Security+: An Overview

After a semester of working 40 hours a week on top of taking 12 credits at school I felt very unproductive during the first few weeks over winter break. Since the need to "accomplish" something seemed overwhelming I decided to set some time aside to study for the Security+ certification, with the assumption of attempting the exam at the end of break. I did end up taking the exam and would like to share my overall experience.

Overview:

The Security+ certification covers a great deal of information ranging from general security concepts to organizational security. Below is a list of the official domains the exam covers:

• General Security Concepts
• Communication Security
• Infrastructure Security
• Basics of Cryptography
• Operational/Organizational Security

As stated on their website CompTIA recommends 2 years of Info Sec experience and the Network + certification as prerequisites for the certification.

Studying:

I knew a great deal about the concepts that would be covered on the exam, either from school or my work experience which was the reason I chose the self study method. I would recommend self study to just about everyone who meets the requirements but especially to poor college kids like me :-p.

To prepare I read over one book titled "All in One Security+ Certification Exam Guide" published by Osborne. I read each chapter once and then picked out a few I needed to reread to fully understand the concepts. These included the chapters on PKI, Remote Access protocols, Standards and Protocols which all had a vast amount of very detailed information. Upon my completion of the book I used the practice exam that came with it and the exam that came with my voucher to get a feel for what the test would actually be like. I passed the book test with flying colors on my first try but I was getting far below passing on the other test.

It was at this point I began to panic. I was scheduled to take my test in a week and here I was not even able to pass a practice test. After hours of researching the exam on Google I was convinced that the Security+ test was not well written and a horrible experience altogether. Despite the face I was very nervous for the test, I showed up on exam day.

The exam:

I personally found the Security+ exam to be very well written and I was able to understand each and every question I was asked. If you hear any reports saying that the test is confusing or anything like that disregard that information. As long as you are familiar with the information in the domains you will be able to pass this exam with no problems what so ever. As you might have guessed I passed the test first try w00t!

Conclusion:

Overall I learned a great deal from the preparation for this exam. I especially learned new things about PKI (Public Key Infrastructure) and different protocols such as PPTP, L2TP, and IPsec. Along with knowledge I also gained a great entry level certification into the Information Security field. Feel free to check out the Security+ website for more info.