How to Prepare for CompTIA Security+ Certification?

Hi everyone,

I am interested in starting a career in cybersecurity and plan to pursue the CompTIA Security+ (SY0-701) certification. I know this exam covers topics like network security, threats & vulnerabilities, risk management, and incident response.

I would love to get some advice from the community:

  1. What are the best resources for preparation? (books, online courses, or practice tests)
  2. Do I need to build strong fundamentals (like networking basics or Linux) first, or can I directly start preparing for the exam?
  3. How valuable is this certification in the job market, especially in Asia?
  4. Has anyone here recently taken this exam? If yes, could you share your experience?

My goal is to start with a strong foundational certification and later move on to advanced ones, such as CySA+ or PenTest+.

Thanks in advance for your guidance!

Hi Rowland

I was a network developer in 1999 and later a web server developer (Weblogic from BEA – now ORACLE). Therefore, I am familiar with the basics of computer and network security. With the increasing proliferation of the internet and its merging with telecommunications (e.g., smartphones, IoT devices), security is becoming increasingly complex and complicated.

A few words about security and security breaches:
In the past, there weren’t as many security vulnerabilities as there are today, because PCs and smartphones weren’t yet as widespread. Instead, there were various incompatible operating systems (e.g., DEC: VAX/VMS, IBMS370: OS/VS1 VM/370, OS/VS2 SVS, OS/VS2 MVS and DOS/VS, WANG/VS, etc.). Therefore, security was based exclusively on passwords and proprietary encryption/decryption algorithms. Today, users access servers based on either Microsoft or Linux OS via their PCs or smartphones. This means that reducing the number of operating systems to just two – Windows and Linux (Android bases on Linux) – makes it easier for hackers to penetrate systems.

Let’s talk about security vulnerabilities. In the past, access required a password and user ID. Even today, a password and user ID are still required as basic security. Access via iris and/or fingerprint provides greater security. Nevertheless, security vulnerabilities can occur. There are two possibilities: luck or professional hacking.

  • The first option is like a jackpot that any amateur could win with a bit of luck, but this rarely happens. In this case, even the best security measures are useless. Using an iris or fingerprint is better, but not completely secure if the user has been forced by criminals to access the system with their eyes/fingers.
  • The second option requires a skilled hacker with infinite patience or payment for hacking computer systems (as in the case of North Korea). In this case, it’s a systematic hacking attack that requires the construction of multiple barriers or layers to protect a system at the expense of performance. However, the security gaps can only be closed to a certain extent—100 percent security is impossible.

What is cybersecurity?

Cybersecurity is the protection of systems, networks, and programs from digital attacks. These cyberattacks typically aim to intercept, alter, or destroy confidential information, extort money from users through ransomware, or disrupt normal business processes (Source: Cisco).

Here, too, there are many security barriers or levels that depend on the company’s requirements (enterprise architecture and infrastructure):
– Human level: Employees with computer access represent the greatest security vulnerability. People can be bribed, threatened, or compromised through carelessness. This requires flexible measurement and agile management.
– Physical level: Cloud, virtualization, Internet of Things (IoT), industrial control systems, and infrastructure as code. Control selection and secure communication/access, backup methods and classifications, power systems, platform diversity, backups, and business continuity.
– Software level: Compute resources, security fundamentals, mobile solutions, wireless security, application security, sandboxing, and tools for monitoring, tracing, identification, analysis, validation, and reporting. Firewalls, IDS/IPS, DNS filtering, data loss prevention (DLP), network access control (NAC), and endpoint/extended detection and response (EDR/XDR).
– Security management and monitoring Level: Security policies, standards, procedures, external aspects, monitoring, governance structures, and roles/responsibilities. Risk management, risk identification, assessment, analysis, register, tolerance, preparedness, strategies, reporting, and business impact analysis (BIA). Management of supplier evaluation, selection, agreements, monitoring, questionnaires, and rules. Compliance reporting, consequences of non-compliance, monitoring, and data protection. Attestation, internal/external audits, and penetration testing. Phishing training, anomalous behavior detection, user guidance, reporting, and monitoring.

As you can see, the field of cybersecurity is vast and diverse. You can specialize in a specific area, such as the human level (as a business administrator), the physical level (as a systems administrator), the software level (as a security software developer), and finally, the level of security management and monitoring (if you are an IT graduate with a bachelor’s degree).

Requirements: Good knowledge of Linux/Windows Server OS, Internet protocols and applications (especially IoT applications), and good people communication and management skills.

Where can I learn? Click HERE or HERE.
Books? Click HERE.
Share experience? Click HERE.
Job and salary? Click HERE for Vietnam or HERE

83% thành viên diễn đàn không hỏi bài tập, còn bạn thì sao?