English Comprehension and Security+
Is yur english comprehension good? If not, you might find the Security+ exam quite challenging.
Gratefully, I hear from people almost every day telling me that they passed the Security+ exam using the CompTIA Security+: Get Certified Get Ahead: SY0-401 Study Guide and/or study materials on the gcgapremium.com site.
Occasionally, I hear from people telling me that they dropped the exam more than once. I’m beginning to believe that the problem is often English comprehension.
RTFQ and English Comprehension
In the study assessment post, I mention the importance of two basic test-taking strategies: Read the Full Question (RTFQ) and Read the Full Answer (RTFA). When studying with practice test questions, it’s also important to Read the Full Explanation (RTFE).
Still, these strategies elude some people.
For example, the study assessment post explains how a subtle change in a question confuses some people prompting them to email me. Consider the order of volatility.
The order of volatility from most volatile to least volatile is:
- Cache RAM
- Regular RAM
- Swap files stored on local disk drives
- Data stored on local disk drives
- Logs stored on remote systems
Which of these items is the least volatile?
It’s an easy question. The answer is item 5 – logs on remote systems.
Consider this question.
A database server is currently under attack and you want to ensure that you are able to preserve all the data for forensic analysis. What data on the server should you collect last?
What’s the answer now?
Many people jump on Remote logs, because they knew this was the correct answer in a different question. However, the subtle change in the wording makes this a completely different question and a completely different answer?
For some reason, this eludes people prompting them to email me about the “error.”
RTFE and English Comprehension
The explanation stresses that the question is only asking about data on the server, not on remote systems. I typically try to get people to go back and read the explanation. Some do and they get it. Others say they read the explanation, but still insist that Remote logs is the answer.
After a couple of attempts to get them to arrive at the correct answer on their own, I abandon the Socratic method of teaching and give them a direct answer. I use simple sentences, emphasize key words with asterisks (*), and separate sentences with white space. My answer might look something like this:
The question is asking:
What data ***on the server*** should you collect last?
Remote logs are on remote systems.
Remote logs aren’t ***on the server***.
This helps them understand. However, it isn’t clear to me why I was unable to get them to read almost the exact same words in the explanation.
Failing and Security+
I recently received a couple of emails from someone that dropped the Security+ exam. Here’s a cut and paste of each.
I took the security + sys401 and fail 3 times. I studied your book and went to a class and fail. The question in the book are very simple compared to your book. Everyone us saying that I need to understand the book. The last time I took the exam it was more difficult and most of the questions we not even close to the question in your book. I am frustrated because I never thought that I will fail an exam 3 times and othernot my contract I am required to pass the security plus
Here’s part of my response.
I understand you’re frustrated, but I don’t see you asking for advice. Understanding that unwanted advice is rarely appreciated, I won’t offer any specific advice.
He responded with this.
Thanks for the quick response. I assume that what I am doing is not working. I enrolled in a class for a week and everything he dicuss I knew. However , everything he discuss in class wereally different, even the simulation that I had never seen on the exam were different. In fact my score was lower on the third attempt. They had made a significant changesin the question and while I can't blame the instructor, I would assume his testing would be similar to What is need to know. My question is what advice would would you Give me?I felt like I wasted my money on a class that I assume would help.
It almost looks like English is a second language for this gentleman.
Even if it isn’t, this level of writing can easily translate to a similar level of reading. In other words, if he has trouble writing clearly, subtle changes in a question can easily elude him too.
The solution is to slow down and seek clarity. Both when writing and when reading.
Unfortunately, people rarely want that type of feedback. Over the years, I’ve been called things like mean, rude, and unchristian-like when giving advice or feedback. And I know that if someone thinks I’m attacking them, it is unlikely that the person is likely to take my advice or consider my feedback.
Next time, I’m going to just point them to this post.
What do you think? Is there a connection between writing, reading, and comprehension?