How I Studied for the CompTIA Security+ Exam (S+)
After publishing my last article on how I got my Network+ exam, my veteran security group members said I should post one of these articles for each certification I've gotten. Hopefully, this helps you. Also, you can probably knock out your studying for under 40 dollars if you're on a budget. This article is written for SY0-601 for 2023.
Security+ should be considered a broad survey of information security topics. You don't have to know anything in-depth... but you do have to have a broad scope of knowledge. I would recommend you do this certification after doing N+. Why? Because CompTIA assumes you have, they will almost certainly throw a handful of networking questions at you.
First of all, you need to read a book. I'm going to go ahead and say this was the only one I read:
It's 10 dollars as a Kindle download.
You get 600 pages of information and tests. There's a pretest and practice test along with end-of-chapter review questions. Cover to cover. Start reading.
I think if you've spent any time searching for resources, you're going to have heard of Professor Messer.
Here's an embedded playlist of his Security+ videos for the current exam. At the time of writing, there were 177 videos. Bookmark this page.
Watch them.
Twice.
No seriously.
Remember how I said you need a broad amount of knowledge? This is going to help you get there. I just listened to them while driving to work, cooking, etc. If you listen to Professor Messer's videos while reading the book I posted and then watch them again after finishing it, I think you'll be fine.
Oh, and do all of the practice test questions in the book.
Now at this point, you have the required resources. You don't have to spend any more money. You should just be about $10 invested, plus the exam voucher cost. Speaking of which, if you have a .edu email address, you can use the CompTIA Academic Store for a considerable discount. You may also be involved in a group with special partnerships (such as VetSec for military veterans) allowing discounted exam vouchers.
At this point, you're ready. However, if you're worried, Udemy has many Security+ study resources. That link will take you to their S+ category.
I won't say this one is the most amazing practice test, but I did use this to some extent. There are coupons offered periodically. If you're paying more than 20 dollars, wait for a discount.
The free Messer videos are sufficient, but Dion's paid course would be a good supplement if you're not confident. It is not required. I like Dion's courses for the more advanced CompTIA certifications that Professor Messer doesn't have videos for.
If you're still worried, Boson tests are generally the gold standard for ensuring you're ready. They tend to be very expensive, but you can rest assured that they're more challenging than the test. I do not think this is required, but if you've used the prior mentioned resources and are still having issues, this might be a good investment. I did not use this personally for the CompTIA Security+ exam, but I have for others with excellent results.
Let's discuss the test briefly.
It will have a small number of performance-based questions (PBQs). You won't be stack-smashing at a command line interface, but you should expect mildly confusing questions. That being said, don't do the PBQs first. Save them for last. They'll stress you out, impacting the rest of the exam. The PBQs are not much more complicated than drag-and-drop or "arrange these blocks to fit the settings that [solve this problem/fix the vulnerability/make the network work again]."
You should probably know how to walk around a Linux and Windows command prompt for basic network troubleshooting.
You're not going to do zombie scans in Nmap, but you should probably know how to fix common network problems that are security themed. Overall, don't stress out. Oh, and look over cryptography.
Member discussion