Getting Certified? Here’s How to Prepare for Your Exam

You have been diligently studying the material in preparation for the exam.  The next step is to start practicing in a simulated exam environment, so you get comfortable with the look and feel of the testing environment and the test questions.

What to expect – The testing authority usually has a web page that explains what sort of test you will be taking, and what sort of questions will be included.  Find and read this information.  Usually you will have about a minute or less per question, so spending several minutes stuck on one question may mean you will not have time to finish the exam.  Unanswered questions get scored as a fail, so answer all the ones you can first.  If it is permitted (see below), mark troublesome questions for review, and move on to the next question.  Often the question you marked will be answered by a different question, making it easier to answer the question when you return.  You may want to skip any simulation questions, unless you can complete them quickly, mark them for review, and save them for the end, as well.

Exams come in a variety of forms.  Many tests let you skip a question if you are having trouble, and return to answer it later.  Some of the newer tests do not allow for this, you have to answer the question in order, without skipping or going back.  This type of test will be harder to pass, and requires more preparation.

Adaptive tests will give you more questions of the same type if you appear to be having difficulty with a particular subject.  If you seem to be getting a lot of the same question – hey, your doing it wrong.  Go back and fix your answers.  This type of test is harder to pass as well.

Interactive tests require more than simply answering questions.  There will be activities included in the exam such as listing steps in order, drag and drop, and actual simulated exercised that resemble an actual computer or device user interface, command console, or command line.  This is designed to test “real world” skills.

Test questions are usually pulled from a larger pool of questions, so two people taking the same test will most likely see different questions.  Question types include:

  • Multiple choice – Choose one correct answer from a list of four or five provided answers.  I usually look for two obviously wrong answers, and discard them.  There may be two answers that seem to be good answers to the question. Go back to the question for keywords and clues pointing to the answer that is best.  Select an answer by clicking on the circle before the answer.
  • Multiple answer –  Two or more of the answers are correct and need to be chosen to pass the question.  Some exams tell you how many you need (choose two or choose three), and some don’t.  Usually you select multiple answer by clicking on a square, rather than a circle.
  • List in order – A version of drag and drop where you are given a series of terms or steps and need to arrange them in a specific order.
  • Drag and drop – This question often requires you to identify parts of a hardware device, network diagram, or other test subject shown in a picture or illustration, and drag and drop the terms to their corresponding locations on the image.
  • Scenario – You will be given a story or scenario about a hypothetical situation, and be asked to provide a solution, or the next step.  The next step is often NOT the solution, so be careful when reading these questions to identity what the test is really looking for.
  • Simulation – Usually you will be given a scenario, and presented with some information that needs to be entered into a simulated user interface, web-based configuration page, or command line environment.  Sometimes help is available in the simulated environment, so if you get stuck, try opening Help.  This is almost always a multistep process, and will take some time.

Practice Exams – Find a good practice exam and start to use it when you are about halfway through your book or class.  I like a practice exam that closely simulates the actual style and subjects of the questions on the real exam.  Not all exams are equal, you may need to read some reviews or ask peers who already have taken the same exam for suggestions.  There are plenty of free practice question sites on the web, but the ones that you pay for are generally closer to the real experience.

There are sites called “brain dumps” which are collections of actual or nearly actual exam questions.  They are complied by people who take the exam and violate the confidentiality and non-disclosure agreement they signed before taking the test, by “dumping” the questions and answers they remember and posting them on line.  Quality is highly variable, as you might imagine.  Using brain dumps is discouraged by the certification organization, and could cost you your certification should they discover you using these sites

I like an exam with the following features:

  • Learning mode – In learning mode, you get to see the answer and an explanation to the question immediately, which helps testers learning the material that most likely on the actual exam.
  • Testing mode – Testing mode simulates the exam environment, and gives you your score once you complete all the questions.  You are able to review the answers you got wrong.
  • Timed/untimed – I like to be able to take the exam in testing mode untimed at first, and then as I start mastering the test answers, in timed mode.

Generally I start out testing in learning mode, and then move to untimed in exam mode.  Ultimately, I will create exams with the same number of questions and length of time as the real test.  Once I am reliably scoring in the 90th percentile on the practice exam, I schedule my actual exam with the Prometric or PearsonVue testing center.  We will cover that process in the next post.


About the Author:

Cybersecurity analyst, pen-tester, trainer, and speaker. Owner of the WyzCo Group Inc. In addition to consulting on security products and services, Bob also conducts security audits, compliance audits, vulnerability assessments and penetration tests. Bob also teaches Cybersecurity Awareness Training classes. Bob works as an information technology and cybersecurity instructor for several training and certification organizations. Bob has worked in corporate, military, government, and workforce development training environments Bob is a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. Bob has been blogging on cybersecurity since 2006 at

Add a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.