In this video, I want to share 4 things that surprised me about the CompTIA Security+ Certification exam.
For context, this was not my first IT certification exam. I have — over a number of years — taken and passed multiple certifications (mostly Amazon Web Services certifications) including professional-level certs that can be pretty tough.
With that said, I had not taken any CompTIA-specific certifications.
So the overall exam experience was quite familiar to me since some of my certs were also through Pearson testing.
That part was not surprising or out of the ordinary. It was normal.
However, there were 4 main things that kind of surprised me about the Security+
#1 – It had more networking questions than I thought it would
Networking is not my favorite or my strongest area. I’ve always just kind of struggled with it, and I think it’s mostly because I don’t enjoy it. It’s not that interesting of a topic to me for whatever reason.
I also knew that CompTIA has a Networking+ certification, but to be fair, I had heard that they’re starting to blur the lines a little bit more, and so I knew that I would see some networking questions on the exam, but it did surprise me to see that many networking questions.
Most of them for my version of the exam were around networking authentication protocols and encryption.
They might ask what’s the best protocol for a given scenario. What’s the correct security to use for a scenario, and so on.
So I’m glad that I experienced that first-hand because then I was able to come back and add more practice exam questions around those topics and make sure that I went in a little bit more depth in networking-related lessons for the course.
#2 – It has even more acronyms than I thought it would
Look, I’ve heard of these exams being referred to as vocabulary dumps, so I don’t know why it surprised me so much, but wow, so many acronyms get thrown into scenarios and questions.
I don’t have the best memory, so unless I’m using an acronym on a very frequent basis, I’m just not going to remember what it means. Context of how it’s used of course definitely helps, but if there’s an acronym in the question and you don’t know what that acronym stands for, your odds of answering correctly go down dramatically, because you don’t really know what the question is asking.
Acronyms in answers can be equally as challenging, but usually, if you know what the question is asking, it’s a little bit easier to remember what the correct answer acronym would be.
This might sound crazy, but I personally literally went through every acronym listed in the official CompTIA Security+ Objectives Guide PDF, I copy/pasted all of them, and I wrote succinct definitions for all of them. It took me forever, but there were a lot of them that I already knew so that definitely helped.
![](https://cybr.com/wp-content/uploads/2021/11/list-of-acronyms.jpg)
And then I used flashcards from those definitions to quiz myself on it.
Because I did the work up-front if you don’t want to do that because you don’t have the time or you don’t think writing your own definitions will help you, then check out list of definitions that you can use to quiz yourself and to review.
But if you have the time and patience, I think you will remember them more easily if you do this on your own.
So it’s there if you need it.
#3 – The performance-based questions were a little bit trickier than I thought they would be
I think the main reason is that I got a lot of networking performance-based questions on mine, which again, is not my strong point. But that really helped me to make sure that I focused on adding more networking-based questions in my simulations.
That way you’re not thrown off immediately when the exam starts, unlike me. Because you get those up-front.
I’m also going to mention this a couple of times throughout the course, but if you don’t know the answers to the performance-based questions, mark them for review and come at the end when you’ve knocked out the multiple-choice questions. The last thing you want is to waste a bunch of your time on questions you don’t know, and then you don’t have enough time to answer questions you do know and you rush through it.
#4 – There were more ambiguous questions than I thought there would be for the level of the exam
Again, I’ve taken professional-level AWS certifications that are known for trying to make your head spin by using keywords that completely change the meaning of the question, so I’m used to that kind of testing, and the Sec+ definitely wasn’t at that difficulty level, but they do try to trick you by throwing in specific keywords in some of the questions that completely changes the meaning of the question and therefore the answer.
Focus on what you’re reading and make sure you fully understand the meaning of the question before you respond. Even if you are super confident in your answer as soon as you start reading the question, don’t rush to answer. Take your time — there might be a keyword at the end of the question that changes the meaning of it entirely.
Conclusion
I didn’t add this lesson to make you worried about taking the exam or to make it sound like it’s super hard, because overall it is not a super difficult exam. It can be challenging if you don’t have much IT experience or if you’re not good at memorizing, but scaring you was not my intention with this. Instead, I just wanted to share my experience so that you’re more prepared for the actual exam.
So keep these things in mind as you go through the course and as you go through the practice exams.
With that, let’s move on!
Trying to get to the list of CompTIA acronyms and the link to your site redirects to.a site giving the following error – {“object”:”error”,”status”:400,”code”:”invalid_request_url”,”message”:”Subdomain ‘daisy-jeep-57f’ is invalid for this page, do you have the correct subdomain?”}
Doh! I forgot to update the redirect after changing the link. Thank you for letting me know! It’s fixed now:
https://cybr.com/security-plus-acronyms