THE COMPTIA CYBERSECURITY CAREER PATHWAY
IT pros can enter the CompTIA Cybersecurity Pathway at any point, depending on their IT experience, existing certifications, course of study, job needs, interests and the specific skills they are looking for. For example, if you have two years of IT security experience or equivalent knowledge, you can jump into the pathway at CompTIA Security+ to prove your knowledge. If you already have CompTIA Security+, you can go right into PenTest+ or CySA+. In general, the pathway follows a hierarchy of skills needed for IT security; each certification builds upon the skills from the previous one.
There are no required prerequisites for these CompTIA certifications, and they can be taken without IT experience. CompTIA certifications mirror the current job roles of IT professionals, so it makes sense to earn these certifications to gain the knowledge and hands-on skills currently being used in the workforce, whether you have job experience or not.
If you are an IT professional or an employer, you understand the value of on-the-job experience. IT certifications are a great place to start, but they are not a replacement. If you have CompTIA certifications and on-the-job experience, you have the best of both worlds.
CompTIA IT Fundamentals (ITF+)
The beginning of the career pathway. It is for beginners who don’t have CompTIA A+ or six months of IT pro experience.
CompTIA A+ Certification
CompTIA A+ certification, which mirrors the skills of an IT pro with six months of experience, assesses the skills necessary to support IT infrastructures. An understanding of the most common hardware and software technologies used on the network is needed before earning CompTIA Network+.
CompTIA Network+, or the equivalent knowledge of nine months of networking experience, is an important recommended prerequisite to CompTIA Security+. IT pros must understand how the network functions before they can secure it; therefore, they need networking skills first.
CompTIA Security+ covers network security, compliance and operation security, threats and vulnerabilities, risk management, plus application, data and host security. It mirrors two years of IT security experience, thus precedes CompTIA PenTest+ or CompTIA CySA+ which mirrors three to four years.
Our newest certification and joins CySA+ at the intermediate-skills level. PenTest+ focuses on offense through penetration testing and vulnerability assessment. Depending on your course of study, PenTest+ and CySA+ can be taken in any order, but typically fills the gap between Security+ and CASP+.
CompTIA Advanced Security Practitioner (CASP+)
CompTIA Advanced Security Practitioner (CASP+) should be pursued by IT pros after PenTest+ or CySA+ to prove their mastery of hands on cybersecurity skills required at the 5- to 10-year experience level.
CompTIA Cybersecurity Analyst (CySA+)
Focuses on defense and assesses the skills needed to apply behavioral analytics to the IT security environment. It fills the skills gap between Security+ and CASP+.