This article discusses if the CompTIA Security+ is worth your time and effort. We’ve also covered how to pass the Security+ exam, the best resources to prepare for the Security+ exam, and why you should consider taking the Security+ before the Network+.
With any cyber security certification, people will inevitably ask if the certification is worth the time and effort needed to pass the test. The CompTIA Security+ certification has certainly gained a lot of popularity, so many potential test takers have been asking if the Security+ is worth the effort.
Ready to Start Your Cybersecurity Career?
Get my FREE 5-part series "Strategies for New Cyber Careers". These strategies can help you get your cyber career started. I'll also send you my weekly newsletter every Wednesday with resources that every cyber professional needs to know.
So, is the CompTIA Security+ worth it? The CompTIA Security+ certification is worth the effort if you intend to pursue a cyber security related career track or you want to add security credentials to your resume, or if need to learn network security as part of your job.
That all probably sounds straightforward, but you may be wondering what about the Security+ makes it worth the effort compared to other certifications. Let’s take a look at several of the aspects of the CompTIA Security+ that make it a good go-to certification.
Security+ is Approved by the US DoD to Meet 8570 Requirements
The United States Department of Defense has issued a directive identified as 8570 that provides guidance for how employees working within or for the Department of Defense should be trained and certified if they are working on cyber security or information assurance tasks. This directive has approved the Security+ as a baseline certification for much of that work, which means that the Department of Defense recognizes the validity and value of the CompTIA Security+ certification and in fact requires it for certain positions.
Having a certification that is valued and recognized by the federal government and it’s vendors and contractors is certainly a benefit of the CompTIA Security+ certification.
Security+ Does Not Require Experience to Take the Exam
As you progress in your cyber security career, you’ll certainly notice that many of the big certifications have a prerequisite requirement of a certain number of years of documented experience or that you’ve completed an authorized training before you are even allowed to sit for the certification exam. Some exams even require that you are “sponsored” by another person who is already certified.
A great benefit of the Security+, and most other CompTIA certifications, is that there is no prerequisite experience or training involved. You can go and sit for the exam tomorrow if you want. This of course puts the burden on you as the test taker to make sure you’re fully prepared, but it is a nice benefit for those starting in the cyber security or computer networking field to be able to knock out a certification, especially when work experience is hard to get and degrees take a while to complete. The Security+ is something you could add to your resume in 60 days or less if you studied and were prepared, which is a great benefit of the certification.
Security+ Only Requires One Exam
I love certifications that only require one exam. Some mid or higher level certifications, such as the Cisco CCNP or Microsoft’s MCSA require multiple exams, and that’s fine, but sometimes that doesn’t equate into a much bigger bump in your salary or career prospects, considering the substantial amount of extra work that is involved.
With a one-and-done certification like CompTIA Security+, the effort needed to prepare for and pass just one exam makes it much more attractive for you as a test taker to add to your resume. I just think it’s a better use of time to take three tests and earn three certifications than to take three tests and earn one in most cases.
Security+ Costs Less Than Many Other Certifications
Certifications aren’t cheap, and some cyber security related certifications are $500 or more, which is a lot of money to hand over unless you’re pretty sure you’re going to pass. CompTIA has seemed to keep their prices reasonable, including for the Security+, which costs a little more than $300. CompTIA also often provides discounts for students, so if you qualify for that, you could get a voucher for the Security+ for less than $200 in some cases.
Security+ Training Is Offered Nearly Everywhere
The CompTIA Security+ is so popular that most colleges and universities offer training for the exam at some point during their academic year, including offering the training in an online format. Additionally, there are many online course resources available to prepare for the exam that are offered by others in the training industry. The quality of these courses can vary, but there is certainly no shortage of available Security+ study material that is available at low cost, which is another benefit of preparing for the exam.
Now that we’ve identified some aspects of the Security+ that make it a worthwhile certification to consider, let’s take a look at other questions you may have about the exam.
How Much Study Does the Security+ Require?
The amount of effort and study that you’ll need in order to pass the Security+ exam obviously varies from person to person, depending on your background knowledge and experience, but a good measure is to expect to put in around 60 hours of dedicated study before you sit for the Security+ exam.
Do I Need Experience to Pass the Security+?
We’ve already identified above that you are allowed to take the Security+ any time you’d like, including without any prior work experience, however that doesn’t mean that you should.
If you want to sit for the CompTIA Security+ without having prior technology work experience, you can be successful on the exam, but it is critical that you have strong computer networking knowledge, including understanding the layers of the OSI model, protocols, port numbers, and networking hardware component functions, especially switches, routers, and firewalls. In other words, you want to be pretty strong on most of the CompTIA Network+ content before you sit for the Security+. This doesn’t mean that you must acquire that knowledge from a work environment or that you must have the Network+ first. It just means that you want to be strong in those areas, including from self study, before you should move into the network security topics of the Security+.
Will Employers Question Why I have the Security+ and not the Network+ or A+?
Some people get concerned about “skipping” certifications or the appearance of having a successive certification while not having a lower level certification on the track. In almost all cases, we have not seen examples of employers that question why a candidate does not have a lower level certification or that holds that against an applicant. Most employers value the higher level certification and assume that you’re knowledge is strong enough in the lower areas to suffice.
Can I Retake the CompTIA Security+ If I Don’t Pass?
CompTIA authorizes retakes for the Security+, and even offers the option to buy a testing voucher with retake option, however they will block you out for a retake for a third time if you are repeatedly taking the exam and failing. Typically this block out time is two weeks.
Should I get the CompTIA Network+? The CompTIA Network+ is a good certification for those interested in getting into the computer networking field as a network manager, network technician or network administrator. Other comparable exams include the Cisco CCENT and Cisco CCNA.
How much security will I actually do in an entry level networking job? Most entry level and lower level positions related to computer networking primarily revolve around administrative tasks, but having a knowledge and understanding of security concepts as they relate to the network that you are supporting is very beneficial in your ability to do your job and understand the security impact your organization faces.
Is the Security+ the same as hacking or penetration testing? The Security+ is a vendor neutral, wide view network security concepts exam, which includes a basic understand of offensive hacking and penetration testing. There are other certifications dedicated specifically to penetration testing, including the Certified Ethical Hacker (CEH) certification exam.