Skip to content

CompTIA Security+

Jan 20, 2026

It took me a little longer to get my ducks lined up but I finally used the exam voucher for the CompTIA Security+ certification. Passed! First try!

My Testing Experience

The exam experience was about what I should have expected for taking it with an online proctor. They were very picky about the testing environment around the desk. But actually reasonably accomodating for the rest of the room. I heard a lot of nightmare stories of online proctors disqualifying test takers for noise (I have a one year-old, plus dogs) or hearing voices (multigenerational house with everyone working from home or retired).

I also experienced an error on the test provider side. When I was 95% done with the exam. I'm sure my blood pressure was spiking. Luckily they recovered it, with little explanation from the proctor, and in the end it was fine.

Except for the error on PearsonVue's application end, I wouldn't hesitate to do it again since the nearest testing center is an hour away no matter what. For future exams, I'll probably just try to make a day of it.

You didn't ask for this advice but

With the caveat that the Security+ was my first certification exam of this kind, I would say that it was not easy. I'm glad I was actually interested in the content because the way CompTIA writes the exam can be maddening.

If you're like me, you ended up on reddit or youtube reading stories or watching videos with headlines saying "How I got Security+ in X weeks" where X is an improbably low number. Ignore them. None of them have anything valuable to offer you can't get from someone with better generalized study advice.

There's a lot of facts you can learn to guarantee certain free points on the exams:

  • Port numbers
  • Most secure cryptography
  • Definitions of hardware/software/techniques
  • Acronyms

You either know these things or you don't. And if they aren't asked directly, they're required to answer a longer question.

But there are way more questions that are sort of best opinion, in my opinion:

  • How to improve a company's security training
  • Achieving a business objective the best/cheapest/fastest way
  • Deciding cybersecurity strategy given conflicting constraints

This stuff just kind of comes through experience or training. Simply watching YouTube will get you a long way, but listening to experts give talks, running through simulations, and reading post-mortems and incident reports from big companies ended up being a great way to spend my study time because it inevitably turned into a deeper dive into a technology or company.

For resources I do recommend, if you haven't heard of Professor Messer you certainly would have eventually. His youtube courses run through all the objectives listed on the CompTIA study guides. He has a bunch of other resources too that I would consider if I were studying something less familiar. Then I grabbed a set of 6 Practice tests with Performance-based Questions (PBQs) on Udemy from Mike Chapple. That's another name I see recommended frequently so it felt reasonable to buy his product too.

The key is to not take all the practice exams at once. Run through all the youtube videos you think you need to, cover answers on the screen, and try some of the review/walkthrough videos-- whatever you have to do to quiz yourself. Then go take a practice exam. If you know you're getting questions wrong, bail on it, study, and come back. The CompTIA exams don't have a publicly available question pool, you need to understand enough to know the answer.

Your loop is:

  1. Watch/read/listen to all the material you think you need.
  2. Start a practice exam and hold yourself to a high standard.
  3. QUIT EARLY-- There's no point in taking a 90 question 1.5 hour test that you know you are failing.
  4. Study your weak areas. The exam is broken up by objective and CompTIA tells you what percentage of the exam is covered by each subject area.
  5. Finish the same practice exam or try other review questions.

The goal is to have two or three practice exams left over so you can try to simulate the timed exam as closely as possible without seeing questions you've already attempted.

I know a lot of folks would say these certifications don't hold the weight they used to, but in my opinion you can't just walk in and memorize what you need for these exams. The mile-wide, inch deep description of Security+ is probably directionally correct, but it does take some study and understanding of the building blocks to sit down and succeed at this exam.