CompTIA Security+ Review and Tips

So I recently passed the CompTIA Security+ (SY0–701) exam and yes, it actually lived up to the hype.

If you’re eyeing this cybersecurity certification, here’s my honest review of the journey, how I prepped, and a few tips that might just save your sanity (and time). Whether you’re switching to cybersecurity, boosting your resume, or just starting out, this writeup is for you.

Image credits: https://www.globalknowledge.com/en-gb/certifications/certification-training/comptia/comptia-security-plus

Why CompTIA Sec+?

CompTIA Security+ is well-known as a proof of baseline knowledge in cyber security.

It is vendor-neutral, globally recognized, and “compliant with ISO 17024 standards and approved by the U.S. DoD to meet Directive 8140.03M requirements”. Most importantly, it builds a solid baseline across basic networking, security operations, threats, vulnerability management, risk management, cryptography, and more.

Preparation Strategy

Here’s what I used to pass the exam.

• Professor Messer’s YouTube series: Beginner friendly and most importantly, FREE!

• Jason Dion’s course and practice exams on Udemy: I found it to be a good structured way of revision after going through Professor Messer’s videos. The practice exam was useful to find knowledge gaps and I encountered questions that were harder than that of the exam.
• ChatGPT: I used it to explain more confusing concepts in a way I could remember.
• Notion: I used Notion to take notes as I went along the different video lessons and it helped me retain information better than passive studying of the content.

Takeaways and Tips

• Before booking an exam, you will feel like you don’t know enough. That’s normal.
• Set a goal of when you want to attain the certification, book the exam and plan your revision schedule around that goal. Don’t wait till you feel “ready” for the exam, I never felt ready.
• Memorizing ports isn’t enough, you need to understand the security implications behind the services listening on those ports and how to properly defend against common attacks.
• Learn threat actor types like you’d memorize characters from a Netflix series. (Hacktivists? Script kiddies? Insider threats? Give them personalities.)
• Don’t ignore the performance-based questions (PBQs), they can make or break your score. Below is a playlist by Cyberkraft that covers interesting performance based scenarios.

Exam Day Experience

I scheduled my exam online at home, and here’s what worked for me:

• I did a system test before the exam day and used the same computer and network for the exam.
• I had a squeaky clean desk setup, no notepads, pens, tissue. Nothing.
• The check-in takes 15 to 30 minutes. Don’t start caffeinated with a full bladder.
• I answered all the questions within an hour. I marked 11 of them for review and triple-checked them calmly. I looked out for trick questions and clear red herring options in multiple choices.
• PBQs came first, and I was least confident in those. Thankfully, it was not as complex as I assumed it would be.

Join the Conversation

• Are you prepping for your Sec+ right now?
• Have you passed it already? What tripped you up?
• Got any other tips or interesting studying techniques?

Drop them in the comments below to share with the wider cybersecurity community!

Interested in furthering your cybersecurity knowledge beyond Sec+? Checkout TCM Security and INE! You can also checkout my review of their courses / certifications in my profile!

Certification Exams - TCM Security

I'm one step closer to becoming an IT expert with INE!