Zero to OSCP Chapter 1 – CompTIA S+ and N+

Hi guys,

One year ago I decided to switch careers and get into cybersecurity. Don’t get me wrong, I love my DBA career. But maybe I would love a cybersecurity even more, who knows? 

Therefore, today I am going to start a new series on my blog, describing my path from zero to OSCP.

This is chapter one.

If you hate fluff, skip to the conclusions at the end of this post.

Background: I am a fantastic DBA. I love working with SQL Server, and as a result of my new position at CoverMyMeds, I am also becoming quite proficient in Postgres. However, I am one of those “Accidental DBA’s” and I never completed a formal CS education.

Therefore, I recognized that I have gaps in my knowledge that I must fill sooner or later, and I decided to use the CompTIA exams for that: A+, N+, and S+.

A+

In case you are a complete newbie to the topic, here is a link to CompTIA’s A+ page, but this is their beginner certifications and covers basic computer technician concepts: how do internal parts work, how does the BIOS work, how to service a laptop and a computer. I had a good understanding of 70% of the concepts and I didn’t feel the need to sit for this exam. However, I also wanted to get a refresher, so I signed up to Cybrary.it (it’s free) and watched Anthony Harris’s A+ course. Unfortunately since then the course was retired, but Cybrary offers other, updated A+ courses instead.

N+

I purchased Jason Dion’s N+ course on Udemy as well as the six practice exams, bought the CompTIA voucher and signed up for an exam one month out. I then promptly forgot about the whole thing for about 27 days until I got the reminder email. I rescheduled for another month. A month later I got another reminder email, and rescheduled again. And again. Finally I got tired of procrastinating and decided to just go for it.

Two weeks before the exam I started to watch the course on Udemy. The weekend before the exam I finished the course and moved on to the sample tests and promptly failed all of them. However, I noticed that quite a few people on Reddit also mentioned that they passed the exam and never got a passing score on the practice tests. 

Monday morning I successfully passed the test with a fairly low score. But hey, a pass is a pass ;)

For the record, here are my practice test results: 68%, 77%, 80%, 68%.

S+ 

I did not learn from my previous mistakes, and after scheduling the S+ exam I, again, forgot about it until for about a week before the exam. However, this time the universe decided to play a sick joke on me and there were no dates left for two months out in my area! So, I had no choice but to study for the exam with just 6 days left. I passed. 

I used Jason Dion’s course and practice exams again. I speed-watched the entire course in four days, and each day I took another test to measure my progress. My baseline (pre-course) test was 60%. The practice test results were 62%, 67%, 72%, 78%. A lot of the concepts associated with this course were extremely familiar to me due to the cybersec podcasts I would listen to. For example, I scored 100% on most practice tests in the “Threat, Attacks, Vulnerabilites” module.

The day of the exam I was super unsure if I would pass. I was sweating hard by the end of the exam and barely passed – by a pass is a pass ;)

My personal understanding of CompTIA tests

They are not hard (so far). They are multiple choice questions and they are entirely theoretical. I don’t think they add much value to my career other than a nice little badge on LinkedIn. BUT! They are well-structured and help you organize your study material.

If your goal is to get valid work experience, don’t use the CompTIA exams. 

If your goal is to fill gaps in your knowledge, I would suggest them. If you have a couple $100 dollars to spare, or your employer pays for your continuous education, use them.

Conclusion

  • If you have a basic understanding of IT concepts, you can skip A+.
  • If you like to use online courses for studying, I recommend Jason Dion’s N+ and S+ online courses on Udemy.
  • I also recommend purchasing the practice tests. Some of the questions were verbatim the same.
  • There is always a sale going on on Udemy. Never spend more than $10-12 on a course or practice tests.
  •  I was able to pass these tests without using anything else. Jason Dion’s courses and practice tests together are enough.
  • If you get 70% on the practice exams, you are ready for the real ones. People who pass the real exam don’t always get 85% (passing score) on the test exams.
  • Skip the PBQ’s on the exam. Flag them, then move on to the multiple choice questions, and once you’re done with those you can read and solve the PBQ’s.
  • Flag everything that you are unsure of. After my first round, I flagged about 50% of the questions. Then I went back and reviewed everything I flagged and answered what I could. Sometimes later questions might jog your memory. 
  • Cybrary.it has exam vouchers with 10% off