John Kirk's Reviews > CompTIA Security+: Get Certified Get Ahead: SY0-401 Study Guide

CompTIA Security+ by Darril Gibson
Rate this book
Clear rating

's review

really liked it
bookshelves: computing

I passed my exam first time after I read this book. I've read other books too (as well as quite a bit of hands-on experience), but I definitely learnt a lot from this, and I'll be keeping it around for reference at work.

Comparing this to other study guides, the technical accuracy is definitely better than average. I'm glad that the author has an errata page on his website, although I reported some new errors in July 2016 and 4 months later they're still not listed. Most of the errors are fairly minor; the only real clanger related to networking rather than security. (Basically, the author doesn't understand the difference between a broadcast domain and a collision domain.) Still, if you've followed CompTIA's advice to take the Network+ exam before you prepare for the Security+ exam then this won't be a problem for you.

There are some other aspects which are a bit of a grey area. IT security is quite a fast paced field, i.e. things change frequently. That means that any guidance (whether in print or online) may be out of date by the time you read it. In this case, the book says that RC4 and MD5 are fine, but I wouldn't recommend using either of them nowadays. The book may have been accurate at the time of publication (October 2014), but I suspect that this text was copied from the previous edition (Comptia Security+: Get Certified Get Ahead: Sy0-301 Study Guide) without being thoroughly reviewed. Still, the more general points here are all valid, e.g. the difference between symmetric and asymmetric algorithms.

Coming from a technical background, I found that the most useful part of this book was the terminology. For instance, I wasn't previously familiar with the difference between an RTO (Recovery Time Objective) and an RPO (Recovery Point Objective), but they're important if you're writing a disaster recovery plan. Similarly, if you're not clear on the difference between MTBF and MTTF then you'll learn something from this book.

Sign into Goodreads to see if any of your friends have read CompTIA Security+.
Sign In »

Reading Progress

April 13, 2016 – Started Reading
April 13, 2016 – Shelved
November 10, 2016 – Finished Reading
November 16, 2016 – Shelved as: computing

No comments have been added yet.