2011 starts a new year for CompTIA and Security+. CompTIA certifications will no longer be awarded for a lifetime. Starting in 2011, all CompTIA certification exams will be valid for three years from the date the test candidate passes the certification exam.
Another big change is that the Security+ certification is being revised. The new version of the exam, Security+ SY0-301, will debut later this year. I, Michael Gregg, blogged about the update to the Security+ certification last year and since then, I’ve had much more time to review the new objectives since I am working on an the 3rd edition to the best selling Security+ Street Smarts book. We, the authors, will be adding lots of material to help readers seeking real security skills they can use in the workplace.
If you are going to get certified this year spend some time and examine the new exam objectives, you’ll notice that the domain names have changed. One such change: Domain 2, Compliance & Operational Security. Operational security is covered in depth in the CISSP certification program and it’s good to see that Security+ is increasing its coverage too. This increased emphasis on operational security is good as is a more in-depth coverage of technical, management, and operational controls.
Another big change is more coverage of risk. I am not just talking about basic quantitative risk calculations using values such as SLE, ARO, and ALE, but stuff any junior security professional can use like the importance of policies in reducing risk and the emerging issues associated with cloud computing. If you don’t think these are needed additions, consider the cloud computing issue of Microsoft Hotmail. The free mail service crashed around the New Year holiday and as a result, approximately 17,000 users discovered some or all of their email messages were missing.
I have reviewed the SYO-301 objectives, am happy with the changes, and believe it’s going to make for a better certification. If you’re considering becoming Security+ certified this year, spend some time reviewing the exam objectives and read Security Administrator Street Smarts A Real World Guide to CompTIA Security+ Skills and don’t just get certified, get Street Smarts Security+ certified!