Passing CompTIA’s Security+ Exam

As someone who struggled to pass CompTIA’s Security+ exam after 2 failed attempts, I am here to offer my thoughts on what’s needed in order to succeed from the preparation beforehand, to the congratulatory passing screen after the test. I am a junior developer at IDEAMATICS with a BS in computer science and very little IT experience relevant to the exam. I believe that anyone can pass this exam with the right study habits and materials.

First, you’re going to need some study materials. I had absolutely no idea how to begin studying, let alone what materials I needed. I had been accustomed to my university telling me exactly what textbooks I needed for a course, but there’s no definite list of these study materials for Security+. Luckily, IDEAMATICS was able to provide the best resources for exam preparation. I used the CompTIA Security+ Exam Prep Bundle (https://www.comptia.org/certifications/security), which included an eBook and CertMaster (https://www.comptia.org/training/certmaster-practice/), an enormous library of questions by section plus a full practice exam. The eBook was a great place to start to get a solid foundation and understanding of the general topics that will be on the exam. However, the eBook only scratches the surface of the necessary comprehension of the material.

I’m a “learn by doing” type of person. So, while the eBook was a great place to start, I knew that I just needed to see practice questions and learn from my mistakes. At this point, I had jumped into the CertMaster side of studying. There are 6 sections here and each section has 1-15 sets of lesson question sets that relate to a specific topic. As I completed each lesson, I took notes on everything from the key words in the questions, to the explanation of the answer. To fully understand the correct answer, you also need to fully understand why the other answer choices are incorrect or not the BEST answer to choose. If you take notes with both of these things in mind, you’ll be better prepared for questions relating to that topic down the line.

CertMaster also has a practice exam at the end of the course. This is a timed, 90 minute, practice test that follows the same format you should expect when taking the real Security+ exam. It has 85-90 questions and includes PBQs, or performance based questions. PBQs are multi-part, interactive questions that may ask you to do anything from configuring an Enterprise wireless solution to dragging and dropping terms that match a hardware system. While you’re taking the practice exam, along with the real exam, you should read the question slowly and carefully. Many questions may say “choose the answer that is NOT part of X topic,” so it is important not to miss crucial words in the question that affect the correct answer choice.

After you complete your first practice exam, you should go back and review all questions, both correct and incorrect. As you review each question, first, take notes on what the question is asking, but try not to write the question down word for word. See if you can find a way to paraphrase the question or use the correct answer and the question in the same sentence or bullet point. Once you understand what the question is asking, try to understand why the incorrect answer choices are not correct. Each answer choice will have a description or definition associated with key words within the choice, so try to take notes on what is important in those explanations. You’re going to find that some explanations just say something like “X is wrong because the question asked about Y and X is not Y.” Since, most of the time, that isn’t the clearest explanation for the answer, you’re probably going to have to do your own research on the topic. When you’re researching a specific topic, try using Google. Instead of just searching for topic X, try searching for something like “topic X security+.” This will usually show you results that are specific to the Security+ exam and specializes in breaking down Security+ study topics, like https://www.professormesser.com/. If you take notes using bullet points, use the first bullet point to explain the main concept of the question and answer. For concepts that go more in-depth, indent another bullet point under that and go into more detail about what you think fits. You should build your notes in a manner that you’re comfortable with so you can go back and easily review them.

While going through answers from your first attempt you’re going to quickly realize that there are 2 main types of answers; concepts to understand and concepts to memorize. For example, you’re just going to have to memorize your protocols and port numbers. When it comes to understanding concepts, as a visual learner, I watched YouTube videos explaining a topic. This is a great way to supplement what you’ve already studied so far. A great playlist I studied with was Professor Messer’s CompTIA Security+ SY0-501 Training Course (https://www.youtube.com/playlist?list=PLG49S3nxzAnnVhoAaL4B6aMFDQ8_gdxAy). This YouTube playlist has around 13 hours of videos and each section almost directly corresponds to the CertMaster quiz section topics. Again, take notes on key information that may sound important

After you’ve finished taking notes on your first practice exam, review your notes for a little bit before jumping right back into another practice exam. CertMaster has a large pool of questions for the practice exam so you’ll encounter questions that you didn’t see from your first attempt. Once you finish your next attempt, take notes on all of the questions. You should even take notes on questions that you saw from a previous exam. This will especially help with things that need to be memorized. From this point, just continue taking practice exams and notes over and over until you score around 95% or above. Once you start scoring around that range, you should see that CertMaster says that you’re probably ready to take the real Security+ exam.

Finally, I’ll close this out with some advice for the day you take the test. Schedule your exam for the time that works best for you. I scheduled my exams for the afternoon, after lunch, so that I wasn’t distracted by being hungry halfway through the exam. This also gave me time in the morning to do some last minute studying. The test format will be very similar to what you get with the CertMaster practice exams. It is a 90 minute test with somewhere around 85 questions where 1-5 of those questions are PBQs. If you take the test more than once, you won’t get the same set of questions you saw on your previous attempt, but you might see some overlap in the questions. The first thing you should do is flag the questions for review, skip them, and save them for the end of the test. These questions require a decent amount of time to think about and answer, so you could find yourself spending too much time on them at the beginning of the test.  Next, you’ll be answering the usual multiple choice and select all that apply questions, which are very straightforward. If you see a question that looks much longer than others, I recommend that you treat it like the PBQs and save it for the end. You could easily find yourself losing a lot of time by just getting hung up on reading and trying to understand the question. Lastly, just remain calm. Keeping your composure during the entire exam is key. Before you begin the exam, take a few deep breaths, and try to center yourself and focus. If, in the middle of the test, you find yourself feeling frantic or nervous, take a few seconds to adjust in your chair and shake out all of the jitters. Good luck!