So as it turns out, my work requires the Security+ certification to get an admin account on some of our networks.
I knocked it out on Friday without much studying (just some into access controls since I had forgotten all about them), and it was definitely a reasonable exam.
There were about 5 “hands-on” questions that involved stuff like recognizing attacks, configuring firewalls, and designing networks followed by around 70 multiple choice questions.
While the exam wasn’t difficult, I might recommend brushing up on some stuff if you don’t know or remember it (ports, rules, access controls, crypto, etc.).
Though I didn’t actually learn much, it didn’t hurt to brush up on some of the stuff. Additionally, it doesn’t hurt as another HR bullet-point on my résumé.
All in all, not a huge waste of time, and it didn’t hurt that my employer covered the time and costs of the cert.
Ray Doyle is an avid pentester/security enthusiast/beer connoisseur who has worked in IT for almost 16 years now. From building machines and the software on them, to breaking into them and tearing it all down; he’s done it all. To show for it, he has obtained an OSCE, OSCP, eCPPT, GXPN, eWPT, eWPTX, SLAE, eMAPT, Security+, ICAgile CP, ITIL v3 Foundation, and even a sabermetrics certification!
He currently serves as a Senior Staff Adversarial Engineer for Avalara, and his previous position was a Principal Penetration Testing Consultant for Secureworks.
This page contains links to products that I may receive compensation from at no additional cost to you. View my Affiliate Disclosure page here. As an Amazon Associate, I earn from qualifying purchases.