|
Home > Archive > Security+ > October 2003 > Passed by skin of teeth
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
Passed by skin of teeth
|
|
| coyo5050 2003-09-15, 4:28 pm |
| Well my impression of the exam is similar to what many others have posted. It is VERY subjective/opinionated. Many questions do not list the the normal or obvious answers that you would expect to see. Many questions ask things in very round about ways so very few questions were straight forward. Of interesting note only 1 question was Unix based. I was expecting a lot more with the frequency of question I saw on practice tests dealing with Unix/linux/Solaris/etc. When I mean subjective here is a general example based on some of the questions I saw,
"What is the inherant security risk of IM?"
a) not designed with security in mind
b) widespread and hard to control
c) file transfer capabilities
d) no standards
Don't all 4 seem like possible answers?
Unless you know what CompTIA "thinks is correct", good luck.
Either way, I passed by the skin of my teeth, 788. I honestly thought I did better, atleast in the 800's. Only "felt" iffy on about 10, but narrowed it down to a 50/50 shot I thought. Actually most of the test seems like all you do is narrow it down to choosing one of the best 2 answers, LOL!
I used Security+ Prep Guide by Wiley. Thought it was a good book over all. A bit on the short side 250 pages of actual reading, the other 200 pages were quizzes, indexes, glossary stuff. A bit technical, covers a lot of things, but not all. What is does cover is the obvious things, would have liked more explainations and subjective thoughts. Good quizzes based on the Boson engine. 7.5/10 rating.
Also used the Microsoft Press Security+ Training Guide. Good explainations for what it did cover, but only covered about 70% of the test. Got it used/like new for only US $5.00, can't complain for that price. Better writing style as for ease of understanding. Not a bad book, just lacking.
Used Boson quizzes besides the ones that came with the Wiley book. Overall very good! Similar to CompTIA in the style of questions asked, wish I would have spent more time on them instead of the Transcenders. Transcender quizzes were ok, just seemed easier that the questions I actual sat for. Both had very few questions that were verbatim, so dont just memorize the quizzes and expect to pass. Boson was better of the two.
I've typed enough, hope some of it is actually useful to someone!  | |
| sapiens74 2003-09-15, 5:02 pm |
| Grats bro
A pass is a pass
I hope to take mine next week or so
Any tips?
I am using Boson questions btw | |
| coyo5050 2003-09-15, 5:22 pm |
| thanks! what books ya using? Do you have all 3 Boson tests? One strong suggestion, know why the right answer is right AND know why the wrong answers are wrong. I think if you understand why the wrong answers are wrong it will help you understand the CompTIA exam questions better. ALSO when you take each question, think in your head other possible answers NOT listed as choices or variations of the question asked and those possible answers. Gotta get your head around the whole SUBJECT and not just the specific question/answer. Think I heard someone call that "active learning" or something. The MS book actually mentioned that idea as an education method for teaching security awareness to employees in an organization, lol !
Your test could be completely different then mine never know but here is some stuff I saw on mine.
Port #'s, types of attack (including names of so called "popular" ones and what type they are), VPN's (tunneling and encryption in depth), policies (security, risk, etc). Damn short term memory I can't remember much else
good luck! | |
| sapiens74 2003-09-16, 4:04 am |
| I;ve got all 3 Boson Tests.
I ready MS book, Sybex, EC2, and Tcat's PDF
I average 90 or above on the Boson Exams across the board. | |
| GraceTech 2003-09-17, 5:18 am |
| Congratulations and thanks for your feedback. | |
| Paisleyskye 2003-09-24, 2:03 pm |
| Congrats on the pass! | |
| net_grl 2003-09-29, 11:23 pm |
| coyo5050 sounds like we had the same test lol!
Although I liked your score better than mine! I failed it  ..but barely. Honestly I was surprised I really thought I passed it.
Your one question in reference to IM was one of the same ones I had.
Just curious what was your answer LOL!
I used the following materials, Boson test3,BFQ, TCATS PDF, SYBEX Sec+, and Synergess (was not the best).
Congrats to you on your pass!!!!!!!! I will pass mine in the next round 
Peace Out | |
|
|
|
| haha - yes, exactly what WOULD be the correct answer there?
a) not designed with security in mind ? Correct - designed for ease of use according to one developer as they didn't think too much about security wayyy back then.
b) widespread and hard to control ?
Correct - a quick scout around 20 different clients showed that more than 12 sites had users with IM *gulp*
c) file transfer capabilities ?
Correct - add in virus, trojans, worms, far too many MP3's taking up server space too.
d) no standards ?
Interesting .... whos standards? as in VHS vs Beta or DVD+ vs DVD- or MAC vs Intel ????
As much as I intend to re-sit this exam for my own peace of mind I have found that out in the big wide world it is getting the reputation of being a wate of time and effort. THAT is a damn shame as Comptia had something good to work with, but allowed certain people to let their egos get in the way. | |
| Gareth Leung 2003-09-30, 12:55 pm |
| Congrats!! | |
| net_grl 2003-10-03, 10:37 pm |
| RussS, It seems after inquiring to several differnt persons, two of which teach security and one a IT professional about the question that was stated, and to cure my curiousity as well....the answers I recieved from all 3 were different HAHA! They all did in fact agree that no standard was not correct, and since I asked for it, one instructor actually explained in great detail the IM standards to me. I have been told he actually helped compile the Sec+ exam. And his answer was wide spread and hard to control. The other Sec instructor, said he felt the correct answer was not designed with sec in mind. The IT pro claimed it had to be file shareing answer. So, now I know all about IM standards, and still feel all the above answers are correct, but as to teh actual answer...the world may never know LOL!. I will sit the exam Nov 6...guess I will see then. | |
|
| net_grl
I do make the occasional mistake - sometimes often  - but as far as understanding Comptias Security+ objectives and the wording of their exams I am happy that it is not just me .... lol.
Best of luck with your exam, and remember that if you are stuck on a question - don't sweat it - move on and come back to it later. When going back over the ones you are unsure of try to think "what does Comptia want for an answer?" and not necessarily what you think or know is correct.
I wish it was like the MS exams - whenever I was stumped I would choose the answer that either A. cost the most, or B. required the most licences - usually I would be right .... lol | |
| coyo5050 2003-10-06, 3:49 pm |
| net_grl,
Sorry to hear that you missed it barely. The IM question is a great example of how some of the questions are. I didn't know the answer myself otherwise I would have mentioned it. I think the reason I passed is there are just enough of the "normal" questions and if you get those 100% you'll be ok (or atleast get lucky on some of the tough questions). I picked wide-spread and hard to control if you want to know. I rationalized it like a fire. We know why fire is bad, what causes it, how it spreads we can only minimize it. We know that IM was not designed with security in mind but that is something we know and we can teach users. Many (most?)things have been designed without security in mind but the industry has done things to fix that like developing secure msg'ing programs (yahoo). Same with the file transfer capablities, good anti-virus and common sense. No one can control how many versions are out there or try and teach users about everyone or even if some are legitimate. The 2 previous are risks that are easier to minimize than controlling the many versions out there. I could be COMPLETELY wrong, who knows, but I figured it was more about "minimizing" risks. Good luck when you test again!! I'm off to beat 70-216! | |
| mciarcia 2003-10-06, 4:56 pm |
| Well, I just walked away from the Security+ exam and failed.
I must admit, the wording of the exam was quite horrendous.
That IM question was absolutely ludicrous.
I've studied and studied for this exam, but it just seems to be they asked some of the questions that I guess either had a few good answers, or... were just hard questions to understand.
I am a smart guy, but geesh...
Does anyone have some advice for a retake?
I am hoping to go for my CISSP, and anyone who has theirs, I'd like to know how the exam was.
Thanks everyone. | |
| net_grl 2003-10-06, 6:09 pm |
| coyo5050,
Your right about how some of the questions are. I am leaning towards the wide spread and hard to control answer myself, I initally choose not designed with sec in mind. Some I narrowed down and then used the process of elimination. But...I guess I narrowed them down to the wrong answers LOL!
Best of Luck on 70-216!
Mciarcia,
This is quite an exam. I can literally quote excerpts from Tcats PDF and the Sybex, and explain in detail almost every objective from access control to WEP and WTLS. I can pass any test sim with 100% accuracy.
I like how you said I am a smart guy...LOL! I am a smart gal, but this test has me outsmarted LOL! I did in fact higlight the objectives I missed and have relooked over those objectives in the books as well. That has helped.
I am looking at the CISSP as well. So any insight would be too cool.
Just hang in there. We will beat this thing! Let us know how you do when you retake it ok?
Best of Luck!!!!! | |
| Tarzanboy 2003-10-06, 8:24 pm |
| The comments here remind me of a question I once had in Psychology:
Create a design using 5 lines that all intersect at more than 1 point.
When given to a class of graduate Engineering students, none had the correct design. When given to a class of Preschoolers, all of them created the correct design.
Sometimes the more you know, the more complicated things become regardless of the real or intended complexity. In other words, when playing the Security Trivial Pursuit game, don't think like an IT geek, think like a Sales dork.
Cheers,
TB | |
|
| <<< beats head against wall in agreement with TB.
I know mostly my fail was caused by my being far too analytical and expecting the answer to be correct as described in my study resources and not using the "what does Comptia want?" type of thinking. Sometimes too much knowledge is a bad thing | |
| mciarcia 2003-10-07, 10:19 am |
| Preach on everyone...
net_grl, you are right, I'll get it.
Have you retaken already?
I'm looking at retaking this week already, just because I have everything fresh in my head still.
Does anyone know if its generally the same exam?
CISSP, I'm on my way!
You are MINE!
Ciao folks | |
| net_grl 2003-10-07, 12:30 pm |
| I agree with you TB!
RussS, I used to think too much simply could not be a bad thing, but...I am learning lol!
coyo5050, I will be retaking my exam Nov 6th. And that will in fact be the last time 
Best of luck when you resit the exam!! | |
| sodgerel 2003-10-08, 5:19 pm |
| Coyo, congratulations on your passing! I'm scheduled to sit for the exam next week. I have a quick question for those who have taken the test. I want to know whether the questions are all multiple choice. In the other words, you'd be asked to make only one choice in each question? (using radio button) I just hate questions that ask you to choose "all that apply." Thanks for confirming my assumption. | |
| net_grl 2003-10-15, 9:58 pm |
| sodgerel,
I recall most were multiple choice overall, but there are some choose 2 or whatever.
Basically choose the best answer Comptia thinks it should be |
|
|
|
|