So, you are considering getting into cybersecurity or are already on the path to obtaining the CompTIA Security+ (or Sec+) certification. This is undoubtedly a long and drawn-out process with many different aspects that can lead to success or waste time.
As CyberNow Labs’ Program Director and SOC Manager, I am offering real-world advice, having seen many without IT experience feel an amazing sense of accomplishment to earn this certification and move on to understand how it applies in the real world of cyber.
First, what is the CompTIA Sec+ certification?
The exam is designed to test and examine your knowledge of the IT world's basic components of security. Securing networks, endpoints, physical security, identity, account management and risk are just some of the topics focused on in the security+ materials.
RECOMMENDATION: There’s a reason we use THE Mike Meyers resources to help trainees since he’s THE IT guy, so I would recommend Mike Meyers’ book to anyone, and you can find it here: https://www.totalsem.com/store/mike-meyers-comptia-security-certification-guide-exam-sy0-601/
Passing the exam is an indication that your knowledge is at a certain expected foundational level. This can be seen as a minimum level to enter the workforce as a cybersecurity professional, and it is a key flag for applicant tracking systems. (But it’s not the only one, experience is a must, and we’ll get to that in a moment.)
So, what does the exam look like? Let’s review:
CompTIA exam: CompTIA Security+ Exam Specifics
Exam Code – SY0-601
Number of Questions – Maximum of 90 Questions
Type of Questions – Multiple Choice and Performance Based
Length of The Exam – 90 Minutes
Passing Score – 750 (Scale of 100-900)
Price $392 (Discounts available) - https://www.totalsem.com/store/vue-comptia-security-certification-exam-voucher/
You may see the following question types:
- Multiple Choice: the standard question, choose the right answer
- Multiple Response: choose all answers that apply with more than one correct answer
- Fill-in-the-blank: fill in the answer to the question
- Drag-and-drop: image or question where you drag answers to match the image or text
- Exhibits: answer questions relating to an attached picture or diagram (variation to multiple choice)
- Performance-based questions (PBQs): detailed questions, open dialog boxes or other configuration windows and configure as needed
- HINT: CompTIA has added more of the newer drag-and-drop and performance-based questions to their exam pool.
OTHER RESOURCES FOR INDEPENDENT STUDY:
Videos, Simulations, Total Tester
The Total Seminars packaged toolset is beneficial if you are an independent studier because it offers a variety of ways to absorb the information. Most of the materials can be found again on the total seminars site here: https://www.totalsem.com/security-certification/
These materials include their total tester practice tests and the Sec+ video series.
This can be your one-stop shop to prepare and obtain your Sec+ certification.
OTHER RESOURCES FOR INSTRUCTOR-LED & HANDS-ON EXPERIENCE
Yes, there are free or low-cost knowledge sources out there.
Yes, with tenacity and $$, you can set up your own lab, find mentors, and secure internships. (And if that were such a practical path, everyone would have jobs in cyber and fill that crazy gap, reported at 700K+ and growing!)
Consider a unique, defined path to get there that’s affordable and accessible. I see students in our CyberNow Labs hands-on cyber training school who have:
- Already earned their Sec+ but do not have practical experience applying that knowledge.
- Started down the path of Sec+ but realized going it alone did not work for them and got so much more from instructor-led than just passing the exam.
This program takes a trade school approach to learning the Sec+ materials. Leveraging live, instructor-led Sec+ training allows you to potentially condense the study and training time down to 8 weeks (about 2 months), which is done part-time and online to allow people to continue to work as they prepare to make this career transition. This can be a stand-alone training option or combined with hands-on learning in a real enterprise SOC to assist in the move into the world of cybersecurity professionals.
As the first part of the cybersecurity training program (you can see an outline at www.cybernowlabs.com), you will review the materials before the learning lessons, then work with the instructors to understand the content even better. Instructors are industry professionals active in the world of cybersecurity, which means they bring real-world experience and case studies to illustrate the topics. Plus, it is live, so you can ask questions and interact.
Lastly, there is a focus on helping to study for the exam with practice questions, mini quizzes, and practice sessions to solidify your knowledge. We do the planning and thinking, and you just do the learning!
GETTING STARTED: ‘THE PLAN WORKS WHEN YOU WORK THE PLAN’
Now that we know more about the exam itself, what it covers, have a few trusted resources to study from, and be able to purchase the exam voucher, how do we begin?
Any good adventure begins with a plan. Be specific in your plan. Add dates and times, expectations, goals, and activities. We like to say at CyberNow Labs that the plan works if you work the plan. It’s not just a platitude; it’s specifically designed to ensure success if you follow the plan as it is laid out for you.
Here are a few suggested items to include in your plan:
- Begin with scheduling the exam.
Sounds like a no-brainer, but I’ve seen people fear this to the point of avoidance. This gives a high level of accountability. Knowing when you must take the exam makes you more likely to study and hold yourself to a strict activity regimen that leads to a successful exam experience. I believe this is one of the most understated steps to success. Accountability is a powerful motivator when working through a process like this. Get the voucher and get the exam scheduled!!
- Next step is to be sure to read, watch, listen, understand ...then repeat.
This means that you want to begin by reading the material. Listening to videos, podcasts, instructors, etc. Ensure that what you read makes sense, and you can investigate anything unclear. Then once the understanding has been obtained, repeat the process for each topic covered in the materials. Sounds simple enough, but people try to short-circuit the process and skip components increasing the difficulty of truly understanding the information. So, don’t try to take a shortcut! Trust the plan and work the plan.
- Practice, practice, and practice! This is straightforward in this cyber field of high-risk stakes. You cannot learn it once and master it.
You need to apply it, re-learn it, see it, feel it. If it makes sense to you, you must practice the materials, but you can build muscle memory. Anyone familiar with competitive sports knows that you practice so many times completing the fundamentals that you do not even think when doing the activity in the game. It just comes naturally from repetitious practice. The same holds true for a cyber analyst.
The reason I know the above guidelines will get you where you want to go regarding Sec+, I am a successful SOC Manager because of it. However you decide to move forward toward successfully passing the CompTIA Sec+ Exam, I wish you all the best. We need solid professionals learning IT security. Get moving! We are waiting for you!
P.S. If you have already been self-studying and now looking for an instructor-led, hands-on solution (and what comes next in career dev), join a live info session; they’re free: https://cybernowlabs.com/