CompTIA Cyber Security Certifications: A Roadmap

CompTIA offers several cyber security certifications. Although one can jump right into security+ as the entry level one, depending on your background you may need to at least look at the content along the pathway, For me, I needed to review Network+ before I jumped into Security+

I have studied for three of them, taken the exam for the Security+ and CySA+ and passed both on the first try. I did not use the official material. Instead, I relied on a lot of material from certified instructors such as Jason Dion, Professor Messer, and Total Seminars.

So how do you get these certifications? Well every person’s approach is different but here is how I looked at it.

• Create a set of flashcards around the concepts and acronyms
• Build a small home lab so you can learn the tools required for that certification such as nmap, wireshark or hping
• Get a couple of sources for practice questions
• Watch videos from sources like Jason Dion, Professor Messor, or Total Seminars if available

My technique for passing these exams were to read the books, write down the acronyms and new concepts in flashcards. Study the flashcards. Take the practice questions and if I saw something I didn’t know, create a flashcard. At the same time, watch the video series to re-enforce the books. Then find some serious practice tests (I subscribed to O’Reilly and they have some good resources for CompTIA practice exams.

CompTIA Security+ (Security Plus)

This is a widely respected certification that covers the fundamentals of cybersecurity. It is a beginner-level credential and provides a solid foundation for starting a cybersecurity career. More than half a million IT professionals have earned this certification.

The average salary varies widely based on role. However, the starting salary seems to be around $60,000 per year in the US according to one study. Keep in mind this depends on other factors such as where the company is located, other experience, etc. The exam costs about $400. The official training material (with an exam voucher ranges from $700-$2500 on the official compTIA site. I don’t know if the material is good or not as my company didn’t have the budget for it. I was able to pass using a combination of a small home lab setup, youtube videos and several books. This kept costs to under $700 with a discount voucher from Jason Dion and books.

After finishing the exam, I felt like I had a rudimentary understanding of the concepts and tools around Cyber Security. Not enough to run anything, but enough to be able to learn the job. What really helped was to understand how things fit together and be able to understand what I was trying to accomplish.

What can I do as a Junior Analyst with a Security+ Certification?

As a junior cybersecurity analyst with a Security+ certification, you will have a foundation of knowledge and skills to contribute to the protection of your organization’s hardware, software, and networks.

Typical Junior Analyst Duties

1. Protecting Systems. As a junior cybersecurity analyst, you will play a crucial role in safeguarding your company’s assets. This includes computer systems and networks from potential threats, unauthorized access, and cyberattacks. You will work towards preventing data breaches, ensuring the integrity and availability of systems, and mitigating risks.
2. Monitoring and Detection. You will actively monitor the organization’s network and systems for any suspicious activities or vulnerabilities. This includes analyzing logs, identifying potential security incidents, and responding to alerts promptly. Your role will involve using various security tools and technologies to detect and investigate potential threats.
3. Incident Response. In the event of a security incident, you will assist in incident response activities. This may include containment, eradication, and recovery efforts to minimize the impact of the incident. You will collaborate with senior analysts and incident response teams to investigate and analyze incidents, document findings, and implement preventive measures.
4. Vulnerability Assessment. As a junior cybersecurity analyst, you may participate in vulnerability assessments and penetration testing exercises. You will help identify weaknesses in the organization’s systems, applications, or networks, and provide recommendations for remediation and improved security posture.
5. Security Documentation and Reporting. You will contribute to the development and maintenance of security policies, procedures, and documentation. Additionally, you will assist in generating security reports, presenting findings to relevant stakeholders, and providing recommendations for enhancing the organization’s security posture.
6. Collaboration and Learning. As a junior analyst, you will have opportunities to collaborate with more experienced team members and learn from their expertise. You can:
   – participate in knowledge-sharing sessions
   – stay updated on emerging threats and trends in the cybersecurity field, and
   – continue your professional development through training and certifications.

CompTIA Cybersecurity Analyst (CySA+)

The CompTIA Cyber Security Analyst certification focuses on threat management. The exam emphasizes the practical application of behavioral analytics to improve the overall state of IT security. IT professionals with this certification will be able to analyze, monitor, and respond to security incidents. [[2](https://www.comptia.org/blog/what-are-the-best-cybersecurity-certifications)]. The exam costs about $400. Add to that the official training material with an exam voucher ranges from $700-$2500 on the official compTIA site. I don’t know if the material is good or not as my company didn’t have the budget for it. I was able to pass using a combination of a small home lab setup, youtube videos and several books. This kept it to under $700 with a discount voucher from Jason Dion and books.

The average starting salary for someone with a CySA+ certification according to one study is around $70,000 in the US. This varies depending on factors such as other experience and geographical location.

What can I do with a Cybersecurity Analyst Certification?

As a senior cybersecurity analyst with a CySA+ certification, you would have advanced knowledge and skills in the field of cybersecurity. Your responsibilities would typically include:

1. Threat Analysis: Conducting in-depth analysis of security threats and vulnerabilities to identify potential risks and provide recommendations for mitigation strategies.
2. Incident Response. Developing and implementing incident response plans to effectively handle and mitigate cybersecurity incidents, including coordinating with various teams and stakeholders.
3. Security Monitoring. Overseeing security monitoring tools and technologies to detect and respond to potential security breaches or unauthorized activities in real-time.
4. Vulnerability Management. Assessing and managing vulnerabilities in systems and networks by performing regular vulnerability scans, penetration testing, and recommending remediation measures.
5. Security Architecture. Contributing to the design and implementation of secure network architecture, systems, and applications, ensuring compliance with industry best practices and regulations.
6. Risk Assessment: Conducting risk assessments and security audits to identify gaps in security controls and recommending risk mitigation strategies.
7. Security Policies and Procedures. Developing and enforcing security policies, procedures, and guidelines to ensure adherence to cybersecurity best practices across the organization.
8. Mentoring and Leadership: Providing guidance and mentorship to junior analysts, sharing expertise, and assisting in their professional development.

The specific responsibilities may vary depending on the organization and its requirements. The senior cybersecurity analyst with a CySA+ certification generally handles more complex and strategic tasks related to threat analysis, incident response, vulnerability management, and security architecture. On the other hand a junior analyst with a Security+ certification focuses on foundational tasks and supports the senior analyst in various security-related activities.

CompTIA PenTest+ (Penetration Testing Plus)

This certification validates the skills required to plan, scope, and perform penetration testing. Elsewhere, we will cover the concept of penetration testing. In a nutshell, it is the probing of a system and analyzing the resultant traffic to figure out if the system is vulnerabilty to attack.

The PenTest+ certification covers various aspects of penetration testing, including planning and scoping, information gathering, vulnerability identification, exploitation, and reporting.. I looked into this but did not take the exam. The exam voucher costs $400. The official training material (with an exam voucher) ranges from $700-$2500 on the official compTIA site.

The average starting salary for someone with a pentester plus certification is around $70,000 according to one study, but this will vary depending on geographic location and other experience.

What Can I do with a Pentest+ Certification?

After obtaining a Pentest+ certification, there are various opportunities and roles available for pentesters. Based on the provided search results, here is a description of what you can do as a pentester after obtaining a Pentest+ certification:

As a pentester, you will utilize your skills and knowledge gained from the Pentest+ certification to assess and evaluate the security of computer systems, networks, and applications. Your primary role will be to simulate real-world cyber attacks and identify vulnerabilities within an organization’s infrastructure. Some key responsibilities and activities you may engage in include:

1. Conducting Penetration Testing: You will perform penetration testing to identify vulnerabilities in systems, networks, and applications. This involves using various tools, techniques, and methodologies to exploit weaknesses and assess the effectiveness of existing security measures.
2. Vulnerability Assessment: You will analyze and assess vulnerabilities discovered during penetration testing and conduct thorough vulnerability assessments. This involves identifying potential risks and providing recommendations for remediation.
3. Reporting and Documentation: After conducting tests, you will prepare detailed reports documenting the identified vulnerabilities, potential impacts, and recommendations for mitigation. Clear and concise communication of findings to stakeholders is crucial.
4. Security Consultation: As a pentester, you may provide security consultation and guidance to organizations. This can involve advising on best practices, security controls, and strategies to enhance overall security posture.
5. Collaboration and Remediation: You may collaborate with other IT and security teams to implement necessary changes, remediate vulnerabilities, and strengthen security measures. This may involve working closely with system administrators, network engineers, and developers.
6. Continuous Learning and Professional Development: To stay current in the evolving field of cybersecurity, continuous learning and professional development are vital. Keeping up with new attack techniques, tools, and industry trends is essential for maintaining effectiveness as a pentester.

CompTIA Advanced Security Practitioner (CASP+)

This certification is aimed at advanced-level cybersecurity professionals and focuses on enterprise security operations and architecture. It demonstrates the ability to design and implement secure solutions across complex environments. Job roles associated with this certification include Information Security Analyst, Security Architect, IT Specialist INFOSEC, and more. The exam is about $400 and the official training material (with an exam voucher ranges from $700-$2500 on the official compTIA site.

The average salary with a CASP+ certification is around $100,000 in the US according to one study, but this will vary depending on geography and other experience.

What can I do with a CASP+ Certification?

After obtaining a CASP+ certification, you can pursue various roles and responsibilities, including Senior or SOC Manager positions. Here’s a description of what you can do in these roles based on the provided search results:

As a Senior or SOC (Security Operations Center) Manager, your expertise in cybersecurity, combined with the CASP+ certification, can lead to significant career opportunities and responsibilities. In these positions, you will be responsible for managing and overseeing the security operations of an organization, ensuring the protection of its hardware, software, and networks from cyber threats, theft, or unauthorized access.

Key responsibilities as a Senior or SOC Manager may include:

1. Security Operations Management: You will oversee and lead the security operations team, which includes planning, organizing, and managing the day-to-day activities related to cybersecurity.
2. Incident Response: You will be responsible for developing and implementing incident response plans and procedures to address and mitigate cybersecurity incidents promptly and effectively.
3. Threat Monitoring and Analysis: You will monitor and analyze security events and incidents, leveraging your knowledge and experience to identify potential threats, vulnerabilities, and trends within the organization’s systems.
4. Security Strategy and Policy Development: You will contribute to the development and implementation of security strategies, policies, and procedures to ensure the organization’s compliance with industry standards and best practices.
5. Team Leadership and Collaboration: As a Senior or SOC Manager, you will provide leadership, guidance, and mentorship to your team members, fostering a collaborative and productive work environment.

It’s important to note that specific job responsibilities and requirements can vary depending on the organization and its size. Additionally, the CASP+ certification equips you with advanced cybersecurity knowledge, risk management skills, and the ability to integrate enterprise security solutions. These skills and expertise will be valuable in leading and managing security operations in a senior or SOC managerial capacity.