How I Passed the CompTIA Security+ Certification

How I Passed the CompTIA Security+ Certification
Page content

This might sound like clickbait or just another post about Security+, and maybe it is. I know I’m neither the first nor the last person to share their experience with this certification. Honestly, I don’t know if I’ll bring anything new to the table. But I figured I’d still share my take. If you’re interested, read on. If not, feel free to check out my other articles. This article will not tell you how to pass the certification.

Why I Took It

Security+ wasn’t about learning everything from scratch for me, it was more like validating what I already knew. I’ve learned most of these things during my degree and I’ve been involved in IT and cybersecurity enough to be familiar with many of the domains the exam covers. Still, I wanted a formal acknowledgment of my skills, and Security+ is a solid foundational certification that touches on a wide range of topics: cybersecurity fundamentals, GRC (governance, risk, compliance), vulnerability management, web and Wi-Fi security, physical security, and more. It’s broad, it’s global and that’s what makes it such a good starting point. Also, if you look for cybersecurity jobs posting, you’ll see a lot of Comptia Security+, CEH, OSCP, and the usual suspects listed under the requirements.

The Lazy Start

I had access to the training materials for a year but did basically nothing with them until the last two months before they were set to expire (mid-February 2025). At the end of December 2024, I finally convinced myself to go for it, partly because I didn’t want to waste $500, and partly because I wanted to finally earn my first certification. And to be fair, I had been pretty busy changing jobs and writing 14 articles on this blog in under a year.

The Study Routine

Starting mid-January 2025, I got serious. I carved out time after work, several hours a week dedicated solely to studying. It wasn’t always exciting, because I was not learning many new things and I felt like going back to school. My style of learning is by practicing, not by ingesting tons of reading. Some nights I studied on the sofa with my phone when I couldn’t stand having a laptop on my lap. Other mornings I went through chapters on the bus. I used the official web/epub reader app on iOS, which honestly did the job. You can even take notes in it, though I didn’t. Again, lazy.

I tried to use Obsidian to take notes at first, thinking I’d build a personal knowledge base that I could possibly share on this blog. But in reality, I was just rewriting everything because I thought everything was important, even if I already knew it. I quickly realized I’m not much of a note-taker and I learn better by reading and thinking. And also, I didn’t have much time left. I gave myself two weeks to take the first attempt, so that after I could have two other weeks to prepare for an eventual retake.

The Exam Setup

This was my first certification exam ever, and I chose to take it online. In retrospect, that added unnecessary stress because my internet isn’t the most reliable. But the exam center was in another city, four hours away from where I live, so going in person would have been a hassle. On exam day, I got disconnected during the verification process with the proctor but luckily it reconnected just fine. The days after, there were works on the 5G antenna in my neighborhood (yes, I have a 5G box at home), so the internet wasn’t working. I even had to borrow my girlfriend’s macbook because the Pearson VUE software is not supported on my Linux computer.

I was also anxious about getting flagged for something silly. I didn’t know where to put my phone, and my desk had a drawer full of office stuff I had to empty. So if you’re taking it online, just make sure your setup is working, clean, stable, and distraction-free. The proctoring environment is stricter than you might expect.

Final Thoughts

Even if you already know a good chunk of the material, be prepared, the new version (SY0-701) includes more realistic, scenario-based, interactive questions that can throw you off a bit if you’re expecting just multiple-choice.

But in the end, Security+ is worth it. It provides a structured way to revisit core cybersecurity concepts and connect the dots across different domains. It’s not just about technical knowledge, it helps you understand the bigger picture, including compliance, governance, and organizational impact.

You can be a technical expert in cybersecurity, but if you ignore GRC and how everything fits together, you’ll never be able to put effort where it truly matters.

Would I recommend it? Yes, if you’re at the beginning of your cybersecurity journey or looking to solidify your fundamentals. Just maybe… don’t wait until your license is about to expire to start studying.