CompTIA Security+ may be a security certification offered by the Computing Technology Industry Association (CompTIA), a U.S.-based trade and industry nonprofit. Security+ is one among a set of certifications that CompTIA offers across multiple IT disciplines; it's focused on entry-level security professionals and is one among the foremost popular.
Like any well-regarded certification, CompTIA Security+ can help boost your career and your earning power. We'll probe the small print of this cert's potential impact for you later during this article; first, let's check out who should aim for this certification and obtain some practical information on the CompTIA Security+ exam, the test that anyone seeking this cert must pass.
Is CompTIA Security+ for beginners?
In a word, yes, CompTIA Security+ is supposed for people relatively new the sector who are getting to pursue a career in cybersecurity.
CompTIA describes the Security+ certification as "the first security certification a candidate should earn. It establishes the core knowledge required of any cybersecurity role and provides a springboard to intermediate-level cybersecurity jobs." the precise big-picture skills candidates got to be certified are the power to:
- Assess the safety posture of an enterprise environment and recommend and implement appropriate security solutions
- Monitor and secure hybrid environments, including cloud, mobile, and IoT
- Operate with an awareness of applicable laws and policies, including principles of governance, risk, and compliance
- Identify, analyze, and answer security events and incidents
CompTIA Security+ prerequisites
Unlike other certifications just like the CISSP, which require variety of years of industry work experience, the sole formal requirement for Security+ is that you simply pass the exam.
That said, the exam isn't something you'll enter blind: CompTIA recommends it for people that have already got a minimum of two years of industry experience. And albeit you've got that background, you almost certainly are better versed in some areas that the exam covers than others. So, while there are not any formal prerequisites for taking the exam, you'll be wanting to organize and study before taking it.
How long is that the CompTIA Security+ exam?
The Security+ exam is, within the words of CompTIA, "no longer than 90 questions," and you will be answering them on a computer.
There are three sorts of questions on the exam: multiple choice questions, where some questions have quite one correct response; drag-and-drop questions, which involve dragging labels onto the right components on a diagram; and performance-based questions, during which you want to solve problems during a simulated environment. Here's a non-interactive check out what the drag-and-drop questions are like, and here's an interactive example of a performance-based question. (Both examples are literally from one among CompTIA's networking cert exams, but they provide you a way of what the format is like.)
The maximum amount of your time you've got to require the exam is 90 minutes. you will need to require a while after you reach the test center to see in, so confirm you get there well before your scheduled appointment. CompTIA says that the majority of the multiple-choice questions, which should take less time to answer than the opposite types, are going to be towards the top of the test.
CompTIA Security+ exam cost and site
Taking the CompTIA Security+ exam costs $370 within the us, and is priced comparably in other countries; see this table for more details. For those living in lower income "emerging market" countries, a special rate of $207 U.S. dollars is out there.
The test is run by Pearson VUE. you'll take the test at one among Pearson VUE's worldwide test centers, or also can do so on your computer, although within the latter scenario you'll be monitored by a proctor via your webcam to make sure that you are not cheating.
CompTIA Security+ objectives
In CompTIA lingo, objectives are things that somebody seeking certification should be ready to do—tasks they ought to be ready to perform, or knowledge they ought to be ready to demonstrate. For CompTIA Security+, objectives include things like "Compare and contrast differing types of social engineering techniques" and "Given a scenario, implement host or application security solutions." Exam questions are tailored to form you prove you'll meet one or more of those objectives.
CompTIA organizes certification objectives into topic areas called domains. For the CompTIA Security+ 601 exam, these are the domains, along side the share of the exam which will be spent on each:
- Attacks, Threats, and Vulnerabilities: 24%
- Architecture and Design: 21%
- Implementation: 25%
- Operations and Incident Response: 16%
- Governance, Risk, and Compliance: 14%
Each objective is slotted under one among those domains (e.g., "Compare and contrast differing types of social engineering techniques" is within the "Attacks, Threats, and Vulnerabilities" domain.)
CompTIA makes a comprehensive list of all the objectives and their corresponding domains for the Security+ 601 exam public for anyone who's interested. This document includes an inventory of example elements which may factor into each objective. as an example, for "Given a scenario, analyze potential indicators to work out the sort of attack," it lists malware, password attacks, physical attacks, adversarial AI, supply-chain attacks, cloud-based vs. on-premises attacks, and cryptographic attacks, but it also notes that "these content examples are meant to clarify the test objectives and will not be construed as a comprehensive listing of all the content of this examination."
CompTIA Security+ jobs and salary
CompTIA Security+ is, as mentioned, aimed toward security pros within the early stages of their careers. CompTIA lists variety of specific job titles whose duties are covered by the domains tested for on the Security+ exam (Note: salary data from Glassdoor reflects the national average):
- Systems administrator — $75,000
- Security administrator— $86,000
- Security specialist— $64,000
- Security engineer— $110,000
- Network administrator— $69,000
- Junior IT auditor/penetration tester— $84,000
- Security consultant— $121,000
Of course, confine mind that a CompTIA Security+ certification alone isn't enough to snag one among these jobs, and many of individuals get jobs with those titles aren't Security+ certified. And, since CompTIA Security+ is supposed for people at the beginning of their security careers, salaries could also be on the lower end of the range for every role.
Is CompTIA Security+ worth it?
The truth is that no certification may be a guarantee of a specific job or a specific salary. it might be great if we could point at some guaranteed bump in income that comes with a cert, but that's simply impossible. The question is typically approached the way the Newtrix blog breaks it down: a glance at the standard salaries earned by job titles that the certification qualifies for (ranging from $55,0000 to $148,000 for Security+) and noting that, in many surveys, hiring managers for jobs like these say that certifications definitely fall on the list of things they appear for during a candidate. this is not an absolute rule that tells you that if you invest the time and money to urge a CompTIA Security+ certification, you'll definitely make a salary therein band; but there's definitely a robust correlation, particularly if you are looking to face out on an inventory of potential hires.
One specific employer for whom a Security+ certification is extremely helpful? The U.S. Department of Defense. DoD directive 8570 lists variety of specific certifications that are required surely roles within the department, and Security+ is on the list.
CompTIA Security+ study guides and training
CompTIA offers variety of coaching courses and study guides, many available in "bundles" with the test itself for fewer money than buying each individual component separately.
If you're curious about third-party training and study resources, Exams4sure features a good roundup. especially, they point to training courses from Exams4sure, Learning Tree, and Knowledge Hut as highly rated and well-respected. When it involves study guides, two of the simplest are the CompTIA Security+ All-in-One Exam Guide, and Sybex's CompTIA Security+ Certification Kit.
CompTIA Security+ practice test
If you would like to slave and run through some practice tests yourself, you'll get some direct from CompTIA itself, also as a group offered through Exams4sure.com.
Please note, though, that while these tests are meant to point out you what the important exam is like, you will not see questions here taken verbatim from real tests. Without an excessive amount of Googling, you'll likely find what are labelled "brain dumps": crowdsourced documents where people that have just taken the exam list as many questions as they will remember. CompTIA considers using these to be cheating, and moreover points out that simply memorizing rote answers to questions defeats the aim of certification; you ought to be expanding your skillset in order that you'll know the answers and may perform well on the work, not merely memorizing what word to reply to a prompt with.
Renewing your CompTIA Security+ certification
Remember how we said above that the Security+ exam is refreshed every three years? Well, your certification is on an equivalent cycle. you'll recertify by taking continuing education courses, acquiring a higher-level certification, or taking a recertification exam
