A Look at the Security+ Certification
Adding security certifications and experience to your IT skill set is an undeniable way to significantly increase your worth. Even during the downturn of the IT employment market of the past couple years, those with security experience and skills were often able to stay in demand. Several security certifications exist. There are certifications that range from entry-level to advanced in their content and experience requirements. Some of the upper-level security certifications that one might look into include the CISSP, SANS Institute certifications, and Cisco security exams. If you are just beginning in the IT security world, one of the better recognized entry-level security certifications is the Security+ certification offered by the widely recognized CompTIA.
The Security+ Certification
The Security+ Certification is increasingly becoming the standard for entry-level security certification. It is an elective or prerequisite for more advanced security certifications and Microsoft's MCSA credential. The exam tests a broad range of security knowledge expected of entry-level security professionals. The exam has been written and reviewed by IT security experts from the corporate world, government, and academia to ensure that it is a valid exam.
It is critical to understand that this is not an entry-level exam for someone just beginning in the IT field. The Security+ certification is intended for someone who has two years of networking experience plus some experience with network security experience. This is only "entry-level" in the sense of someone new to the IT security field. CompTIA recommends that the Security+ candidate have a Network+ certification or equivalent experience.
What the Security+ Examines
As mentioned earlier, the Security+ exam covers a wide range of topics. Some of the major items you will encounter include communication security, infrastructure security, cryptography, access control, authentication, external attack, and operational and organization security. The following table breaks down the major domains of the Security+ exam and the percentage each domain makes up of the entire exam.
|Domain||% of Exam|
|1.0 General Security Concepts||30%|
|2.0 Communication Security||20%|
|3.0 Infrastructure Security||20%|
|4.0 Basics of Cryptography||15%|
|5.0 Operational/Organizational Security||15%|
For a detailed listing of the specific items each domain examines, visit www.comptia.com. Check CompTIA's Web site to stay current on any changes to the domains that may occur. Exam objectives can change quickly without much notice, so, as you study, make sure you periodically check the site for your exam to stay current on exam objectives.
The following list contains important facts related to the Security+ exam:
- The exam is 100 questions long with 90 minutes allowed for completion.
- A score of 764 on a scale of 100-900 is required for passing.
- Pearson VUE and Prometric testing centers offer the Security+ exam.
- The test code for the Security+ exam is SY0 - 101.
- The price for the Security+ exam is $175 for corporate members with CompTIA (see if your corporation is in this partnership with CompTIA) and $225 for non-corporate members.
- You will be required to pay one of the previous fees each time you take the exam, should you not pass.
- The exam is only offered in English at this point.
- Those with disabilities need to contact their testing center within 30 days of their exam date, with disability documentation, and any reasonable accommodations will be made.
IT security is a growing and dynamic field. The need for trained and experienced IT security professionals provides a fantastic career path that can lead to great responsibilities and rewards. Becoming an IT security professional will certainly require education, certification, and time on the job. To begin this journey, practicing network technicians will find the Security+ certification a good foundation to begin with. Passing this exam demonstrates that the candidate possess the foundational security knowledge that the industry recognizes as suitable for work as an IT security professional.