When I first started writing this post I wanted to include every detail I could about my experience with Security+. I wanted to talk about study materials, mindset, practice exams, and so much more. I soon realized I would have a book that would bore and turn people away from this post. Instead, I’m going to point out a few details and make this short and sweet.
The Security+ Exam I took and passed was the SY0-601 for reference and I took the exam online at my home.
Let me get this part out of the way for anyone studying for this exam. This exam is a pain in the butt. It’s full of so much content and I found myself so flustered. One day I’m studying Malware, and the next day the script flips and I’m reading about cloud models. Then another day it’s about cryptography and the next day is incident response. It is enough to make anyone’s head explode. Don’t beat yourself up as I did. This is tough. Very tough, and just taking this step is something many people in the IT field don’t take. You will pass this if you put the time in and study.
I recommend going through each objective and when you feel you can explain a bullet point to a child and teach them what that bullet point is, put a checkmark next to it, and move to the next.
Study material I found useful.
- TryHackMe. You know a great way to learn the material? Perform the attacks it talks about on the Security+. Password Attacks, Reconnaissance, Nmap, Nessus, MITRE, cryptography, and many more.
- Professor Messor. Good Youtube series and was something I listened to when I went on walks.
- Jason Dion’s Udemy Course and Practice Exams. The course was great, but the exams were the highlight that helped put me in the mindset to take the exam.
- CompTIA Security+ Study Guide: Exam SY0-601 8th Edition. Great book with practice questions to help make sure you understand the material. I tried to read a chapter a day and read the book twice.
During my time studying for the exam, I was told the biggest and scariest thing on the exam would be the performance-based questions. Mine was not as scary as I thought it would be. I still recommend the path of passing them when the exam starts and coming back at the end. For anyone that doesn’t know, CompTIA has a Simulation for a PBQ. Play with it and get a feel for what to expect on exam day.
Give yourself a goal and a target to aim for when you schedule the exam. When the day came, I went on a mile-long walk and was dealing with so much doubt in my mind. Was I ready, what were the proctors going to be like, would I have technical issues, what would the questions be like, what if I pass, what if I fail, should I reschedule. I honestly thought about pushing it a week back because the anxiety of the test was getting to me. But I told myself it’s not the end of the world if I fail. I put the time in and whatever happens just happens.
When I started my exam, I felt like my heartbeat was shaking my desk. Once I started answering a few questions and getting a rhythm going, I was just fine. But the point is to make a target and go for it. Again for anyone who needs to hear this. This exam is hard, even for an entry-level exam. You are not alone.
I hope this post was helpful. If you have any questions, feel free to hit me up on Twitter.