+ Reply to Thread
Results 1 to 7 of 7
  1. Junior Member
    Join Date
    Aug 2016
    Posts
    25

    Certifications
    MCP, MCTS Win7, ACA 10.11, A+, N+, ITIL F, S+
    #1

    Thumbs up Passed Security+ exam

    Just got home from taking the test. This was my first attempt at taking it. I was nervous as hell because I failed the Network+ twice (barely passed it the 3rd time) and I really couldn't afford to take the Security+ more than once. I've been studying off and on for about 6 months. I probably could've taken it earlier, but I was nervous about failing so I kept putting it off.

    As usual, most of the questions were pretty long. There was 1 simulation that I just didn't understand AT ALL (I can't talk about the details of it because of the NDA). When I say "AT ALL" I mean that I didn't understand what it was asking me to do lol. Luckily though, I was able to pass. Not only pass, but pass which a much higher score than I thought I got.


    Resources I used:
    • Darril Gibson - I used his book, audio files, flash cards, questions... everything I could get my hands on because he's so highly recommended here. He defininitley helped a lot. I'm not a book reader, but it was able to read through most of without daydreaming or staring off.
    • Professor Messer - I used him for the 70-680, A+, N+, & S+. Although I feel like sometimes he doesn't go into as much detail as he should, it's free and extremely helpful since he follows the objectives in order.
    • Mike Chappel - I watched his video from Lynda.com. If you have Lynda, I'd recommend using him.
    • Mike Meyers - I got SUPER lucky and someone pointed out that his video course was $10 on Udemy so yesterday I bought it and spent ALL day watching his videos. With only one day before the exam, I didn't know if he would help, but he did help fill in some of the gaps of things I didn't fully understand.
    • CertMaster - This is the 3rd time I've bought CertMaster. Honestly... it didn't help for Security+ (or Network+, but it helped a lot for the A+).
    My ultimate goal is Penetration Testing and Ethical Hacking, but I'm still working a helpdesk position with little to no actual Security experience so I think I'm going to wait on the CEH and eJPT. I also still can't afford to go to school yet, but I do plan on eventually attending WGU so I think I'm going to start studying for the Linux Essentials certification next since it's on the list of certifications for the Bachelor of Science: Network Operations and Security degree.
    Last edited by Cameron M; 10-31-2017 at 05:27 AM. Reason: sp
    Reply With Quote Quote  

  2. SS -->
  3. Senior Member
    Join Date
    Jul 2016
    Location
    New Hampshire
    Posts
    378

    Certifications
    CCNET, CCNA R&S, ITIL, MCP, Security+
    #2
    Congrats!!
    Reply With Quote Quote  

  4. Senior Member mikey88's Avatar
    Join Date
    Jul 2017
    Location
    Seattle, WA
    Posts
    151

    Certifications
    Security+, Network+, Server+
    #3
    Congrats on the pass!!! I still think Network+ was the hardest exam I took to date.
    2017 Goals: Security+ [] Server+ []
    2018 Goals: CCNA R/S, Security [ ]
    Reply With Quote Quote  

  5. Junior Member Registered Member
    Join Date
    Aug 2017
    Posts
    1
    #4
    Congratulation. I took the exam a month ago and I failed.. Presently studying for it again.
    Reply With Quote Quote  

  6. Senior Member
    Join Date
    Feb 2014
    Posts
    247

    Certifications
    MS in Security Information, Sec+,A+, Server+, Network+, Certified Network Defense Profesional (CNDP), Certified Cybercrime Forensic Investigator
    #5
    Congratulations on the pass!! Thanks for sharing! And welcome to the club!
    Year goals
    Security+ [done] Next is CCENT-CCNA [loading..]
    Reply With Quote Quote  

  7. Junior Member Registered Member
    Join Date
    Oct 2017
    Posts
    5
    #6
    Congrats on knocking another cert out of the way! For reference, while the CEH definitely holds value, you'll gain more applicable skills, higher job prospects and better validation for your efforts by getting GIAC certifications or the OSCP. While I personally like the SANS training and GIAC certifications they're not all created equal in regards to difficulty or respect. Additionally SANS training and GIAC exams are pretty expensive, so if my company wasn't covering the bill I probably wouldn't have any of those. Here's a breakdown for the GCIH, GPEN, GWAPT pricing for each from last year.


    SANS training + books + associated GIAC exam + 2 sample exams (around $6537)
    SANS training alone (around $5620)
    GIAC exam alone (around $1200)


    Instead if your goal really is to work as a red team operator / pen tester then instead I would skip any course that don't align with future coursework at WGU and instead focus on taking a diving deep into using Linux. If you're going to take the quick and easy approach, stick with a Debian distro of Linux and use the OS from a user perspective. If you do can't run a VM on your hardware or don't have a second machine, simply download a "live cd" and run the OS from that. Once you've got the hang of it, switch to using it from an admin perspective where you're working primarily without the GUI and almost entirely from the command line interface.


    Once you feel that you've got those down I would aim for more hands on pen testing using open source tools. While you don't "have" to use Kali Linux, doing so keeps you from having to go hunt for everything on the web. The following two sites are a great place to start with for doing research on actual pen testing tools.


    SecurityTube.net (free)
    Cybrary.it (free)


    Afterwards you should have no problem crushing a pen testing exam like the OSCP that's extremely well respected in the red team / pen testing community and is by no means an easy exam to pass. Also GitHub is a treasure trove of goodies. If you don't already have an account you should get one and "star" any project that you think would be useful for your future efforts. Kali and most other Linux distro's have built in SVN tools to allow you to quickly pull in these projects without having to use sketch 3rd party sites.


    In a nutshell, a degree is NOT going to give you experience in pen testing without YOU actually taking extra steps to learn the material yourself. My advice, go to school so you can get the check in the box. Meanwhile on a personal level you should aim for a well-respected cert that actually allows you to prove your skill and worth to a future company.


    Good luck on everything!
    Reply With Quote Quote  

  8. Member Paulieb81's Avatar
    Join Date
    Feb 2014
    Location
    USA
    Posts
    39

    Certifications
    CompTIA A+, Network+, Security+
    #7
    Lots of good information on studying and career path! Good job on the exam, Congrats!
    - Currently studying for the CCNA Composite Exam -
    Goals for 2017: Security+ = DONE!, Finish CCNA
    Goals for 2018: MCSE, CCNA Security
    and Beyond...: ITIL, VMware VCP
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks