CompTIA Security+ - Study Guide
What is CompTIA Security+?
It is an entry-level security certification provided by CompTIA. It touches upon a broad range of IT and security concepts on both, technical and managerial, aspects.
CompTIA updates the certifications once in a few years. At the time of this article, the version was SY0-501.
Who should take it up?
Security+ is perfect for people looking to learn the fundamentals of IT and security. Some say that Security+ is a great choice for your first security certification.
I was actually considering CEH, but it was too expensive of a commitment for me at that time. So I went with Security+. Do checkout CEH as well, it might be a better option for you!
Learning skills and test-taking skills are two completely different things, hence, I have split the following sections accordingly.
Preparation Guide
My background: Undergraduate degree in computer science and some experience in cyber security through Capture-the-Flag (CTF) contests.
The internet told me 45 days is enough to study and obtain Security+. So I went with the same for my preparation as well but I was able to obtain it in 30 days.
Like any other test, familiarize yourself with the test objectives and exam pattern before you begin. I highly recommend taking notes during preparation as it helps with better understanding and retention. I’d like to mention Joplin as my go-to note-taking app.
Darril Gibson’s Get Certified Get Ahead (GCGA)
Begin with the GCGA book. I’d say, it is the Bible for Security+. It covers all the concepts that are a part of Security+. Having known a few topics already, I can tell you that the book explains things really well.
Darril Gibson’s Get Certified Get Ahead (GCGA)
Professor Messer’s YouTube
This man is amazing. He has an entire playlist for Security+, which is extremely useful. The best part is that the videos are short and split topic-wise.
Apart from the playlist, Messer also has a study-group for Security+ that happens every month. It is an interactive live session where practice questions are discussed. There is an AMA session at the end of every study-group as well. It is a great place to learn about your first steps in cyber security and finding a career path.
Finally, go through the exam objectives to check if all concepts have been covered. In my opinion, the above two resources are sufficient to understand all the required concepts. Now, onto practice tests.
Practice Tests and Resources
- ExamCompass Security+ Practice Test Questions
- Jason Dion’s Udemy Practice Tests
- Sample Performance-Based Questions (PBQ) by CompTIA
- Mobile App
- r/CompTIA
Test Taking Guide
PBQs could be time-consuming. Don’t spend too much time on them initially, instead mark them and answer them later. Do not overthink the question or be in a hurry to answer. Some questions can be twisted, look for the keyword before jumping to the options. Before fixing on an answer, ask yourself why the other options are not right. This helps in better understanding of the concept and gives a chance to evaluate the question in-depth before moving to the next. Finally, the elimination method is really helpful when you are not confident of the answer.
The new online test, which can be taken from home is a great option. It went smooth for me although I had some network issues on my end.