I have finally begun the road of post-college continuing education (way behind schedule!). Today I passed what I consider my warm-up certification: Security+. Go me!
I was surprised by some of the questions on the exam, for instance what protocol does the ESP portion of IPSec run over? I had no idea (heck, I don’t think I really knew what they meant by that!). Interestingly, Wikipedia knows! I think if I have any advice on this test, look up the objectives not just in books but also Wikipedia.
Some other questions I see as rather tough for someone who has been in IT a while. “What is the first thing to do in XYZ?” You can easily overthink some of the questions and/or argue the subjectivity of some of the answers. There was another rather technical question that I wish I had the answer to (or even how to look it up!). If an unauthorized user got hold of a Linux /etc/passwd file, what would likely be the cause? SSH 0.9.4 (I might have that # wrong) installed and configured; Sendmail set up with access to administrator’s web mail; SSL something using the Apache account without virtual hosts defined; FTP server with anonymous access configured. I was like, “huh?” I could maybe pop SSH if that version is vulnerable to something, maybe that sendmail answer is referring to being able to remote in as root, maybe that Apache account has root level permissions, or maybe that FTP server somehow allows access to the otherwise normally protected /etc/passwd location? I think I answered the SSH one…no clue if that was correct.
I’m pretty sure the exam is taken from a pool of questions so I don’t see them all, but I was surprised by the number of MAC (Mandatory Access Control) questions I had (at least 5!), some of which were almost word-for-word like others. Anyway, I don’t want to go over too many questions from the exam, but suffice to say it is a nice mix of technical and conceptual questions dealing with security.
Congrats Loner! I know if feels good to get that out of the way. Not to mention getting it under your belt. There isn’t much to compare with the feeling you get when you find out that you passed.
Contratulations!
A quick question: Other that wikipedia, I’m curious as to what other resources you used while preparing for the Security+ exam?
I also used three books.
Exam Cram 2 book and Practice Tests book
Mike Myer’s Certification Passport Security+
I spend my lunches at Barnes & Noble, so I didn’t actually buy the Practice Tests book.
Ok, thanks for the info! Great blog, by the way – I’ve been reading it (lurking) for quite a while now.
LV,
Congrats man. One step at a time!
That Security + exam was harder than I thought it would be. I studied some but figured it would be a cake walk for someone with a CISSP and a good bit of experience. I passed it, but it was more of a challenge than I expected.
The GSEC is a mother. It was harder than the CISSP, especially since it is much more technical in nature. There is a ridiculous amount of information to cover. It is an open book, but there is no way to search through pages looking for the right stuff. My advice is try to find someone with the books on PDF (if you can find it), open them all up on your PC when you take the test, and just search for keywords from the questions.
If you can’t find them in PDF, then make a very good index of the books as you are reading through them. It will help you learn the material, and it will give you a good reference when you are taking the test. Also label pages with sticky notes as best you can. That also helps.
On the CISSP, do the boot camp if you can. A lot of the camps are held in cities where (ISC)2 is holding a test on the weekend. They have a week long class, and then you take the test on Saturday. You go through a week of hell, but if you take the classes and spend every night looking through that days class and pre-studying the next days, you will really burn it into your brain.
I have an old CCNA, so I can’t tell you what to do there. But I applaud keeping your network skills up. Many security folks neglect that.
Hope that helps. GOOD LUCK!
Michael
Some words of advice…
Unless work is paying for your GSEC I’d probably recommend that you do your CCNA prior to your GSEC. You’d probably get more out of it that way. Also, doing the GSEC before your CISSP would probably help prepare you.
Just a thought….
Thanks for the collective encouragement and comments! I’m definitely thinking of getting the CCNA taken care of first.