How I Passed the CompTIA Security+ Exam in 10 days.

(Brace yourself, this is a fairly long post which includes my opinions on the materials used to prepare. If you’re up for that, continue!)

This post is organized into the following parts: readings, video courses, practice exams, my study schedule, exam logistics, and other tips that may be helpful for you.

First thing you have to know is that I spent about 6 weeks in a cybersecurity bootcamp reading Mike Chappele’s textbook, CompTIA Cybersecurity Analyst (CySA+) Study Guide Exam CS0-002, 2nd Edition. I mention this because there is about ~70% overlap between the CySA+ exam and the Security+ exam.  Other than that, I do not have a formal background in tech, at all.

Second, this was my first attempt at a cybersecurity certification ever. I skipped A+ and Networking+ (which is why I wasn’t as grounded in networking fundamentals, and my practice exam scores repeatedly indicated this). I was particularly anxious and rigid about my POA (plan of attack). I asked SEVERAL people how they passed, and I am grateful to each of them in pointing me to the best materials currently available, as well as the best routines to employ in my own preparation.

Third, I bought a discounted voucher from a legitimate bulk reseller site, and its expiration date quickly approached! (Keep in mind that your voucher’s expiration date is the last day you may schedule your exam on the Pearson OnVue site, the voucher’s expiration date is not the last day you may attempt the exam.) You have three (3) chances to re/schedule your exam. I picked a date, and felt the fire lit under me. I then created my 10 day study schedule, and attempted the Security+ on the 11th day. 

Here is a summary and mini-reviews of the materials I used. Onward!

Readings:

• Professor Messer’s Security+ notes
  Because I am old, I needed to print these out, and I annotated them as I watched his videos. They were easy to follow along and very handy during the days I’d just want a quick review, easily flip through the material to reference, or when I just couldn’t bring myself to watch another video.
  
• Ports, encryption types, hashing algorithms, and public/private key encryption process.
  I printed out my favorite image of public/private key encryption – yes, starring Alice and Bob so that I could internalize it better. I also made a quick reference grid in my notebook of common ports, symmetric vs. asymmetric encryption types, and listed the common hashing algos – and why they do or don’t work. This info can be easily gathered through a search!
  
• CompTIA Security+ 501 Objectives and acronyms
  I reviewed these daily, along with the accompanying glossary SINCE THERE ARE SO MANY ACRONYMS.
  
• I did not use a Security+ specific textbook to prepare.

Video courses I used:

• Linux Academy (now hosted on aCloudGuru) CompTIA Security+ Certification Prep by Terry Cox
  16 hours of content – this took me about 3 days to complete at 1.75 playback speed. It provided a good foundation.
  
• Professor Messer Security+ 601 YouTube playlist (Find it here.)
  This was really helpful since each of his lessons are aligned with the compTIA Security+ objectives, sequentially. Many of the other videos out there just cluster concepts together (like Mike Myers and Jason Dion’s videos). I found that these other instructors jump around and combine concepts as they see fit, so it would be hard to follow using the exam objectives as a guide. This might be awesome for a birds-eye view, but not for honing in on the specific objectives that I wanted to sharpen, examine more closely, or reinforce.  Prof. Messer’s took me about 3-4 days of 6-8 hour sessions to complete at an accelerated playback.
  
• Mike Myers and Jason Dion Security+ video courses on Udemy
  I did have access to these, but after a couple of videos, I didn’t feel these instructors matched my learning style. Check them out to see if they’re a fit for you.

Practice Exams: 

• I did daily practice exams, and I made sure to review the concepts in the answer key. When I was wrong, I returned to Prof. Messer’s Security+ videos to review, since the related objective is usually indicated.

• Jason Dion’s CompTIA Security+ (SY0-501) Practice Exams with Simulations
  These were a pack of 6 practice exams on Udemy that I bought while on sale. This is what I practiced with on a daily basis with my study group. Then, I would do speed runs to see if I could score well on my own.

• Professor Messer’s CompTIA Security+ Practice Exams
  Because his entire video course is free on YouTube, I am more than happy to promote this man. Link to his exams and course notes here.
  
  Great examples of the practical questions, and answer explanations for all questions. You get 3 full practice tests. While I found this exam to reflect the feel of actual CompTIA Security+ exam the most, it’s a .pdf, and of course it didn’t have the convenience/ease of use that a GUI with a bunch of radio buttons had. Despite that, I printed out all 400 pages, and went through the questions and answers on paper. In comparison to the other practice exams I used, Prof. Messer’s Security+ Practice Exams are the most similar to the type and rigor one can expect from the Security+.
  
  
• Linux Academy/aCloudGuru – CompTIA Security+ Certification Prep by Terry Cox
  After each unit, there was a 15-30 question quiz covering the material from the section. Then, there is one 90 question practice exam at the end of the course. This was good to jog some concepts, but wasn’t as aligned with the types of questions that were ultimately on the Security+ exam. Still good for review and general concept mastery, though. 

What my study schedule looked like:

• Day 01: 
  • Jason Dion Practice Test 1 – with my study group (with answer review)
  • Terry Cox Video Course on Linux Academy + unit quizzes (3-4 hours),
• Day 02:
  • Jason Dion Practice Test 2 – with my study group (with answer review)
  • Terry Cox Video Course on Linux Academy + unit quizzes (3-4 hours),
• Day 03:
  • Jason Dion Practice Test 3 – with my study group (with answer review)
  • Terry Cox Video Course on Linux Academy + unit quizzes (3-4 hours)
  • Started the Prof. Messer Security+ playlist on Youtube (3-4 hours)
• Day 04:
  • Jason Dion Practice Test 4 – with my study group (with answer review)
  • Prof. Messer Security+ playlist on Youtube (3-4 hours)
• Day 05:
  • Jason Dion Practice Test 5 – with my study group (with answer review)
  • Prof. Messer Security+ playlist on Youtube (3-4 hours)
• Day 06:
  • Prof. Messer Practice Exam A + answer review
  • Prof. Messer Security+ playlist on Youtube (6 hours)
• Day 07:
  • Prof. Messer Practice Exam B + answer review
  • Prof. Messer Security+ playlist on Youtube
  • Reviewed some concepts from Prof. Messer Networking+ playlist on Youtube
• Day 08:
  • Jason Dion Practice Test 6 – with my study group (with answer review)
  • Prof. Messer Practice Exam C + answer review
  • Prof. Messer Security+ playlist on Youtube
• Day 09:
  • Solo speed runs of all Jason Dion Practice Tests
  • Jason Dion Course Practice Exam – with my study group (with answer review)
    • I took it easy this day!
• Day 10:
  • Prof. Messer Security+ playlist on Youtube
  • Took practice exam from the Terry Cox Course on Linux Academy
  • Solo speed runs of all Jason Dion Practice Tests
• Day 11:
  • Reviewed my annotated Professor Messer notes
  • Solo speed runs of all Jason Dion Practice Tests
  • Took the Security+ exam around 2 p.m.

Exam logistics:

• Scheduling wasn’t difficult with about 2 weeks notice. There were many available slots, and rescheduling was easy to manage in your account.
• Check in as early as possible. I took a full 20 mins to download and run the latest version of OnVue, and take the various photos required. You can use any remaining time to get grounded while you wait for your online proctor.
• My remote online proctors were kind of real sticklers. I sneezed and they told me I wasn’t allowed to cover my mouth or look away from the screen. Sure, fair…but I sneezed, an actual biological protective reflex. So be mindful of your body.

Other Tips:

• Find someone to study with and/or create an accountability group. The group learning process is great, especially in pointing out the things you don’t know. 
• Review any “practical” questions practice exams offer. Both the Jason Dion and Prof Messer’s exams had  a few helpful samples that helped me know what to expect.
• Know your acronyms. I reviewed these daily just to get the hang of things. There is a glossary included in the CompTIA objectives pack.
• Commit to studying for a solid block of time, but don’t overdo it! Block off a 45 minute sprint, take a 10 minute break, then go for another 45 minutes. One of my former lead instructors recommended a good 4-5 hours of focus (in total) for each work day, and that works for my capacity and attention span. Find out what works for you!
• Print out what you can. Staring at screens all day is a challenge. I found printing out what I could and reading paper copies of things more motivating on my hard days.

Overall, it was a positive FIRST CERTIFICATION experience! I was extremely nervous, but this process allowed me to build my confidence in my discipline to learn and study new material on my own. I’m proud to have earned my Security+, which is a certification commonly listed in many job listings. Stay tuned for my CySA+ update, and best wishes on your own attempt to achieve your Security+ certification — YOU’VE GOT THIS! Please leave a comment below if you have any feedback on the material I listed above, or have additional resources you’d like to share.

Note:  I took the SY0-501 Security+ exam in March 2021. “The English version of the CompTIA Security+ SY0-501 exam will retire on July 31, 2021. At that point it will be completely replaced by SY0-601.” (From the CompTIA blog.)