It is considered the most utilized exam in the industry today. The CompTIA Security+ exam is sought by simple computer store owners, help desk technicians, and a certification ladder that even reaches the federal government. The question that consumes hungry candidates isn’t “when,” but “how.” Here are my tips for successfully preparing for this exam.
#1 Know about ALL current security issues
Almost half of the exam covers security threats, attacks, vulnerabilities, technologies, and tools and includes recent threats like crypto-malware, stego-malware, ransomware, RATs, APTs, Zero-days, and Malware-as-a-Service (MaaS). Do you know how to create a ransomware campaign in Kali Linux? If the answer is no, now is the time to get familiar with the components of exploit kits.
You also need to know or be able to define the reason for the success of social engineering campaigns. CompTIA lists several reasons, with no explanation, so you might want to watch our training where it covers authority, intimidation, consensus, scarcity, familiarity, trust, and urgency of the victim.
And be sure to familiarize yourself with the most common web server and wireless attacks.
#2 Practice configurations
CompTIA lists the question types as being either multiple choice or performance-based. The possibility of various question types may cause some anxiety as some people worry about the possibility of several elaborate performance tasks on the exam. Relax. All security practitioners should be able to configure basic access control lists and firewall rules, syslog, SSH connections, and SNMP. This is a vendor-neutral exam so there will not be any complex configurations beyond the fundamentals.
I strongly recommend that you know how to configure an IPsec IKEv1 site-to-site VPN with pre-shared keys between two routers. Even if you do not use it in the exam, it is a valuable skill since so many organizations use solutions like Amazon Web Services (AWS).
Also, be aware that the “use of open-source intelligence” exam objective does not refer to using open-source code. Do yourself a favor and search the web for “OSINT” before the exam.
#3 What’s “New” is always hot
Expect a good percentage of the 90 or so questions to cover more recent technologies. In short, don’t expect a lot of WEP or DES questions.
Here’s a list of some of the “newish” technologies and solutions you need to know for this new version of the CompTIA Security+ exam.
These are in no particular order but should cover you until the next update the exam in 2021.
- Elliptic Curve Diffie-Hellman Ephemeral (ECDHE)
- Crypto service provider and Crypto modules
- Hardware Security Modules (HSM)
- Continuity of operations planning (COOP)
- Forensic strategic intelligence/counterintelligence gathering
- Privacy impact and threshold assessment
- Driver manipulation – shimming and refactoring
- Everything on the “deploy mobile devices securely” objectives list
- Configuration compliance scanners
- These utilities: ping, netstat, tracert, nslookup/dig, arp, ipconfig/ip/ifconfig, tcpdump, nmap, and netcat
- Data Loss Prevention (DLP)
- Internet of Things (IoT) and SCADA