Security+ Certification - The First Version
- Written by Michael C. Gregg
- Published: 14 January 2002
This article described CompTIA's Security+ credential, as it was when it was first released.
A new security certification, named Security+ is close to release. It was created by CompTIA (Computing Technology Industry Association), the folks that brought us A+ certification, and recently completed its beta period.
Security+ certification requires you to pass a single exam, costing $199. Although there's only one test, it covers a very wide range of security knowledge. If you are working toward the TICSA or CISSP exam, this would be a good first step. Preparing for Security + can help you fill in those knowledge gaps and be better prepared for subsequent exams. To help you along the road to security certification, we've prepared a blueprint of what you can expect to find on the exam.
Test Objectives
The Security+ exam contains five domains:
- general security concepts
- communications security
- infrastructure security
- basics of cryptography
- operational/organizational security
General Security Concepts (30%)
This first section covers all the general security concepts. To successfully pass this section of the exam you will need to understand all of the various forms of attacks. If you have never experimented with a password cracker you may want to download John the Ripper or L0phtcrack. Do not run these applications at your workplace without the full consent of management. Also make sure that you download these from a trusted source such as packet storm. Many sites run an MD5 checksum on these types of programs to verify that no one has added anything to them. We are talking Trojans here folks! The best place to experiment with these programs is on your home network or an approved test system.
You will also need to know about multi-factor authentication. If you have a bankcard you are familiar with multifactor authentication. Bankcards require two items to successfully access an account: Something you have, and something you know. Together these two items, the card itself and your PIN, allow you access to the account. General security concept subcategories include:
- Authentication
- Attacks
- Malicious Code
- Social Engineering
- Auditing
- Prev
- Next >>