The package includes your exam costs as well as unlimited resits, which is a good thing because it means they are motivated to provide you with excellent training, otherwise the cost of the exams could add up. The 4 exams I have taken so far (A+ is broken down in to 2 exams) would have cost me more than what I have paid for the package up to now, as you can pay on a monthly basis.
Apart from the videos for your certs, you get access to loads of other video training, but you would have to pay for those exams yourself if you wanted certification for anything outside of your learning path. You also get plenty of e-books, which are beneficial and are a good source of practice tests as well as further study. There is also exam prep that you have to pass in order to be entered for the exam.
On top of that you have access to online labs with guided exercises to give you hands-on experience of the things you learn from the videos. At least that is how it is supposed to work; in reality the labs tend to be a step ahead of the material you are learning, which isn’t a bad thing, it just doesn’t help a great deal with the exam you are studying for. I have some issue with the exam prep you are forced to complete, but other than that I am happy with the learning material.
Aside from all of the study material, there is a career service with a guided program to help with your CV, covering letter, LinkedIn profile, networking, and interview preparation. Hopefully I have given you an idea of what you can get with an online education company. If you are thinking of using one, have a look at some reviews and ideally speak to some current learners who you can easily find by searching through LinkedIn. See what you think would fit best for you, and bear in mind that there are free resources out there too as well as many books. Whatever happened to good old fashioned book learning?
Study Method
When studying for these certifications, the method that has worked for me in the main is to watch the videos whilst taking brief notes. After going through all the videos, I have completed the labs and test prep and then the practice exams in the e-books. If that shows up any areas that I need to revisit, I go over my notes and study that topic in one of the e-books. I’m a pretty fast learner and so far, touch wood, I’ve passed each of the exams first time without too much trouble.
Don’t get me wrong, the video material doesn’t teach you everything you need to know to be a successful cybersecurity professional, far from it, but that’s not what they are designed to do. They are designed to help you pass the exam. I’m a hands-on kind of person who learns more by doing, and you will need to supplement your exam study with practical experience.
This highlights one of the problems with most certifications, and the reason that they are not viewed as highly in all circles: They simply do not mean that you’re ready, at least not on their own. They do mean that you have acquired a certain amount of knowledge, and so you see them on many job listings.
I’ve spoken to people who like to watch the videos through once, then again while taking notes, or take notes the first time and then watch the video through again to make sure they haven’t missed anything. I’ve seen a couple of people post that they don’t take any notes at all or that they watch the video and take notes afterwards. I’ve tried that and the information just doesn’t stick as well for me. I’ve read that hand-writing notes is a better way to learn, but I type them and that works fine for me. Everybody is different, and if you decide to use video lectures, you just need to work out what works best for you.
After you have been through all of the study material, I’ve always found it helpful to do as many practice questions as I can get my hands on. There are always bits of information that you’ve forgotten, and getting a question wrong, then finding the correct answer is a great way of cementing that information in your memory.
You might want to create a study plan taking account of how much time you are able to dedicate to your studies and there are plenty of free resources to help you with that. You may also like to use a focus app to help you to stay focussed on your studies. I have used the Forest app on the odd occasion and it does work if you are struggling to stay focused. If you haven’t tried one, just do a search and try some to find the one you like best.
If you dedicate yourself to pure exam study and if you are studying full-time like me, you could pass each exam in five days to a week, except perhaps for A+ core 1, which might take ten days. It is not such an easy thing to do though and practical study is so much more fun than watching videos. I enjoy varying my routine, so I might spend one day studying for the exam and the next day networking and playing with my homelab, then half a day of exam study and half a day on TryHackMe the next, and so on.
However you choose to study, I think it’s important to make sure you factor in some relaxation time to maintain your mental health. Refrain from checking your emails, go for a long walk, watch a movie, be present with your loved ones and just recharge the batteries. I like to think I’m a machine when it comes to learning, but if you don’t take a break, eventually your studies will start to suffer. Not thinking about studying for a while gives your mind a chance to process what you have learnt. I enjoy guided meditation and I think the Calm app is superb. If you have never tried it, I highly recommend it.
Exam Tips
When the time comes to book your CompTIA exam, their online exams are hosted by Pearson Vue. You log on to their website, select your exam (A+ or Network+ etc.) and then you are given a list of possible times for the date you want to book. I have had some technical issues with this where sometimes you will be able to book an exam pretty much any hour of any given day, but upon refreshing the page, only a few different time slots are available, time slots which change when you refresh the page again. Eventually it does work.
I also encountered a technical glitch when taking the A+ core 2 exam. The invigilator or proctor, couldn’t see my video after I’d connected. The problem was at their end, but I had to cancel out of the exam, call their support to have the exam refunded and then rebook it. You see when taking exams online, you have your webcam on throughout the exam and supposedly somebody is watching you to make sure that you’re following the rules. Also, you download some software that locks your system down so that you can’t access your web browser or anything else for that matter, apart from the Pearson Vue software. I believe the software is called Browser Lock.
You will be required to take photos of identification like a passport or driving licence, a selfie or headshot and some photos of the room where you are taking the exam, so that they can see you don’t have posters set up around you to help you in the exam; they are closed book exams, meaning you are not to access any study material while taking them. You can use your webcam or your phone to take the photos. CompTIA recommend you log in to your exam 30 minutes before your start time because it takes about 20 minutes to get to the point that you actually start your exam. They say that your exam will be voided if they can hear anybody through your webcam and if anybody else is visible. Your phone and any other equipment must be out of arms reach and food or drink are not permitted.
CompTIA exams are mostly multiple choice questions, at least the ones I’m taking are, which is nice. The questions tend to be a couple of sentences outlining the specific situation and the issue that you are faced with, though some are just a straightforward one line question. The pass mark tends to be something like 750 out of a maximum 900. I attended a webinar from the director of learning at CompTIA a while back and when asked about how their marking scheme works, his response was that it is complicated. He advised that if you don’t know an answer you’re better off having a go, which I took to mean that you don’t lose marks for getting an answer wrong.
Questions with one correct answer have four possible choices, which means with no knowledge whatsoever you have a better than 25% chance of passing the exam. Most of the time if you don’t immediately know the answer, you can quickly narrow it down to two and then it might just be a case of re-reading the question to determine which of the two is correct. On that subject, make sure that you read the questions carefully and take note of any questions where you are required to select more than one answer. It will tell you how many answers to select at the end of the question.
I’ve seen some less helpful practice tests where each question is a couple of paragraphs, but don’t worry the exams I’ve done so far haven’t had anything like that. Also there are plenty of practice questions where one of the possible answers is “all of the above”, and you know what that means don’t you, however I don’t think I have seen any questions in the actual exams that have “all of the above” as a possible answer. The closest thing I have come across to the format of the actual exam questions is Total Tester/Total Seminars Online practice exams. You can purchase access direct on their website, https://www.totalsem.com/, but I got access through Mike Meyers e-books, which would work out cheaper I’m sure. You can also access some practice questions free on CompTIA’s website.
The first 5 questions on the exam are what they call performance-based questions (PBQs). These are not multiple choice and are meant to simulate real-world scenarios. They are problem solving questions. A good tip if you have a PBQ involving use of a CLI, only certain commands will be available, so if you’re not sure where to start, typing the “help” command will give you a good indicator of which way to go. The ones I’ve come across have not been difficult, and can be a good way to pick up some easy points, but be aware that they can be time consuming (the PBQs on my Network+ exam seemed very much out of proportion in terms of the time taken for each mark). The recommendation is that you skip past these first 5 questions and go back to them after you have completed all the multiple choice questions.
You can skip or flag any of the multiple choice questions too and go back to them after. When you get to the end of the exam you can review your answers, and you are shown a list that indicates any questions that you haven’t given an answer for or that you have flagged. If I was struggling to work out the correct answer for any questions I found it to be a good tactic to skip them or select an answer and flag it, as after finishing all of the other questions and taking a second look, I often found the answers seemed more obvious. Additionally there is always the chance that another question will suggest the answer to a question that you were not sure of.
You don’t want to be spending a long time pondering over any one answer as there are a lot of questions to get through and the time will tick down fast if you don’t keep moving. This also applies to the start of the exam. It can take me a few minutes to get in to exam mode, so if that’s you, don’t ponder over the first few questions. My advice would be to keep skipping until you find one that you immediately know. This will help to settle any nerves and you’ll probably then be able to rattle off a few quick answers.
At the end of your exam, before you can find out your score and whether you have passed or not, as some sort of a cruel joke you are first presented with a survey. Really it only takes a couple of minutes, but for every exam I have taken, those two minutes have been the most nerve-racking.
That’s it! Hopefully I’ve given you a comprehensive guide to CompTIA exams. I’ve tried to cover everything that I would like to have known beforehand, but feel free to contact me with any questions or leave any comments if I have missed anything. And please let me know if I have helped you in any way.
I wish you the best of luck!
Securing the Cyber World 