Performance based testing is one of the biggest changes coming to CompTIA certification exams. If you’re planning on taking the A+, Network+, or Security+ exams, you can expect to see these types of questions soon.
What are Performance Based Questions?
Performance based testing requires you to actually perform a task or solve a problem to answer a question. When you start the question, you’ll be in a simulated environment such as a command prompt or Windows environment. You will perform the task and then click Done to complete the question.
In the past, most CompTIA questions have been multiple choice where you pick one or more answers from a list of valid choices. Multiple choice questions are good to test certain types of knowledge but they aren’t the best if you want to verify that a person can perform a task.
Imagine if the police or military tested sharp shooters with a multiple choice exam. It just doesn’t work. Instead, sharp shooters are required to demonstrate their skills on a shooting range, by firing live bullets at a target.
Similarly, there are many technical skills that can’t be accurately tested with multiple choice questions. Instead, many certification exams require you to perform a specific task in a simulated environment.
Performance Based Testing Example
In demos I’ve seen by CompTIA personnel, they describe a scenario where you are given a task such as this:
“You need to navigate to the c:\data folder and then change the study.txt file to read-only using appropriate commands.”
You are then prompted to click a button to launch a simulated environment. When you click it, you’ll see a command prompt similar to Figure 1.
Figure 1. Simulated command prompt window.
The first challenge is changing the current folder (or directory) and you’ll need to know that you use the cd (change directory) command to do so, and you’ll also need to know the proper syntax. The following command shows how:
Alternatively, you can also use this command:
It’s important to understand there are different ways to accomplish a task because there are many times when a simulation will only accept one method. In other words, even though both commands will work in the real world, they won’t necessarily work in the simulated environment.
The screen now looks like Figure 2. Notice that the prompt shows c:\data as the current directory.
Figure 2. Command prompt after changing the directory.
After changing the directory with the cd command, the next challenge is to change the file’s attributes from the command prompt.
You might know how to do this from Windows Explorer, but you won’t have access to Windows Explorer. Instead, you’ll have to use the attrib command.
In this case, you’ll need to know that you use a minus (-) to remove an attribute and a plus (+) to set the attribute. You’ll also need to know that the attribute you need to change is the read-only attribute and that the command used to change the read-only attribute is r.
The format of the command to set the read-only attribute is: attrib +r filename. The file name is study.txt so the actual command is:
attrib +r study.txt
After entering the command, the screen will look similar to Figure 3.
Figure 3. Command prompt after changing the attribute.
At this point, you have successfully answered the question. You’ll be able to click the “Done” button and you can move on to the next question.
You might have noticed that the attrib command doesn’t give you any feedback when you enter it successfully. If you enter it incorrectly, you’ll see an error, but when you enter it correctly, it simply performs the command and returns the same prompt.
In real life, you can use the attrib command by itself to see the attributes for all the files in the current directory as shown in Figure 4. However, supporting the attrib command usage like this requires additional programming for the simulation, so it might work in the simulated environment and it might not. It depends on how much detail they choose to add to the simulation.
Figure 4. Command prompt showing attributes.
In the graphic, you can see that the R attribute is set indicating the file is set to read-only. The A attribute is the archive attribute indicating that the file has not been archived (backed up) or has been modified since the last back up.
Read the Question
As with any test question, it’s important that you read the wording of the question carefully. For example, the previous question indicated that you needed to perform two tasks:
Navigate to the c:\data folder
Set the attribute to read-only
In real life, you could achieve the same result in one command like this:
attrib +r c:\data\study.txt
Using this command, you’ll achieve the correct result. However, it’s very likely the question would be graded as incorrect because you didn’t do it as two steps.
Similarly, this would also be marked as incorrect:
attrib -r study.txt
This command clears (instead of sets) the read-only attribute.
How Many Performance Based Questions Should I Expect?
These questions take a lot more effort for CompTIA to create than a typical multiple choice question. A programmer has to create the simulated environment so that it looks realistic and supports multiple actions. All of this costs time and money. With this in mind, I don’t expect to see more than about five or six questions for any exam.
Do I Get Partial Credit?
A common question people ask when taking these types of questions is if they get partial credit if they correctly perform part of the problem but not all of it. For example, if you correctly change the directory but do not change attribute, would you get any credit?
CompTIA isn’t saying, but I wouldn’t be surprised if they don’t award partial credit for these performance based questions. In other words, the question is testing your ability to complete a task and either you can, or you can’t. Think back to the sharp shooter. Perhaps he can successfully load bullets into a gun but cannot hit a target. Should he get partial credit?
How Are These Questions Graded?
CompTIA isn’t giving any specifics about how the questions are graded but you can certainly expect them to be worth more than a typical multiple choice question. These questions are much deeper and require more knowledge to answer correctly.
If a regular question is worth 8 points on a CompTIA scale of 100 to 900, a performance based question might be worth 24 points or even 32 points. You can probably afford to get one or two of these wrong but if you answer them all incorrectly, you’ll probably fail the exam.
Performance Based Testing and the Command Prompt
The command prompt is relatively easy to simulate for a performance based question. Also, the command prompt has many similarities between operating systems so it’s easier to create vendor neutral questions. Because of this, make sure you have a good understanding of any command prompt objectives for the exam you plan on taking.
Along those lines, if you’re looking for a book that has in-depth coverage of the command prompt, you might like to check out this book: Windows 7 Portable Command Guide (ISBN 978-0789747359). It provides straightforward coverage of how to use the command prompt with a wealth of examples showing exactly what to type to accomplish specific tasks.
Performance Based Testing in the CASP Exam
CompTIA first used performance based testing in the CompTIA Advanced Security Practitioner (CASP) exam when it was released in beta format. It has continued to be a part of the CASP exam since.
The CASP exam only gives you a score of pass/fail rather than a numerical score. This is different from other CompTIA exams and it’s not clear if they’re doing this because of the performance based questions or because of some other reason.
Performance Based Testing in the A+ Exam
The next version of the A+ exam has two exams (220-801 and 220-802) and they are due out in October 2012. CompTIA has been saying for several months that these exams will include performance based testing.
The command prompt is included in many of the objectives, so you can expect performance based questions using the command prompt on the A+ exams. Another strong possibility is usage of different Control Panel applets. For example, you might be tasked with launching the firewall through the Control Panel and enabling it. The exam objectives specifically state that you should be able to navigate the Control Panel using the icon or list view, so you should be familiar with how to change the view from Category view to one of the list views.
One way to ensure you are prepared for these types of questions is to get as much hands on as possible. You can get some of this in a classroom such as with the CompTIA A+ Boot Camp Course at InfoSec Institute.
Also, the CompTIA A+ Training Kit (Exam 220-801 and Exam 220-802) (ISBN 978-0735662681) includes many different exercises written specifically with these performance based questions in mind. As you’re reading the book, go through the exercises and you’ll be better prepared to correctly complete these questions.
Don’t panic if you’re currently studying for the 220-701 and 220-702 exams. They will continue to be available until August 31, 2013 and CompTIA doesn’t plan on adding performance based testing to these exams.
Performance Based Testing in the Network+ Exam
CompTIA plans on adding performance based questions to the current version of the Network+ exam (N10-005) sometime in the last quarter of 2012 (October, November, or December).
Just as with the A+ exam, I see a lot of possibilities with the command prompt for performance based testing on the Network+ exam. As a simple example, you might be tasked with removing a Dynamic Host Configuration Protocol (DHCP) lease for a client and then obtaining a new lease. When you launch the simulation, you’ll see a command prompt. You’ll then need to enter the following two commands:
The first command releases the current DHCP lease and the second command requests a new lease.
InfoSec Institute has an intensive five-day course that can help you prepare for this exam.
Performance Based Testing in the Security+ Exam
The current version of Security+ is SY0-301 and CompTIA plans on adding performance based testing questions to this exam in the first quarter of 2013 (January, February, or March).
InfoSec Institute also has a Security+ Training Boot Camp.
Once again, I see many possibilities with the command prompt.
As an example, you might be asked to calculate the hash on a file and when you click the button, the simulated environment will put you into a command prompt simulation. If you type in dir and press Enter, you’ll see the files in the directory and you might have the md5sum or sha1sum executable file.
You’ll need to be familiar with how to use these programs to calculate a hash. For example, you can calculate the Message Digest 5 (MD5) hash of a file named study.txt with the following command:
The program then outputs something like this:
The first string of hexadecimal characters is the hash of the file, and the file name (study.txt) is after the star (*).
A similar example is in the CompTIA Security+: Get Certified Get Ahead: SY0-301 Study Guide (ISBN 978-1463762360) in the cryptography chapter.