Navy COOL Snapshot - CompTIA Security+ ce

CompTIA Security+ ce

Renewal Period: 3 years

Computing Technology Industry Association (CompTIA), Security+ ce certification designates knowledgeable professionals in the field of IT security. Security+ ce is an entry-level certification that demonstrates a candidates knowledge and skills required to install and configure systems to secure applications, networks, and devices; perform threat analysis and respond with appropriate mitigation techniques; participate in risk mitigation activities; and operate with an awareness of applicable policies, laws, and regulations. The successful candidate will perform these tasks to support the principles of confidentiality, integrity, and availability. It is recommended that candidates hold the Network+ and two years of experience in IT administration with a security focus.

More information can be found on the certifying agency's website.

CompTIA Security+ ce

The following Navy Occupations provide training and/or experience that contributes to attaining this credential:

Personnel Category	Occupation	Occupation Type	Related As	Navy$	LaDR
Enlisted	CTI-Cryptologic Technician Interpretive	Rating	Other
Enlisted	CTN-Cryptologic Technician Networks	Rating	Some	Navy Bucks	E4 Pay Grade
Enlisted	CTR-Cryptologic Technician Collection	Rating	Other
Enlisted	CTT-Cryptologic Technician Technical	Rating	Other
Enlisted	ET-Electronics Technician	Rating	Some	Navy Bucks	E7 Pay Grade
Enlisted	ETR-Electronics Technician, Submarine, Communications	Rating	Other
Enlisted	ETV-Electronics Technician, Submarine, Navigation	Rating	Other
Enlisted	FCA-Fire Controlman (AEGIS)	Rating	Some	Navy Bucks	E4 Pay Grade
Enlisted	HM - Biomedical Equipment Technician	Job	Some	Navy Bucks	E5 Pay Grade
Enlisted	HM-Hospital Corpsman	Rating	Some	Navy Bucks	E5 Pay Grade
Enlisted	IS-Intelligence Specialist	Rating	Other
Enlisted	IT-Information Systems Technician	Rating	Most	Navy Bucks	E4 Pay Grade
Enlisted	ITS-Information Systems Technician Submarines	Rating	Most	Navy Bucks	E4 Pay Grade
Enlisted/Officer	Cyber IT/CSWF Customer Service and Technical Support	Out of Rate/Designator Assignment	Some	Navy Bucks
Enlisted/Officer	Cyber IT/CSWF Cyber Defense Infrastructure Support	Out of Rate/Designator Assignment	Some	Navy Bucks
Enlisted/Officer	Cyber IT/CSWF Cyber Operations Planning	Out of Rate/Designator Assignment	Some	Navy Bucks
Enlisted/Officer	Cyber IT/CSWF Data Administration	Out of Rate/Designator Assignment	Some	Navy Bucks
Enlisted/Officer	Cyber IT/CSWF Digital Forensics	Out of Rate/Designator Assignment	Some	Navy Bucks
Enlisted/Officer	Cyber IT/CSWF Education and Training	Out of Rate/Designator Assignment	Some	Navy Bucks
Enlisted/Officer	Cyber IT/CSWF Incident Response	Out of Rate/Designator Assignment	Some	Navy Bucks
Enlisted/Officer	Cyber IT/CSWF Info System Security Management	Out of Rate/Designator Assignment	Some	Navy Bucks
Enlisted/Officer	Cyber IT/CSWF Investigation	Out of Rate/Designator Assignment	Some	Navy Bucks
Enlisted/Officer	Cyber IT/CSWF Knowledge Management	Out of Rate/Designator Assignment	Some	Navy Bucks
Enlisted/Officer	Cyber IT/CSWF Network Services	Out of Rate/Designator Assignment	Some	Navy Bucks
Enlisted/Officer	Cyber IT/CSWF Risk Management	Out of Rate/Designator Assignment	Some	Navy Bucks
Enlisted/Officer	Cyber IT/CSWF Strategic Planning and Policy Development	Out of Rate/Designator Assignment	Some	Navy Bucks
Enlisted/Officer	Cyber IT/CSWF System Administration	Out of Rate/Designator Assignment	Some	Navy Bucks
Enlisted/Officer	Cyber IT/CSWF Systems Analysis	Out of Rate/Designator Assignment	Some	Navy Bucks
Enlisted/Officer	Cyber IT/CSWF Technology Research and Development	Out of Rate/Designator Assignment	Some	Navy Bucks
Enlisted/Officer	Cyber IT/CSWF Test and Evaluation	Out of Rate/Designator Assignment	Some	Navy Bucks
Enlisted	TSCE - Total Shipboard Computing Environment	Out of Rate Assignment	Most	Navy Bucks
Enlisted/Officer	Cyber IT/CSWF Vulnerability Assessment and Management	Out of Rate/Designator Assignment	Some	Navy Bucks
Officer	181X - Cryptologic Warfare Officer	Designator	Other
Officer	182X - Information Professional	Designator	Most	Navy Bucks
Officer	183X - Intelligence Officer	Designator	Other
Officer	184X - Cyber Warfare Engineer	Designator	Other
Officer	510X - Civil Engineering Officer	Designator	Some	Navy Bucks
Officer	629X - Communications Specialty (Submarine) LDO	Designator	Some	Navy Bucks
Officer	681X - Cryptologic Warfare LDO	Designator	Other
Officer	682X - Information Professional LDO	Designator	Most	Navy Bucks
Officer	683X - Intelligence Officer LDO	Designator	Other
Officer	781X - Cryptologic Warfare Technician CWO	Designator	Other
Officer	782X - Information Systems Technician CWO	Designator	Most	Navy Bucks
Officer	783X - Intelligence Technician CWO	Designator	Other
Officer	784X - Cyber Warrant Officer CWO	Designator	Other

The following civilian occupations are related to this credential:

	Civilian Job	Job Family	Bright Outlook	Registered Apprenticeship	Local Salary Info
	Information Security Analysts	Computer and Mathematical	Bright Outlook	Apprenticeship	find local salary

MINIMUM REQUIREMENTS

Attainability:

Eligibility Requirements (View Details)

Credential Prerequisite
Experience: 2 years recommended
Education
Training
Membership
Other
Fee

Note: This credential may have multiple options for a Service member to meet eligibility requirements. Requirements listed here are based on the minimum degree required.

Exam Requirements (View Details)

Exam
Written Exam
Oral Exam
Practical Exam
Performance Assessment

Exam Administration (View Details)

In-person exam
Remote proctored on-line exam
Third-party test vendor

RECERTIFICATION SUMMARY

Renewal Period: 3 years

Continuing Education
Exam
Continuing Education OR Exam
Fee
Other

AGENCY CONTACT INFORMATION

Computing Technology Industry Association (CompTIA)

3500 Lacey Road
Suite 100
Downers Grove, IL 60515

Phone: 866.835.8020

Fax: 630.678.8384
Contact Page

Written Exam SY0-501

1.0 Threats, Attacks and Vulnerabilities (21%)
- 1.1 Given a scenario, analyze indicators of compromise and determine the type of malware.
- 1.2 Compare and contrast types of attacks.
- 1.3 Explain threat actor types and attributes.
- 1.4 Explain penetration testing concepts.
- 1.5 Explain vulnerability scanning concepts.
- 1.6 Explain the impact associated with types of vulnerabilities.
2.0 Technologies and Tools (22%)
- 2.1 Install and configure network components, both hardware and software-based, to support organizational security.
- 2.2 Given a scenario, use appropriate software tools to assess the security posture of an organization.
- 2.3 Given a scenario, troubleshoot common security issues.
- 2.4 Given a scenario, analyze and interpret output from security technologies.
- 2.5 Given a scenario, deploy mobile devices securely.
- 2.6 Given a scenario, implement secure protocols.
3.0 Architecture and Design (15%)
- 3.1 Explain use cases and purpose for frameworks, best practices and secure configuration guides.
- 3.2 Given a scenario, implement secure network architecture concepts.
- 3.3 Given a scenario, implement secure systems design.
- 3.4 Explain the importance of secure staging deployment concepts.
- 3.5 Explain the security implications of embedded systems.
- 3.6 Summarize secure application development and deployment concepts.
- 3.7 Summarize cloud and virtualization concepts.
- 3.8 Explain how resiliency and automation strategies reduce risk.
- 3.9 Explain the importance of physical security controls.
4.0 Identity and Access Management (16%)
- 4.1 Compare and contrast identity and access management concepts.
- 4.2 Given a scenario, install and configure identity and access services.
- 4.3 Given a scenario, implement identity and access management controls.
- 4.4 Given a scenario, differentiate common account management practices.
5.0 Risk Management (14%)
- 5.1 Explain the importance of policies, plans and procedures related to organizational security.
- 5.2 Summarize business impact analysis concepts.
- 5.3 Explain risk management processes and concepts.
- 5.4 Given a scenario, follow incident response procedures.
- 5.5 Summarize basic concepts of forensics.
- 5.6 Explain disaster recovery and continuity of operation concepts.
- 5.7 Compare and contrast various types of controls.
- 5.8 Given a scenario, carry out data security and privacy practices.
6.0 Cryptography and PKI (12%)
- 6.1 Compare and contrast basic concepts of cryptography.
- 6.2 Explain cryptography algorithms and their basic characteristics.
- 6.3 Given a scenario, install and configure wireless security settings.
- 6.4 Given a scenario, implement public key infrastructure.

Exam Preparation Resources

There are a number of resources available to help you prepare for the CompTIA Security+ ce examination:

Best Sources

Related Training
- CompTIA IT Training & Classes
- Federal Virtual Training Environment (FedVTE) Free Online Cybersecurity Courses

An additional resource is O'Reilly Learning Safari Books Online, a searchable digital library that provides online access to thousands of books, training videos and conference sessions. See the Educational Resources section on the Related Sites page here on COOL to learn how to get free access.

Testing Information

Exam Administration
Credential exams may be administered in-person at a testing site, proctored on-line remotely, or have options for both. If an exam is administered through a test vendor, the third-party test vendor box will be checked. The following test administration options apply to the CompTIA Security+ ce credential where checked:
- In-person exam
- Remote proctored on-line exam
- Third-party test vendor

For more information on the Computing Technology Industry Association (CompTIA) testing process, visit the agency website.

Third-Party Test Vendor Information
Testing for this credential is handled by the following vendor:

Pearson VUE

The test centers are located in the U.S. They also have some test centers on military bases.

To find out more, use the following links on the Pearson VUE website:

RECERTIFICATION

CompTIA Security+ ce

Renewal Period: 3 years

The CompTIA Security+ ce credential has the following recertification information:

Beginning January 1, 2011, CompTIA A+ ce, CompTIA Network+ ce and CompTIA Security+ ce certifications are valid for three years from the date the candidate becomes certified. After January 2011, certified individuals will need to enroll in the CompTIA Continuing Education program and will have three years from the date certified to successfully complete the required CE units, earn a higher level CompTIA certification, or pass the Recertification Exam.

Individuals certified on or before December 31, 2010 in CompTIA A+, CompTIA Network+ and CompTIA Security+ will retain their "certified for life" status. More information on the renewal requirements can be found on the CompTIA website.

DoD CSWF members currently holding a non-CE version of a CompTIA certification (i.e. certification earned on or before 12/31/10) must enroll themselves in the CE program (no cost) by 31 December 2012. After the CE enrollment window ends, the only way to enroll in the CE program will be to take and pass a CE version of the exam. All personnel who take a CompTIA exam after January 1, 2011 will automatically be enrolled in the CE program. Personnel do not have to re-certify if they maintain their CEs and annual maintenance fees.

There is NO cost to convert to the CE program. However, if the member wishes to begin submitting CEU docs, the fees will have to be paid PRIOR to submitting the docs. If holding multiple CompTIA certifications (i.e. A+ ce and Security+ ce), the member only has to maintain the highest certification (Security+ ce in this example). Completing CEU's for the higher certification will cover the lower certifications. Navy's Credentials Program Office can fund the annual maintenance fees for those eligible Officers, Enlisted, and DON Civilians. A voucher request form must be submitted if requesting Navy to pay the annual maintenance fees.

Additional considerations for the CompTIA Security+ ce include:

It is recommended that candidadtes have a minimum of two years of experience in IT administration with a focus on security.
It is recommended that candidates hold the CompTIA Network+ certification.