• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

Security+ certification

N

NogginBoink

Diamond Member
Anyone have this?

I was shamed this morning. I failed the exam. Many of the questions there just didn't make any sense at all to me.

Yet, I'm employed as a computer security professional by a large software company, and I have the CISSP certification which is supposedly much harder than the CompTIA exam.

Did anyone else take the exam and just not undertstand half the questions? (Or rather, understand the questions well enough to know that none of the answers made any sense?)
 
I have this cert - and found it to be pretty easy...

I did however - have to leave what I knew at home and answer it the way that they wanted it to be answered...
 
Honestly, I studied very little having passed the CISSP exam and with my experience.

The exam, for example, uses an example of DNS poisoning and calls it "DNS Spoofing."

I have never heard of DNS spoofing. It's called DNS poisoning. Anyone here ever heard of/used the term "DNS Spoofing" in regards to a DNS entry that points to a server other than the intended server?
 
I have heard of DNS Spoofing. Never heard of poisoning though. Then again, I'm not a professional administrator...yet.
 
DNS Poisoning seems to be the current "hot topic" word where DNS vulnerabilities are concerned. Whether they are the same or different (spoofing vs. poisoning) is another matter entirely, I'd have to do the research.
 
Ah yes, the infamous Security+ exam.

The first time I took it, it SUCKED. I had Security+ training and a huge lab book to study from. Any entire chapter was dedicated just to Certificate Authorities. Then I used MeasureUp for practice tests for a month, and didn't take the real test until I was passing them completely repetetively.

Then I took the test, and got a 70% on it which isn't passing. The questions are written in broken English, and I would say the majority of them weren't even covered by Training, the Lab Books, and the MeasureUp tests. It was like it was for some other cert.

This time around I have used training materials from ExamCram, CramSession, and TestOut. All of those materials aren'te similar, just like my previous training. It's like everyone decided their own security training material but never bothered to check what was actually on the exam.

I'm going to be taking this cert again within a few weeks. I better pass it this time...
 
Originally posted by: NogginBoink
Honestly, I studied very little having passed the CISSP exam and with my experience.

The exam, for example, uses an example of DNS poisoning and calls it "DNS Spoofing."

I have never heard of DNS spoofing. It's called DNS poisoning. Anyone here ever heard of/used the term "DNS Spoofing" in regards to a DNS entry that points to a server other than the intended server?
Click to expand...

I've used the term "Spoofing", yes.
 
I took the exam and passed it. Didn't seem too difficult to me but I had extra incentive...a passing score on Security+ gave me an A for my Data Comm class. Can't say it's been all that helpful in my job search though. 🙁
 
Originally posted by: Anghang
why do you need the Security+ if you've already got your CISS, I think industry values the CISSP more.
Click to expand...

The certs I'm going to get are Security+, SCNP, CISSP, one of the GIAC certs, and CISM.

It's nice to have Security+ just because it's an entry level cert by CompTIA. But you're right, once you have the CISSP, you really don't need Security+ at all.
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top