Pass the CompTIA SYO-401 Security+ Exam

Home > Blogs > CompTIA > Pass the CompTIA SYO-401 Security+ Exam

Pass the CompTIA SYO-401 Security+ Exam

Like This Blog 2Steve Fullmer
Added by September 16, 2015

I finally had the time to study and pass the SYO-401 Security+ exam.

Everyone who takes our SEC155 Security+ Certification Skills course wants more information about test preparation.

My observation: You will need multiple resources and some focused study to pass this exam. Mere memorization of content is unlikely to assist you. Many of the questions are about applied understanding.

Gathering, assimilating and associating information leads to knowledge. The ability to draw forth the appropriate knowledge in the correct situation demonstrates understanding. The ability to select which understanding to apply, and the proper method to use the knowledge is application.

The CompTIA Security+ test is very much about applying the knowledge to both specific and varied scenarios.

Step one: Always go to and navigate to the CompTIA Security+ certification page.  Select the “See what the exam covers” button on the right of the page (which CompTIA has kindly highlighted.)


Enter the requested information and download a copy of the current exam objectives. These are your key to proper test preparation regardless of the learning method or tools that you use. Before you take the test, you need to understand the association between and amongst the concepts. I recommend that students spend time going through entire Exam Objectives outline until they can recall or retrieve about 30 seconds of useful information for each bullet point. Repeat the process filling in knowledge gaps by reviewing personal course notes, courseware, or accessing the Internet and supplemental test support systems.

We use courseware from Logical Operations Choice, supplemented by other sources and several years (maybe combined decades) of educational and practical security experience.

Experience is a stated pre-requisite for this exam, and you need it!

Multiple questions asked for the application of generic knowledge from the Security+ objectives, though I was surprised at how many questions ask very specific questions about detailed application of the knowledge. We will undoubtedly be updating the delivery of our course yet again to prepare candidates to meet this exam element.

Although the test process and agreement precludes me from sharing specific questions, I am glad that I teach the A+ course, and have detailed, hands-on experience with several system elements. Some of the content required detailed knowledge about:

  • RAID 0, RAID 1, RAID 5, and RAID 6 disk arrays.
  • Command line tools for securing Cisco Router implementations.
  • Detailed Firewall configuration. Know you protocols and ports, including TCP and UDP alternatives and uses.
  • Although the objectives don’t suggest an understanding of custom subnetting, a clear understanding of segmentation and custom addressing schemes is extremely useful.
  • Know more than the lengths of hash, symmetric, and asymmetric cipher methods; have a clear understanding of their application to specific solutions.
  • Take a look at the output from various NIDS/NIPS, HIDS/HIPS, vulnerability scanners, protocol analyzers, and system log files so that you can quickly interpret what they suggest.
  • Threat categories, types, and their application by a hacker were covered both broadly and deeply.
  • Acquire a basic understanding of Microsoft Group Policy security alternatives.
You may also like:  CompTIA Series: Security Access Models

Add each of the items above to the content listed in the Exam objectives

As I was purchasing my exam voucher, I was offered a discount opportunity to try out the Pearson/CompTIA CertMaster certificate preparation tool.  Mind you, I had less than a week before the planned date of my exam. I purchased a copy, and quickly ran through the 24+ hours of training in about 12 hours. Having completed the entire content, Pearson awarded me 10 hours of ongoing IT training credit (for Continuing Education) reporting. As such, the CertMaster tool is useful to anyone refreshing their security skill sets as it is to a certification candidate.

CompTIA CertMaster is a powerful training tool if you like repetitive reinforcement. What I found perhaps more useful was a better sense of the syntax or context of the exam questions. CertMaster is NOT a test or exam simulator, it is clearly intended as a study or material review aid. As a broad brush across the content, I found the tool useful. My primary objection with CertMaster is the lack of preparation for the Simulation and scenario questions.

My favorite tool for exam simulation is MeasureUP. MeasureUP recently changed their software engine and delivery mechanism. Previously, you purchased the entire tool and installed it for offline use on your system, with access to updates when you had an online/Internet connection. I don’t recall any expiration period. The new MeasureUP tool is web based, or at the least browser based. The tool is designed to run in Offline mode, such that once downloaded you may use the instance on your local drive when disconnected. There are several warnings and a 60 day expiration period. My recommendation would now be to acquire MeasureUp only when you are serious about committing yourself to several, multi-hour study sessions. Exceeding 320 questions in the study and timed modes, you will need to spend ten or more hours just for one pass through all the content.  Start with 30 to 60 minute sessions and increase your pace and recall until you can take a full 90 question exam in 90 minutes. MeasureUp does an admirable job presenting Simulation scenarios that closely resemble test questions in form and content.

You may also like:  Creating an Installation USB Stick for Kali Linux

Finally, the exam is promoted as offering 90 questions in 90 minutes.  This is the preparation environment employed by MeasureUP. The time frame is fixed, though the number of questions may be reduced depending on the number and scale of the Simulation questions you are provided. You need to be prepared and confident to handle the rigorous test pace.  The exam actually asks somewhere between 60 and 70 questions, replacing several multiple choice questions with detailed Simulations. Within the Simulations, the number of alternatives, thought processes, scratch pad work, detail and multiple answer inputs (even though typically offered as choices) causes the test to exceed 90 question elements. I found myself using half the allotted time for about six simulations, and racing through the remainder of the time to answer questions at apace slightly faster than one question a minute.

Know the material. Reinforce your understanding of its application. And continue to enhance your focus and pacing right through test day.

Good luck!

I look forward to seeing you in the classroom, or online!

Steven Fullmer
Interface Technical Training Staff Instructor

Steve teaches PMP: Project Management Fundamentals and Professional Certification, Windows 7, Windows 8.1 and CompTIA classes in Phoenix, Arizona.


Videos You May Like

Agile Methodology in Project Management

0 17 0

In this video, you will gain an understanding of Agile and Scrum Master Certification terminologies and concepts to help you make better decisions in your Project Management capabilities. Whether you’re a developer looking to obtain an Agile or Scrum Master Certification, or you’re a Project Manager/Product Owner who is attempting to get your product or … Continue reading Agile Methodology in Project Management

Creating Users and Managing Passwords in Microsoft Office 365

0 16 1

In this Office 365 training video, instructor Spike Xavier demonstrates how to create users and manage passwords in Office 365.

Detailed Forensic Investigation of Malware Infections – April 21, 2015

1 52 1

In this IT Security training video, Security expert Mike Danseglio (CISSP / CEH) will perform several malware investigations including rootkits, botnets, viruses, and browser toolbars.

Write a Comment

See what people are saying...

  1. Matt Markley

    Though I do not advocate the use of sample exams as a contextual learning tool for certification exams, they are a fantastic mechanism to prepare for the pacing, mindset, and examples of potential exam content. There are good and bad exam question banks. The bad ones have the tendency to aim your mental processes and associations down the wrong rabbit holes; their creators use their opinions and often incorrect or incomplete knowledge to prepare sample questions. I just ran through one where the use of direct quotes from the source content were offered as possible multiple choice answers. Upon scoring my practice run of the material, I missed several questions because I had not selected the exact quote, even though the context of the applied material ruled out the option associated with quote – I knew it could not fit the scenario by experience. Given the framework I recommend, MeasureUp provides the most consistent reflection of exam content, and a mechanism to scale the pace of your learning, review and exam preparation as you near the exam date. If a MeasureUp sample exams exists for any course I am preparing, I always run through the material for better insight and comprehensive coverage of the material. You can’t go wrong with a MeasureUp exam set.

    Steve Fullmer

  2. Dax

    I recently rescheduled my Security+ exam to later this year. I have read CompTIA Security+ Study Guide: SY0-401 / Edition 6, by Emmett Dulaney, Chuck Easttom. I outlined the entire book into a small study packet I keep with me. Also, I have completed TestOut Security+ course and still have access to the material.

    Now, I am contemplating on purchasing MeasureUp practice exam–because of recent cert exam testing scams.

    If you can provide any incite into MeasureUp’s effectiveness, I would greatly appreciate it.


Share your thoughts...

Please fill out the comment form below to post a reply.