The ultimate guide to CompTIA's Security+ certification [updated 2021]
One of the quickest ways to develop cybersecurity skills and gain some experience is by earning one of the many respectable certifications. Which leads to an important question: what is the ideal certification for an entry-level professional?
The CompTIA Security+ is one of the best options for professionals wishing to start a career in information security. According to CompTIA, this is the first security certification IT professionals should earn to work in this high-demand field, as it “establishes the core knowledge required of any cybersecurity role and provides a springboard to intermediate-level cybersecurity jobs. Security+ certification incorporates best practices in hands-on troubleshooting, ensuring candidates have practical security problem-solving skills.”
Here are a few important points that you should know about this certification.
What is the Security+ certification?
CompTIA Security+ is a vendor-neutral, entry-level, global information security certification. It validates the baseline skills necessary for fulfilling the DoD 8570 compliance to perform core security functions and pursue an IT security career.
This is a great option for professionals that are just starting their careers, as the Security+ focuses on hands-on practical skills, making sure certification holders are better prepared to solve problems from a wider variety of issues.
The topics covered by this certification are based on the latest trends and techniques in risk assessment and management, incident response, forensics, enterprise networks, hybrid/cloud operations and security controls, ensuring high performance on the job. In its latest update, the Security+ certification covers the Junior IT Auditor/Penetration Tester job role, in addition to the previous job roles such as systems administrator, network administrator and security administrator.
How does one earn the Security+ certification?
The new CompTIA Security+ SY0-601 exam has been available since November 12th, 2020. To successfully pass, candidates must prove they have the knowledge and skills necessary to:
- Assess the security posture of an enterprise environment and recommend and implement the appropriate security solutions
- Monitor and secure hybrid environments, including cloud, mobile and IoT
- Operate with an awareness of applicable laws and policies, including principles of governance, risk and compliance
- Identify, analyze and respond to security events and incidents
The exam objectives (domains) and associated weight percentages that are covered during the exam include:
- Attacks, Threats and Vulnerabilities (24%)
- Architecture and Design (21%)
- Implementation (25%)
- Operations and Incident Response (16%)
- Governance, Risk and Compliance (14%)
The Security+ exam costs $370 USD and has 90 multiple-choice questions that must be answered in 90 minutes. Candidates must obtain a minimum score of 750 (on a scale of 100-900).
Are there prerequisites for this certification?
The Security+ is an entry-level certification, so here is some good news. For the SY0-601 exam, there are the following recommended (but not required) prerequisites: CompTIA Network+ and two years of experience in IT administration with a security focus. Nevertheless, the certification needs to validate the candidate's skill set and requires at least a baseline knowledge of network- and host-based security best practices.
The CompTIA Security+ certification was designed for an IT security professional who has:
- Sufficient IT security knowledge
- Core technical information security experience
- Broad knowledge of security concerns and implementation, including the topics in the domain list
Why should you choose Security+?
Even for entry-level positions, information security professionals must be qualified and able to demonstrate experience. After all, protecting a company from cybersecurity threats is a big responsibility: a single failure by any part of the security team could mean a huge loss in terms of profit or even reputation for the company.
Choosing your first information security certification is a significant step in advancing your career. There are many paths to becoming a cybersecurity expert, but it will not happen overnight. Every step in this journey must be carefully planned and based on short-, medium- and long-term goals. A certification should be way more than an alphabet soup that appears after your name on social networks. Well-chosen certifications should create a set of stepping stones for meaningful skill and knowledge development, especially for professionals who are just starting their cybersecurity careers.
The SY0-601 exam fits perfectly into a set of ideal professional and career characteristics, as a solid entry-level certification that is well-regarded in the field. It can help one stand out from the crowd and prove a level of proficiency. So, even just for that reason, this credential is definitely worth investing in.
One of the key points is how this exam focuses on practical knowledge. For instance, it provides candidates the necessary skills for positions like systems administrator, security administrator, IT auditor, IT project manager, network/cloud engineer, DevOps/software developer, help desk manager/analyst and security engineer/analyst.
Another important fact is that the Security+ stands out as one of the most in-demand certifications, constantly mentioned in job descriptions on websites such as Simply Hired, Monster or LinkedIn Jobs.
To summarize, the Security+ is great for developing the necessary skills for cybersecurity positions, highly recognizable globally with ISO/ANSI accreditation status. While it may pose a challenge, any dedicated candidate can be successful with proper preparation. This covers every base for making the Security+ your first certification.
Concluding thoughts
The information security analysts’ market is hot. There are many jobs out there! For those with the right skill set, the salaries in the field can be high. In fact, for PayScale the average salary is around $73,550 per year; for BLS, the median annual wage was $103,590 in March 2022. With the field projected to grow 33 percent from 2020 to 2030, right now there are more open positions than qualified professionals available. If you ever thought of starting a career in cybersecurity, this is probably the best time to do so.
Even for entry-level positions, however, information security professionals must be qualified and demonstrate a good level of experience. Building a sound knowledge base and acquiring the right practical skills for the job are necessary. Certifications can help pinpoint the baseline topics and information needed to excel in the chosen field, and there is no doubt that the Security+ certification offers significant benefits and is definitely a wise choice for any professional.
Sources
- CompTIA Security+, CompTIA, Inc.
- Demand is soaring for IT workers in this field, Monster
- Information Security Analysts, BLS
- Average Information Security Analyst Salary, PayScale, Inc.
- Cybersecurity Talent Crunch To Create 3.5 Million Unfilled Jobs Globally By 2021, Cybersecurity Ventures