Welcome back everyone! At the time of writing this blog I hold eight Industry Accredited, IT Certifications (Net+, Sec+, Cloud+, CySA+, PenTest+, CASP+, GCIA, and CISM). Thus I decided to write a blog about my study methods to help others pass similar IT based certifications. My study methods are my own and may not work for you or guarantee a pass, but if you are looking for a good place to start, check out my Five Simple Habits below.

The Five Simple Habits to Pass Any Certification

(Cliff notes edition)

There are five simple habits that will help you as a future IT or Cyber Professional to pass virtually any certification. Learning these habits will help you train your brain, improve study habits, retain information, and be able to apply what you learn in IT & Cyber for everyday situations.

1. Do your research and purchase reliable, peer-reviewed study materials (books, practice tests, other study materials).

2. READ THE BOOKS - Highlight, tab, and take notes on the books as you read them.

   1. BONUS STEP: Create an index to help guide your review (SANS Method)

3. Take practice tests and take specific notes on questions you did poorly on.

4. Review the questions you did poorly on and review your notes to come to the correct answer.

5. REREAD THE BOOKS while using your notes, tabs, and highlights to speed the review process up.

And that is it! Once you complete this process and feel comfortable with the material, go pass that certification exam! If you have more time or want to know more about my process, continue onto the full blog read!

The Five Simple Habits to Pass Any Certification

Full Blog Review

I am passionate about education and training so I have been working on this blog entry for quite some time. I wanted to share my thoughts on how to pass virtually any Industry Standard IT Certification (e.g., CompTIA, ISC2, ISACA, etc.). Keep in mind these habits do not apply to Performance Based Questions (PBQs) and exams that are entirely simulated (like OSCP), but these habits will help you greatly for the more traditional Q&A, True/False, and multiple-choice style certification exams.

THESE METHODS ARE MY OWN AND MAY NOT GUARANTEE A PASS OR WORK FOR YOU. And that is okay. The important thing is for you to find a method of studying and learning the material that works for you to pass an industry certification.

Step 1. Do your research and purchase reliable, peer-reviewed study materials (books, practice tests.

Once you decide you want to attempt an IT certification, you must purchase study materials. This can be a challenging endeavor because there are many great organizations that have written detailed books on the certification you wish to take. Do not get overwhelmed with the variety of options that are out there! Use google reviews, amazon reviews, IT subreddits, and ask mentors who passed the exam which materials they used. Book reviews found on google or amazon or other review websites can be extremely helpful because they can provide insight in the make-up of the book, the pros and cons, or even recommend other books to try. Do not be afraid to ask people who have used these books to pass certifications which materials they used! You can also ask Cyber mentors (like me!) to provide insight. It is important to understand that for one certification you may really like the Wiley Sybex book, but for a completely different certification, you may find McGraw Hill books (more commonly known as the brown all-in-ones) to be better study materials.

This includes choosing practice tests to help you pass your exam. Some organizations (like ISC2 and ISACA) generate their own practice tests for their certifications. This is great because practice tests from the originating organization of the certification are going to be the best reflection of the real certification exam. Some organizations like CompTIA do not provide much in the way of their own books, study materials, or practice tests for the certifications they created. This means you must do more diligent research on the materials you buy. Look at the reviews for books and compare which is better before purchasing. When I can afford it, I sometimes consider purchasing two books on the same certifications so I can get different material and perspectives on the exam material!

In the end, you must do your own research on the various study materials (and authors out there) and find the right books for you to pass your certification.

Step 2. READ THE BOOKS - Highlight, tab, and take notes on the books as you read them.

1. BONUS STEP: Create an index to help guide your review (SANS Method)

I know this step may seem a bit obvious at first, but IT certifications do take work and knowledge. For those that do not have 10-15-20 years IT experience, it is highly unlikely to pass a certification without a little knowledge refresh! Once you have purchased your study materials, get cracking and read them.

Reading study materials, especially for the more challenging exams like CISM and CISSP, may not be enough. Therefore Step 2 involves doing something I like to call the TAB or SANS Method. The TAB Method is a study method often taught in SANS Institute boot camps, where as you read a study material, you highlight important parts and you put a sticky note on the page as a tab (see pictures). This allows you to quickly reference back to the page to get to what you highlighted. Taking this method once step further, you can also write on the sticky notes to annotate what the tab is about. BONUS STEP: The full SANS Method of tabbing involves creating an index of ALL YOUR TABS. This may seem extreme, but for GIAC certifications and SANS Institute you can bring in your study materials during the exams. People create indexes of their tabbed study materials to allow for referencing concepts fast during the GIAC exams.

In short, read your study materials, highlight important concepts, tab your books and materials to get to the more challenging concepts faster, and if you want, go full SANS Method, and create an index. Whatever method you choose, make sure you study the materials in a way that helps you grasp the material and do well on the practice tests prior to take the certification exam.

Step 3. Take practice tests and take specific notes on questions you did poorly on.

A significant part of studying for any IT certification exam is to get into the right mindset - the test taking mindset. It is important to familiarize yourself with questions regarding the material as well as practice answer questions in a timed environment so come certification exam day you are not (too) stressed out by the exam. Once you have read the books and study materials, it is recommended to take practice tests that simulate the exam, both in terms of the content of the exam and the timed test taking environment.

Therefore many organizations (CompTIA, ISC2, ISACA, SANS, & more) offer a variety of "practice tests" that simulate the exam you will be taking. There are also third-party groups like Wiley, Measureup, Udemy, and more that offer practice exams based on their experience of the exam and the study materials or books they make. I always recommend (when one can afford it) to look at purchasing practice tests from the certification provider first. This is because the certification exam providers are typically authorized to best replicate their own certifications without giving too much away. Organizations like SANS and the others will create bundles that include study material, books, practice tests, along with the purchase cost of the exam. This is not to say you should not consider using reliable third part providers. I am a huge fan of Udemy, Measureup, and Wiley because they provide fresh perspectives on the topics and materials regarding the certification exams.

Whichever practice test provider you go with, make sure once you feel comfortable with the study material you allocate time to take practice tests! Practice makes perfect as they say! Step 3 and 4 are repeating processes until you are comfortable to take your certification exam.

Step 4. Review the questions you did poorly on and review your notes to come to the correct answer.

Now you have read all the study materials and are taking a practice exam. Maybe you did well and maybe you did not. In either case, it is highly recommended you take notes on questions that were difficult and review them later. Your highlights and tabs could help greatly if you decided to do this step.

Do not just take one practice test either! If you can afford it, try and take a few practice tests and mingle them into your review time. Take a practice test, review questions and material you did poorly on, read your books, then take another practice test.

Another great point to make is a lot of these books come with free practice tests or short quizzes at the end of each chapter of the books. DO THESE AS WELL! Continuously going over content greatly helps retention.

Step 5. REREAD THE BOOKS while using your notes, tabs, and highlights to speed the review process up.

Make sure to take breaks occasionally, but the important take away is to keep reviewing material up until your certification exam date! This is time to review chapters or domains that you had difficulty with during your first read through or first practice test. Once you felt you have done a sufficient review of all your study materials and practice tests, go schedule that certification exam! Good Luck!

WARNING: This should go without saying, but DO NOT USE "TEST BANKS!" They are bad, illegal, and will cause you to lose your certification.

And that is it! Good luck on your IT certification!

Stay Safe, Stay Cyber

@thatcyberguy5