Don’t Underestimate the CompTia Security+ Exam

The Comptia Security+ exam isn’t that easy!

I was recently at a family reunion, and I was talking to my cousin, who does IT work for the military.  He was getting prepared to leave the military within a few years to transition into civilian work.

I asked him if he had any IT certifications.

“No, but I am thinking about trying to get some of the really easy ones like Security+”.

I had taken and passed the CompTIA Security+ exam just a couple of years before this conversation.  I thought to myself, “Really easy? I think not!!!”.  But I did not say anything to my cousin.

The Security+ is an entry-level cybersecurity certification that has significant value when you are looking for a job.  Security+ is an IAT Level 2 certification.  What does this mean?

The Department of Defense has approved the Security+ certification as “Level 2”.  Many jobs that relate to government contracts require the certification as a baseline requirement.  In other words, you cannot be considered for the position unless you hold this certification.

Here is a quick way to see if a certification has value:

The easiest way to determine if a certification holds significance in the marketplace is to do a job search that requires that certification.

In the case of Security+ I would go to and search “IAT2”.  These results will show all of the jobs that require or prefer an IAT Level 2 certification like Security+.

If you do this search where I live – in the Washington DC metro area – you will find dozens and dozens of positions appear in the search results.  Nearly all of the jobs have a salary range of more than $100,000.

So yes, the Security+ certification is quite valuable.

You have to know your stuff.

I studied for the Security+ exam way longer than I studied for more advanced exams like CASP and CISSP.

It was one of my New Year’s resolutions to pass the exam.  The next thing you know, it was November, and I did not yet take the test.  I had studied off and on for 8 or 9 months for the test.  I was not about to let the calendar turn to another year without at least giving it a try.

One of the reasons that it took me so long to prepare for this exam is that I skipped over the IT Fundamentals, the A+, and the Network+ exams.

If I could do it again, I would start with these two beginner exams to build up my confidence and create a runway to the Security+.  I would recommend this path as outlined the CompTia:

But of course, I decided to take a shortcut and skip directly to the Security+.  But it was not a shortcut – It took me many months to prepare for the test.  I could have been picking up certifications along the way instead!

The Exam

I took the exam at PearsonVue.  All of the simulations were at the beginning of the test.  There were seven simulations on my test.  They had to do with setting up firewall rules, configuring RAID.  The book “Security+ Exam for Dummies” really helped me prepare for this part of the exam.  Some of the examples in this book were very close to what was on the actual test.

I believe that I got 6 of the seven simulations correct.  I bombed one of the questions completely.  This put me in a tight spot because I heard that the simulations are more heavily weighted than the multiple-choice section.

So I carefully worked through the multiple-choice questions and did the best I could to narrow down the answers and choose the correct choice.  Unlike the CASP and the CISSP, the questions on the Security+ exam are black and white.  There is a single right answer to all of the questions.  You will not find questions that try to trip you up by showing two solutions that are correct and making you choose the best one.

I nervously clicked the “complete test” button and waited for the response.  I was happy to find that I passed the exam.  This was my first step in my certification path.