DEV Community: Pawel Sloboda

How I Built an RPG Battle System for a CompTIA Exam Prep App

Pawel Sloboda — Thu, 19 Mar 2026 03:38:11 +0000

How I Built an RPG Battle System for a CompTIA Exam Prep App

What if studying for your CompTIA Security+ exam felt like playing an RPG? That's the question that led me to build SecuSpark — a gamified certification prep platform where answering questions correctly deals damage to cybersecurity enemies.

In this post, I'll walk through the battle system architecture, the damage formula, and the PvP arena I just shipped.

The Stack

Frontend: Next.js 16 (App Router), React 19, Tailwind CSS 4
Animations: Framer Motion 12 for battle sequences
Data: Dexie.js (IndexedDB) for offline-first question storage
Backend: Supabase for auth, profiles, and PvP matchmaking
AI: GPT-4o-mini via Edge Functions for answer explanations
Sprites: PixelLab.ai for 30 levels of character evolution

The Damage Formula

Every correct answer triggers damage calculation:

baseDamage = 1.0 + weaponATK
hitType = 1.0 (normal) | 1.5 (heavy) | 2.0 (critical)
speedMult = 0.75 to 1.0 (based on answer speed)

totalDamage = baseDamage * hitType * speedMult

Four stats modify this: Precision (crit chance), Agility (speed window), Fortitude (damage reduction), and Luck (graze chance + loot quality). Stats scale with sqrt and have caps to prevent late-game dominance.

The Turn Engine

The core of the battle system lives in a shared executeTurn() function:

// Simplified turn engine
function executeTurn(answer: Answer, stats: PlayerStats): TurnResult {
  const isCorrect = answer.selectedIndex === answer.correctIndex;

  if (!isCorrect) {
    // Enemy attacks back
    const defense = computeDefense(stats.fortitude);
    const enemyDamage = enemy.atk * (1 - defense);
    return { playerDamage: enemyDamage, enemyDamage: 0, type: 'miss' };
  }

  // Calculate player damage
  const hitType = rollHitType(stats.precision);
  const speedMult = calculateSpeedMultiplier(answer.timeMs, stats.agility);
  const damage = (1.0 + weapon.atk) * hitType * speedMult;

  return { playerDamage: 0, enemyDamage: damage, type: hitType };
}

This same function powers both PvE (story battles against 103 enemies) and PvP (duels against other players). One engine, two modes.

Hook Decomposition

The PvP orchestration hook started at 1,062 lines. After extracting shared logic into focused hooks:

useBattleHP — shared HP state + damage analytics
useBattleTimer — question countdown
usePvPMatchCompletion — ELO, streaks, persistence
usePvPOfflineRound + usePvPSimultaneousRound — round processing

The main hook dropped to 487 lines. Each extracted hook is independently testable with 91 new tests.

Character Evolution

Players evolve through 30 visual stages. Each level has 8 directional rotations and 13 animation states (idle, attack, hurt, cast, defend, dodge, charge, death, and more).

The sprites are generated via PixelLab.ai using inpainting with a body-only mask. The head stays frozen (consistent identity) while the body regenerates with increasing complexity per tier:

L01-05: Size growth
L06-10: Limb development
L11-15: Surface detail
L16-20: Shoulder definition
L21-25: Elemental effects
L26-30: Final form

PvP Arena

The newest addition. Players can:

Challenge friends to asynchronous duels
Get matched via ELO (start 1000, K=32, +/-200 range)
Compete in weekly leagues
Form clans with fortress bases on a world map

PvP uses the same turn engine as PvE, so all stat investments transfer. The difference is simultaneous answers — both players answer the same question, and the faster correct answer strikes first.

What I Learned

Share everything between modes. Having one executeTurn function prevents PvE and PvP from drifting apart.
Sqrt scaling with caps prevents late-game stat stacking from breaking balance.
Hook decomposition makes complex state manageable. Extract when a hook exceeds 500 lines.
Offline-first is non-negotiable for study apps. Students study everywhere — buses, planes, bad wifi.

Try It

SecuSpark has 1,514 practice questions across Security+, A+, and Network+. It's free, works offline after first load, and no signup is required to start practicing.

Try it free at secuspark.com — no signup required.

Originally published on SecuSpark. SecuSpark is a free, gamified CompTIA certification prep platform with AI explanations and RPG mechanics.

Pass Security+ in 30 Days — Day-by-Day Study Plan (Free)

Pawel Sloboda — Mon, 16 Mar 2026 08:35:27 +0000

Originally published on SecuSpark

Can You Really Pass Security+ in 30 Days?

Yes, but it requires dedication, the right resources, and a structured approach. This guide provides a day-by-day roadmap based on successful strategies from professionals who passed on their first attempt.

This 30-Day Plan Is Realistic For You If:

You have at least basic networking knowledge (TCP/IP, DNS, DHCP)

You can commit 2-3 focused hours every single day for 30 days

You already hold A+ or Network+ (or equivalent self-taught knowledge)

You have worked in IT help desk, sysadmin, or a technical support role

You learn well from structured schedules and active recall

Not Realistic If:

You have zero IT background — plan for 60-90 days instead

You can only study 30-60 minutes a day — stretch to 8-10 weeks

You learn best from hands-on labs and need time to build a home lab

You are studying for another cert or exam at the same time

You have a demanding job and cannot protect 2 hours daily

Your Available Time	Realistic Timeline	Adjustment
3 hours/day	25-30 days	Follow this plan as-is
2 hours/day	35-45 days	Extend each week by 2-3 days
1 hour/day	60-75 days	Double each week; add extra practice exam week
Weekends only (6-8 hrs)	8-10 weeks	One domain per weekend; dedicate final 2 weekends to practice exams

Prerequisites

Before starting this 30-day journey, you should have:

Basic understanding of networking concepts (TCP/IP, OSI model)
General IT knowledge (operating systems, basic security concepts)
2-3 hours daily for focused study
Access to quality study materials and practice exams

Week 1: Foundation Building (Days 1-7)

Days 1-2: Understand the Exam

Review exam objectives (5 domains)
Understand question formats (multiple choice, performance-based)
Set up your study environment
Take a baseline practice exam to identify weak areas

Days 3-4: Domain 1 - Attacks, Threats, and Vulnerabilities (24%)

Study different types of attacks (social engineering, malware, wireless)
Learn threat actors and their attributes
Understand vulnerability types and security assessments
Complete 25-30 practice questions daily

Days 5-7: Domain 2 - Architecture and Design (21%)

Master security concepts in enterprise environments
Study virtualization and cloud concepts
Learn authentication methods and protocols
Understand security implications of embedded systems

Week 2: Deep Dive into Technical Domains (Days 8-14)

Days 8-10: Domain 3 - Implementation (25%)

Configure and deploy secure network architectures
Install and configure security protocols
Study secure mobile and wireless solutions
Learn cloud and virtualization security

Days 11-12: Domain 4 - Operations and Incident Response (16%)

Understand incident response procedures
Learn digital forensics basics
Study security monitoring and SIEM
Master business continuity concepts

Days 13-14: Domain 5 - Governance, Risk, and Compliance (14%)

Study risk management processes
Learn compliance and regulatory frameworks
Understand data privacy and protection
Review security policies and procedures

Pro Tip By the end of Week 2, you should have covered all five domains at least once. If any domain feels shaky, spend an extra 30 minutes reviewing it before moving to practice exams. It's much easier to reinforce weak areas now than to cram them during the final week.

Week 3: Practice and Reinforcement (Days 15-21)

Daily Routine:

Morning (1 hour): Take a 25-question practice exam
Afternoon (1 hour): Review incorrect answers and create flashcards
Evening (30 mins): Review flashcards using spaced repetition

Focus Areas:

Performance-based questions practice
Port numbers and protocols memorization — use our free port number lookup
Cryptography algorithms and use cases
Common vulnerabilities and their mitigations

Week 4: Final Sprint (Days 22-28)

Days 22-24: Weak Area Focus

Identify your weakest domain from practice exams
Deep dive into problem areas
Use multiple resources (videos, books, online courses)
Join study groups or forums for clarification

Days 25-27: Full Practice Exams

Take 2-3 full-length practice exams
Simulate actual exam conditions (90 minutes, no breaks)
Aim for consistent 80%+ scores
Review all questions, even correct ones

Day 28: Final Review

Light review of flashcards
Review exam day procedures
Prepare materials (ID, confirmation)
Get good rest

Week	Focus Area	Key Topics	Hours/Day
Week 1 (Days 1-7)	Foundation Building	Exam overview, Attacks/Threats/Vulnerabilities (24%), Architecture & Design (21%)	2-3
Week 2 (Days 8-14)	Technical Deep Dive	Implementation (25%), Operations & Incident Response (16%), Governance/Risk/Compliance (14%)	2-3
Week 3 (Days 15-21)	Practice & Reinforcement	Daily practice exams, flashcard review, PBQs, ports & protocols, cryptography	2.5
Week 4 (Days 22-28)	Final Sprint	Weak area deep dive, full-length practice exams, final review & exam prep	2-3

Recommended Resources

Primary Study Materials:

SecuSpark Practice Exams: 575 questions with AI explanations
Official CompTIA Study Guide: Comprehensive coverage of all objectives
Professor Messer Videos: Free YouTube series covering all domains

Supplementary Resources:

CompTIA Security+ Reddit community
Jason Dion's practice exams
Darril Gibson's GCGA book
Mobile apps for on-the-go study
Port Number Lookup — quick reference for all exam-relevant ports
Acronym Finder — look up 350+ CompTIA acronyms instantly

Pro Tips for Success

Create a Study Schedule: Block specific times and stick to them
Use Active Learning: Don't just read - practice, explain, and teach concepts
Focus on Weak Areas: Spend 70% time on weak areas, 30% on strong ones
Understand, Don't Memorize: Focus on understanding concepts, not rote memorization
Join a Study Group: Explaining concepts to others reinforces learning

Exam Day Strategy

Arrive 30 minutes early
Complete PBQs last (flag and return)
Read questions carefully - look for keywords
Eliminate obviously wrong answers first
Don't change answers unless you're certain
Use all available time for review

Missed 3+ Days? How to Recover

Life happens. If you fall behind, do not restart from Day 1. Instead:

Skip the review days you missed and jump back into the current domain on the schedule. You will review everything during Week 3 anyway.

Add 30 minutes per day for the rest of the current week to catch up on the skipped material.

If you missed a full week, push your exam date back by one week. Do not compress two weeks of learning into one — that leads to shallow retention and failed exams.

Use your practice exam scores as the real indicator. If you are scoring 80%+ despite the lost days, you are still on track.

Conclusion

Passing Security+ in 30 days is challenging but achievable with the right approach. This guide provides a structured path, but remember to adjust it based on your background and learning style. The key is consistency, focus, and using quality resources like SecuSpark's practice exams to reinforce your learning.

Remember: The goal isn't just to pass the exam, but to build a solid foundation in cybersecurity that will serve you throughout your career.

Related Guides

Security+ pass rate data — understand your odds by preparation method
How hard is Security+? — difficulty breakdown by background
7 study methods ranked by retention rate — optimize how you spend study hours

References

CompTIA. "CompTIA Security+ (SY0-701) Exam Objectives." comptia.org/certifications/security. Official exam format, domain weights, and passing score requirements.
U.S. Bureau of Labor Statistics. "Information Security Analysts: Occupational Outlook Handbook." bls.gov/ooh. Career outlook and employment projections for cybersecurity professionals.

Originally published on SecuSpark. SecuSpark is a free, gamified CompTIA certification prep platform with AI explanations and RPG mechanics.

Is CompTIA Security+ Worth It in 2026? Salary Data Says $97K Average

Pawel Sloboda — Mon, 16 Mar 2026 07:59:33 +0000

Originally published on SecuSpark

TL;DR

Yes, for most people. Security+ holders earn $15-20K more per year. Total cost is under $700. First-year ROI is ~2,900%. There are 63,620+ job postings requiring it. It pays for itself in about 12 working days. The only people who should skip it: those who already hold CISSP/CISM, have 5+ years of security experience, or don't want a cybersecurity career.

For most people entering cybersecurity: yes. Security+ holders earn $15-20K more per year on average. The total investment is under $700 (exam fee + study materials), and 63,620+ job postings list it as a requirement or preference. First-year ROI is roughly 2,900%. It also qualifies you for DoD 8570/8140 government and contractor positions. But it is not the right move for everyone. If you already hold CISSP or have 5+ years of hands-on security experience, the credential adds less value.

Worth It For:

Career changers into cybersecurity — fastest credible signal to employers that you are serious

DoD / government contractor path — required for IAT Level II positions, no substitute

IT professionals adding security skills — $15-20K salary bump with 4-12 weeks of study

College students wanting a resume edge — a cert stands out more than another course grade

Skip It (or Delay It) If:

You already hold CISSP or CISM — Security+ adds nothing to your resume at that level

You have 5+ years of hands-on security experience — your work history already proves what the cert would prove

You have zero IT foundations — consider A+ or Network+ first so you do not burn $425 on a failed attempt

You want a development or data science career — Security+ is irrelevant to those hiring pipelines

Factor	Without Security+	With Security+
Average Salary (U.S.)	$55,000 - $70,000	$70,000 - $90,000
Annual Salary Premium	—	+$15,000 - $20,000
Total Investment	$0	$425 - $700
Time to Employment	Varies (degree: 4 years)	4 - 12 weeks of study
Job Postings (12 months)	General IT roles	63,620+ Security+ listings
Government/DoD Eligibility	Not eligible for IAT Level II	DoD 8570/8140 approved
First-Year ROI	—	~2,900% ($15k return on $500)
5-Year Earnings Boost	—	$75,000+ additional earnings

What Exactly Is CompTIA Security+?

CompTIA Security+ (SY0-701) is a globally recognized, vendor-neutral certification that validates foundational cybersecurity skills. It is the "gold standard" entry-level security certification because:

DoD 8570/8140 Compliance: Required for many U.S. Department of Defense and government contractor positions
Industry Recognition: Accepted by employers worldwide as proof of baseline security competency
Vendor Neutrality: Skills apply across all platforms, not just one vendor's products
Career Foundation: Stepping stone to CySA+, PenTest+, and CISSP

The exam covers five domains: General Security Concepts (12%), Threats, Vulnerabilities & Mitigations (22%), Security Architecture (18%), Security Operations (28%), and Security Program Management & Oversight (20%).

How Much Does Security+ Actually Cost?

$425-$700 for most candidates. Here is the full breakdown:

Direct Costs

Exam Voucher: $425 (standard CompTIA pricing in 2026)
Study Materials: $0-$200 (free resources available, premium books/courses extra)
Practice Exams: $0-$100 (SecuSpark offers free practice with premium options)
Retake Insurance (Optional): ~$100 (if purchased with voucher bundle)

Total Investment Range

Budget Path: $425-$500 (exam + free/low-cost study materials)
Standard Path: $500-$700 (exam + quality study guides + practice tests)
Premium Path: $700-$2,500 (bootcamps, instructor-led training, comprehensive packages)

How Long Does It Take to Study?

With IT background: 40-80 hours (4-8 weeks at 10 hours/week)
Without IT background: 80-150 hours (8-15 weeks at 10 hours/week)

Is Security+ Cheaper Than College?

Yes, dramatically. A single cybersecurity college course costs 3-10x more with less industry recognition:

Option	Cost	Time	Credential
Security+ Certification	$425-$700	4-12 weeks	Industry-recognized cert
Single College Course	$1,500-$4,000	16 weeks	3 credits
Community College (per credit)	$150-$400/credit	Varies	Credits toward degree
Cybersecurity Bootcamp	$10,000-$20,000	12-24 weeks	Certificate of completion

What Jobs Can You Get With Security+?

Security+ unlocks roles that would otherwise require years of experience or a relevant degree.

Entry-Level Positions

Security Analyst (SOC Tier 1): Monitor security alerts, investigate incidents
Security Administrator: Manage security tools and access controls
IT Security Specialist: Implement security policies and procedures
Network Security Technician: Configure firewalls and network security
Junior Penetration Tester: Assist with security assessments
Compliance Analyst: Ensure regulatory compliance

Government and Defense Opportunities

Security+ is one of the few certifications approved under DoD Directive 8570/8140 for IAT Level II positions. This opens doors to federal government cybersecurity roles, defense contractor positions, intelligence agency support roles, and military cybersecurity positions. These positions often come with security clearances that further increase your earning potential.

What Does the Career Path Look Like?

Year 1-2: Security+ → Entry-level analyst ($60k-$80k)
Year 2-4: Add CySA+ or CEH → Mid-level analyst ($80k-$100k)
Year 4-6: Add CISSP or CISM → Senior analyst/Manager ($100k-$130k)
Year 6+: Specialize → Architect/Director ($130k-$180k+)

How Much More Will You Earn With Security+?

$15,000-$20,000 more per year on average. Here are the numbers:

IT professionals without security certs: $55,000-$70,000
Security+ certified professionals: $70,000-$90,000
Salary premium: $15,000-$20,000 annually

What Is the ROI?

Investment: $500 (exam + study materials)
Annual salary increase: $15,000 (conservative estimate)
ROI in Year 1: 2,900% ($15,000 / $500)
Payback period: ~12 days of work

Over 5 years, that $500 investment translates to $75,000+ in additional earnings — before accounting for promotions and raises.

Salary by Role (Security+ Holders)

Security Analyst: $70,000-$95,000
SOC Analyst (Tier 1): $60,000-$80,000
Security Administrator: $75,000-$100,000
Network Security Engineer: $85,000-$115,000
Security Consultant: $80,000-$120,000

Does Location Affect the Salary?

Yes, significantly:

San Francisco Bay Area: +40-50% above national average
New York City: +30-40% above national average
Washington D.C.: +25-35% above national average (government premiums)
Remote positions: Often pay national average regardless of location

How Many Jobs Require Security+ in 2026?

63,620+ postings in the past 12 months. The demand keeps growing:

Unfilled cybersecurity positions (U.S.): 750,000+
Projected job growth (2024-2034): 29% (much faster than average)
Employer demand for Security+: Top 3 most requested cybersecurity certification

Which Industries Are Hiring?

Government/Defense: Highest demand, often required
Financial Services: Banks, insurance, fintech
Healthcare: HIPAA compliance drives demand
Technology: SaaS companies, MSPs, tech giants
Retail/E-commerce: PCI-DSS compliance needs
Energy/Utilities: Critical infrastructure protection

Why Won't Demand Slow Down?

Increasing cyber attacks: Ransomware, data breaches, and nation-state threats
Regulatory requirements: New compliance mandates require security staff
Digital transformation: More systems online means more attack surface
Talent shortage: Demand far outpaces supply of qualified professionals
AI and automation: New security challenges require human oversight

How Does Security+ Compare to Other Certifications?

Security+ offers the best value for entry-level candidates. Here's how it stacks up:

Security+ vs CEH (Certified Ethical Hacker)

CEH Cost: $1,199 (exam only) — 3x more expensive
CEH Focus: Offensive security/penetration testing
Verdict: Security+ offers better value for entry-level; CEH better for specialization

Security+ vs SSCP

SSCP Cost: $249 (exam only)
SSCP Requirement: 1 year experience or related degree
Verdict: Security+ has broader recognition and no experience requirement

Security+ vs Google Cybersecurity Certificate

Google Cost: ~$300 (Coursera subscription for ~6 months)
Google Recognition: Growing but not yet equal to Security+
Verdict: Google certificate is good for learning; Security+ better for employment

Security+ vs College Degree

Degree Cost: $40,000-$100,000+ (4-year university)
Degree Time: 4 years full-time
Verdict: Security+ gets you working faster; degree provides broader education

Pro Tip: Many successful cybersecurity professionals combine Security+ with ongoing education. Get Security+ to enter the field quickly, then pursue additional certifications and/or a degree while working. Your employer may even pay for continued education.

Can You Actually Pass Security+?

Yes, with the right preparation. CompTIA does not publish official pass rates, but community data suggests 85-93% of well-prepared candidates pass. The most common failure pattern is skipping practice exams and underestimating PBQs. For a detailed breakdown, see our honest Security+ difficulty assessment.

The Final Verdict: Is Security+ Worth the Investment?

Yes, Security+ is absolutely worth it in 2026. Here's why in eight points:

Exceptional ROI: $500 investment → $15,000+ annual salary increase
Massive job demand: 63,620+ job postings, 750,000+ unfilled positions
Fast time to employment: 4-12 weeks study vs 4 years for a degree
Career foundation: Opens doors to advanced certifications and roles
Recession resistance: Cybersecurity demand remains strong in any economy
Government opportunities: Required for many federal positions
Industry recognition: Universally respected by employers
Achievable certification: 70-75% pass rate with proper preparation

The Bottom Line

For the cost of a few college textbooks, Security+ can launch or accelerate your cybersecurity career. A $425-$700 investment that delivers $15,000+ in annual salary increases pays for itself in weeks, not years. Combined with strong job demand, clear career progression paths, and increasing importance of cybersecurity across all industries, Security+ remains one of the best professional investments you can make in 2026.

The only scenario where Security+ might not be worth it is if you have no interest in cybersecurity or IT — and if you've read this far, that probably doesn't describe you.

Ready to Get Started?

The best time to start preparing for Security+ was yesterday. The second-best time is today. With the right study plan and practice resources, you could be certified within weeks and on your way to a rewarding cybersecurity career.

Related Guides

Security+ salary guide — detailed breakdown by role, experience, and location
Pass Security+ in 30 days — structured study plan with alternate timelines
Remote cybersecurity jobs with no experience — where Security+ actually gets you hired
DoD 8570/8140 requirements — the government/contractor path where Security+ is mandatory

References

U.S. Bureau of Labor Statistics. "Information Security Analysts: Occupational Outlook Handbook." bls.gov/ooh. Projects 29% job growth (2024-2034) and median annual wage of $124,910 (May 2024).
CyberSeek. "Cybersecurity Supply/Demand Heat Map." cyberseek.org/heatmap. 63,620+ Security+ job postings tracked nationally.
Cybersecurity Ventures. "Cybersecurity Jobs Report." cybersecurityventures.com/jobs. Reports 3.5 million unfilled cybersecurity positions globally (2023).
CompTIA. "CompTIA Security+ Certification." comptia.org/certifications/security. Official exam pricing, objectives, and requirements for SY0-701.
Glassdoor. "Cyber Security Analyst Salaries." glassdoor.com/Salaries. Salary data for cybersecurity roles in the U.S.
ISC2. "2024 Cybersecurity Workforce Study." isc2.org. Global workforce gap of 4.8 million professionals.

Originally published on SecuSpark. SecuSpark is a free, gamified CompTIA certification prep platform with AI explanations and RPG mechanics.

CompTIA Security+ Salary Guide 2025: What to Expect

Pawel Sloboda — Mon, 16 Mar 2026 07:59:08 +0000

Originally published on SecuSpark

If you've just earned your CompTIA Security+ certification (or you're grinding through study guides), you're probably wondering: what kind of salary can you expect in 2025? The good news is cybersecurity jobs are booming, and even entry-level salaries are impressive. But how much you'll make depends on several factors – from your specific job role to where you live.

TL;DR: Security+ holders earn $70K-$90K on average in 2025. Entry-level starts at $50K-$65K. Top roles (Security Engineer, Security Admin) clear $127K-$128K. Highest-paying states: New York ($147K), California ($135K), Virginia ($132K). Stack advanced certs (CISSP, CySA+) for $10K-$20K more.

How Much Do Security+ Professionals Earn in 2025?

$70,000-$90,000 per year on average. Recent 2025 estimates peg the average Security+ salary around $90,000 annually.

Keep in mind this is an across-the-board average – it includes everyone from fresh graduates to professionals with several years of experience. For context, the overall median salary for information security analysts (a common career path for Security+ holders) is even higher at around $120,000+ per year, thanks to experienced professionals driving up the average.

The U.S. Bureau of Labor Statistics reported a similar median of about $124,000 in 2024. So if you stick with the field and build experience, six-figure salaries are definitely achievable.

What Can You Earn at Entry Level With Security+?

$50,000-$65,000 for junior positions, reaching $60K-$80K in high-demand areas. For individuals just starting in cybersecurity, entry-level roles typically include:

IT Help Desk with security focus
Junior Security Analyst (Tier 1 SOC analyst)
Network Security Technician
Information Security Specialist I

Typical entry-level ranges by role: Security Analyst $65K, Network/Sys Admin $60K, Junior Pen Tester $75K — penetration testing commands the highest starting salaries.

In 2025, entry-level Security+ holders in the U.S. often start around $60,000–$80,000, depending on the job and location. In high-demand tech hubs, starting salaries can even approach the $90,000 mark for new graduates – though these typically require some experience or security clearance.

The salary range exists due to factors like industry and region. For example, an entry-level cybersecurity analyst in a government contracting role in Washington D.C. might see a higher offer (especially with security clearance) compared to an entry-level IT security specialist in a smaller city.

Which Security+ Roles Pay the Most?

Security Engineers and Administrators clear $127K-$128K/year. One of the best aspects of Security+ is that it opens various career paths. Many professionals use it as a springboard into roles that, with experience, become high-paying positions:

Security Analyst (SOC Analyst)

Often the first step in a cybersecurity career. Tasks include monitoring networks and responding to incidents.

Average Salary: $105,000–$126,000/year (Glassdoor reports approximately $126,000 average ). Entry-level analysts start lower (around $60,000-$70,000), but with experience, this role easily clears six figures.

Systems/Network Administrator

IT professionals who maintain organizational infrastructure, with Security+ ensuring systems are properly secured.

Average Salary: $60,000–$80,000/year for network admins, $65,000–$85,000/year for systems admins. Security+ helps you negotiate toward the higher end.

Penetration Tester (Ethical Hacker)

Professionals paid to think like hackers and test defenses. Often requires additional certifications like CEH or PenTest+ plus experience.

Average Salary: $85,000–$120,000/year, depending on skill level and region. Top performers in finance/defense can earn significantly more.

Security Engineer/Administrator

Roles involving designing and implementing security solutions (engineer) or overseeing security operations (administrator).

Average Salary: Well into six figures – Security Administrators average around $128,000/year, Security Engineers around $127,000/year in 2025.

Information Security Manager

Management roles leading security teams or programs, typically requiring 5+ years experience.

Average Salary: $100,000–$130,000/year. While Security+ alone won't make you a manager, it's often one of the first certifications managers earned early in their careers.

How Fast Is the Cybersecurity Job Market Growing?

29% projected growth through 2034 — much faster than average. Cybersecurity talent is in critically short supply, and organizations are willing to pay premium rates for qualified professionals.

US cybersecurity jobs are projected to grow 45% through 2033 — far exceeding most other industries.

The U.S. Bureau of Labor Statistics projects information security jobs to grow 29% from 2024 to 2034 – an exceptionally fast rate, much higher than the average job market. That translates to tens of thousands of new security positions in the coming years.

As of 2025, there are hundreds of thousands of unfilled cybersecurity positions in the U.S. According to CyberSeek, approximately 13% of job postings explicitly list CompTIA Security+ as a required or preferred qualification. It's the baseline certification for DoD and government contractors, and appears frequently in job ads for:

Cybersecurity Analyst
IT Security Specialist
Network Security Administrator
Information Systems Security Manager

This high demand combined with talent shortage means employers pay premium rates for cybersecurity skills. Many Security+ certified professionals use it as a stepping stone to intermediate certifications like CySA+, CEH, or CISSP, further boosting their market value.

Does Location Affect Your Security+ Salary?

Yes, dramatically. New York tops at $147,500/year. Like real estate, in cybersecurity, location significantly impacts compensation – though remote work has somewhat leveled the playing field.

Top-paying states: New York ($147.5K), California ($135K), Virginia ($132K), Washington ($130K) — tech hubs and government contracting centers lead the pack.

High-Paying States

Certain states consistently top salary charts:

New York: $147,500/year average
California: $135,000/year average
Virginia: $132,000/year (government contracting hub)
Washington: $130,000/year (tech companies)

City Variations

Major metropolitan areas typically offer the highest compensation:

San Francisco: ~$117,000 average
New York City: ~$110,000 average
Washington D.C.: Premium for security clearance roles

Remote Work Impact

Remote work has democratized access to high-paying positions. Many companies now offer comparable salaries for remote roles, meaning you can access Silicon Valley salaries while living in lower-cost areas – a significant advantage for maximizing your purchasing power.

How Does Security+ Compare to Other Certifications for Salary?

Security+ starts you at ~$90K; stacking CISSP adds $10K-$20K more. Security+ is often described as entry-level, but it significantly outperforms general IT certifications and serves as an excellent foundation for advanced certifications.

Certification impact on median salary: Security+ Only ($90K) → +CEH ($105K) → +CySA+ ($110K) → +CISSP ($120K). Advanced certifications can add $15,000-$30,000 to your annual salary.

Advanced Certification Benefits

Industry data shows that obtaining advanced certifications can lead to 10-25% salary increases:

CISSP: Can add $10,000–$20,000 annually
CEH (Certified Ethical Hacker): Valuable for penetration testing roles
CISM: Excellent for management track
Cloud Certifications: AWS/Azure security specialties command premium rates

Strategic Certification Stacking

Many professionals use this progression:

Security+ → Entry into cybersecurity
CySA+ or CEH → Specialized skills development
CISSP or CISM → Senior/management roles
Cloud/Vendor-Specific → Niche expertise premium

How Can You Maximize Your Cybersecurity Salary?

Five proven strategies, starting with advanced certifications. Getting Security+ certified is a smart career investment. To reach the top of salary ranges, consider these proven strategies:

1. Pursue Advanced Certifications

Keep the momentum going with certifications like CISSP, CEH, CISM, or CySA+. Choose a path aligned with your career goals:

Offensive Security: PenTest+, OSCP, CEH
Cloud Security: AWS Security Specialty, Azure Security Engineer
Management Track: CISM, CISSP
Compliance: CISA, CRISC

2. Develop Niche Specializations

Cybersecurity specialists often command premium salaries. Consider focusing on:

Cloud security architecture
Incident response and forensics
Regulatory compliance (SOX, HIPAA, PCI-DSS)
DevSecOps and application security
AI/ML security

3. Build Hands-On Experience

Practical skills separate good candidates from great ones:

Set up home labs for hands-on practice
Participate in Capture The Flag (CTF) competitions
Contribute to open-source security projects
Master key tools: Splunk, Wireshark, Nessus, Metasploit

4. Master Salary Negotiation

Don't be shy about compensation discussions. Come prepared with:

Market research from Glassdoor, PayScale, salary.com
Documentation of your certifications and projects
Examples of value you can provide from day one
Willingness to discuss total compensation (benefits, PTO, training budget)

Pro Tip Don't just negotiate base salary — ask about training budgets, conference attendance, and certification reimbursement. Many employers will cover $3,000-$5,000/year for professional development, effectively adding thousands to your total compensation while accelerating your career growth.

5. Network and Stay Current

The cybersecurity community is your greatest asset:

Attend security conferences (BSides, RSA, Black Hat)
Join local security meetups and ISACA/ISC2 chapters
Participate in LinkedIn security groups
Follow security researchers and thought leaders

Pro Tip: Consider Organization Type

Fortune 500 companies and hot startups might offer higher base salaries or equity, while government roles provide stability and clearance opportunities. Some Security+ holders start with lower-paying roles that offer excellent training, then leverage that experience for higher-paying positions after 1-2 years.

The Bottom Line: What Should You Expect?

Entry-level $60K-$80K, with clear growth to six figures. Entering cybersecurity with a CompTIA Security+ certification in 2025 opens doors to exceptional opportunities. With the ongoing talent shortage and ever-growing demand for security skills, employers are competing for qualified professionals – which translates to higher salaries and better offers for you.

Whether you're aiming to be a security analyst defending networks, a penetration tester ethically hacking systems, or a consultant working with multiple organizations, Security+ is your first stepping stone. Keep learning, stay curious, and don't hesitate to advocate for yourself during salary negotiations.

With the right combination of certification, experience, and strategic career moves, you can build a high-paying career doing work that genuinely matters. The cybersecurity field needs talented professionals, and with Security+, you're well-positioned to meet that demand.

Ready to Start Your Journey?

Put your Security+ knowledge to the test with our comprehensive practice exams. Real questions, AI-powered explanations, and progress tracking – everything you need to pass on your first attempt.

Take Practice Exam Study Flashcards

References

U.S. Bureau of Labor Statistics. "Information Security Analysts: Occupational Outlook Handbook." bls.gov/ooh. Median annual wage of $124,910 and 29% projected job growth (2024-2034).
CyberSeek. "Cybersecurity Supply/Demand Heat Map." cyberseek.org/heatmap. Job posting data and workforce supply/demand analytics, supported by NIST NICE.
ISC2. "2024 Cybersecurity Workforce Study." isc2.org. Reports 4.8 million cybersecurity professionals needed globally.
Glassdoor. "Security Analyst Salaries." glassdoor.com/Salaries. Salary data for security analyst roles in the U.S.
CompTIA. "CompTIA Security+ Certification." comptia.org/certifications/security. Official exam objectives, pricing, and requirements.

How to Study for Security+ Effectively: 7 Methods Ranked by Retention Rate

Pawel Sloboda — Mon, 16 Mar 2026 07:57:20 +0000

Originally published on SecuSpark

You have spent three hours reading a textbook and you cannot remember what you read 20 minutes ago. That is not a memory problem. That is a method problem. And with a $404 exam fee on the line, the difference between an effective study method and a wasteful one is not just academic. It is financial.

Most people preparing for CompTIA Security+ SY0-701 default to the same approach: read a chapter, highlight the important parts, maybe watch a video, then repeat. It feels productive. The pages have color on them. The video played to the end. But when exam day arrives, the material has evaporated from memory like it was never there.

TL;DR: Active recall (practice testing) produces 80%+ retention. Re-reading and highlighting produce only 20-30%. The top 3 methods: (1) active recall, (2) spaced repetition, (3) interleaving. Prioritize Domains 2 and 4 (50% of the exam). Study 15 minutes daily — it beats 3-hour weekend cram sessions.

The good news? Cognitive science has spent decades studying how humans actually learn and retain information. The research is clear: some study methods produce retention rates above 80%, while the most popular methods barely crack 20%. This guide ranks seven study methods from most to least effective, explains the science behind each one, and shows you how to apply them specifically to Security+ content.

Why Doesn't Reading and Highlighting Work?

Because you forget 70% within 24 hours. Ebbinghaus proved this in 1885 — his experiments on the forgetting curve showed that without any form of active retrieval, people forget roughly 70% of new information within 24 hours and up to 90% within a week.

That statistic alone should change how you study. If you read Chapter 5 on cryptography concepts on Monday and do nothing to actively retrieve that information, by Tuesday you have already lost the majority of it. By the weekend, it is almost gone.

The Forgetting Curve in Numbers

After 20 minutes: 42% forgotten

After 1 hour: 56% forgotten

After 24 hours: 67% forgotten

After 6 days: 75% forgotten

After 31 days: 79% forgotten

Source: Ebbinghaus, H. (1885). Memory: A Contribution to Experimental Psychology.

The problem gets worse for Security+, because the exam does not test simple recall. SY0-701 includes performance-based questions that require you to apply knowledge in realistic scenarios. You might need to configure a firewall rule, identify the correct authentication protocol for a given situation, or troubleshoot a network attack in progress. Passive reading does not prepare you for that kind of applied problem-solving.

Psychologists Bjork and Bjork (2011) identified what they call "desirable difficulties," the counterintuitive finding that learning methods that feel harder in the moment actually produce stronger long-term retention. Re-reading feels easy and productive. Testing yourself feels frustrating and slow. But the frustrating method wins every time.

There is also what cognitive scientists call the illusion of competence. When you re-read familiar material, your brain recognizes it and sends a signal that says "I know this." But recognition is not the same as recall. You can recognize the term "asymmetric encryption" on a page while being completely unable to explain how RSA key exchange works when a test question asks you to. Recognition creates false confidence. Retrieval builds real knowledge.

With the Security+ pass rate hovering around 70-75% on first attempts, roughly one in four test-takers fails. The financial cost of failure ($404 for a retake, plus weeks of additional study time) makes choosing the right study method one of the highest-leverage decisions in your entire exam prep.

Which Study Methods Actually Work? (7 Methods Ranked)

Active recall (#1) produces 80%+ retention. Re-reading (#7) produces 20-30%. In 2013, psychologists John Dunlosky, Katherine Rawson, and their colleagues published a landmark review in the journal Psychological Science in the Public Interest that evaluated ten common learning techniques across hundreds of studies. Their findings upended conventional wisdom about how to study. Here are seven methods commonly used for certification prep, ranked from most to least effective based on their research and related cognitive science literature.

Rank	Method	Effectiveness	Retention Rate
1	Active Recall / Practice Testing	High	~80%+
2	Spaced Repetition	High	~70-80%
3	Interleaving (Mixed Practice)	High	~65-75%
4	Elaborative Interrogation	Moderate	~55-65%
5	Competitive / Social Studying	Moderate	~50-60%
6	Summarization	Low-Moderate	~35-45%
7	Re-reading / Highlighting	Low	~20-30%

The pattern is stark. The methods that feel effortful (testing yourself, spacing out reviews, mixing topics) produce two to four times better retention than the methods most people default to. Let us break down the top methods and how to apply each one to Security+ specifically.

What Is Active Recall and How Do You Use It for Security+?

Close your notes and retrieve from memory. The testing effect (Roediger and Karpicke, 2006) shows 56% more retention vs re-reading. Active recall is the practice of retrieving information from memory rather than re-reading it. Instead of looking at your notes about the CIA triad (Confidentiality, Integrity, Availability), you close your notes and try to list and define all three components from memory. That act of retrieval, even if you get it wrong, strengthens the neural pathways that encode the information.

The research behind this is robust. Roediger and Karpicke conducted a study at Washington University where students either re-read a passage or took a recall test on it. After one week, the group that took the recall test remembered 56% more material than the re-reading group. They called this the testing effect: the finding that being tested on material produces stronger learning than studying it does.

For Security+ specifically, active recall means doing practice questions constantly, not just at the end of your study period. Here is how to apply it:

After reading a section on encryption algorithms: Close the book and list every algorithm you can remember, along with whether it is symmetric or asymmetric, its key sizes, and its use cases.
After studying access control models: Draw out MAC, DAC, and RBAC from memory without looking at your notes. Include examples of when each model applies.
After reviewing a domain: Take a practice quiz immediately. Do not wait until you feel "ready." The struggle of retrieval is the point.

Pro Tip: The 3-2-1 Method

After each study session, close your materials and write down 3 key concepts you learned, 2 connections to things you already knew, and 1 question you still have. This forces retrieval while also building the associative networks that help you apply knowledge on exam day.

The key insight is that active recall should feel difficult. If you can easily recite something without effort, you are not building new memory pathways. The productive struggle of trying to remember something, failing, checking the answer, and trying again is what actually encodes information into long-term memory.

Battle-style quizzing is one of the most effective ways to build active recall into your routine. When you answer a practice question under time pressure, with consequences for getting it wrong (like losing health points or dropping in a leaderboard), your brain treats the information as more important and encodes it more deeply. This is why timed battle practice works: it forces retrieval under conditions that mimic the pressure of exam day.

How Does Spaced Repetition Prevent Forgetting?

By reviewing at increasing intervals: same day → 1 day → 3 days → 7 → 14 → 30. If active recall is the most powerful single study technique, spaced repetition is what makes it stick over time. The concept builds directly on Ebbinghaus's forgetting curve: if you review information at strategically increasing intervals, you can flatten the curve and maintain retention with minimal total study time.

The spacing effect was formally described by Cepeda et al. (2006) in a meta-analysis of 254 studies involving over 14,000 participants. Their conclusion: distributed practice (spacing out reviews over time) produced significantly better long-term retention than massed practice (cramming everything into one session), across every age group and every type of material tested.

Here is what spaced repetition looks like for Security+ in practice:

Optimal Review Intervals

First review: Same day you learn the material

Second review: 1 day later

Third review: 3 days later

Fourth review: 7 days later

Fifth review: 14 days later

Sixth review: 30 days later

Based on the SM-2 algorithm originally developed by Piotr Wozniak (1987) for SuperMemo.

The most practical implementation of spaced repetition is through flashcard systems. But not all flashcard approaches are equal. The research shows that the spacing schedule should adapt based on how well you know each card. Cards you get wrong need to come back sooner. Cards you get right can wait longer before review.

For Security+, create flashcards that test concepts rather than definitions. Instead of "What does AES stand for?" (which tests trivia), write "You need to encrypt data at rest on a server that handles financial transactions. Which encryption algorithm and key size would you recommend, and why?" That kind of card forces the applied reasoning that SY0-701 actually tests.

SecuSpark's flashcard system uses spaced repetition scheduling so that weak concepts appear more frequently and mastered ones fade into longer intervals. Combined with domain-specific tracking, you can see exactly which Security+ areas need more review cycles.

Does Studying With Others Actually Improve Your Score?

Yes. Meta-analysis shows 0.40-0.65 standard deviation improvement. Studying alone is effective, but studying against someone else is more effective. This is not motivational fluff — it is a well-documented psychological phenomenon.

Social facilitation theory, first described by Norman Triplett in 1898 and expanded by Robert Zajonc in 1965, shows that the mere presence of others (even virtually) improves performance on well-practiced tasks. When you know someone else is doing the same practice questions you are, you try harder. You pay more attention. You review your mistakes more carefully.

More recent research supports this in educational contexts. A 2019 meta-analysis by Mega, Ronconi, and De Beni published in Educational Psychology Review found that students who engaged in competitive or collaborative study activities showed significantly higher achievement outcomes compared to solo studiers, with effect sizes ranging from 0.40 to 0.65 standard deviations.

For certification exams specifically, competitive elements create what psychologists call "productive anxiety." A little bit of pressure (a timer counting down, a score to beat, a ranking to maintain) mimics the conditions of the actual exam and helps you practice performing under stress rather than just knowing the material in a relaxed setting.

Here are ways to build competitive studying into your Security+ prep:

Study groups: Meet weekly (in person or virtually) and quiz each other on different domains. Taking turns asking questions forces the questioner to know the material well enough to evaluate answers.
Score challenges: Share your practice test scores with a study partner and try to beat each other's percentages each week. The social accountability keeps you consistent.
Timed practice under pressure: Set a timer when doing practice questions. The time constraint forces faster retrieval and better simulates exam conditions, where you have roughly 90 seconds per question.
Leaderboard-based practice: Platforms that rank your performance against other test-takers give you a continuous benchmark. Seeing that you rank in the 70th percentile on cryptography but the 40th on security operations tells you exactly where to focus.

Pro Tip: The "Beat My Score" Accountability Hack

Find one study partner and send each other your daily practice scores. It does not matter if you use the same platform or materials. The simple act of having someone who sees your numbers makes you significantly more likely to study consistently, according to research on social accountability by the American Society of Training and Development.

SecuSpark's battle mode is built around this principle. Each practice session is framed as a combat encounter with a cybersecurity-themed enemy, and your scores are ranked against other players in weekly competitive leagues. Ghost battles let you compete against another player's recorded performance asynchronously, so you get the competitive pressure without needing to schedule a live session.

How Should You Split Study Time Across the 5 Domains?

Proportionally by exam weight. Domains 2 and 4 = 50% of the exam, so they get 50% of your time. Security+ SY0-701 covers five domains, each weighted differently on the exam. Studying all domains equally is a common mistake.

Domain	Topic	Exam Weight	Suggested Study Hours
1	General Security Concepts	12%	15-20 hours
2	Threats, Vulnerabilities, and Mitigations	22%	30-35 hours
3	Security Architecture	18%	25-30 hours
4	Security Operations	28%	35-45 hours
5	Security Program Management and Oversight	20%	25-30 hours

Where to Start: Domain 1 (General Security Concepts, 12%)

Even though Domain 1 has the smallest exam weight, it establishes the foundational vocabulary and concepts that every other domain builds on. Start here. If you do not understand the CIA triad, the differences between authentication and authorization, or basic security control categories, the more advanced domains will not make sense.

Key topics to nail in Domain 1: security control categories (technical, managerial, operational, physical), the CIA triad and its application, zero trust architecture concepts, and basic cryptographic concepts. Spend 2-3 weeks here if you are new to cybersecurity.

The Heavy Hitters: Domains 2 and 4 (50% Combined)

Domains 2 (Threats, Vulnerabilities, and Mitigations) and 4 (Security Operations) together account for half the exam. If you are short on time, these two domains offer the highest return on study investment.

Domain 2 covers threat actors, attack vectors, vulnerability types, and mitigation strategies. This is where you need to know the difference between a zero-day exploit and a known vulnerability, understand social engineering techniques, and recognize indicators of compromise. Practice questions here should focus on scenario-based identification: "A user reports they received an email from IT asking them to reset their password via an unfamiliar link. What type of attack is this?"

Domain 4 covers monitoring, incident response, digital forensics, and data management. The performance-based questions on the exam frequently draw from this domain, so you need hands-on familiarity with concepts like log analysis, SIEM alerts, and incident response procedures.

The Tricky One: Domain 5 (Security Program Management, 20%)

Domain 5 catches many test-takers off guard because it covers governance, risk management, and compliance topics that feel less "technical" than the other domains. Do not underestimate it. Questions about risk assessment methodologies, security policies, regulatory frameworks (GDPR, HIPAA, SOX), and third-party risk management require specific knowledge that you cannot guess your way through.

Pro Tip: Use Interleaving Across Domains

Instead of studying Domain 1 for a full week, then Domain 2 for the next week, mix your practice sessions across multiple domains each day. Dunlosky's research (2013) shows that interleaving topics during study produces 20-30% better retention than blocked practice, even though it feels harder in the moment. A good daily session might include 10 questions from your current focus domain and 5 questions from previously studied domains.

Tracking your performance by domain is essential for efficient studying. If you are scoring 90% on Domain 1 but 55% on Domain 4, you know exactly where your remaining study hours should go. Practice exams with domain tracking give you this data automatically, so you are not guessing about where your weaknesses are.

How Do You Build a Study Habit That Actually Sticks?

Start with 15 minutes a day. It takes ~66 days for a habit to become automatic (Lally, 2009). The best study method in the world is useless if you do not actually sit down and do it consistently. That 66-day timeline is right in the range of a typical Security+ study plan.

The key to consistency is starting absurdly small. James Clear, who synthesized decades of habit research in Atomic Habits, calls this the "two-minute rule": when building a new habit, start with something you can do in two minutes or less. For Security+ studying, that means starting with a commitment of just 5-10 practice questions per day, not a two-hour study marathon.

The Minimum Viable Daily Habit

Fifteen minutes of active recall practice per day will produce better results over eight weeks than three-hour weekend cram sessions. Here is why: those 15-minute sessions, spread across every day, create 56 retrieval events over eight weeks. Three-hour weekend sessions create only 8. Each retrieval event strengthens memory independently, so more frequent shorter sessions beat fewer longer ones.

Sample Daily Study Schedule (8-Week Plan)

Morning (15 min): 10-15 practice questions from your current focus domain

Lunch break (10 min): Review flashcards (spaced repetition session)

Evening (20 min): Read one section of study material, then immediately do the 3-2-1 recall exercise

Weekend (60-90 min): Full practice exam to simulate test conditions

Total: ~5.5 hours/week. See our complete 30-day study plan for a day-by-day breakdown.

Streak Psychology: Do Not Break the Chain

Jerry Seinfeld famously described his productivity secret as putting a red X on the calendar every day he wrote jokes, then "not breaking the chain." This simple visual streak tracking leverages loss aversion, the psychological finding that people are roughly twice as motivated to avoid losing a streak as they are to gain a new reward (Kahneman and Tversky, 1979).

Apply this to Security+ prep by tracking your study streak. Even on days when you are exhausted or busy, doing just 5 practice questions keeps the chain intact. The psychological cost of breaking a 14-day streak is often enough motivation to do a short session when you otherwise would have skipped.

When to Take the Exam: Readiness Signals

How do you know when you are actually ready? Do not rely on gut feeling. Use data:

Practice exam scores: Consistently scoring 80% or above on timed practice exams (the passing score is 750/900, roughly equivalent to 83%, but practice exams are typically slightly harder than the real thing)
Domain balance: No single domain below 70%. A score of 95% in four domains will not save you if you score 40% in the fifth.
Trend line: Your scores should be trending upward over the last two weeks. If they have plateaued or dropped, you need more time.
Performance-based comfort: You can work through scenario-based questions without freezing. You understand not just the "what" but the "why" behind security controls.

For a detailed look at how long you should study based on your background, check our time guide. Most people with some IT background need 6-10 weeks of consistent study. Career changers with no IT experience should plan for 10-16 weeks.

What Should You Do Right Now?

Seven actionable takeaways, starting with "stop re-reading."

Stop re-reading and highlighting. They feel productive but produce the lowest retention rates of any study method.
Start with active recall. Practice questions are not just for testing yourself. They are the most powerful learning tool available. Use them from day one, not just the week before the exam.
Space out your reviews. Study the same material at increasing intervals. Flashcards with spaced repetition scheduling automate this for you.
Mix your domains. Interleave practice across multiple Security+ domains in each session instead of grinding one domain at a time.
Add competitive pressure. Study with a partner, compete on a leaderboard, or challenge yourself to beat your own previous scores. A little pressure goes a long way.
Prioritize Domains 2 and 4. They make up 50% of the exam. Allocate your study time accordingly.
Build the daily habit first. Fifteen minutes every day beats three hours once a week. Consistency compounds.

The difference between the people who pass Security+ on the first attempt and those who do not is rarely about intelligence or talent. It is about method. Every day you spend studying passively is a day closer to your exam with less retained than you think.

If you want to see how your current knowledge stacks up, grab some free practice questions and test yourself. Or if you already know what you are up against, jump straight into practice.

Ready to put active recall into practice?

Start with 15 free practice questions per day. No credit card required.

Start a Practice Battle Take a Practice Exam