• Vaughn’s Website

    Visit the official Vaughn Ripley website

  • Survivor

    One Man's Battle with HIV, Hemophilia, and Hepatitis C

  • HIV Longevity

    Discover the secret to longevity despite an illness

  • Facebook Page

    Vaughn's Official Facebook Page

How I Passed the CompTIA Security+ Exam

I passed the CompTIA SY0-501 Security+ exam! WOooWHOoo!!! Passing exams can be daunting… This test is no different. Join me for the next few minutes as I take you on my adventure and hopefully pass along some info and ideas that might help you pass it as well!

First-things-first… Why would you want to be Security+ certified? If you’re like me and work in information technology then you know that cybersecurity, viruses, hackers, and other assorted sundries are becoming daily issues and risks. Now more than ever, we are responsible for the stability, availability, confidentiality, and integrity of our data and digital information. This is true from a work standpoint as well as a personal one. It is tougher and tougher to keep our private information secret and our computers secure. Without even thinking about the requirements or responsibility as an IT professional, we also seek security and skills around this challenging field for personal reasons. That said, having high-end certifications can also increase your work performance, build your job security, and improve your chances at continuing to advance in the IT field. It goes without saying that salary increases, promotions, and accolades all come from obtaining certifications. On top of this, your peers and colleagues will rely on you and come to you seeking assistance knowing that you are a source of knowledge.

Now that we’ve figured out why, let’s look at how…

The CompTIA Security+ exam is not an easy one. It has up to 90 multiple choice and performance-based (these can be challenging, so look into them) questions. You need a score of 750 on a scale of 100-900, which ends up being about 80%. Many of the questions are tricky and rely on you giving the “BEST” answer. I find this type of test extremely challenging if not a bit biased.

My foundation and background is primarily as a database administrator and system administrator. I have worked on computers all of my life (checkout this article for more details of my computer background). Starting back in 1977 I was introduced to programming by my dad. I didn’t really start down the career path of computers until about 1986 when I attended Computer Learning Center. I have been working with Oracle, Linux, and UNIX for nearly thirty years. Did this give me an edge when attempting the Security+ exam? Absolutely. That said, it doesn’t mean you need 30, 20, or even 10 years of computer experience. However, I highly recommend a few years of solid computer experience before tackling this beast.

If I didn’t have as much experience, I probably would have taken the A+ and then Network+ exams first to ensure my abilities and knowledge were up to par. These are not required prequisites, but I highly recommend them especially if your experience and skillset are not on the high side. In my case, I chose to dive right into the Security+ test. Everybody has different levels of experience, and the path you choose is ultimately on your shoulders. If you do not know much about networking (can you solve a subnet question?) than you might want to consider taking the Network+ exam first. You know the drill.

Starting out with my studies I knew that my practice exams had to be in the 90% or higher range if I was going to pass. So I worked on every single practice exam until I was confident that I was getting 90% (or more) of the questions correct.

I attended a bootcamp, which was five days long and a deep dive into everything about the exam. My boot camp was given by Infotec and there are many schools available. Boot camp was a bit like drinking from the proverbial fire-hose. It did help me a good bit, as it touched on a few of the topics that I was completely unfamiliar with. It also pointed out my weaknesses and strengths. I utilized that class to focus on my problem areas and make sure I was ramped-up enough to pass. If resources are available, I highly recommend a bootcamp, as your chances for success are greatly increased!

Professor Messer on YouTube was incredibly informative and he packs a ton of information into brief video lessons. I found that I could easily listen to his training in my car utilizing YouTube on my phone patched into my vehicle sound system. DISCLAIMER / WARNING: Do not watch videos while driving, only listen to them. Also, streaming YouTube while driving will blow through your mobile data plan quicker than Speedy Gonzales can run the 50 yard dash.

Along with the bootcamp and videos, I also bought the CompTIA Security+ Study Guide by Darril Gibson. I cannot stress enough how important is to double or triple up your efforts on training materials. Each class, book, YouTube training video, and website that I trained with provided a little different perspective on the information and in some cases info that others didn’t include. I believe it was this mesh of training platforms that helped me through the exam.

As I read technical books, I highlight important parts and also material that I need to work on. In this way, I can flip through a thick book much quicker the second and third time and only read the highlighted sections. Mr. Gibson’s book did a great job pointing out specific things to remember for the exam.

Actually Taking the Examdun-dun-dunnnnnn

Before the exam starts, you have about 15 minutes alone time. My test site provided a mini whiteboard and dry-erase marker. I used those 15 minutes to quickly write down and draw a few things that I struggled remembering. I find that there is less stress before the test and I can write down tough things and then they are there later during the test and I can rely on the info. Also, because I am not a mathematical genius who can remember pi to 4,527 places (these days I can only recite about 22 places…), I drew a quick subnet calculation chart to help me instantly answer any subnet questions. Here’s the chart I draw (people do this differently, this is just my go-to chart):

^2’s76543210
Subs248163264128256
Hosts1286432168421
CIDR/25/26/27/28/29/30/31/32
IP.128.192.224.240.248.252.254.255

*I’m not going into details on how to use this bad-boy… Some things are better discovered by one’s self. hehe.

It takes me about five minutes to draw that chart. Once I have the chart drawn, I can answer subnet questions in a matter of seconds. Without this chart, some subnet questions can take me a few minutes to answer… You can see why drawing it before your test has actually started is a really good use of time!

Tip – Several people recommended that you skip the initial performance-based question and save them for the end. Instead, I jumped right into them and quickly worked through them. If I was unsure about any, I simply flagged them and came back after I was done. Use the “flag” feature to check on any questions you are unsure about. However, if you don’t know the answer go with your gut and just pick the best one for YOU! Also, answer every question. Even if you have no clue what the answer is, make an educated guess. You can often eliminate one or two of the answers leaving you with a 50/50 chance of being right!

Tip Two – Remember the different hashing algorithms, certificate, and encryption types. Simply knowing these well will help you answer several questions.

Another tip – Memorize the acronym definitions. Many of the questions will only use acronyms, and simply knowing what they are will often reveal the answer. There are a ton of acronyms, but I highly recommend learning and memorizing them. I used flash cards (on my mobile phone of course) to help me with this.

Yet another tip – Try to remember all of the important protocol ports and the OSI model. For that matter, anytime there is a process order (e.g. the incident response process), make sure you know the correct order of the phases. I often use mnemonics or other memory tricks for these. For the OSI model, I remembered “All People Seem To Need Data Processing”; which I could then translate into the seven layers “Application, Presentation, Session, Transport, Network, Data Link, and Physical.” This was one of the things I wrote down prior to the test, while it was fresh in my memory (from last minute studying in the parking lot!)

Important Port Numbers
  • 20 and 21 is FTP
  • 22 SSH (and SFTP/SCP)
  • 23 Telnet
  • 25 SMTP
  • 49 TACACS+
  • 53 DNS
  • 67/68 DHCP
  • 69 TFTP
  • 80 HTTP
  • 88 Kerberos
  • 110 Pop
  • 123 NTP
  • 135 RPC
  • 137/138/139 NetBIOS
  • 143 IMAP
  • 161/162 SNMP
  • 389 LDAP
  • 443 HTTPS
  • 445 SMB
  • 554 SRTP
  • 631 IPP
  • 636 LDAPS
  • 989/990 FTPS (over TLS)
  • 1812 RADIUS
  • 3389 RDP
  • * see… Isn’t this easy?

    Last tip – Read the questions and answers VERY carefully. Don’t be afraid to read them out loud and look like the weirdo who talks to themselves in the testing facility. Many of the questions are trick questions and if you look closely you’ll discover the trap and the answer will magically appear.

    If there’s one thing I can tell you that will help… Study. Practice the sample exam questions. Study. Practice the sample exam questions. Oh… And, study! Knowledge and experience will carry you a long way in this test, but they are no substitute for some hard work and elbow grease. Study!

    That said. Be confident. Depend on yourself and believe in yourself. You got this!

    Good luck! (Oops… I forgot I don’t believe in luck… So, study!)

    -Vaughn

    Please comment by clicking “Leave a Comment.” And, if you dig, share this article! Also, please type your email address into the “Subscribe” box up top to get updates each time I post a new blog article.

    You can rest assured that we will never SPAM your email account, and it’s only used to send the latest articles.

    Biohack Yourself

    You might think that the fact that I have hemophilia and HIV (not to mention having and then defeating Hepatitis C as well) is a downer. However, I am truly grateful for these things and believe that they have helped build my character and turned me in to the man I am today. As a […]

    Continue

    Evolve Your Dad Skills with Pokémon Go

    “Man, this Pokémon adventure is sick!” With that exclamation, my son then stops, turns, leans in for a big hug, and affectionately says, “Love you, Dad.” These are the real moments. The moments that all dads (and moms) strive for. As parents we simply go from one magical moment to another. The other moments are […]

    Continue

    World Hemophilia Day 2016

    Today is Sunday, April 17, 2016. A day like any other… Or, is it? Today is actually a day for remembrance. A day for advocacy. And, a day to raise awareness. Actually, today is a day like no other… Today is World Hemophilia Day. World Hemophilia Day is an international observance held annually on April […]

    Continue

    Survive a Snow Blizzard and Help Others

    If you own a four-wheel drive vehicle that is capable of getting out when weather conditions are bad, you might consider driving nurses and doctors to and from the hospital. Also, it is a great feeling to simply be a good Samaritan and drive around rescuing folks who are stuck in the snow. If you […]

    Continue

    Be a Fitbit Boss

    I only recently got on the Fitbit bandwagon… Actually a week ago. But, I’m not new to wearable fitness technology. I’ve been a huge Garmin GPS watch fan since my first one, the Forerunner 405; which I bought back in circa 2007. Actually, if you count heart rate monitor straps, I’ve been on-board for twenty(ish) […]

    Continue

    Energy and Vitamin Packed Smoothie

    Many friends and family members ask me about the green smoothie that I make. I decided to post an article to explain the recipe and why I use each ingredient. First-things-first… You need a blender or mixer to make this bad boy. I personally have the Vitamix 5200… It rocks! I suppose I should get […]

    Continue

    Bleeding Painful

    My buddy and blood brother, Jeff, recently recommended that I… Well, let me share his words: “If you don’t mind, Vaughn, I know that a few members would appreciate hearing a little more about your hip bleed, treatment, recovery, etc. A few of our younger bleeder siblings are going through them right now so insight […]

    Continue

    01001101 01111001 00100000 01001100 01101001 01100110 01100101

    You might be asking yourself, What the heck does that blog title mean? It is binary and translates to “My Life” (without the quotes). This post is about computers and how they have affected my life (and yours). I thought it was apropos (if not a bit geeky) to make the title in binary. BTW […]

    Continue

    Self Publishing Isn’t Real Publishing

    Hopefully you don’t agree with the title of this article… I actually threw it out there to inspire folks to read and chime in. So… Did my troll work? “Not real” is something that I’ve heard repeatedly since self publishing my memoir. I can’t tell you how many times I’ve told folks that I self […]

    Continue

    How to Give a Killer Speech or Presentation

    So much advice exists out there, and here I am just piling on more… However, I do have some experience in this field. I am an inspirational speaker and extreme encourager who has given hundreds of speeches and presentations. Over the years I’ve learned some really important key factors and also built some of my […]

    Continue

    World AIDS Day 2014

    Today is World AIDS Day. Look for folks wearing a red ribbon! Speaking of which… Do you know where the red ribbon for AIDS awareness comes from? Way back in good ole 1991, a creative group (made up of photographers, painters, film makers, and costume designers) of twelve people gathered to discuss a new project; […]

    Continue

    Independence Day 2014

    HaPpY BiRtHDaY to the United States of America! Independence Day, also known as “National Day,” is a designated date on which celebrations mark the nationhood of the United States of America. During the American Revolution, the legal separation of the Thirteen Colonies from the oppressing Great Britain occurred on July 2, 1776. On that day […]

    Continue

    Flag Day 2014

    Today is Flag Day for the United States America. Flag Day officially occurs each year on June 14. It commemorates the adoption of the flag of the United States, which happened on that day in 1777. June 14th is also the birthday of the United States Army. Happy birthday! Hoo-ah! Proper care of a U.S. […]

    Continue

    Father’s Day- A Different Meaning Every Year

    Each year, Father’s Day means something different to me. I can remember back to a few years ago, right before my first daughter was born, I looked at Father’s Day with a good amount of trepidation. It wasn’t that I had regrets about becoming a dad, but I knew that once Father’s Day rolled around […]

    Continue

    Spiritual Enlightenment on a Hill

    Do you want to find yourself? I mean really find yourself… Find what you’re made of… Find what you have in you… And, find your deepest unreachable areas that only come out when you really push yourself and enter a zone of dopamine and endorphine release that can only be found when you go past […]

    Continue

    HeartRate Zones

    You’ve probably (hopefully) heard about heart rate training zones. And, if you’re into fitness you already know a bit about it. Today’s article will cover this (a little bit) for those of us who are a bit confused or wanting a little more information. WARNING: Exercise, stretching, sports, and other fitness related activities can be […]

    Continue