Sunday, February 2, 2014

How To Pass the Security+ Exam

Years ago, I failed the Security+ exam the first time I took it.

Failed it.

Two hundred and some dollars wasted.

It was a humbling experience. It wasn't because the knowledge was beyond me. Instead, I took the exam for granted and didn't study. It's not a mistake I wanted to repeat.

Within about a month, I retook the exam and passed it.The exam didn't change. Instead, I changed my approach on the exam. Here is what I did:
  • Purchased a couple of study guides
  • Reviewed the objectives
  • Researched unclear topics for clarification
  • Used practice test questions to test my comprehension
If you have the requisite experience in IT, these are the same steps you can use to pass the Security+ exam within about 30 days.

Find Good Study Guides

First, get one or two Security+ study guides. I have earned almost all of my certifications through self-study. When available, I get more than one study guides.

Ideally, a single book is enough but in general, it's always a good idea to get more than one. If you don't  understand the concepts described by one author, you can get a different perspective from another author and you end up with a deeper understanding.

Many people have said they used the CompTIA Security+: Get Certified Get Ahead: SY0-301 Study Guideas their single source of study. I'm grateful and humbled to hear this. If that works for you, that's great, but I still recommend getting two or more study guides to pass.

How do you know what guides are good? Look at the Amazon reviews and see what people are writing. Remember, if you're looking for a book to help you pass the exam, pay attention to the reviews that indicate the book helped them pass the exam. Some people post miscellaneous comments referring to shipping, or how the book doesn't mention questions from another source. While these comments might still be valuable, they don't indicate if the book will help you pass the actual exam.

Review the Objectives 

The objectives identify what you can expect to be tested on. When reviewing the objectives, your goal is to identify familiar and unfamiliar topics. A study guide can help you clarify these objectives and how you might be tested on them.

You can access the Security+ exam objectives on the CompTIAs web site.

Many study guides  include the objectives in the book along with an objective map telling you exactly where that objective is covered in the book. This book uses that format: CompTIA Security+: Get Certified Get Ahead: SY0-301 Study Guide.

Research Unclear Topics to Pass a Certification Exam

As you're reading the study guides, some topics might not be clear.

When you have two study guides, you can review the topic in the other guide. Seeing the topic from a different point of view is often helpful to clarify it.

You can also do some an Internet search. A simple Google search on "security+ blogs" can list some useful places where you can review Security+ topics.

Similarly, it's useful to review somewhere that has some up-to-date information. For example, CompTIA changed the  way they are testing Security+ topics with new performance-based questions. This page includes a section titled Performance Based Questions, which lists several posts on these.

Additionally, there are many forums where people provide helpful answers to each other. People that post well thought-out questions to these forums, often get some great responses.

Use Practice Exams to Pass a Certification Exam

After you've studied the concepts related to the objectives, use practice exams to test your readiness. If the study guide includes questions, use them.

For example, the CompTIA Security+: Get Certified Get Ahead: SY0-301 Study Guide includes a pre-test at the beginning of the book, practice test questions at the end of each chapter, and a post test at the end of the book. Use these to test your comprehension of the topics.

Additionally, there are many other sources for practice test questions such as the Get Certified Get Ahead Premium site.

When using practice test questions, your goal is not to get them all correct.

Really. Your goal is not to get them all correct.

Instead, your goal is to test your comprehension. Ideally, you should be able to look at any question and know why the correct answer is correct and the incorrect answers are incorrect. This way no matter how the questions are worded on the actual exam, you will be able to answer it correctly.

Some questions seem incomprehensible if you only look for the correct answer. However, if you eliminate the incorrect answers, the correct answer becomes obvious. I described this process in this video. The video is focused on Security+ performance-based questions, but also includes an explanation of eliminating incorrect answers with a typical multiple choice question.

Make sure practice test questions you're using have explanations. The explanations help you understand why the correct answers are correct and why the incorrect answers are incorrect. Some questions have a subtle twist of words making one answer incorrect that might make the same answer correct in a similar question. Without the explanations, you might not notice these.

Beware of Brain Dumps

Some criminals use illegal and/or unethical methods to capture questions. After guessing the correct answers, they sell them.

Brain dumps rarely include explanations. People that buy these memorize the questions and answers.

They often memorize incorrect information without understanding the reasoning behind the question. Subtle changes to the questions elude them. They fail and don't understand why.

I've had students in classes that memorized incorrect brain dump answers and had problems trying to relearn the correct information.

Also, you can have your certification revoked if it's discovered you use brain dump sources. This page lists unauthorized sites.

Practice Test Questions Should Not be the First or Only Option

Practice test questions are useful to test your comprehension, but should not be the only source of study.

The goal of any certification is to understand the underlying concepts so that you can pass. Practice test questions might help you pass, but you may be missing an understanding of some important concepts.

Certifications such as Security+ might help you land an interview for a job. However, without an understanding of the underlying concepts, you might falter during the interview. Also, you might pass the interview, get hired, and your lack of knowledge might come to light on the job.

Summary How To Pass the Security+ Certification Exam

As a summary, here's what you can do to pass the Security+ exam:
Good luck.