Faculty Resources
CompTIA Security+ (SYO-501)
Faculty Resources
Many businesses today require employees to become CompTIA certified. Whether it’s A+, Network+, or Security+, all these certifications have one thing in common: The exams! While sitting for an exam may send shivers down the spine of even the most experienced IT professional, it is important to realize that these certification tests all share a common format. CompTIA’s Security+ exams include performance-based questions and multiple choice questions. The exact number for each question type vary from exam to exam. Though there is no shortcut to knowing the technical information that will be included on these exams, there are test taking approaches that will improve your chances to pass.
Relax before exam
In order to avoid last minute stress, make sure that you arrive 10 to 15 minutes early and relax before exam.
Familiarize yourself with the exam
Before taking the Security+ exam, you are given an option to familiarize yourself with the way the exam is carried out (on the exam interface). Take advantage of this option.
Manage Time Spent On Each Question
The duration for the exam is 90 minutes. You must determine how much time you will spend on each question and keep track of the time. Take into consideration that some questions are weighted more heavily and may take more time to answer.
Be Sure of Exam Question
Clear your doubts, in case you have any, regarding the rules for the Security+ exam or using the testing computer/software with the test administrator after he/she sets up your machine and before you start the exam. Remember that the exam is timed and you may lose your valuable test time for such questions, which you could have asked earlier.
Jot Down Important Points Before the Exam
Before you start the exam, ask for scratch paper and jot down points that you may require to recall when taking your exam. This is always allowed and proves to be very helpful while taking the exam. These may include:
- Common port numbers and their associated protocols
- Steps in gathering forensic evidence
- Subnetting information and binary conversions
- ALE formulas
Mark Answers for Review
When not sure, instead of spending a lot of time, mark the question for review and re-visit it later. Doing so will ensure that you have time to read each question carefully (watch out for the double negatives) and don’t have to rush through the exam at the end. However, do make sure you answer all the questions before the time limit expires.
Don’t Panic. There Is No Negative Marking
There are no negative marks for a wrong answer. The Security+ exam does not penalize you for a wrong answer, so never leave any question unanswered. If you are not able to find out the correct answers to some questions, eliminate the possible answers that cannot be correct and narrow down your guess.
Performance-based questions require you to complete various tasks. Drag and drop, configuring an IP Address, and building a Personal Computer are a few examples of the Performance Based Question tasks. CompTIA states: “These Performance Based Questions test your ability to solve problems in a simulated environment.” And I suspect that we will see more Performance Based Question’s as CompTIA rolls out new versions of its exams.
Tip 1
Before your students schedule their test, read and prepare them as much as you can on the Performance Based questions.
CompTIA provides descriptions and samples of Performance Based questions. Generally, the Performance Based Questions are the first questions presented. Do not lose time because you did not do your pre-test homework. Know what actions are required by you to complete the Performance Based Questions.
Tip 2
If you are having trouble with a Performance Based Questions, mark it and move onto the next question.
This can be said for both the Performance Based Questions and the multiple choice questions. CompTIA exams allow you to mark a question for later review. The Performance Based questions are challenging, and you do not want to spend too much of the allotted 90 minutes on these questions.
Tips for Multiple Choice Questions
The number of multiple choice questions will vary from exam to exam, but they will be multiple choice. There will be no true/false, no short essay, and no fill in the blanks. So the good news is that the correct answer (or answers) is/are there; you just have to find it/them. Being familiar with the technical jargon will go a long way to help you pass the exams.
Take advantage of the acronym list from this GetCertified web site. Reviewing this document will be invaluable.
Tip 3
Identify a key word or phrase in the question.
Sample Question: A company is developing a new secure technology and requires computers being used for development to be isolated. Which of the following should be implemented to provide the MOST secure environment?
- A perimeter firewall and IDS
- An air gapped computer network
- A honeypot residing in a DMZ
- An ad hoc network with NAT
- A bastion host
By identifying isolated as a key word you can seek out an answer that works best with that term. By familiarizing yourself with methods that can be used to isolate a network you will know that air gapping a computer network is the correct answer.
Tip 4
Capitalized words in the question are there for a reason.
Sample Question: An organization finds that most help desk calls are regarding account lockout due to a variety of applications running on different systems. Management is looking for a solution to reduce the number of account lockouts while improving security. Which of the following is the BEST solution for this organization?
- Create multiple application accounts for each user
- Provide secure tokens
- Implement SSO
- Utilize role-based access control
Look for words such as MOST, LEAST, MAXIMUM, FIRST, BEST as they can be very important in steering you toward the correct answer. In the case of this question, you need to decide from the answer choices which would best resolve the issue of account lockouts. After evaluation of the choice, SSO (Single Sign-On) is the BEST choice.
Tip 5
Know the vocabulary
Sample Question: Which of the following BEST describes an important security advantage yielded by implementing vendor diversity?
- Sustainability
- Homogeneity
- Resiliency
- Configurability
A thorough understanding of the terms used in the answer choices will help you to target the correct answer. Knowing that resilience means to “recover quickly from difficulties,” will lead you to the correct answer.
Tip 6
Generally, you can eliminate at least two answers.
Sample Question: As part of a new industry regulation, companies are required to utilize secure, standardized OS settings. A technical must ensure the OS settings are hardened. Which of the following is the BEST way to do this?
- Use a vulnerability scanner
- Use a configuration compliance scanner
- Use a passive, in-line scanner
- Use a protocol analyzer
Since the goal is to ensure that the Operating System is hardened, we would need to use something that analyzes the static environment. A passive in-line scanner suggests data moving across the network and so does the protocol analyzer. These can eliminated easily since the question is asking about the Operating System on a node.
Tip 7
Generally, you can eliminate at least two answers.
Sample Question: A user has attempted to access data at a higher classification level than the user’s account is currently authorized to access. Which of the following access control models has been applied to this user’s account?
- MAC
- DAC
- RBAC
- ABAC
It may appear, once you get to the first choice that MAC would be the correct choice. By reading through the entire answer list, you see that RBAC is actually the better choice.
Tip 8
Knowing the wrong answer is a good thing.
Sample Question: A senior incident response manager receives a call about some external IPs communicating with internal computers during off hours. Which of the following types of malware is MOST likely causing this issue?
- Botnet
- Ransomeware
- Polymorphic malware
- Armored virus
The problem presented here is not the internal computers but the external computers. Ransomeware, polymorphic malware and armored virus implies that these are packages installed on the system within the Intranet. However, the alleged attack is external and leaves you with the choice of the Botnet.
Tip 9
Anticipate the answer as you read the question.
Sample Question: Which of the following is a software vulnerability that can be avoided by using input validation?
- Buffer Overflow
- Application fuzzing
- Incorrect input
- Error handling
Before actually reading the possible answers pause and ask yourself how input validation will avoid a software vulnerability. In this case Buffer overflow. Now when you read the answers picking the correct answer will be a snap.
Tip 10
Later questions may help with earlier questions.
Sample Question: Sara, an application developer, implemented error and exception handling alongside input validation. Which of the following does this help prevent?
- Buffer overflow
- Pop-up blockers
- Cross-site scripting
- Fuzzing
This question has a lot of similarities to the earlier question. The key phrase is input validation and both questions deal with Buffer overflow. If you were unsure about Buffer overflow initially, you can return to the earlier question and mark the correct answer.
Tip 11
Do not leave any answers blank.
A blank answer is worth zero. If all of the above tips fail, guess. You can mark any question and return to it if you have time left before the exam ends, and this leads us to the final and perhaps most important tip.
Tip 12
DO NOT CHANGE YOUR FIRST ANSWER UNLESS YOU KNOW YOU ARE WRONG.
Use all of your knowledge and test taking skills to answer the questions. Mark those questions that have challenged or confused you. If you have time, go back to those questions, but remember your first response is usually correct.
To pass a CompTIA exam, you must master the technical information presented in the test. CompTIA classes, books, and videos will help in that area, but there is also a skill to deconstructing the test questions to compliment that knowledge.