Whew, this was a tough one. I just completed my CompTIA Security+ certification exam! I am writing this post to document my journey towards earning my bachelor's degree from WGU.
I tried to cram for this exam early on and ended up almost burning myself out, so I have definitely learned to slow down and make time for leisure between multiple days of study.
Shout out to Professor Messer again for the awesome free and paid content! I would not have been able to understand some concepts covered on the exam if it weren't for your videos.
This exam was a bit more difficult for me compared to either of the A+ or the Network+ exams. I understood the core concepts - but only to the level at which I taught myself during
my career up to this point. There were a lot of terms that I needed to hammer the definition of into my head.
-
Cybersecurity Threats / Vulnerabilities -
This section covers a bunch of types of malware, attack types, threat actors, pentesting, vulnerability scanning, and impacts.
This was a fun section for me - my time spent participating in the Collegiate Cyber Defence Competetion back when I was earning my Associate's degree prepared me for a
lot of the terminology used here. The Red / Blue / White teaming is a fun concept I encourage any prospective cybersecurity candidate to take part in.
-
Technologies / Tools -
This area covers, well, technology and tools. A lot of the technologies covered are either hardware or software network appliances - routing/switching, firewalls, IDS/IPS tools, etc.
I have a bunch of experience with network infrastructure - I was a network technician straight out of college and am now responsible for my company's entire network stack, so this
area was something I understood already. The tools portion of the exam was a bit new to me - I haven't worked with a bunch of the pentesting tools up until now, pretty much only netmap.
-
Architecture / Design -
This section covers building secure network architecture and compliance / configuration frameworks, along with physical security and resiliency.
As a network engineer, I have already interacted with a good portion of the things mentioned here. The Security+ builds on the concepts mentioned in the Network+ exam - e.g.
DMZs, Honeypots, loadbalancing, virtualization/sandboxing, and VPNs. Software defined networking is also briefly covered, but I have had no prior experience working with SDNs so that was a pain point for me.
The network resiliency piece coveres both loadbalancing/high availability and the ability to recover from incidents quickly. Non-persistant computing and imaging/cloning is covered here.
I developed a tool for my company to use for capturing and deploying images using DISM and Windows PE, so I understood a lot of the core concepts here already.
-
Identity / Access Management -
This piece covers managing users - verifying who they are, their access level, and keeping track of their actions. I have provisioned AAA services in the past so this built upon
the tidbit of experience I already have from work. All kinds of technologies are covered here - WiFi security, 802.1X/NAC, multi-factor authentication, and physical access controls like smartcards and biometric readers to name a few.
- Risk Management -
This was probably the most difficult section for me. This section touches on the decisions businesses have make regarding risks - how to prepare for them, how to respond, and how to recover from them.
Incident response was the easiest piece for me - I've had to deal with malware outbreaks previously. The risk management side of things, however was something I had not really touched on before.
Disaster recovery is the most "exciting" piece for me - conceptualizing network redundancies, carrying out contingency plans, and getting everything back online. Definitely challenging and rewarding work!
Also covered are various security practices, like data destruction and retention.
The compliance aspect is something I have experience with at my current job - we have to keep all sorts of financial records, phone recordings, and email archives for various lengths of time and ensure that they are
readily accessible if an audit were to happen. Proper disposal is also important - especially with the type of information we deal with at my current employer. Physical destruction of hard drives is a lot of fun.
- Cryptography / Certificates -
This was a strong one for me. I have a bunch of experience with webhosting and webdesign because of my side-business, so PKI is something I work with on a regular basis.
WiFi security is also touched on here - the different cryptographic and authentication protocols, some 802.1X and RADIUS as well.
The hardest part of this exam was memorizing all of the different acronyms. I had a a modicum of experience in most of the topics the exam covers... but I had never seen some of the
defintions used in the way that they were. I had seen a lot of the actual definitions, but never shorthand.
I went over every section of the CertMaster Learn and CertMaster Practice that WGU includes with this class and I was still having trouble retaining all of the information, so
I bought Professor Messer's Security+ Practice Exams to ascertain my knowledge level. After I scored pretty well on the three included exams, I scheduled my certification exam.
I passed my exam and earned my certification with a score of 782/900. This was bittersweet for me - I am glad I was able to pass, but I think I will continue to study the concepts covered
in this certification though since there are still some concepts I am not 100% comfortable with.
Next up, CCNA. Wish me luck!
Continue Reading