CompTIA Security+: Introduction

juniper-srx-320

CompTIA Security+ is an intermediate level certification for IT professional and an entry level certification for cyber security. It assesses the candidate ability to

Asses the security posture of and enterprise environment
Recommend and implement appropriate security solutions
Monitor and secure hybrid compute environments
Identify, analyze, and respond to security events
Assessing their understanding of governance, risk, and compliance

CompTIA Security+ Domains

Domain 1: General Security Concepts - 12%

* Compare and contrast various types of security controls

* Summarize fundamental security concepts

* Explain the importance of change management processes and the impact to security

* Explain the importance of using appropriate cryptographic solutions

Domain 2: Threats, Vulnerabilities, and Mitigations - 22%

* Compare and contrast common threat actors and motivations

* Explain common threat vectors and attack surfaces

* Explain various types of vulnerabilities

* Given a scenario, analyze indicators of malicious activity

* Explain the purpose of mitigation techniques used to secure the enterprise

Domain 3: Security Architecture - 18%

* Compare and contrast security implications of different architecture models

* Given a scenario, apply security principles to secure enterprise infrastructure

* Compare and contrast concepts and strategies to protect data

* Explain the importance of resilience and recovery in security architecture

Domain 4: Security Operations - 22%

* Given a scenario, apply common security techniques to computing resources

* Explain the security implications of proper hardware, software, and data asset management

* Explain various activities associated with vulnerability management

* Explain security alerting and monitoring concepts and tools

* Given a scenario, modify enterprise capabilities to enhance security

* Given a scenario, implement and maintain identity and access management

* Explain appropriate incident response activities

* Given a scenario, use data sources to support an investigation

Domain 5: Security Program Management and Oversight - 20%

* Summarize elements of effective security governance

* Explain elements of the risk management process

* Explain the processes associated with third-party risk assessment and management

* Summarize elements of effective security compliance

* Explain types and purposes of audits and assessments

* Given a scenario, implement security awareness practices

Read more about CompTIA Security+ certification here https://www.comptia.org/en-us/certifications/security/

CompTIA Security+: Introduction

CompTIA Security+ Domains

Domain 1: General Security Concepts - 12%

* Compare and contrast various types of security controls

* Summarize fundamental security concepts

* Explain the importance of change management processes and the impact to security

* Explain the importance of using appropriate cryptographic solutions

Domain 2: Threats, Vulnerabilities, and Mitigations - 22%

* Compare and contrast common threat actors and motivations

* Explain common threat vectors and attack surfaces

* Explain various types of vulnerabilities

* Given a scenario, analyze indicators of malicious activity

* Explain the purpose of mitigation techniques used to secure the enterprise

Domain 3: Security Architecture - 18%

* Compare and contrast security implications of different architecture models

* Given a scenario, apply security principles to secure enterprise infrastructure

* Compare and contrast concepts and strategies to protect data

* Explain the importance of resilience and recovery in security architecture

Domain 4: Security Operations - 22%

* Given a scenario, apply common security techniques to computing resources

* Explain the security implications of proper hardware, software, and data asset management

* Explain various activities associated with vulnerability management

* Explain security alerting and monitoring concepts and tools

* Given a scenario, modify enterprise capabilities to enhance security

* Given a scenario, implement and maintain identity and access management

* Explain the importance of automation and orchestration related to secure operations

* Explain appropriate incident response activities

* Given a scenario, use data sources to support an investigation

Domain 5: Security Program Management and Oversight - 20%

* Summarize elements of effective security governance

* Explain elements of the risk management process

* Explain the processes associated with third-party risk assessment and management

* Summarize elements of effective security compliance

* Explain types and purposes of audits and assessments

* Given a scenario, implement security awareness practices