A few weeks ago I took the CompTIA Security+ (version SY0-301) exam after 2 weeks of intense self-study and managed to successfully pass after a nerve-racking 90 minutes of questions. The exam covers all aspects of information security, including networking, access control, security threats & mitigation technique and cryptography. It doesn’t go into a huge amount of detail into any of the topics, but instead gives a broad understanding of all the areas. I highly recommend the exam for any forensic investigators who want to get a broader understanding of the infosec world, and unlike the extortionate EnCE or SANS courses – you only need to pay for a study book and the exam (which was a few hundred pounds). The exam will be moving very shortly to the newer version, 401, which will have updated concepts but the general feel will be the same. Below are some of the materials I found useful (and useless!) for my study.
I used two books that my colleague who did the exam previously had bought. One was bigger and supposedly offered more in-depth coverage; the other was a smaller review book. If you really don’t know the subject, a larger book (and thorough research around the topic on Wikipedia) is required, but I had enough baseline infosec knowledge that the review guide worked fine.
CompTIA Security+ Deluxe Study Guide
Despite having a lot of detail, I cannot recommend this book. Firstly, the glossary at the back actually has some definitions that were plain wrong or misleading. If you roughly know the topic, you can see what the author is trying to get at, but will lead those learning the subject completely down the wrong path. The author also has split the exam’s six topics into 15 chapters – not into nice chunks – but intermixed and actually making it very difficult to follow. All the other books & online material is split into the exam topics, making cross-referencing with this book unnecessarily hard. Because of this, the author repeats himself as he has to mention the same things in different chapters. To do this, he literally copies and pastes the exact same text from earlier in the book. The author also does not make it obvious where he is going into detail that will not be covered for the exam (I had already memorised some information models such as the Bell-Lapadula Model & Clark-Wilson Integrity Model before I realised these were not mentioned anywhere else) and also gave a “hint” that the details of RAID will not be required for the exam; when in fact knowing the different RAID levels and what they mean is required. In summary the book is poorly written and does not flow. If the extra details and repeated sections where taken out I think it would be thinner than the review guide below. The only redeeming feature is the practice questions: the sample exam at the beginning of the book, the 20-question quizzes at the end of each chapter and 200 questions that come with the CD.
CompTIA Security+ Review Guide
This shorter book covers exactly what you need to know for the exam with no extra fluff. At the end of each chapter, the author reviews the topics you need to be familiar with and gives a 10-question quiz (not enough questions in my opinion). Skip to these need-to-know sections to see what you need to read up on, and by supplementing the book with online research you will have no problem with the exam. The book also comes with a CD with further questions.
There are lots of practice multiple-choice quizzes out there which are easily Googlable. However the exam also has some drag-and-drop or interactive typing style questions which appear at the start of the exam. This isn’t really covered in the books or quizzes, but this PDF with questions (and answers!) will provide you with everything you need to know for that section.
For a few more quiz questions, there are hundreds of Apps in the Apple Store. One I used that was free was “Todd Lammle’s CompTIA Practice Exam” which gave 50 questions.