If you haven’t gotten it already you absolutely need to get the Security+ and we are going to show you exactly why. Of course there are other certifications like the CISSP that may be better career wise but none give you that quick stepping stone into the industry as quick as the Security+ Plus. You can study for the Security+, take the exam and be ready to apply for information security positions in just a couple months and this is why you absolutely need this certification if you don’t have any of the higher level certifications already.
The non-profit Computing Technology Industry Association (CompTIA) offers a number of vendor-neutral certifications to IT and cyber-security professionals. CompTIA certifications can be divided into four categories namely (a) core certifications, (b) infrastructure certifications, (c) Cybersecurity certifications, and (d) additional professional certifications. Security+ certification falls into the core certification category. CompTIA Security+ is a vendor-neutral entry level certification that validates the baseline cyber-security skills and knowledge of the professionals. This includes systems installation skills, configuration skills, securing (devices, applications, and networks) skills, knowledge of cyber-threats and analyses, risk mitigation techniques, and different cyber laws, policies, and regulations.
Security+ Plus Fast Facts
- First offered in 2002
- Vendor neutral certification
- Compliant with the ISO 17024 standards
- Approved by the US Department of Defense (DoD) under 8140/8570.01-M directive
- Accredited by American National Standards Institute (ANSI)
Security+ Exam History
As the technology evolves, CompTIA updates the format of the Security+ exam to keep up with the current technology and best security practices. The SY0-101 was the first exam version of Security+ certification offered in 2002. SY0-101 was replaced by SY0-201 in 2009, focusing on Systems security domain. In 2011, CompTIA announced SY0-301 version of the exam by making Cloud computing and other significant information security updates part of the exam. CompTIA updated the exam version to SY0-401 in 2014, focusing on access control and risk management areas. The SY0-501 is the latest Security+ exam version launched in October 2017. The current version focuses on six different IT and cyber-security domains mentioned below.
- Technologies and Tools
- Threats, Attacks, and Vulnerabilities
- Identity and Access Management
- Architecture and Design
- Risk Management
- Cryptography and PKI
Who Should Earn Security+ SY0-501
Security+ SY0-501 suits to the IT professionals who want to showcase their IT skills and knowledge, such as systems installation, threat management, risk management, identity and access management, and information security. The people having Security+ SY0-501 credentials can have the following key career positions.
- Network administrators
- System administrators
- Junior IT auditors
- Penetration testers
Security+ SY0-501 Eligibility
Since Security+ Plus SY0-501 is an entry level certification, there are no prerequisites to take Security+ SY0-501 exam. The exam however needs good IT understanding and cyber-security skills. Having two years’ work experience in the IT field is a plus but not mandatory.
Security+ SY0-501 Exam
The current Security+ SY0-501 CompTIA exam consists of a maximum of 90 questions from all the six domains explained below. There are multiple choices and performance based questions in the exam. The test duration is 90 minutes, requiring a score of 750 for passing the exam. The passing score of 750 is graded on a scale of 100-900. The following table presents the contribution of each domain in terms of exam percentage.
CompTIA Security+ Domains
Following is a brief description of all the domains that are covered in CompTIA Security+ exam.
Domain-1 Technologies and Tools: The 22% of the Security+ SY0-501 exam comprise of questions from Technologies and tools domain. The domain requires the following knowledge and skill sets from the candidates.
- Installation and configuration of network components to support the security of the organizations. Firewalls, routers, switches, and load balancers are example network components.
- Assessing the security posture of the organizations through different appropriate tools. Protocol analyzers, network scanners, password crackers, exploitation frameworks, honeypots, and command line utilities like nmap, netcat, and tracert are the example software tools that are used to assess the security posture.
- Knowledge of troubleshooting common security issues like misconfigured devices, permission issues, access issues, data security issues, logs and event anomalies, and authentication issues.
- Analyzing and interpreting the results from security technologies like Web Application Firewalls (WAFs), intrusion detection systems, and Data Loss Prevention (DLP) systems.
- Secure deployment of mobile devices in given scenarios.
- Implementation of security protocols in given scenarios.
Domain-2: Threats, Attacks, and Vulnerabilities: Threats, attacks, and vulnerabilities constitute 21% of the SY0-501 exam. Candidates should focus on the following domain knowledge and skills to better prepare for the Security+ exam.
- Analyzing the vulnerabilities indicators and determining the malware types whether the found malware are virus, bots, Trojans, RATs, or ransomware etc.
- Comparing different cyber-attacks, such as social engineering, application or service attacks, and cryptographic attacks.
- Knowledge of threat actors and attributes.
- Knowledge of penetration testing concepts.
- Knowledge of different vulnerabilities and their impact.
- Knowledge of vulnerabilities scanning concepts.
Domain-3 Identity and Access Management: The ratio of identity and access management domain in SY0-501 exam is 16%. Candidates should have the following knowledge of the domain.
- Comparison of the identity management and access management concepts.
- Knowledge of installation and configuration of the identity and access management services in given scenarios.
- Implementing the identity and access management controls in given scenarios.
- For given scenarios, differentiating between different account management practices, such as account types, general concepts, and account policy enforcement.
Domain-4 Architecture and Design: The 15% of the questions in Security+ exam are about architecture and design domain. The domain covers the following key concepts.
- Knowledge of different frameworks, best practices, use cases, and security-wise best configuration guides.
- Ability to implement secure network architectures in given scenarios.
- Implementing secure systems designs in given scenarios.
- Knowledge of secure staging deployments.
- Concepts of secure application development and deployment.
- Understanding of Cloud and virtualization concepts.
- Knowledge of automation strategies those are helpful in reducing risks.
- Knowledge of security controls and their importance.
Domain-5 Risk Management: Risk management domain makes 14% of the SY0-501 exam. The candidates must have the following knowledge and expertise to solve exam questions related to risk management domain.
- Knowledge of policies, procedures, and plans related to security of the organizations.
- Knowledge of risk management processes and key concepts.
- Understanding of incident response plans and processes in given scenarios.
- Having basic Forensic concepts.
- Concepts of disaster recovery and business continuity operations.
- Knowledge of implementing data security and privacy for given scenarios.
Domain-6 Cryptography and PKI: Security+ Plus SY0-501 exam contains 12% questions about cryptography and Public Key Infrastructure (PKI). Candidates having the following cryptographic concepts have better chances to solve the exam questions related to cryptography and public key infrastructure.
- Basic concept of cryptography, such as encryption, decryption, hashing, digital signatures etc.
- Knowledge of cryptographic algorithms and their properties. Examples include symmetric algorithms, asymmetric algorithms, cipher modes, hashing algorithms, and key stretching algorithms.
- Knowledge of wireless security settings, such as installation and configuration settings.
- Knowledge of implementing Public Key Infrastructure (PKI) for given scenarios.
Security+ Certification Renewal
CompTIA Security+ certification is valid for 3 years. The certification must be renewed after every 3 years. The candidates can keep the certification updated through Continuing Education (CE) program. The CE program involves activities and training related to Security+ certification content. CertMaster CE is an online self-paced course designed for the Security+ holders. The candidates can renew Security+ certification by completing the course. The other option is to earn 50 CE units and upload them to the certification account to automatically renew the certification. Candidates can also retain the Security+ certification by acquiring higher CompTIA certifications.