CompTIA's Security Systems

Take the exam in August 2020. Security + is probably the most well-known of CompTIA's security systems.

The impression I received was that the knowledge about security was widely and shallowly asked. I think it's a little easier than the (ISC) 2 SSCP. I don't think it will be transmitted because there are few SSCP holders.

If you are thinking of taking the CISSP exam in the future, it is recommended that you try this qualification as it will expand your knowledge. Also, if you pass Security +, you can treat it as one year's worth of work experience when you are certified by CISSP.

CompTIA PenTest +

CompTIA PenTest + is a certification for cybersecurity professionals who perform hands-on penetration testing to identify, report and manage vulnerabilities on their networks comptia security plus.

Take the exam in September 2020. PenTest + requires knowledge of penetration testing.

Much more technical than Security +. Knowledge is required when executing commands used for penetration testing, and when it comes to tools used for XXX penetration testing.

I was just in the middle of challenging OSCP, so I had a lot of fun when it came to technical issues.

The test scope also includes a series of processes from penetration test planning to reporting, so it is necessary to keep it in check. Maybe SOW or ROE words.

If you have work experience in penetration testing, you may find it easier to get involved (rather, you may pass the exam without studying).

CompTIA CySA +

With CompTIA CySA +, you will gain the skills you need to perform analysis in IT security and improve overall security. Demonstrate the skills to use, analyze, and monitor threat detection and threat analysis tools needed to maintain the security of critical enterprise / organization infrastructure and data.

Take the exam in October 2020. The question is how CySA + handles and analyzes threat information, and how the results can be improved.

As for the impression I received, I feel that it is an extension of Security +. Of course, this is more difficult.

I have the impression that PenTest + was offensive, but I think CySA + has many problems that it encounters in SOC and CSIRT operations. The analysis method used when the event XXX occurs, how to act when the initial action or response is completed when an incident of XXX occurs, etc.

Of course, technical issues are included, and skills such as analyzing firewall logs and reading snippets that are suggested to be vulnerable are required. CompTIA is also a vendor-neutral exam, but as a knowledge, keep the SIEM type and forensic product names down.

At present (October 2020), there are two versions of CySA +, the old version CS0-001 and the new version CS0-002. The CS0-001 Japanese exam is scheduled to end on April 23, 2021 . If you are studying with old materials, we recommend that you take the exam early.

About performance-based testing

CompTIA certification exams are in CBT format, which you take on your computer, and most questions choose the option that you consider correct. However, the four tests described above include performance-based tests tailored to their respective test areas.

For this performance-based test, you need to perform operations other than simple answer selection, such as typing commands yourself to check the results and checking the host log, based on the situation in question.

When I took the exam, I had more than an hour left after solving all the questions. Regarding performance-based tests, I think you can take the time to investigate, consider, and answer.