Published on :Jan 27, 2023
Overview
In this post, I'll be highlighting some techniques and resources that I used to pass the CompTIA Security+ (SY0-601) exam on the first try.
As you may know, the Security+ covers the latest trends in cybersecurity. Holding this certification shows competency in the five domains covered -- Attacks, Threats and Vulnerabilities, Architecture and Design, Implementation, Operations and Incident Response, Governance, Risk and Compliance.
The breakdown for these domains on the exam can be shown by the following table:
| Domain | Percentage |
|---|---|
| Attacks, Threats and Vulnerabilities | 24% |
| Architecture and Design | 21% |
| Implementation | 25% |
| Operations and Incident Response | 16% |
| Governance, Risk and Compliance | 14% |
Scheduling the Exam
If you're considering sitting for the Security+ exam, you're likely trying to break into the cybersecurity industry or sharpen your knowledge on the subject. Either way, the first step is scheduling your exam and making it real.
From my experience, as soon as I paid for the voucher and set the date, I was more focused and had an increased incentive to study harder. If you give yourself a month to study, it will take a month. If you give yourself a week, it will take a week. This is completely by preference and varies based on how much time you can commit to studying. I highly encourage selecting a date that is soon, but also realistic and comfortable.
You can register directly on the CompTIA website, which offers various bundles including retakes and even study materials. Another option is to search the web for other sites that may provide these vouchers at a discounted rate.
Create a Study Plan
When creating a study plan, it all comes down to time management. This may vary on your schedule, but a solid rule of thumb is at least 10-15 hours per week spend on studying for your Security+. This can mean squeezing in some time after work or class, and even putting in some extra time on the weekend to catch up. The most important thing is setting a plan and sticking to it.
As mentioned earlier, there are five different domains, each with a specific emphasis on the exam. I have heard positive things about CompTIA's materials, however I found the videos series from Professor Messer to be very helpful.
Going through each of these domains in a week would allow you to complete the material of the exam objectives in roughly five weeks.
In addition to going through the material and watching videos daily, I made an effort to take a practice exam every day to test my knowledge. Take these tests in a similar environment to the test, being in a quiet space with about an hour to complete it. Mark which questions you get wrong and keep a log of the domain associated with them. This way you can note your strengths and weaknesses, which will tell you the areas that you should focus more on.
I found that Professor Messer and Jason Dion had decent practice exams available from their sites. These aren't always free, but well worth it in preparation and adding confidence for the exam itself.
Teach Someone What You Learned
It's kind of difficult to implement all of the concepts that you'll be learning to retain the information. On the bright side, it's feasible (and potentially helpful) to educate your friends on the dangers of phishing or the intricacies of a SQL injection attack.
If you can, try explaining simply these concepts to really get them down in a way that you can recall.
Joining communities is another way to stay engaged and get some motivation while studying. Study groups are helpful to keep each other accountable as well.
Days Before The Exam
Take it easy. Although your mind is possibly racing about the exam, chances are you had plenty of time to study and prepared well. Make sure you get plenty of sleep before the exam, eat a healthy breakfast, you know all that stuff.
If you've made it this far, go schedule that exam!