Attacks, Threats and Vulnerabilities
Architecture and Design

Focusing on more threats, attacks, and vulnerabilities on the Internet from newer custom devices that must be mitigated, such as IoT and embedded devices, newer DDoS attacks, and social engineering attacks based on current events.

Operations and Incident Response
Implementation

Includes coverage of enterprise environments and reliance on the cloud, which is growing quickly as organizations transition to hybrid networks.

Expanded to focus on administering identity, access management, PKI, basic cryptography, wireless, and end-to-end security.

Governance, Risk and Compliance

Covering organizational security assessment and incident response procedures, such as basic threat detection, risk mitigation techniques, security controls, and basic digital forensics

Expanded to support organizational risk management and compliance to regulations, such as PCI-DSS, SOX, HIPAA, GDPR, FISMA, NIST, and CCPA.

What Is CompTIA Security+ Certification?

CompTIA Security+ certification is a global certification exam that validates the baseline skills you need to perform core security functions and pursue an IT security career.

CompTIA Security+ emphasizes hands-on practical skills, ensuring the security professional is better prepared to problem solve a wider variety of issues. It is the first security certification IT professionals should earn and establishes the core knowledge required of any cybersecurity role to provide a springboard to intermediate-level cybersecurity jobs. Cybersecurity professionals with CompTIA Security+ know how to address security incidents, not just identify them.

What Job Roles Should Take the Exam?

CompTIA Security+ is for IT professionals with two years of experience in IT administration with a security focus, or equivalent training, looking to start or advance a career in security. CompTIA Security+ prepares candidates for the following job roles:

  • Systems administrator

  • Network administrator

  • Security administrator

  • Junior IT auditor/penetration tester

  • Security specialist

  • Security consultant

  • Security engineer

How Much Can I Make with CompTIA Security+ Certification?

Here are a few CompTIA Security+ jobs and their average salaries:

  • Systems administrator $62,619

  • Network administrator $59,702

  • Security administrator $88,043

  • Security engineer $96,359

What Is on the CompTIA Security+ Exam?

Skills covered in CompTIA Security+ have become a baseline for all cybersecurity jobs and the new version has been updated to reflect how cybersecurity jobs are becoming more specialized, for example, like security analytics. Because of this, the importance of and demand for CompTIA Security+ has increased for a broader variety of job roles.

Successful candidates will have the following skills:

  • Identify strategies developed by cyber adversaries to attack networks and hosts and the countermeasures deployed to defend them

  • Understand the principles of organizational security and the elements of effective security policies

  • Know the technologies and uses of cryptographic standards and products

  • Install and configure network- and host-based security technologies

  • Describe how wireless and remote access security is enforced

  • Describe the standards and products used to enforce security on web and communications technologies

  • Identify strategies for ensuring business continuity, fault tolerance and disaster recovery

  • Summarize application and coding vulnerabilities and identify development and deployment methods designed to mitigate them

The CompTIA Security+ exam covers the following domains and topics:

  • Threats, Attacks and Vulnerabilities: Analyze indicators of compromise and determine types of malware or compare and contrast types of attacks

  • Identity and Access Management: Implement identity and access management controls or differentiate common account management practices

  • Technologies and Tools: Troubleshoot common security issues or deploy mobile devices securely

  • Risk Management: Explain the importance of policies, plans and procedures related to organizational security

  • Architecture and design: Summarize secure application development, deployment, cloud and virtualization concepts

  • Cryptography and PKI: Compare and contrast basic concepts of cryptography or implement public key infrastructure