(Part 2) Reddit mentions: The best security certification books

Study Materials
I used this book almost exclusively. It is $10 on the Kindle (this if the 401 version). I got a 73 on the pre-assessment test, and after reading the book an 86 on the post.
As many on this sub-reddit have mentioned, Professor Messer - I gave his videos a try. Of course it's subjective, but he puts me to sleep. The other problem (no specific examples), I found some of the things he said contradicting or just different enough from my readings that it was confusing me. So I stopped using his videos.
CBT Nuggets is available for me through work, and I used Keith Barker's videos. If this is available to you, use it. They have a 7-day free trial, use that and if you can get it all in in 7 days (definitely possible and I don't know if the trial allows full access), get it done for free in 7 days). Otherwise, $88 for a month, and if it helps you pass the exam/understand the material better, do it. Best of all, what Keith was saying seemed directly in-line with my studies, no contradictions and whatever slight variances there were compared to my studies, were explained and made sense.

Practice Exams
I used the ExamCompass practice exams and CertMaster practice exams. Other than validating that I knew my stuff, they don't teach you anything. ExamCompass is free and one of the first results that comes up if you search for CompTIA security practice exam. CertMaster is yours if you get the re-take bundle through CompTIA. Since my work paid for my exam, I had them pay for that one. I'm fortunate to have a workplace that pays for these things, and HR doesn't check anything just approves whatever's put in front of them.

The Exam
The exam itself was nothing like the practice exams. The simulation questions were laughably easy - almost like put the square block in the circular hole type questions - but I'm sure there's variance in this and your results may vary. The questions themselves were nothing like ANY of the practice exams. I felt like I was taking the wrong test or something. Literally felt like it was asking me Cat is to 75786 as Microwave is to
a) carpet
b) hammer
c) wall
d) hamster.
Then again, CompTIA always has those questions not related to the exam for some kind of evaluation purpose - so maybe that's what those were. You will have these kinds of questions, and some of them on a second look can help you see things differently, you might notice a port number in that string of output that you can use to "guess" the correct answer because the multiple choice is a bunch of protocols and one of those protocols matches that port number.
I finished with ~20 minutes to spare, though I used that time to go back and review my questions and answers. On review though, on all but 3 questions, I said to myself, "that's the same answer I would've chosen anyway." I went through that tense moment of answering the demographic questions, and getting to the anticlimactic page telling me I had passed.

Advice
Use what works for you. Gibson's book really worked for me - and Keith Barker's videos were informative and entertaining (...and I'd like to thank you, for watching). Other's here have mentioned a lot of success with Messer, and fwiw, it works for them. If it works for you, use his videos. He's put a lot of work into them - they're free, and people have passed by his videos alone.
Know your gosh-darned port numbers - you should've been doing this since A+ and definitely in your Net+ studies. Though you don't have to take the Net+ prior to the Sec+, I understand why they recommend having it first. There were at least 2 questions that I was able to (easily) answer due to my Network studies.
There's no mention of this in any of my studies, but I got that POODLE question. If I hadn't read about that, literally the day of the exam on this sub-reddit, it would've been a complete guess. I got that one question right because of staying up-to-date on this.
If you are a native English speaker, and are taking this exam in English, you can reasonably correctly guess some of the terms and vocabulary answers - still, study how CompTIA wants you to know things like Threat, Vulnerability, Risk, etc.

https://www.amazon.com/gp/product/1337288780/ref=ppx_yo_dt_b_asin_title_o05_s00?ie=UTF8&psc=1

This was the book I used. I originally rented it for a class, but had to change my schedule up so I just decided to keep it and start studying. I would definitely read another though. Or watch Professor Messers videos if I were to study again. I feel like the book I used was really good, but I definitely would have been more prepared had I used another dedicated study material. Had I rented a second book, I would have rented this one
https://www.amazon.com/CompTIA-Security-Guide-Fifth-SY0-501/dp/1260019322/ref=sr_1_5?crid=14IBV4EVTTAYM&keywords=comptia+security%2B&qid=1562432800&s=books&sprefix=comptia%2Cstripbooks%2C171&sr=1-5

I used their COMPTIA IT Essentials book and I thought it was very good. Those would be my personal recommendations for books, because they are what I am familiar with. I think if you can, you should absolutely watch Messer's videos though. They are really amazing.

Right now CySa+ materials are going on sale because the test is going to change. A new test is coming in the next 6 months or so. That being said it might be worth while getting Net+ first. As I'm sure you noticed while taking Sec+ there is a lot of Networking involved. However, if you are comfortable with networking then I'd just straight to CySa+ while the materials are cheep and your Sec+ knowledge is still fresh.

>New CompTIA CySA+ (CS0-002) exam coming in Q2 2020!

This study bundle is 51% off on amazon currently.

CySa+, like Sec+, is DoD approved so it's (typically) worth more in the job market than Net+

> CompTIA CySA+ meets the ISO 17024 standard and is approved by U.S. Department of Defense to fulfill Directive 8570.01-M requirements. It is compliant with government regulations under the Federal Information Security Management Act (FISMA). Regulators and government rely on ANSI accreditation because it provides confidence and trust in the outputs of an accredited program.

It's great that you already have a goal in mind. I don't know too much about this particular field but I would start off gaining interest in the basis of computer security. This would include encryption schemes, hashing functions, network intrusion detection, secure computing, and others. Here's a book that I read through for an introduction to computer security class. There's probably better books out there but that's the one I read.

Overall, computer security is one of the more specific fields so be sure not to skip over your core computer science and mathematics education.

Your most important starting step is to make sure that you have the foundational knowledge, at least at a conceptual level. I'm a big fan of books, so I would recommend a few to you.

Pick ONE of these. Exam is not necessary, but recommended:
Mike Meyers CompTIA Network+ All-in-One Exam Guide
Todd Lammle's CCENT Study Guide - ICND1

Pick ONE of these. Pay attention to business terminology as well. Again, exam is not necessary, but recommended:
Mike Meyers CompTIA Security+ Certification - SY0-501
CompTIA Security+ All-in-One Exam Guide
Darril Gibson SSCP All-in-One Exam Guide

100% read this. It's the Bible of Python scripting. Second edition is brand spanking new too:
Automate the Boring Stuff with Python

This is a good all-around Penetration Testing book that teaches Linux too. You don't *have* to use Kali, Ubuntu is probably less intimidating to those new to Linux, but you will have to install your own software/packages. This is the only book on this list I haven't read, but I often see it recommended:
Penetration Testing: A Hands-on Introduction to Hacking

While you read these books, you should install some kind of Linux distro on a home computer and use it for practice. I would also recommend doing HackTheBox(first challenge is to hack the login page) and starting with the easy boxes. Do as much as you can on your own first, but if you get stuck, watch IppSec's YouTube walk-through for the box you are on. Might be a bit overwhelming until you get through most of the books on that list though.

You should also start looking towards either the eJPT/eCPPT, the OSCP, or GPEN at this point, as those are the best value certifications in this field and will hold a lot of weight at an interview. There's some stigma with certifications in IT/CS, but the ones I listed are all baseline knowledge and/or high value for those in this field. At the very least the knowledge will go far. But definitely avoid anything from EC-Council like the plague.

Honestly, I just took the assessment blind after beginning the class and passed it. I have experience in the field, but I recently did this Professor Messer course to get my Sec+ and the majority of the knowledge was in that YouTube course.

You can watch the Professer Messer material in a weekend if you watch it at 1.25 speed, again just take notes on things that don't immediately click for you and pay special attention to those in other training material.

This series of books is good in general for CompTIA exams: On Amazon , they always have end of chapter quizzes that map pretty well onto exams.

How are you doing on the practice exams? Any special areas that aren't clicking for you?

I've used Cybrary's practice exams in the past and found them pretty okay:https://www.cybrary.it/catalog/transcender_tests/comptia-cysa-practice-exam/

I'm no hacker or anything, but a few things I would do if I wanted to get into that field would be to learn networking/net security. Being a comp sci major, I assume you understand networking. You could study for the Security+ exam, just to get a good understanding of IT Security and whatnot. Then study for the CEH. I've got a pretty good study guide for CEH, I believe it's this book.

I don't know much about the field, but it does sound fascinating.

I used 3 books in my readings:

https://www.amazon.com/Meyers-CompTIA-Security-Certification-SY0-501/dp/126002637X/ref=sr_1_9?keywords=security%2B&qid=1564790977&s=gateway&sr=8-9

https://www.amazon.com/CompTIA-Security-SY0-501-Exam-Cram/dp/0789759004/ref=sr_1_8?keywords=sy0-501&qid=1564791002&s=gateway&sr=8-8

https://www.amazon.com/CompTIA-Security-SY0-501-Guide-Certification/dp/0789758997/ref=sr_1_16?keywords=sy0-501&qid=1564791002&s=gateway&sr=8-16

I have an ACM membership so I was able to access them all from their learning library. Was able to read all three books in 27 days. Did the practice tests online (mostly got between 96% - 98%). No one author is able to cover all the material. But since this is something that I really need to learn, I try to source out materials from different sources.

I usually go with the For Dummies version first to break it into my brain in a form that's understandable before I cover it using the actual text. Yes, it takes time, and not really allow you to accelerate but it helps me to actually understand what I'm supposed to learn and not just pass the test.

Like with PowerShell right now, I'm on chapter 8 of Windows PowerShell Programming for the Absolute Beginner, 3rd which approaches PowerShell programming by building games. Almost have half of it done then I'd go for Learn PowerShell Scripting in a Month of Lunches. Again, I'm not saying this approach is best, but it works for me to understand things better. Plus work does reimbursement for stuff I buy for the class which really helps if I need a book (an actual printed book).

Awesome contest! Thank you for doing this for other people! This will make someone or someones verry happy indeed!


I want this book and/or this book



These are study books for IT ceritifications. They will make a difference to me because if I can pass the certification tests I can get a better job and make more money.

Yes, unfortunately, it's not cheap. I always do better with a $100 book than with an $1,000 course anyway, and it's a much better use of my valuable time. I checked my Amazon history and it was this book. https://www.amazon.com/gp/product/0071831568. I used the same series for passing the CEH. As for the certs, I quit college and worked to pay the bills while my wife was in school, and by the time she finished, I was already established in the IT space. I never went back to college, so I tend to compensate with certs. They do help a lot when looking for IT consulting work. =)

It's certainly worth a go. I'd read through a guide, such as this:

https://www.amazon.com/Certified-Ethical-Hacker-Guide-Fourth/dp/126045455X/ref=dp_ob_title_bk

Then email EC-Council and explain that you have been working in IT security for 3 years (ok, so you might need to exaggerate a bit here), and that you'd simply like to take the exam, as you feel you already know the information contained in their syllabus.

You might get a few back and forths, but if they are playing hardball, say that your manager has only given you enough in the training budget for one cert this year, and you've chosen the CEH exam, but can't get the funds for the whole course. I expect they'd rather you pend the money on taking their exam, than went elsewhere.

To be honest though, you're probably better off buying the book to study anyway, then taking the OSCP cert from OffSec

It's called out pretty clearly in the description, but it should be version 4. The Boson questions are definitely closer to the exam, and the practice questions at the end of each chapter of the AIO are good as well.

https://www.amazon.com/dp/126045455X/ref=cm_sw_r_sms_apa_i_nsJTDb0J7S9G1

I am currently studying for the Sec+ myself. Through my job I have access to a few books. The resources I am using so far and have liked.

• CompTIA Security+ SY0-401 Authorized Cart Guide, Deluxe Edition
  
• CompTIA Security+ Study Guide: SY0-401
  
• Pearson IT Cert Video Course
  
  My goal is to take the test by the end of Oct. I am also creating/using Flash Cards (from an app) and plan to upload them when I finish so others can use them to help study as well.
  
  When I first sat down to study for the Sec+ I used the following:
  
  
• CBTNuggets
  
• Prof. Messer Cert Videos
  
• CompTIA Security+ Review Guide: SY0-301
  
  So those would be good to look at for the SY0-401 as well.

If you're brave enough, reading the Security+(amazon) cert book and these(wikipedia)is a pretty good step as well.

So you want to become a script kiddy and try and hack with backtrack 5 eh. That's not really the way to learn, you want to read read and read security books. ( http://www.amazon.com/Certified-Ethical-Hacker-Exam-Prep/dp/0789735318 )

To install a OS to a USB use this program, ( http://www.linuxliveusb.com/ ) it will download it, format the drive, and install it to USB for you.

If you are truly interested in learning a different OS, I suggest Linuxmint, Ubuntu or Fedora. Once you get your feet wet with those, try a Gentoo box.

I'm currently studying for an HCISPP certificate and have found the following to be a pretty good guide to all things healthcare security related (not only HIPAA):

https://www.amazon.com/Healthcare-Information-Security-Privacy-All/dp/0071831797

2 Reasons. I have a friend who already has study materials from his 2 allotted pre-tests (audio and videos) and I have already purchased GCIA Books online. Almost done studying. Hopefully can get to the 91% and be on the GCIH Advisory Board..

Reason#2 is that the NEW CISSP Books won't be released until End of OCT. If I'm going to buy the materials, might as well be up-to-date.

• https://www.amazon.com/gp/product/1260142671
  
• https://www.amazon.com/gp/product/1260142655

Yeah he's great!

https://www.google.com/url?sa=t&source=web&rct=j&url=https://www.amazon.com/CompTIA-Cybersecurity-Analyst-Certification-CS0-001/dp/126001181X&ved=2ahUKEwiezIummY7lAhVzIqYKHesCCKkQFjAAegQIBRAB&usg=AOvVaw1aUg1VXkH1whQQvROIqE8W

The following book that I'm going to recommend is something that I've seen a few people commenting negatively about but I found it incredibly useful. Especially if you're considering a "hacking for dummies" book.

http://www.amazon.co.uk/Certified-Ethical-Hacker-Study-Guide/dp/0470525207

Explains the basics, what you'll find in the hacking world in terms of tools and scripts, real world scenarios, end of chapter quizzes if you're that kind of learner etc.

Only other thing I can recommend is;

"X language for pen testers/security engineers/hackers etc".

Example; Violent Python - A cookbook for hackers, forensic analysts, penetration testers and security engineers.

Since you have your CISSP, the InfoSec material will be a breeze. If the CISSP is a mile wide and an inch deep, then I'd say the HCISPP is 3/8 of mile wide and a half-inch deep. You'll be fine.

​

For the Healthcare information, I know it touched on things like the healthcare industry, breach timelines, security and privacy regulation, technology specific to healthcare (EHR, EMR, coding, data exchange, etc.).

​

Looking through my notes, I see that I actually read this as well: https://www.amazon.com/Healthcare-Information-Security-Privacy-Murphy/dp/0071831797

I personally recommend:

CEHv9 https://www.amazon.com/CEH-v9-Certified-Ethical-Version/dp/1119252245/
Hacking the art of exploitation https://www.amazon.com/Hacking-Art-Exploitation-Jon-Erickson/
Penetration Testing: A hand on Introduction to hacking: https://www.amazon.com/Penetration-Testing-Hands-Introduction-Hacking/dp/1593275641/

They would do you more service buying books like http://www.amazon.com/Certified-Ethical-Hacker-Study-Guide/dp/0470525207 or http://www.amazon.com/Network-Warrior-Gary-Donahue/dp/1449387861/ref=sr_1_1?s=books&ie=UTF8&qid=1451148178&sr=1-1&keywords=network+warrior

But maybe they just don't know ... they see you only "sitting behind that thing they don't understand very well, for hours", you probably never talked about hobbies without it going awry, I can imagine. Not blaming anyone or anything, just saying, this is what usually happens and their reaction is gentle nudge.

This would greatly improve my life
I could use it to study for my Network+ Cert and advance my career in IT.

=P

I agree. I would look into virtual labs too.

I personally liked these:

https://www.cybrary.it/catalog/practice_labs/comptia-cybersecurity-analyst-csa

And the Sybex book and practice questions:

https://www.amazon.com/CompTIA-CySA-Study-Guide-CS0-001/dp/1119348978/

https://www.amazon.com/CompTIA-CySA-Practice-Tests-CS0-001/dp/1119433207/

Edit: CompTIA renamed Cybersecurity Analyst from CSA to CySA. So you will see a mix for a while.

This is probably your best bet All In One Book.

A couple by William Stallings: Computer Security: Principles and Practice and Cryptography and Network Security: Principles and Practice

Experience only gets you so far on the CISSP, as plenty of smart people with loads of experience fail, because they don't understand how to take an exam or the boundaries of it. You can't cram for the CISSP, and need to make sure that you study evenly over time before the exam, as there is a lot of range in topics, but not much depth. Here is how I passed:

I used Shon Harris's CISSP All-In-One:

https://www.amazon.com/CISSP-All-One-Guide-Eighth/dp/1260142655/ref=sr_1_1?crid=NGMZ8UWXWDNQ&keywords=cissp+all-in-one+exam+guide%2C+eighth+edition+by+shon+harris&qid=1570840219&sprefix=shon+harris+all+%2Caps%2C234&sr=8-1

In the back of the book there is a testing engine online hosted by the publisher. I did that over and over (after reading the book) until I knew the answers like second nature. When doing the testing engine, it is important to know why answers are wrong as much as knowing the right answer.

Please see the following video, where I used the same method to study and pass the CISSP and multiple AWS exams:

https://youtu.be/wod92WIn92E

​

My background: been a CISSP since 2012, and have personally helped 2 people study and pass this exam.

Hope this helps!

Few books for you to consider - I got these for my course and are hugely useful. I've also included the Encase book as I know our forensics guys go back to it all the time:

Computer forensics using open source tools

The essential Brian Carrier - file system forensics

Real Digital Forensics

Encase training book

Digital Forensics Investigation

Forensic Discovery

> I have my A+ cert
>
>they recommended a segmented network. and I had to google what that even was.
>
>I am the "IT Guy" The previous "IT Guy" got me this job

You need to start reading cbks right now in all your free time. Even if you don't take the cert exams for the cbks below, it is knowledge you need to know asap.

​

I suggest these (in order):

​

https://www.amazon.com/CompTIA-Network-Certification-Seventh-N10-007/dp/1260122387/ref=sr_1_3

https://www.amazon.com/CompTIA-Server-Certification-Guide-SK0-004/dp/125983803X/ref=sr_1_1

https://www.amazon.com/Windows-Server-Complete-Study-Guide/dp/111885991X/ref=sr_1_4

https://www.amazon.com/Windows-PowerShell-Cookbook-Scripting-Microsofts/dp/1449320686/ref=pd_sbs_14_5/143-0552349-3403540

https://www.amazon.com/Windows-Server-Complete-Study-Guide/dp/1119359147/ref=sr_1_3

https://www.amazon.com/CompTIA-Security-Guide-Fifth-SY0-501/dp/1260019322/ref=sr_1_4

That is because it is the old version.

To be fair that is the one I studied since I studied after the current test was released but before the new edition and I passed first try so maybe it's fine?

​

EDIT: NOPE. 8th Edition is $41, which is $3 cheaper.

​

https://smile.amazon.com/CISSP-All-One-Guide-Eighth/dp/1260142655/ref=sr_1_1_sspa?keywords=cissp+all+in+one&qid=1555433292&s=gateway&sr=8-1-spons&psc=1

I would say self-study for the EnCE. That'll be probably the best for you.

Carry out all of the exercises and what not and make sure you research anything you don't understand.

im watching jason dion cysa videos and bought this one based on the most reviews, theres no perfect book like gibson was to Security+

https://www.amazon.com/gp/aw/d/1119348978/ref=mp_s_a_1_2?ie=UTF8&qid=1525549311&sr=8-2&pi=AC_SX236_SY340_QL65&keywords=comptia+cysa%2B&dpPl=1&dpID=51F3etaiN4L&ref=plSrch

You should be fine. But invest in yourself. Read this book and profit. At least that's what I did and I knew nothing about networking before. Now I can at least understand what the networking team is doing.

https://www.amazon.com/CompTIA-Network-Certification-Passport-Authorized/dp/0071789057/ref=sr_1_11?s=books&ie=UTF8&qid=1494895422&sr=1-11&keywords=comptia+passport+plus

I passed 501 with about 2.5 weeks of study with CompTIA Security+ Certification Study Guide, Third Edition and CompTIA Security+ SY0-501 Exam Cram. Probably 4 or 5 hours in the beginning reading to anywhere between half hour to 2 hour sections of reviewing stuff. Didn't feel ready and the test questions were way different but I knew enough about it all to pass it. Definitely doable, just put the time into reviewing stuff.

No lab questions per se; there were scenarios like read this nmap out and choose the best answer. No pick more than 1's. I used Oriyano's guide. Didn't read all of it. Maybe 50%. https://www.amazon.com/CEH-v9-Certified-Ethical-Version/dp/1119252245/ref=sr_1_1?ie=UTF8&qid=1486960385&sr=8-1&keywords=ceh+v9

I'm working on studying for this while I wait to be re-enrolled. Just purchased the all-in-one CHFI book for $30. I've used these books before for CompTIA exams and thought it might be a good place to start.

https://www.amazon.com/Computer-Hacking-Forensic-Investigator-Certification/dp/0071831568/ref=sr_1_3?keywords=all-in-one+chfi&qid=1572398962&sr=8-3

No. It's a lot of unnecessary work. Study for them, sure; do the Skillport modules , even though they aren't super helpful. If anything it'll knock out some busy work for you during the course. I'd recommend buying Passport books for both Net+ and Sec+ (Net+ passport book) and using those as your main study material. If you hit that hard before you go and for the month that you're here before you take the certs I'm 90% sure you'll pass.

I passed CySA+ using This book and This video course.


Security+ has a bit of overlap, especially if you took the 501. Focus well on the information about regulations, chain of custody, and forensic processes.

You know, I have not studied Security+.

Speaking for myself, I would assume you'd want to be aware of the latest technology & matters related to the field, not study material that may not be as relevant, and missing out on new methodologies.

This is a field where you need to be cognizant of current practices.

What Cybersecurity skills do employers look for? https://certification.comptia.org/it-career-news/post/view/2017/07/05/what-cybersecurity-skills-do-employers-look-for

It is true that you do not have many resources to choose from for 501 as the other Redditter mentions.

I located this book just in case. It is by David Prowse.
https://www.amazon.com/CompTIA-Security-SY0-501-Guide-Certification/dp/0789758997

David Prowse: http://www.davidlprowse.com/articles/

Bio: David Prowse: http://www.pearsonitcertification.com/authors/bio/6b781d51-4a68-4490-ab10-02a757602ceb

I would imagine that this is the book. https://www.amazon.com/CompTIA-CySA-Study-Guide-CS0-001/dp/1119348978/ref=sr_1_1?ie=UTF8&qid=1518465950&sr=8-1&keywords=sybex+csa
It seems to be often recommended.

Oh no problem at all, I found there were a few questions on Poodle/shellshock in there which I knew there would be and questions regarding a few tools (nmap and such). I do have a study guide and a good prep book that I used. CEHv9 Study Guide found here: https://www.amazon.com/CEH-v9-Certified-Ethical-Version/dp/1119252245

You can find it other places too, if you would like to see the study guide send me a PM and i'll copy and paste it for you!

Can you pass a drug test and do you have a clean record? If so, get your Comptia Security+ 501 certificate. It is required for any government IT job which is probably one of he biggest employers here in the Springs. Every video instruction you need is free on youtube. The books are $35 on amazon. You can get discounted test certificates here. Sec+501 took me maybe a month of studying to pass, and getting it will open up more doors for you in the IT field in this town than any other certificate, so long as you meet the requirements in my first sentence. The clearance may or may not be a necessity depending on where you go. On base might be difficult, but there are more jobs than you think out there for government contracting. DOD, DHS, and numerous other agencies all have contracting jobs readily available in this town. But you need Sec+.

He does! I just bought the kindle version (only $10) to use for my own studies.

https://www.amazon.com/gp/aw/d/126001181X/ref=mp_s_a_1_2?ie=UTF8&qid=1520706009&sr=8-2&pi=AC_SX236_SY340_FMwebp_QL65&keywords=csa%2B&dpPl=1&dpID=515Z0goTp7L&ref=plSrch

https://www.amazon.com/CompTIA-CySA-Study-Guide-CS0-001/dp/1119348978/ref=sr_1_1?ie=UTF8&qid=1519675757&sr=8-1&keywords=CSA%2B

https://www.amazon.com/CompTIA-Cybersecurity-Analyst-Guide-Certification/dp/0789756951/ref=sr_1_2?ie=UTF8&qid=1519675757&sr=8-2&keywords=CSA%2B

I used this book:

https://www.amazon.com/gp/aw/d/B00NNWKN3G/ref=mp_s_a_1_1?ie=UTF8&qid=1495649897&sr=8-1&pi=AC_SX236_SY340_QL65&keywords=security%2B

For all 3 exams, I followed the same order of study materials. I would first read a book that covered the whole exam. Next, I would watch a video series about the exam(I would read a book and watch videos at the same time). I then would go through the exam objectives and look up anything else I didn't learn from the books or the video series. Lastly, I would some practice exams to practice test questions (look up any terms you don't know in any questions).

|Exam|Step 1: Read a Book|Step 2: Watch a video series|Step 3: Go over exam objectives|Step 4: Practice tests|

--|:--|:--|:--|:--|
|Network+|https://www.amazon.com/gp/product/1260122387/ref=ppx_yo_dt_b_asin_title_o02_s00?ie=UTF8&psc=1|https://www.professormesser.com/network-plus/n10-007/n10-007-training-course/|https://certnet.de/wp-content/uploads/2017/08/Network-N10-007-Exam-Objectives.pdf|Didn't actually use any practice tests for net+ but would recommend|
|Security+|https://www.amazon.com/gp/product/1260019322/ref=ppx_yo_dt_b_asin_title_o02_s00?ie=UTF8&psc=1|https://www.udemy.com/comptia-security-certification-sy0-501-the-total-course/|https://www.comptia.jp/pdf/Security%2B%20SY0-501%20Exam%20Objectives.pdf|https://www.udemy.com/comptia-security-practice-exams/|
|CySA+|https://www.amazon.com/gp/product/126001181X/ref=ppx_yo_dt_b_asin_title_o00_s01?ie=UTF8&psc=1|https://www.udemy.com/comptiacsaplus/|https://www.comptia.jp/pdf/comptia-cybersecurity-analyst-(cs0-001).pdf|https://www.udemy.com/comptiacsa/|

https://www.amazon.com/CompTIA-Security-Guide-Fifth-SY0-501/dp/1260019322

Basically I got a call from a recruiter on Wednesday night saying that if I passed the test by the end of Friday I would have a guaranteed job. Thursday morning I popped an addy, read messers study guide, did the chapter quizzes in the book, and the rest of the day I worked on the chapters I was deficient in. Friday morning I took the exam and passed.

i am also using the udemy videos plus this book https://www.amazon.com/CompTIA-CySA-Study-Guide-CS0-001/dp/1119348978/ref=pd_lpo_sbs_14_t_1?_encoding=UTF8&psc=1&refRID=Q1HMEANW19CTDCH8E366

professor messer, and this book https://www.amazon.com/CompTIA-Security-Guide-Network-Fundamentals/dp/1337288780
also exam compass questions

The Sybex study guide will be available on April 24th. I plan on buying that, studying for a month, then taking a shot at the exam in late May.

https://www.amazon.com/CompTIA-Security-Guide-Fifth-SY0-501/dp/1260019322/ref=mp_s_a_1_4?ie=UTF8&qid=1540824481&sr=8-4&pi=AC_SX236_SY340_FMwebp_QL65&keywords=security%2B+sy0-501

Yea, in face this is the bundle I got:

https://www.amazon.com/CompTIA-Cybersecurity-Analyst-Certification-CS0-001/dp/1260453251/ref=sr_1_5?keywords=CySA%2B&qid=1558129385&s=gateway&sr=8-5

>I know I likely won't do well in the event, however, I want to challenge and provide myself a goal

Why not? You'll just have to study like hell.

1. Wireshark 101 and/or Practical Packet Analysis
   
2. The Tangled Web: A Guide to Securing Modern Web Applications
   
3. https://www.amazon.com/CompTIA-CSA-Study-Guide-CS0-001/dp/1119348978
   
   PM if needed
   
   

I have the same question. I'm partial to this one:

https://www.amazon.com/CompTIA-Security-Guide-Fifth-SY0-501/dp/1260019322/ref=sr_1_3?ie=UTF8&qid=1518405572&sr=8-3&keywords=security%2B

But it only comes in CD-ROM or Kindle format. I managed to find the hard cover edition on McGraw Hill's site and CompTia's own online shop but the cost of having it shipped to Canada is too high for my taste. Anyone know of a place I can pick this up in Canada?

I took the Net+ in November before I enrolled at WGU. I read through the Mike Myers Network+ Passport book and passed the exam no problem YMMV

https://www.amazon.com/CompTIA-Network-Certification-Passport-Authorized/dp/0071789057

This is exactly why the professionals in IT very rarely talk security with people who arent in the industry. TV and movies have really made people think things will happen that never will, or are near impossible.

The type of effort you are talking would be like if some terrorist encrypted their manifesto on a thumb drive and the government had to crack it right away to avoid another attack. Dont you remember how complicated it was just to get into the San Bernadino people's iphones? The resources and time required once you pass a certain level are insane.

I hope no one here is that type of person. If you want to find out how complicated it really is, this is where you start down the rabbit hole.

https://www.amazon.com/Certified-Ethical-Hacker-Guide-Fourth/dp/126045455X/ref=sr_1_3?keywords=ethical+hacking&qid=1570333559&sr=8-3

and this

https://www.kali.org/

I suggest using Virtual Machines on a separate drive to boot your system with the network NIC drivers removed if you install and start messing with how that all works.

Also, here is a tool to tell you the amount of possible passwords. Even with ONLY letters uppercase and lower, the amount you get at 20 characters is like the amount of stars in the galaxy or something insane you could compare it to. Grains of sand in the outer banks maybe? Just at 26 letters you have 52 characters to make combinations from when you consider upper and lowercase. Think of how many possible combinations there are when you shuffle a deck of cards. You shuffle a deck, I shuffle a deck, what are the odds I shuffle them and the cards end up in the same order as yours? Even using a computer to try and match your pile, its gonna take a really really really long time. Then mix in numbers and characters. Each single possibility added to make is 53, 54, 55 etc, turns it into a HUGE unfathomable number when you are at 20 characters. You cant brute force it, and without a REALLY educated guess, thats your only option. Unless you are the gubment and have a key for the algorithm.

http://www.csgnetwork.com/optionspossiblecalc.html

For the Total Tester 6.2, that comes with the this book. I did not buy the book, but a colleague of mine bought it, and he lend me the disc. I'm thinking, "great more test practice questions to try", and it came with a PDF of the book, so I can look at different explanation. There has been another one regarding threat actors that did not make any sense as well. Since the book, as far as I know, is the only one with definitions for structured threats, but there is no matrix on regarding what threat actors are unstructured, structured and high structured, unless you go into the part in the book to explain that.

I have watch the PluralSight videos, not Prof. Messer, and there was no matrix I can find on the different structures of threats. I am thinking to myself, am I that bad at these tests.