DEV Community

Martese O Temple, Sr
Martese O Temple, Sr

Posted on

Understanding CompTIA Security+ for a Future in the Department of Defense by Martese O. Temple, Sr

1.0 General Security Concepts
Security professionals use different types of controls to protect systems and data.
Categories of Security Controls:

Technical: Software and hardware tools like firewalls or antivirus programs
Managerial: Policies and procedures created by leadership
Operational: Day-to-day practices like employee training
Physical: Real-world protections such as locks, fences, and cameras

Control Types:

Preventive: Stops incidents before they happen (e.g., passwords)
Deterrent: Discourages attackers (e.g., warning signs, cameras)
Detective: Identifies threats (e.g., alarms, logs)
Corrective: Fixes issues after an attack (e.g., restoring backups)
Compensating: Alternative controls when primary ones aren’t possible
Directive: Guides behavior (e.g., policies and rules)

1.2 Fundamental Security Concepts
A key foundation in cybersecurity is the CIA Triad:

Confidentiality: Only authorized people can access information
Integrity: Data remains accurate and unchanged
Availability: Systems and data are accessible when needed

Other essential concepts include:

Non-repudiation: Proof that someone performed an action (like a digital signature)
AAA (Authentication, Authorization, Accounting):

Authentication: Verifying identity
Authorization: Granting access
Accounting: Tracking actions

Security professionals also use Gap Analysis to find weaknesses and Zero Trust, a modern approach where no user or system is automatically trusted.
Zero Trust includes:

Control Plane: Decision-making area (identity checks, policies)
Data Plane: Where access actually happens

Physical Security and Deception
Even in a digital world, physical security matters. Examples include:

Bollards, fencing, lighting, and security guards
Access badges and entry checkpoints
Sensors (infrared, pressure, microwave, ultrasonic)

Organizations also use deception tools:

Honeypots: Fake systems to trap hackers
Honeynets: Networks of decoy systems
Honeyfiles/tokens: Fake data to detect unauthorized access

1.3 Change Management and Security
Change management ensures that updates or changes to systems don’t create security risks.
Important steps include:

Approval processes and stakeholder involvement
Impact analysis and testing
Backup (backout) plans in case something fails
Scheduling updates during maintenance windows

Technical considerations:

Allow lists and deny lists
System downtime or restarts
Compatibility with older (legacy) systems

Documentation and version control are also crucial, ensuring every change is recorded and traceable.

1.4 Cryptography and Data Protection
Cryptography is how we protect sensitive data, especially in DoD environments.
Key Components:

Public Key Infrastructure (PKI): Uses public and private keys
Encryption Types:

Full-disk, file-level, and database encryption
Symmetric (fast, shared key) vs. Asymmetric (two-key system)

Security Tools:

TPM (Trusted Platform Module)
HSM (Hardware Security Module)
Key management systems

Data Protection Techniques:

Hashing: Converts data into fixed values
Salting: Adds randomness to hashes
Tokenization & Data Masking: Hide sensitive data
Steganography: Hides data inside files

Digital signatures ensure identity and data authenticity, while blockchain provides secure, transparent transaction tracking.
Certificates issued by Certificate Authorities (CAs) help verify trusted systems.

Conclusion
CompTIA Security+ covers essential cybersecurity concepts that are highly valued by the Department of Defense. By understanding security controls, the CIA triad, change management, and cryptography, you’re building a strong foundation for a future career protecting national systems. Starting early gives you a big advantage—this certification can open doors to internships, entry-level jobs, and eventually careers in government cybersecurity.
If you’re serious about cybersecurity, Sec+ is your first big step toward serving and protecting in the digital world.

Top comments (0)