Computer security is one of the most important challenges facing server administrators today, and the CompTIA Security+ designation is a great starting place for people who want to build their knowledge in this exciting field. Michael Gregg and David Miller have taken studying for the Security+ exam one step further than the traditional certification self-study book. Instead of reading only, you will perform hands-on security activities that make sure you don't just know the material but that you can also apply it. Mike recently took a break from catching the bad guys to share the story of his new book for Security Administrators and Security+ certification candidates.
GoCertify:
Computer security seems to be a particularly interesting segment of
the IT field to work in right now. Do you feel this is true, and if so,
why?
Michael Gregg:
Computer security continues to be an exciting field. The challenges that face this segment continue to grow. Just consider the high exposure security incidents that we have all witnessed in the last few years involving identity theft, credit card theft, hacker attacks, and cyber extortion. Events like the November 2006 attack that shut down the Naval War College's network. It is believed to have been launched by Chinese hackers or even more recently the attack against some of the Internets root DNS servers. These events serve to remind us of the continued need for security.
GoCertify:
Will a reader who completes this book know how to detect and prevent hacking attacks? What skills will they obtain?
Michael Gregg:
The book will increase their security skills. We designed the book around the objectives of the Security+ exam so that readers can perform common tasks that Security+ professionals may be asked to perform. This includes tasks such as risk assessment, running vulnerability assessment tools, hardening an OS, and using cryptographic solutions. Individuals looking for a text specifically focused on hacking should consider reviewing Que's Certified Ethical Hacker Exam Prep.
GoCertify:
How important is a Security+ certification in the real world? Do employers actually seek out people with this designation?
Michael Gregg:
One way to see how valuable the Security+ exam is to simply go to any major job search site and do a search for Security+. It's listed in hundreds of job ads. Even the U.S. Department of Defense (DoD) sees the needed for greater security. The DoD approved Directive 8570.1 which requires every full-time and part-time military service member, defense contractor, and civilian and foreign employee with privileged access to a DoD system, to obtain a commercial certification such as Security+.
GoCertify:
What level of computer skills does someone need before they should even consider pursuing Security+ certification?
Michael Gregg:
The Security+ certification is an entry level security certification. If you are already working in the IT field or have the basic network and hardware knowledge, you are a potential Security+ candidate. The most important skill is to have a desire to learn.
GoCertify:
Your book seems to take a different approach than the more typical Security+ study guides. How is it different, and why did you decide to do it this way?
Miachael Gregg:
There are many Security+ books on the market that talk about security. Most Security+ books cover the facts, figures, and details that readers need to know to pass the Security + exam. This book is unique in that it actually teaches readers common tasks that a Security+ professional needs to perform. A good example of this is the exercise on rootkits. Security Administrator Street Smarts teaches readers how to find and detect rootkits on suspected systems.
We took this approach because in real life having a certification is not enough. To move up in an organization, workers need to demonstrate skills that an employer can use. I feel this approach sets this book apart in the market from its competitors.
