Professional development

A security pro’s guide to CompTIA certifications [Updated 2019]

July 14, 2019 by Susan Morrow

The IT industry needs knowledgeable people to ride the wave of digital transformation across industry, especially people with cloud computing, server virtualization and cybersecurity skills. One of the great things about CompTIA certifications is they are designed to progress your career by helping you gain knowledge in all of those areas. As you tread the path of CompTIA certifications, from basic through expert and advanced, you become an increasingly attractive asset in the industry. Having CompTIA certifications shows you “know your stuff” and demonstrates your in-depth knowledge and practical skills in specific areas of focus.

How to select the best CompTIA certification for your career stage & goals

CompTIA certifications are progressive, beginning at entry level and moving up to advanced level and additional professional. There are four series within this, each with individual certifications tailored to that level. The series comprises:

  • Core
  • Infrastructure
  • Cybersecurity
  • Additional professional

Core: Entry-level CompTIA certifications

The following are known as core CompTIA courses. They give you a basic understanding of IT, networking and security. These are ideal for beginners in the industry, or for those who need to refresh their skills and knowledge. The four core CompTIA courses are:

IT Fundamentals (FC0-U61)

Who is this certification for? This is a basic-level IT certificate for those thinking about beginning a career in IT or augmenting a new IT career. This is a good introductory course, allowing you to get a feel for what an IT career entails.

How will this certification help me in the real world? Although this course is meant for absolute beginners, it will give you the knowledge to know your way around common operating systems. It also teaches you some cybersecurity best practices when using the Internet.


Who is this certification for? If you are looking towards a career as an IT technician or in a technical support role, this is the certification for you. Comprising two separate exams, the A+ focuses on technical troubleshooting and problem solving. The courses focus on a number of core values, including hardware problems, networking, mobile devices and security. This course is targeted at someone who has less than one year of experience.

How will this certification help me in the real world? This highly practical course gives you the skills needed to work in a technical role in a modern organization. The extended network reach of an enterprise is making security issues, in particular, more complex. Having the grounding offered by a course such as the A+ will allow you to more fully understand the problems and provide at-hand solutions.


Who is this certification for? Network computing is about as hands-on as you can get in an IT career. This course allows you to build the practical skills needed to begin a career as an IT network administrator. Holding this certificate shows you have knowledge and skills in areas such as network operations and concepts. It also has a module on network security, both physical and cyber. The course is meant for relative beginners who hold either the CompTIA A+ exam and/or nine months minimum experience in network computing.

How will this certification help me in the real world? Many IT career pathways can be augmented with a CompTIA Network+ certificate. Understanding networking and the impact of cybersecurity across the enterprise network is a very useful skill to have. This course builds up best practice skills across the network, out into cloud computing. The certification is useful for those beginning careers as a network administrator, systems engineer or network field engineer.


Who is this certification for? This is the certification for anyone wanting to work on cybersecurity issues for the enterprise. The course takes you through a variety of common issues including threat detection and mitigation, risk management and intrusion detection. It introduces you to methods and techniques used in the industry to manage the increasing levels of cyber threats. The exam has also been designed to ensure that members of the Department of Defense workforce can meet the requirements of DoD Directive 8570 compliance

How will this certification help me in the real world? The course prepares you to take on the role of junior IT auditor/penetration tester. It is also a foundation-level certificate for roles including network administrator and security administrator. Once you have mastered this course, (here are 10 tips for Security+ exam success) you can expect to take your career as an IT or security professional to the next level. The course teaches you core skills in security, including PKI and encryption, as well as preparatory instruction on secure network design. 

For more on the Security+ certification, view our Security+ certification hub.

Infrastructure: Mid-level CompTIA certifications

The next level of CompTIA exams take you into new territories with deeper dives into areas such as infrastructure. These certificates build on your experience and give you the confidence and demonstrable knowledge to enter more advanced career pathways.


Who is this certification for? According to a survey by LogicMonitor, 83% of an enterprise workload will be in the Cloud by 2020. To progress your career as an IT professional, you need to be skilled in Cloud computing and security in the Cloud. This course builds the skills required by system administrators who need to work with modern data centers across hybrid and multi-Cloud systems. The exam will demonstrate your abilities in a number of key Cloud computing areas, including, configuration, deployment and maintenance of Cloud infrastructures. It will also develop your skills in the area of Cloud security.

How will this certification help me in the real world? System administrators can benefit from the focus on Cloud computing offered through this certification. Others, such as Cloud developers and engineers, could also benefit. The course is for the more experienced IT professional and is designed for employees who have two to three years of experience.


Who is this certification for? Linux skills are key requisite to progressing your career as a network administrator. The Linux Foundation stated as the enterprise moves to more multi-Cloud and Software Defined Networks (SDN), security needs to keep track with these changes. This certification shows that you have understood the complexities of modern Linux-based systems. The certification involves a two-part exam.

How will this certification help me in the real world? Linux administrators can benefit from using this course to refresh and enhance their current knowledge base. Others, such as technical support specialists, can also find the certification very useful in their job. People who take this exam are likely to have already studied for A+ and Network+ and have at least 12 months of Linux experience.


Who is this certification for? This certification covers all of the major server platforms. It also has a focus on server virtualization, which is increasingly used in the enterprise. The course also covers storage, security and disaster recovery. Having this certification under your belt gives you validation of your server administration skills.

How will this certification help me in the real world? This certification builds on your existing experience within a server administration role. Typically, this exam would benefit those who work in server technician or support technician jobs. Because this is a follow-on exam, you are expected to have completed the A+ exam and have at least 18 months of experience in IT.

Cybersecurity: Advanced-level CompTIA certifications

You are now ready to become a specialist and focus your skills on a particular area — in this case, cybersecurity. Cybersecurity is an exciting area of IT to work in. The cybersecurity landscape is never still. Cybercriminals are always testing our forensic skills and putting our knowledge of IT infrastructure and human behavior to the test. And, cybersecurity is an in-demand skill. By 2020, there is expected to be around 3.5 million unfilled positions across the world.

CySA+ Cybersecurity Analyst

Who is this certification for? This certification is one of the most advanced available. The certification is tailored towards the role of security analyst and is an intermediate level credential for security professionals. The exam focuses on the areas of vulnerability and threat analysis, the use of threat detection tools and the use of behavioral analytics skills to remediate networks.

How will this certification help me in the real world? The skills developed through the CySA+ certification allow IT professionals to specialize as a security analyst. Other jobs that benefit from this certification include threat intelligence analyst and vulnerability analyst. Having the Security+ exam under your belt will help with this certification, as well as a prerequisite of three to four years of IT security/networking experience.


Who is this certification for? This exam is a mix of paper-based questions and a hands-on practical session. The exam tests your skills in penetration testing and vulnerability assessment — two areas that are usually part of a general vulnerability management program. The certification will validate your ability to create assessment frameworks and generate reports based on them, and to communicate strategies for improving the cybersecurity of an organization.

How will this certification help me in the real world? A variety of IT and security professionals can benefit from the knowledge gained in achieving this certification. Typical areas that this certification covers include pentester (internal, external and consultant), vulnerability assessor, advanced security analyst and network security operations. The core certifications Network+ and Security+ are useful precursors to sitting this exam. The certification requirement is two to three years of hands-on IT security experience.

CASP Advanced Security Practitioner

Who is this certification for? If you love technology and want to keep your focus on the practical side of things, then this is the certification for you. This certification is purely for the hands-on practitioners amongst us. Having this certification is proof that you are at an advanced level in enterprise security operations and architecture. It also involves understanding and applying mobile security and the use of secure virtualization in an enterprise infrastructure.

How will this certification help me in the real world? The exam validates your practical understanding of security and its application in an enterprise setting. It also demonstrates you can use research to spot trends in the cybersecurity landscape and then apply that knowledge to your organization. This latter skill takes you to a new level of expertise in the area of cybersecurity. This will help you to define a career as a security architect or security engineer. This certificate is for people with a minimum of ten years of IT experience.

Advanced professional: Management-level CompTIA certifications

This final set of CompTIA exams are all about the management side of the IT business. These certifications take you to a new level in managing projects, teaching and training staff, and understanding how IT, and especially Cloud computing, fit into overall business operations.


Who is this certification for? Even smaller IT projects can be complicated to manage. You have a lot of moving parts, and sometimes it feels like herding cats. This certification will prove your worth as a project manager for small to medium-sized projects. The exam will test your skills in handling the entire project lifecycle, communicating with stakeholders and producing various project documents.

How will this certification help me in the real world? This certification is designed for business analysts and project team managers. In the extended use of IT in the enterprise, whether you are working with in-house teams, or external organizations on IT projects, having an understanding of what is entailed in taking a project from initial outline to successful conclusion, is an important skill to have. This certification is ideally for those with around 12 months of project management experience.

CTT+ Certified Technical Trainer

Who is this certification for? This exam demonstrates your knowledge and skills as an instructor/trainer in the industry. Being an effective communicator is more than just standing up in front of a classroom. This certification is proof that you can plan interesting lesson structures and design effective testing strategies. Having this certification also shows you understand which tools to use to be an effective communicator both off and online. The three exams cover the fundamentals, as well as both classroom and virtual teaching.

How will this certification help me in the real world? Anyone involved in training and instruction in industry can benefit from holding this certification. Large organizations such as Microsoft, looking to employ instructors, look favorably at individuals holding this certificate. Ideally, before taking this exam, you should already have some experience of working in training or as an instructor.

Cloud Essentials+

Who is this certification for? Cloud computing is now a firm part of the modern enterprise. So much so, that understanding the application of Cloud computing and Cloud apps have moved out of the IT department and into the wider organization. This certification is for business users who wish to understand the role of Cloud computing in their organization. The certification also stresses the importance of understanding the risks involved when using Cloud computing to store and share sensitive data.

How will this certification help me in the real world? Unlike the Cloud+ exam, this certification is designed for general business users who do not necessarily have an IT background. This certification is ideal for those who work in a marketing role or who make business decisions that may need an understanding of how Cloud computing can impact those decisions.

How to Earn Your Next CompTIA Certification

Infosec Institute can help you prepare for CompTIA exams by using a highly effective boot camp approach. They offer over 95 training courses, including:

A+/Network+ Boot Camp: Dive straight in with Infosec Institute’s renowned training program that teaches you everything you need to know to pass the A+ or Network+ exam. They will teach you the techniques needed to demonstrate your ability in the use of hardware/software, as well as the networking skills needed to master A+ and Network+.

Linux+ Boot Camp: This is a five-day course to prepare you for the Linux+ exam. They will teach you all you need to know to pass the Linux+ certification, including Linux configuration, management and troubleshooting.

Security+ Boot Camp: This online course will get you ready to pass the Security+ exam on your first attempt. As recognized experts in the field of cybersecurity, InfoSec Institute instructors can teach you the tips and tricks needed to excel in this exam.

CASP+ Boot Camp: The CASP exam is a prestigious certification for IT professionals. This course ensures you are fully prepared for the certification process. The five-day course trains you in security concepts, design remits and how to engineer solutions for security issues that the modern enterprise has to deal with.

CySA+ Boot Camp: CySA+ can be a grueling exam. To help you maximize your chances of success, we offer a five-day Boot Camp covering the CySA+ exam. The course will get you up to date with the latest industry standards in threat and vulnerability detection.

Infosec Institute also offers DoD Directive 8570 Mandate Compliance training. This training aligns with a number of CompTIA certifications: A+, Network+, Security+ and CASP.


The modern enterprise has a number of IT challenges, including Cloud computing, server virtualization and cybersecurity. The certifications offered by CompTIA help you develop your knowledge in those areas and demonstrate your value to employers. The Infosec Institute, in parallel, has developed a series of intensive training programs that can give you the edge needed to achieve CompTIA exam success.

For more on the Security+ certification, view our Security+ certification hub.


Posted: July 14, 2019
Susan Morrow
View Profile

Susan Morrow is a cybersecurity and digital identity expert with over 20 years of experience. Before moving into the tech sector, she was an analytical chemist working in environmental and pharmaceutical analysis. Currently, Susan is Head of R&D at UK-based Avoco Secure. Susan’s expertise includes usability, accessibility and data privacy within a consumer digital transaction context. She was named a 2020 Most Influential Women in UK Tech by Computer Weekly and shortlisted by WeAreTechWomen as a Top 100 Women in Tech. Susan is on the advisory board of Surfshark and Think Digital Partners, and regularly writes on identity and security for CSO Online and Infosec Resources. Her mantra is to ensure human beings control technology, not the other way around.