CompTIA announced the availability of an updated version of Security+, an ISO 17024 accredited certification. The exam last underwent a significant update in 2008.
“The new exam covers more of the approach that organizations need to take to proactively address security risk control and mitigation,” said Terry Erdle, executive VP, skills certification, CompTIA. “We’ve also included more content in areas such as forensics, cloud computing and virtualization. The focus is on the proactive elements like designing network security to accommodate cloud and the potential threats associated with it.”
CompTIA Security+ is a vendor-neutral credential, making it relevant across a broad spectrum of network, operating system, product and security environments. CompTIA Security+ certification is designed for IT security professionals with a minimum of two years experience in IT administration with a focus on security. Day-to-day technical information security experience and broad knowledge of security concerns and implementation are recommended for exam candidates, as is CompTIA Network+ certification.
Areas or domains covered by the 2011 edition of the CompTIA Security+ exam include network security (21 percent of exam), compliance and operational security (18 percent), threats and vulnerabilities (21 percent), application, data and host security (16 percent), access control and identity management (13 percent) and cryptography (11 percent).
Organizations across a range of industries – information technology, telecommunications, professional services and others – rely on CompTIA Security+ as a skills benchmark for IT staff members responsible for managing systems and securing networks and devices.
In addition, federal government security requirements such as U.S. Department of Defense Directive 8570.01-M identifies CompTIA Security+ as one of the required certification options for department employees and contractors engaged in information security work.