I finished reading chapter 8 of Darril Gibson’s book tonight and once I do the review questions in the morning I’ll be ready for chapter 9. I was getting curious as to how I was doing and wanted to get a little progress measurement so a few minutes ago I went over to the CompTIA site and took the 100 question practice test. Here are the results:
I am encouraged by the result for a couple of reasons:
1. The areas I scored the lowest in are coming up in the next 3 chapters of Darril’s book so I haven’t really even studied that material yet.
2. I remember the practice test for the Network+ exam being harder than the actual exam.
Furthermore, I’l have some additional convergence in the areas of Cryptography and Business Continuity in the near future as those chapters are coming up next in the Ciampa book I am using in my Network Security class.
Overall, I’m feeling fairly good about the Security+ studying. I’m feeling confident at this point but not overconfident.
Since my last post, I’ve managed to get chapters 5 and 6 of Darril Gibson’s book read and I’ve completed the end of chapter review questions for those chapters. There has been a bit of convergence lately with my community college classes. For example, chapter 4 of Darril’s book covers wireless security which is the same as Chapter 8 of Mark Ciampa’s book. We just covered chapter 8 in class last Thursday so I felt like I got a double dose on the topic. Tonight in my A+ class we’ll be covering chapters 9 and 16 in the IT Hardware Essentials book by Cisco. Both these chapters are on security and cover topics such as security policy, viruses, worms, trojans, etc. So it seems as if I have been getting security material on all fronts recently. After class tonight I’ll be watching Survivor from the DVR and after someone gets booted off the island it is on to chapter 7 in Darril’s book.
I’ve been using Pearson’s Question of the Day newsletter for around a month now and find it is a good way to start my day when checking e-mail. Basically, you go to Pearson’s Newsletter Sign Up page, check off the boxes for the relevant exams you are working on, enter your e-mail address, and click on the Sign Me Up button. What happens then is that every weekday you will receive a short e-mail with a relevant practice test question. It shows you which book the question comes from and I have found them to normally be in the Exam Cram series of books. You read the question and click on the link to compare your answer to the correct one along with a short explanation. I’m currently subscribed to the A+, Security+, ICND1, ICND2, and CCNA lists so I get 5 questions a day. It’s a pretty nice resource that gives you short chunks of information to process. Sometimes I find myself do a short bit of research after I miss a particular question and I feel that helps the overall goal without being too time consuming.
An update on the Security+ front: I’m through Chapter 4 and will start reading Chapter 5 tonight when the house gets quiet. I’ve managed to listen to the companion Q&A podcasts through Chapter 4 as well. Yesterday I was in the car with the wife and listening to the Q&A on Chapters 3 and 4 and as I was blurting out the answers along with the audio when my wife exclaimed: “If you already know the answers then why are are you listening to it”. I explained that this was exactly the point to the whole thing and that being able to hear the questions and then respond with the correct answer was a good thing.
Last night I finished reading chapter 2 of Darril Gibson’s book and went to bed thinking about TMO, PDC, RBAC, DAC, and MAC. What is all this you ask? While Chapter 1 was all about authentication, Chapter 2 was all about physical and logical access controls. TMO is a self-created acronym that refers to Technical Controls, Management Controls, and Operational Controls. (Creating my own acronyms is one method I used to help process and store material in my brain.) These controls can either be Preventative, Detective, or Corrective (PDC) or before, during, and after an event as I like to think about them. Access controls can be Role-Based (RBAC) – using Groups, Discretionary (DAC) – Object/File level permissions with owners, or Mandatory (MAC) – using labels. (These 3 are not acronyms of my own) So far, it looks like the Security+ material is going to cover a lot of areas that require some bit of memorization. In addition to creating acronyms and using other tricks, I find that reading before bed and then reflecting on the material as I lay in bed before going to sleep helps with retention. This morning, I did the 24 end of chapter review questions and only missed one of them. It is currently around midnight and quiet in the house so I’m going to get chapter 3 read tonight before turning in for bed.
After passing the Network+ exam it is time to move my attention to studying for the CompTIA Security+ exam. I have been attending a Network Security class at the local community college and we have completed 7 chapters thus far in Mark Ciampa’s Security+ Guide to Network Security Fundamentals, 4th Edition book. However, I wanted to augment my knowledge by using additional material that is more along the line of a exam study guide. After doing some reading on the forums at techexams.net I decided to purchase Darril Gibson’s CompTIA Security+: Get Certified Get Ahead: SY0-301 Study Guide e-book from Amazon.com. It is only $9.99 for the Kindle vesion. You can find links to both books on the “Books I bought” tab above. I completed the introduction chapter last night and it mentioned some audio files and an iOS application with flashcards and practice questions and I purchased all of that material as well. After the introduction there was a 100 question assessment to take. I took the assessment and scored 77% which feels pretty good because it lets me know that I know quite a bit already but still have more to learn. Lastly, Darril mentions in the introduction that setting a goal is important and I agree. He states that you should plan to take the exam 45 days from when you start. I’ve marked April 19th on my calendar and plan to complete my Security+ studies and take the exam on that date.
I got back from the testing center a little while ago with a big smile on my face. I scored 845 out of 900. A passing score was 720 so I definitely wasn’t on the border. According to my quick math, that is around 93% which was consistent with practice test yesterday. I finished the test in about 30 minutes and found myself literally rushing through it. A couple of times I told myself to slow down followed by telling myself to keep going. I kept looking at the question number at the top of the screen and was just counting down until it was over. It was as if I needed to get it done fast as possible just to get to the score. The Todd Lammle book prepared me well and there was nothing on the test I had not seen in the book. I finished the last question, clicked finish, and took a deep breath as I waited for the score to appear. However, no score appeared as the first of fifteen CompTIA demographic questions popped up. I flew through those in less than a minute and clicked finish again. There was a slight delay (my heart skipped a beat) and the 845 / 900 appeared on the screen along with a congratulations message. I went from anxious to excited in nanoseconds and couldn’t contain my ear to ear grin.
One Goal Achieved!
Next up, I start studying for the Security+ exam.
I used yesterday as my final prep day for the Network+ exam today. I started around 10 am and finished about 1:30 am. I took an hour break around 5pm and a couple hour break around 10pm. Throughout the day I checked out some networking forums and jotted down some topics that people stated were covered on the test and that I felt I could use more review on. The Network+ study guide I used (Todd Lammle’s) had 20 review questions at the end of each chapter. I completed those as I went along and yesterday morning I combined them all into one document. I then unbolded the correct answers to use as my final practice test. In the evening, I took the test which consisted of 400 multiple choice questions and scored 93.96% correct. I missed more questions than I would have liked in chapters 4 and 13 so I added that to my review list.
My review list ended up looking like this:
Exam prices are high. In fact, Cisco recently raised the price of their exams. As I was approaching the end of my CompTIA Network+ self-study I started looking for deals on exam vouchers. The normal price of the voucher is $253 which I consider to be about double the price for the value of this particular certification. I was searching EBay earlier today and found a listing that had a total of 8 Network+ vouchers for sale with 2 having been sold already. The price was $125 but there was a catch. These vouchers were expiring on March 7th, 2012 and had to be used quickly. I’ve completed 19 of 20 chapters in my study material and have taken the bonus practice exams already so I am only a couple of days away from completing my self-study and review. I had basically set a timeframe of March 5th – 11th for taking the exam so while “before the 7th” was a little early in this window, it is still in the window. I purchased the voucher and am registered to take the exam on March 6th. I plan to finish chapter 20 this weekend and use Monday the 5th as a full day/night review of the material. While I am a little anxious about the exam I know in my heart that waiting longer just makes the material less fresh in my mind. I am reasonably confident at this point but also still nervous about failing. I’ll post my results either way after I take the test.