Passing Certification Exams

I recently read a couple of questions on Reddit about knowing if you are prepared for the certification exam.  I wrote the following responses.  The first question is from a tester who failed the 220-1101 exam for A+

Posted by u/Character_Writing825

failed 1101 today

I studied the material 3 months Finally took the exam today and I failed I feel so useless I don’t know how to go back home and explain why I failed Got a 638

My reply:

From my experience teaching the A+, too many students second-guess their way from pass to fail. Your first answer is usually the correct answer. Reviewing and CHANGING (God forbid) answers often changes a pass to a fail.

Your subconscious mind will give you the correct answer first. Then your conscious mind fills you will doubt, and you change the answer to something wrong.

If you are guessing, I want to say guessing is OK. But your second guess will NOT be better than the first guess, and their is no benefit in changing your answer.

When testing, read the scenario, then read the question, then review the answers. Read the scenario and question again, and pick the answer that answers the question (not the scenario). Then move on. Do not return to change your answer.

As an instructor, I have taken every version of the A+ from the 220-700 series through the current 220-1100 series plus many other certification exams. This has always worked for me, nevertheless, I have failed 3 exams (one of the 6 needed for MCSE old school, but passed the second time, the CCNA, and the Pentest + Just passed the Pentest+ in January.

You have a unique advantage now – you have seen the test questions, and your test results page will show you want to work on. Don’t wait too long, go and take it again while it is still fresh in your memory.

And this one from a CISSP tester:

Posted by u/SomniumInterimo

At What Point Did You Feel Ready For The Exam?

General Study Questions
I’ve been studying for the past four months and have been steadily improving my practice exam scores (through Learnzapp) over the course of the past month, starting out with a 63 on my first test and finishing my last few with 80% or higher. My exam is scheduled for Wednesday and I gotta ask:

At what point did you feel confident enough to say, “I’ve learned enough, I should be good”?

It feels like every practice test or quiz has just one or two items I don’t remember seeing or learning about at all. It’s really been messing with my head. Does anyone else feel like that?

My reply:

At 4 months I felt ready. Read the (ISC)2 CBK, practice questions galore, then finished with a 40 hour boot camp. I was confident.

By the 7th question of the exam I was certain I was failing. None of the questions were about topics I prepared. Then I decided it was ok to fail, sat back, relaxed and just read the scenario, read the question, read the answers and then picked an answer. Somehow I passed.

Think like a manager, and choose the answer a manager would pick. On so many questions ALL the answers are correct from a certain point of view, pick the answer that answers the question (not the scenario), and pick the answer a manager would pick (policy, planning, documenting, reporting.) No fixing, you are not a tech, you are a manager.

Good luck


About the Author:

I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at


Add a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.