Why Take the Security+ Exam?
As cyberattacks increase in frequency and complexity, the demand for IT pros with infosec skills continues to soar. If you're looking to diversify your skill set or want to shift gears, adding infosec to your skill set is as good a bet as any.
And when it comes to getting certified, CompTIA Security+ is great starting point. CompTIA certifications are vendor-neutral, meaning the knowledge and skills they cover can be applied universally — regardless of vendor. As such, Security+ can provide you the foundation needed to pursue a variety of infosec certifications and careers. Here's a closer look at why Security+ certification is worth earning.
Security+ and the IT Professional
Threats to our IT infrastructure are an ever-present danger, and they cannot be ignored. Working as an IT professional requires constant vigilance. IT security is a team effort. One that requires the participation of every user and operator in the organization. Any weakness can spell disaster for an unsuspecting business. The bad guys only need to succeed once to wreak havoc on your network. That's why you need to maintain a robust security system to protect your valuable resources and confidential data.
IT professionals who know little about security can be a risk to the network. It is not enough to know how to create, configure, and maintain an IT infrastructure if you don't know the first thing about how to protect it. Just as you are always security-conscious when you drive a car or walk down the street, you should keep a constant watch for potential hazards in the network.
The dangers may come from malicious attacks, or they could be risks due to improper network management. And the vulnerabilities are myriad. That's why it's important to harden servers, network devices, data pathways, and physical facilities to prepare for the worst-case scenario. Remember Murphy's Law.
1.0 Threats, Attacks and Vulnerabilities: 21%
The threats continue to pile up. It's a lot of work to stay ahead of them. There is so much malware out there, and it comes in many forms. Viruses, worms, adware, spyware, bots, trojans — all these and more can inflict significant damage quickly. Security professionals must decide on the best software to combat all this malware, and they have to make sure that it remains up-to-date.
Along with dealing with malicious software, it's important to know the various tactics and strategies used by hackers. Some of them employ social engineering, taking advantage of people who drop their guard. Other types of attacks employ long-used methods that attempt to alter, bypass, or otherwise tamper with legitimate software applications. Code injection, buffer overflows, distributed denial of service (DDoS), and cross-site scripting are just some of the ways hackers will try to mess with your network.
You need to be aware of all of these attack strategies so you will know how to defeat them. The more you know, the better you can protect your network.
2.0 Technologies and Tools: 22%
Anyone who works in security must have a basic understanding of network technologies
You need to know how routers, switches, firewalls, load balancers, and other network devices operate. And it's hard to get by without familiarity of network protocols and configuration concepts.
You don't need fancy tools to do basic network troubleshooting. The same tools that help you solve network problems can be effective in tracking down security issues: command line navigation, IP address ping-ing with tracert, ipconfig result reading.
Implementing secure protocols is also part of this objective. The Security+ exam includes use cases that create security in email, web pages, remote access, routing and switching, and file transfer. The ability to add security like this is justification enough for preparing for the exam.
3.0 Architecture and Design: 15%
Do you know the best practices for setting up a network? You have to make it more than just functional. You have to make sure it meets both regulatory and non-regulatory industry standards. Government compliance is an essential part of your network. Networks are generally defined by specific frameworks —not patched together willy-nilly—and that will have a big impact on how you do your security.
The architecture of your network is important too: intranet, extranet, VLANs, virtualization, wireless. There is no cookie-cutter implementation for network security. It all depends on the type of network and how it is set up.
There's a lot to know within this orbit. Cloud deployment models, DevOps, embedded systems—it's all here. There's even a section on physical security controls such as mantraps and biometrics. The Securty+ exam is so broad that there is no way to even mention all its components in an article like this. Here's one that takes an-depth look at the exam's topics.
4.0 Identity and Access Management: 16%
Authentication, authorization and accounting (AAA) is an age-old model for dealing with the way people use computer networks. It's all about granting access to systems, regulating permissions, and tracking usage. Many applications now include multi-factor authentication, which means you are using more than one thing to verify your identity. Some systems allow for single sign-on, where one login grants you access and permissions to multiple services.
Identity management is a growing field. State-of-the-art technologies use the voice, eye, or fingerprint for identification. Methods like these will be increasingly adopted as we look to the future. Studying for the exam will give you a current overview of what's on the market.
5.0 Risk Management: 14%
Security professionals need to be ready for catastrophe. If you don't have a disaster recovery and business continuity (DR/BC) plan, you and your organization could suffer unnecessarily. Before all this happens, there needs to be a committee that examines all the possible disaster scenarios and documents a step-by-step plan of action for dealing with them.
Even smaller, everyday outages can impact your business. Security+ covers such concepts as mean time to restore (MTTR), mean time between failures (MTBF), and single point of failure (SPOF), which help guard against outages. The exam also deals with risk assessment concepts that will help you evaluate and plan your network security. Change management is a significant matter for every organization because downtime is never a good thing.
6.0 Cryptography and PKI: 12%
Encryption is a major part of network security. Symmetric encryption uses a single, private key, while asymmetric encryption uses both a public key and a private key. Encryption keys are used in digital signatures to verify the software's source and integrity. If you don't know anything about cryptography and the public key infrastructure (PKI), then you don't know enough about security.
The exam will cover symmetric algorithms (such as AES, DES, and RC4), asymmetric algorithms (such as RSA and DSA), and related protocols (such as WPA and EAP). You'll need to know about streaming vs. block algorithms. And it covers concepts like trust models and certificate authorities.
Encryption is part of any secure website, and it's used by developers to protect their intellectual property. Every IT professional needs to know something about encryption.
Studying for Security+ is not just for those wanting to become network security experts. Even a layman can find a lot of useful info in preparation for the test. And for IT professionals, Security+ is a valuable cert because of all the things you'll learn as you get ready for it. These are concepts that will help you for the rest of your career as an IT professional.