Wednesday, April 6, 2022

CompTIA Security+ Certification - Part 3 (I passed!)


I passed the Security+ exam on April 5th with a 787!

Security+ Logo

The Security+ incorporates best practices in hands-on troubleshooting, ensuring candidates have practical security problem-solving skills required to:
  • Assess the security posture of an enterprise environment and recommend and implement appropriate security solutions
  • Monitor and secure hybrid environments, including cloud, mobile, and IoT
  • Operate with an awareness of applicable laws and policies, including principles of governance, risk, and compliance
  • Identify, analyze, and respond to security events and incidents

Other than my experience, I relied primarily on Professor Messer's video content. I watched all of his videos over the last 6 months or so.

I didn't take any notes other than a few flashcards to memorize port numbers and protocols. I also used some study apps on my phone to do extra practice questions. I have been in IT since 2014 and focused on networking and security, and I have also had my CCNA in the past. I think those played a factor in my passing as well.

I used Professor Messer's and Jason Dion's practice exams, and here are my scores:

Messer A: 81%, Messer B: 88%, Messer C: 87%
Dion 1: 83%, Dion 2: 79%, Dion 3: 80%, Dion 4: 78%

I took a handful of TotalTester exams as well and averaged 85% on those.
My weakest categories were Architecture and Design and Governance-Risk-Compliance.

For the exam:
  • I did it at a testing center to avoid the complications of testing at home.
  • I skipped the Performance-Based Questions at the beginning and came back to them after the multiple-choice questions.
  • There were definitely questions that I had no idea for that even after going back for review still had no clue, so I just made the best guess
  • I had about 30 minutes left on the clock after reviewing everything and submitting
  • I was a little anxious that I might fail, but overall felt confident


Thanks to my wife and kids for being patient with me and for my time away to study!

(Link to CompTIA's website: https://www.comptia.org/certifications/security#overview)
(Link to Professor Messer's website: https://www.professormesser.com/)

Tuesday, February 15, 2022

Sophos Threat Response Certified Admin

I participated in the Sophos Threat Hunting Academy - Season 3, which had 5 1 hour sessions of Sophos and threat hunting training. Here is the schedule and topics:

Session 1 – Responding To An Attack: Initial Response                         Feb. 1, 2022
Session 2 – Responding To An Attack: Triaging The Issues                 Feb. 2, 2022
Session 3 – Responding To An Attack: Neutralizing The Threat         Feb. 3, 2022
Session 4 – Incident Response: Planning and Prevention Measures Feb. 8, 2022
Session 5 – Season 3 Wrap-Up and Q&A                                                 Feb. 9, 2022

Each session had a live demonstration of the Sophos incident response team and how they respond to incidents of new and existing customers.

They showed how to use the Sophos Central Live Discover feature and run queries against the machines and the stored data in Sophos Central.

They discussed other tools available in the cybersecurity industry, and also how to get training in cybersecurity using tools like "Hack The Box" and "Try Hack Me".

Overall it was very educational and was a great free resource, especially for existing Sophos Central customers.

At the end of the course, there was an exam where I passed and was given the title of "Sophos Threat Response Certified Admin".
See the certificate here: Sophos Threat Response Certificate



Here is a link to the community page to learn more:
https://community.sophos.com/intercept-x-endpoint/b/threat-hunting-academy

Tuesday, December 28, 2021

CompTIA Security+ Certification - Part 2

Within the last few months, I have spent more time intentionally studying for the CompTIA Security+ exam, specifically the SY0-601. (Link to CompTIA's website: https://www.comptia.org/certifications/security#overview)

I have primarily been using Professor Messer's videos. (Link to Professor Messer's website: https://www.professormesser.com/)

I have made it through about 12 hours of his 21 hours of videos, or around 57%.

Since I started watching the videos, I started taking some practice exams. I had access to practice exams since I am an ACM member (https://www.acm.org/), which gives me access to O'Reilly's online learning platform (https://www.oreilly.com/online-learning/).

I have documented all of my exam scores so far, and here is a summary of where I am at (this is an average of 5 practice tests):


As you can see, I am not scoring very well in the "Governance, Risk, and Compliance" domain. I haven't had very much in the realm of formal training in this, and I don't have much real-world experience either.
On top of that, I haven't gotten to that domain yet in the Professor Messer videos.

I also bought the Professor Messer Sec+ practice exams, and have only taken one of them so far, and got around an 81%. I noticed that many of the ones I got wrong are covered in videos of his that I haven't watched yet.

I will continue watching his videos and taking exams and reporting my progress.

Tuesday, February 25, 2020

CompTIA Security+ Certification - Part 1

I was browsing for content in Safari Books Online and saw a CompTIA Security+ Exam guide. This is an exam I have considered in the past, so I decided to click on it. When reviewing the book, I saw there was an option to take a Pearson practice exam and that it is included in my membership. I have never formally studied any of the Security+ exam content, but I thought it could be worth taking it to see how I would do.

I took the practice exam and I got a 90% and the passing requirement was 85%!

I was surprised by this result, and have determined that I am going to study up for this exam and take it. My goal is within the next month or so.

I am primarily responsible for many of our cyber security efforts where I work (second to my manager), and I think this would be a good fit for my role.

I will report my progress through new posts.

Monday, February 10, 2020

CHI-NOG 10

I will be attending CHI-NOG 10 this year. Just like I said in a previous posts about CHI-NOG, I am super excited about going to learn some new things and meet some great networking folks.

Snippet from CHI-NOG's website about what it is:

CHI-NOG is the first and the only Chicago based Network Operators Groups. The group was started by network engineers and network architects to create a community, to learn from each other and meet others. We get away from our keyboards and screens to meet in person every year bringing in speakers from all over the US to learn and have a beer with them. CHI-NOG is vendor neutral so we aren’t trying to sell you anything, but you do get a pretty awesome t-shirt each year for attending.

I have attended each since CHI-NOG 07 and have always loved it. The venue is great, the speakers are great, and I always learn a lot. The vendor hall afterwards is usually small and intimate, so you can ask all the questions you want. The vendors are normally pretty laid back instead of being super sales-y.

You can find past presentation videos on YouTube here: https://www.youtube.com/user/chicagonog/videos

Here is some info on CHI-NOG 10 this year:
Venue: Holiday Inn Chicago Mart Plaza River North Hotel
Address: 350 W Mart Center Dr, Chicago, IL 60654
Date: 28 May 2020
Start: 8:00 AM
Social: 6:00 PM – 8:00 PM

More information on CHI-NOG 10: http://chinog.org/chi-nog-10/

Hope to see you there!

Friday, July 27, 2018

Cisco Live US 2018


I am writing this late, so many details of the week escape me, but I knew I wanted to write something.

I attended Cisco Live US 2018 in Orlando this year. I had so much anticipation leading up to it from the moment it got approved at work. I had first learned of Cisco Live while attending the Cisco Network Academy at my local college. It seemed like a dream that I would never have.

Alas, it came and went. I stayed at a hotel that was about a 15 minute walk from the conference, which was nice. I got ripped off by an Uber driver for the first time while I was there too, luckily I got refunded.

I took my CCNP Switch exam for the first time on Sunday before the conference. I unfortunately got a 706 and needed a 790 to pass. I am sure I could have studied more to pass, and plan on retaking it soon.

After that point, the conference itself felt like a whirlwind. The conference was SO BIG. The sessions were great and I learned a lot. The World of Solutions was also quite impressive. Throughout the entire week I felt like I barely scratched the surface of what CLUS had to offer, and that feeling came early and remained tangible.

I met some great people and got to go to some great parties. I got to see Ludacris at a nearby House of Blues. I got to go to a Top Golf for the first time. I got to go to a Main Event for the first time (the VR zombie game was insanely awesome). I got to go to Universal Studios for the first time, which was a great time, especially seeing CAKE.

Honestly, the thing that was most disappointing was the fact that coffee and snacks were at scheduled times. I WAS EXPECTING READILY AVAILABLE COFFEE ALL DAY. The staff literally set up the coffee stations about 30 minutes before the scheduled "coffee time" and then covered it up with a sheet and stood there until the scheduled time. That was unfortunate because it seemed like every time I wanted some coffee, I either couldn't find any, or they told me they couldn't serve it yet.

Ultimately, I am not sure if I plan on trying to go every year, but rather maybe every two or three years.

Wednesday, March 28, 2018

CHI-NOG 08


I will be attending CHI-NOG 08 this year. I am super excited about going to learn some new things and meet some great networking folks.


Snippet from CHI-NOG's website about what it is:

CHI-NOG is the first and the only Chicago based Network Operators Groups. The group was started by network engineers and network architects to create a community, to learn from each other and meet others. We get away from our keyboards and screens to meet in person every year bringing in speakers from all over the US to learn and have a beer with them. CHI-NOG is vendor neutral so we aren’t trying to sell you anything, but you do get a pretty awesome t-shirt each year for attending.


I went last year to CHI-NOG 07 and loved it. The venue was beautiful, the speakers were great, and I learned a ton. The vendor hall afterwards was small and intimate, so you could ask all the questions you wanted. All of the vendors seemed pretty laid back instead of being super sales-y.
Here are some videos from CHI-NOG 07: http://chinog.org/meetings/chi-nog-07/chi-nog-07-videos/


Here is some info on CHI-NOG 08 this year:

Venue: Holiday Inn Chicago Mart Plaza River North Hotel
Address: 350 W Mart Center Dr, Chicago, IL 60654
Date: 10 May 2018
Start: 8:00 AM
Social: 5:00 PM – 7:00 PM

More information on CHI-NOG 08: http://chinog.org/chi-nog-08/