CertCities.com -- The Ultimate Site for Certified IT Professionals
Visit CertCities.com Forums and Ost Your Mind Share share | bookmark | e-mail
  Microsoft®
  Cisco®
  Security
  Oracle®
  A+/Network+"
  Linux/Unix
  More Certs
  Newsletters
  Salary Surveys
  Forums
  News
  Exam Reviews
  Tips
  Columns
  Features
  PopQuiz
  RSS Feeds
  Press Releases
  Contributors
  About Us
  Search
 

Advanced Search
  Free Newsletter
  Sign-up for the #1 Weekly IT
Certification News
and Advice.
Subscribe to CertCities.com Free Weekly E-mail Newsletter
CertCities.com

See What's New on
Redmondmag.com!

Cover Story: IE8: Behind the 8 Ball

Tech-Ed: Let's (Third) Party!

A Secure Leap into the Cloud

Windows Mobile's New Moves

SQL Speed Secrets

CertCities.com
Let us know what you
think! E-mail us at:
 
 
...Home ... Editorial ... Columns ..Column Story Thursday: January 14, 2010
TechMentor Conferences


Certification Advisor  
Greg Neilson
Greg Neilson
Security+: What a Disappointment!
Greg takes CompTIA's Security+ exam and comes away wishing he'd spent the fee on expanding his CD collection.
by Greg Neilson  
4/6/2004 -- If you've read my earlier column on my plans for 2004, or my comments featured as part of CertCities' 10 Hottest Certifications for 2004, you would know that I am pretty bullish on CompTIA's Security+ certification. Actually, that should read was bullish. You see, I finally took the Security+ exam, and I must say I was very disappointed by it.

I'll say up front that I failed the exam by a couple of questions. But this is not about my score: I don't need Security+ title for my job or any future career plans. I took the exam because I was excited about the title; I thought it would be useful to broaden my security knowledge in areas that I don't deal with on a regular basis.

From my experience in taking more than 100 other certification exams, I expected Security+ to ask unambiguous questions with varying levels of difficulty that when combined -- and let's face it, there are 100 questions here today, so there's lots of scope for this variation -- would give a reliable indication of whether someone has acquired basic security skills in a broad range of areas. And I don't think that's an unreasonable expectation to have, especially considering this exam's $225 (U.S.) price tag. (Even worse, in Australia the cost in local currency was $415, which equates to $312!).

Unfortunately, this is NOT the exam we have today.

Much of Security+ consists of pretty easy questions about security, which probably accounts for the relatively high percentage needed to pass (83 percent). -- not unreasonable considering how many easy questions there are. However, there's two other types of questions on this exam: a handful covering content so obscure that only an expert can answer, and -- here's the kicker! -- others that are so poorly worded that you are unable to determine what you are being asked, let alone which is the correct response! In fact, before I took the test, I had seen comments posted in forums complaining about the quality of the Security+ exam questions, and I pretty much dismissed those posters as whiners. But now I know they were on to something. I wish I could put detailed examples of these questions here; but that, of course, would be giving away exam questions, which I can't do.

Now, I'm not a psychometrician, so I can't say that the Security+ exam doesn't confirm to this testing standard or that one. But considering the quality of the questions asked and the imbalance of the question difficulty levels, I can say that I simply don't believe that this exam does what it sets out to do: truly test one's knowledge of the subject at hand.

I have a number of other CompTIA certifications: Network+, Server+, Linux+ and IT Project+. Security+ simply doesn't conform to the same standard. Therefore, until CompTIA does some work to fix the problems with this exam, I can't recommend that anyone else take it, and I will no longer recommend the program to others. I did learn a great deal about security in my preparation, but as far as the exam itself goes, I would have been much better off spending the cash on expanding my CD collection.

I'd like to hear back from those of you out there that have taken this exam. What do you think? Let me know by posting your comments below.

Greg Neilson, MCSE+Internet, MCNE, PCLP, is a Contributing Editor for Microsoft Certified Professional Magazine and a manager at a large IT services firm in Australia. He's the author of Lotus Domino Administration in a Nutshell (O'Reilly and Associates, ISBN 1-56592-717-6). You can reach him at Attn: Greg.
 

More articles by Greg Neilson:

-- advertisement --


There are 86 CertCities.com user Comments for “Security+: What a Disappointment!”
Page 2 of 9
4/7/04: IT Pro says: Brian P, Comptia certification are entry level, why should someone have to recertify there entry level skills. A few years after you get a Comptia certification you should either be on to bigger and better things or have left the industry.
4/7/04: B. Frazier from Capital city of the world's only remaining Super P says: I am an MCSE on Windows 2000 and 2003 platform. Also MCSA: Messaging (Exchange) and MCDST and MCP on NT and XP. Also Novell Netware CNA(6) and ZENworks for Desktops4 as well as CompTIA Network-plus and A-plus certification. I took the MCDST just to test myself and to see if it was worth taking for our helpdesk staff at the office. I plan to take the Security-plus exam only because it counts as an elective torwards MCSE: Security and is a short-cut for me instead of having to take another Microsoft exam. I've pretty much overdosed on Microsoft exams at this point. I agree that preparation is the key and although I consider myself knowledable in security you can bet that I'll put in some solid review and prep time for Security plus because the cost of the exam is overpriced! Can't afford to take it twice!
4/7/04: Bill Torch says: Only a fool will take CompTIA exam. Mr Greg Neilson please wake up and do some actual network installation and don't study those stupid exam anymore
4/7/04: Anonymous says: Your list is Microsoft Security certification. This site is biased to Microsoft exam. Are all those editors of Certcities MCSE only. This site fill up with shoddy reviews and unqualified reviewers. You are only wasting Internet bandwidth
4/8/04: CDI Michael from Halifax says: I have just recently finished the Security Course, 75 hours. During my course I found the course to be very good and I did learn alot. But the 2 exams that I did for the course were very hard. The questions were very confusing, I found for most of the ones that I did get wrong my answer was correct but another answer was more correct, I did pass both exams as well. In review of my last Exam my College Teacher which is MCSE and about a ton of other certifications told me that the cert exam was the same way as these questions, worded very poorly. My teacher is probably one of the smartest IT people I have ever known, ask him anything and he spits the answer out in 2-3 sec. He failed his first write at this exam by one question. On his second write he NAILED it to the wall, but my point is he told me that I know my stuff but study even harder for this cert because of the poor questions you do not want to waste the money The practice exams questions with the Cisco Security + Book seem to be more fair then what we are all in for the CompTIA Cert exam. Maybe if enough off us CompTIA Pros complain they will fix this very expensive exam. Good Luck ALL
4/8/04: Anonymous says: I took and passed the exam, but I agree with Greg...the wording of the questions suck! They are ambiguous and poorly worded...I learned alot studying for the exam, but taking the exam was a miserable experience
4/8/04: Decipher says: Come on now Greg, you can't bash a test just because you failed. Be honest, that's why you took your time to write this article. You wouldn't have written it if you would have passed.
4/8/04: ChicagoMCSE says: Didn't I try to tell you that any CompTIA exam was nothing more than overpriced toilet paper? You wasted your own time and that of everyone else. Thank god it was only your money that you wasted. Idiot...
4/8/04: Tcat says: Poor wording does make this a tough exam. Because Security+ is accepted in other cert programs, depending on your particular track, it may be a money saver (regardless of personal opinions of this cert). I cannot agree that there are "several" right answers to a radio dial choice. It does take decoding however. For example, lets say you get a question such as: "You are working in the server room and the fire alarm goes off. You: A) Get a fire extinguher B) Get the backup tapes C) Lock the server room door D) Shut down the servers Now some people will look at a question like this and scream (since you can only pick one). However, once you get past the poor wording, the answer is obvious. Shut down the servers. Wasn't this straight out of the movie Deception? In firearm safety the orders are: Ready, Aim, Fire. All three are correct. Mix the order and you can be seriously dead. Same with decoding the poorly worded test questions. In my sample question, mix the order and the fire dept. will find you dead, clutching some melted backup tapes in a locked server room. People are passing Security+. Since the beta I have given away a Zipped PDF that helps greatly. The English version is here. http://snipurl.com/SecurityEnglish
4/8/04: jaarin96 from Texas says: This exam (yes i failed it by two questions) is as folks have said before, 1 mile long and an inch deep. Having said that everyone seems to be looking for it. It gets you a lot of mileage for MCSE-MCSA Security Certs, you can get a HIIPA cert out of it and along with an MCSA or CCNA you can CIW Security Specialist out of it. I plan to take it again because there don't seem to be many other entry level Security Certs out there. Good luck to everyone who is trying again.
First Page   Previous Page     Next Page   Last Page
Your comment about: “Security+: What a Disappointment!”
Name: (optional)
Location: (optional)
E-mail Address: (optional)
Comment:
   

top
Home | Microsoft® | Cisco® | Oracle® | A+/Network+" | Linux/Unix | MOS | Security | List of Certs
Advertise | Contact Us | Contributors | Features | Forums | News | Pop Quiz | Tips | Press Releases | RSS Feeds RSS Feeds from CertCities.com
Search | Site Map | Redmond Media Group | TechMentor Conferences | Tech Library Webcasts
This Web site is not sponsored by, endorsed by or affiliated with Cisco Systems, Inc., Microsoft Corp., Oracle Corp., The Computing Technology Industry Association, Linus Torvolds, or any other certification or technology vendor. Cisco® and Cisco Systems® are registered trademarks of Cisco Systems, Inc. Microsoft, Windows and Windows NT are either registered trademarks or trademarks of Microsoft Corp. Oracle® is a registered trademark of Oracle Corp. A+®, i-Net+T, Network+T, and Server+T are trademarks and registered trademarks of The Computing Technology Industry Association. (CompTIA). LinuxT is a registered trademark of Linus Torvalds. All other trademarks belong to their respective owners.
Reprints allowed with written permission from the publisher. For more information, e-mail
Application Development Trends | Campus Technology | CertCities.com | The Data Warehousing Institute
E-Gov | EduHound | ENTmag.com | Enterprise Systems | Federal Computer Week | FTPOnline.com | Government Health IT
IT Compliance Institute | MCPmag.com | Recharger | Redmond Developer News | Redmond | Redmond Events | Redmond Channel Partner | Redmond Report
TCPmag.com | T.H.E. Journal | Virtualization Review | Visual Studio Magazine | VSLive!
Copyright 1996-2009 1105 Media, Inc. See our Privacy Policy.
1105 Redmond Media Group