This blog post is a bit late, but I still want to share how I passed the CompTIA Security+ SY0-701 exam in just three months last summer, without any prior cybersecurity background.
Key Resources #
The most important study materials for me were Professor Messer’s videos and notes. I bought his notes and practice exams as soon as I started preparing. For the first two months, I was also taking full-time online classes, so I mainly watched Professor Messer’s YouTube videos:
At the same time, I was taking a course called INFO 310: Information Assurance and Cybersecurity (GitHub Link ), but it focused on different areas compared to Security+. Security+ is more about theory, operations, and management, covering a wide range of topics like:
- Assessing the security posture of an enterprise environment and recommending solutions.
- Monitoring and securing hybrid environments, including cloud, mobile, IoT, and operational technology.
- Operating with an awareness of applicable regulations, policies, and principles of governance, risk, and compliance.
- Identifying, analyzing, and responding to security events and incidents.
In short, Security+ covers a broad range of knowledge but doesn’t require deep technical skills—it’s more about memorization. Many people say you don’t need to watch all of Professor Messer’s videos, but I think if you have no cybersecurity experience and enough time, it’s worth watching all 100+ videos at 1.5x speed. His examples can help understand the concepts better. At first, I took detailed notes, but later I realized his notes already summarized everything, so I just wrote down keywords while watching. His notes also include useful tables and diagrams that are very helpful.
Practice Exams #
After finishing the videos, I started practicing with free exams from ExamCompass:
These questions are not high quality, but they helped me recall the concepts I had learned. The questions are mostly about choosing the correct definition of terms, which was useful at this stage because I had already gone through all the basic knowledge but could only recall less than half of it. After finishing a set of questions, I went back to the concepts I didn’t remember and highlighted them in Professor Messer’s notes. Through this process, I noticed that sometimes his notes didn’t cover everything.
There are 24 practice tests on ExamCompass, but I only finished about 16 because time was running out. Once I felt more familiar with the concepts, I started taking Professor Messer’s practice exams. His exams are more structured and similar to the real exam. They also include Performance-Based Questions (PBQs), which were the only chance I had to practice those types of questions. After finishing three of his practice exams, the real exam was just around the corner.
In the last few days, I also used Quizlet flashcards to review key terms. They helped me solidify my knowledge.
Exam Day #
I took the exam online while I was in Shanghai. I had scheduled it for 9:00 AM, but I ran into technical issues when testing my network connection before the exam. I tried twice but couldn’t get it to work. I even rescheduled the exam for a few days later, but I decided to give it one more try. I closed all the tabs in my browser (even though I had already closed the browser itself), and somehow that fixed the issue. I was finally able to start the exam around 10:00 AM.
The exam was 90 minutes long, and the number of questions was quite large. I couldn’t spend too much time on any single question. When I saw “Congratulations” on the screen, all the hard work felt worth it! I celebrated by ordering a big sushi lunch.
Helpful Communities #
The CompTIA subreddit was a great source of motivation. Many people shared their experiences, and it helped me feel less stressed, especially when I saw that people mentioned some topics they was worried about (like port numbers) didn’t even appear on the exam.
Other Useful Resources #
-
CompTIA Security+ SY0-701 Exam Objectives: This is the only official resource I found useful, and it’s free. You can get it by signing up on the CompTIA website or searching online. The last few pages include a list of acronyms, which was very helpful for me. I used this list to mark terms I didn’t know and wrote brief explanations next to them.
-
Cyberkraft’s Ports and Protocols Reference Sheet: This was a great resource for understanding ports and protocols, even though I didn’t end up needing it much on the exam.
-
I Passed the CompTIA Security+ Certification in 9 Days: I watched this video multiple times during my preparation. It not only gave me a clear structure for studying but also motivated me.
Conclusion #
This was my journey to passing the Security+ exam. After the exam, I enjoyed the last days of my summer break. I wanted to share this experience earlier, but it’s better late than never. Whether you’re planning to take the exam or not, I wish you the best of luck!