Thursday, 25 October 2012

Exam tips and preparation: CompTIA Security+


The security+ certification demonstrates that the professional has a strong understanding of computer systems security, network security, access control and organisational security.

The security+ exam is vendor natural. This means that the certification does not focus on one company’s product. Instead it focuses on larger range of technologies, services, hardware and software.

CompTIA Security+ logoThe Security+ cert is very well known in the industry and is highly in demand. The average salary of a Security+ professional is £51,250 according to itjobswatch.co.uk.

This cert, and the A+ and Network+ certifications, will only be valid for 3 years after which you will need to renew in order to stay up to date.

The Exam 

The exam will cover the following 6 domains:
  • Network Security
  • Compliance and Operational Security
  • Threats and Vulnerabilities
  • Application, Data, and Host Security
  • Access Control and Identity Management
  • Cryptography

It will consist of 100 questions. Most of them being multiple-choice and lasts 90 minutes.

To pass the exam you will need to get 750 out of 900. This is roughly 80%.

Tips for difficult areas

The following topics are the ones that seem to be the most difficult for students, so here are some tips to deal with them:

Encryption – Cryptography, Hashing and PKI are difficult areas, but for the exam you will only need basic understanding.

Malicious attacks – There are many types of attacks and it can be difficult to remember them all, so it’s recommended you take extra time learning as many as you can.

Access control models – The three models (Discretionary access control, mandatory control and roll based access control) can be confusing so it is important to know the differences in each model.

Authentication models – there are many types of models for Authentication; from physical to logical and local to remote. So it’s important to remember each type and their differences.

Preparation Hints

Before you start the course and your exam, it is important to note that this certification is recommended for those who have prior work experience in the computer field, with hands-on networking experience.

It is also advised that you have Network+ certification too.

In addition, it is worth looking at the exam objectives found on the CompTIA site here: http://certification.comptia.org/Training/testingcenters/examobjectives.aspx

Here you will find the topics that will be covered and also the weighting for each domain.

Good luck.