One of the key reasons why CompTIA’s Security+ is such a great entry-level certification is that its domains are built on a simple premise: A strong focus on hands-on practical skills. This ensures that, by taking on and succeeding in the exam, certification holders are ready to deal with real-world situations, scenarios based on the latest trends and techniques in risk management, risk mitigation, threat management, and intrusion detection.
In practical terms, by mastering the topics contained in the six Security+ domains, professionals actually prepare themselves for roles such as junior IT auditor/penetration tester, systems administrator, network administrator, and security administrator. Because most of these are in quite high demand, if you are considering how to strengthen your cybersecurity knowledge and skills and advance your career, having a Security+ certification should be right at the top of your list.
Here is an in-depth look at the six Security+ domains:
The first domain deals with a basic need of every information security professional: Being able to recognize and understand the different sources of threats, types of attacks and vulnerabilities that may be exploited.
For instance, given a scenario, candidates must be able to analyze indicators of compromise and determine the type of malware. Is it simply a virus? Or is it ransomware, ready to encrypt company data and ask for bitcoins? Or maybe an insider created a logic bomb, designed to wipe out files if he was terminated from the company? Or did that employee deploy a RAT (remote access Trojan) so he would still have access to the corporate network even after termination?
Candidates must also know how to compare and contrast types of attacks. From many different tactics for social engineering, including phishing, spear phishing, whaling, vishing, tailgating, (Read more...)
*** This is a Security Bloggers Network syndicated blog from InfoSec Resources authored by Claudio Dodt. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/2kc5ufdJ9I4/
Leading UK Credit Card Consumer Finance Company Uses Advanced Graph Analytics to Intercept Fraudulent Credit Card Applications, Boost Anti-Fraud Efforts…
Digital+ Partners Leads Continuation Funding Round in Growing Automated Threat Analysis & Detection Provider, Closing its Series B Round at…
For three years OpenWRT had a severe validation problem with its download package manager, until a fuzz tester found and…
It’s time to say a final “Goodbye” to Flash. (Or should that be “Good riddance”?) With earlier this week seeing…
1. Be a student of (information security, network security, cyber security). Always strive to know what the latest tactics, trends,…
This is the second in a series of blog posts that discuss how smart DNS resolvers can enhance ongoing network…