This blog was origonally published on Cyberteach.medium.com.
Author David Lee
I recently passed the CompTIA Linux+ XK0–004 certification exam. Linux+ is one of those certs that doesn’t get half the attention it deserves and forever dwells in the enormous shadow cast by CISSP and its popular little brother, Security+. This is a real shame, as the subject matter covered is quite relevant to the everyday SecOps technician, aside from the more IT-heavy topics covered such as drive mounting and troubleshooting. Overall I found it quite an enjoyable, technical experience with useful exposure to some new command line tools I would have otherwise not known about.
Why did I study for and take CompTIA Linux+? As I announced the other week, I recently joined Amazon Web Services (AWS) as a Security Engineer. This is a technical SecOps role within Amazon, a company that is known to dabble in Linux quite a bit, having even released its own distro, the Amazon Linux AMI. This presented a perfect opportunity for me to brush up on my Linux skills and gain a broader exposure to its tooling. This cert won’t make you an overnight CISO (I’d point you to CISSP for that!), but it demonstrates a healthy knowledge of Linux operations, and that’s definitely something you want on your resume/LinkedIn if you’re progressing through a SecOps career trajectory like me.
If I can pass this test, you can too. First, I purchased a hardcopy of the Sybex CompTIA Linux+ Study Guide: Exam XK0–004 4th Edition. I’m a huge fan of Sybex study guides because of their high quality online practice test bank that’s included with purchase of their guides. I find that practice questions are best accessed via web app for my study habits, as the fast feedback is better than handwriting/turning pages in my experience. I budgeted about one whole month of daily study with about a 50/50 split of reading and taking practice tests/flash cards.
In order to hit my goal of prepared in one month, I put the study guide at my lunch spot in my dining room, so every time I sat down for a meal, I’d have something to read. This has been a new life hack of mine that’s really helped me stay on track with all these certs I’ve been taking. Adding environmental contextual cues to encourage focused study is a great trick if you have an abbreviated attention span like mine.
The XK0–004 exam covers a fair bit of useful material that a junior analyst would find relevant. Tools like grep and sed are fair game, and I was also happy to see some Git commands make an appearance as well. You’ll want to know all these things in SecOps anyway, as combing through oceans of data as well as dealing with GitHub in some fashion will likely be on the agenda in this line of work. Unless, of course, you end up in a less technical role, in which case I’d suggest taking the CASP+ or CISSP instead.
When I was ready to schedule the exam, I purchased a voucher from the CompTIA Marketplace. The standard voucher price at the time I purchased was $338, but be sure to look for ways to get discounted or reimbursed on these through your employer or affiliated orgs. I took this voucher code over to Pearson Vue and scheduled a remote exam for the next day. The availability of exam appointments has been quite good lately on CompTIA certs. When exam day rolled around, I made sure to get lots of sleep the night before, and paid careful attention to my diet by eating clean the day of (acai bowl for breakfast, and chicken/rice/broccoli for lunch). After reviewing some high level notes, I took the plunge.
The exam itself went smoothly. By flagging questions you aren’t sure of, you can always given them a second look at the end of the test. This strategy has been hugely helpful in keeping myself efficient on time in this kind of multiple-choice testing. I also noticed that with command line questions, I’d either know it confidently or not know it at all; this let me stay lean on time. By the end I’d scored a 770, which was well above the required 720 threshold for passing.
This is one of those certs that doesn’t necessarily land you a fancy new job, but covers such a useful swath of subject matter that you should buy a study guide for the value of the knowledge alone. I’d argue this is the case for most of the less-popular certs out there anyway. So if you’re like myself and moving towards a technical SecOps career trajectory, be sure to check out Linux+ for exposure to some valuable technical subject matter.
About the Author: David Lee is a Security Engineer at AWS with a focus on security operations and cloud incident response. David has a background in security curriculum development, training, and IT/OT systems administration.