Learning Security+ Issue 1
What Is Security+?
Security+ is an internationally-recognized certification from the non-profit organization CompTia. Passing the exam signifies someone has attained a professional, working knowledge in the field of Information Security.
This series of articles will share notes and resources about this topic in a concise, focused manner. 🤓
- Information Security protects information and data.
- Information Systems Security protects systems storing or processing data.
- InfoSec defends against unauthorized access, use, disclosure, disruption, modification, or destruction.
What Is Information Security?
Information Security (InfoSec) is the process of protecting information and information systems. It’s an umbrella term covering a variety of methods used to accomplish that goal. Explanations often divide it into “Information Security” and “Information Systems Security”, which makes total sense, but they still use the single term “Information Security” to mean both. I have no idea why this is the case. Like, if it’s gonna have two sub-categories, why the hell do they keep the same term for one them? That part makes absolutely no sense, but I’ll explain below. 🤷🏽♂️
“Information Security” vs “Information Systems Security”
At first, these terms seem quite similar, but there is an important distinction. The term Information Security refers to securing the actual info and data, such as credentials, files, telecommunications, etc. The term Information Systems Security refers to securing the systems that store or process info and data, such as computers, servers, networks, etc.
I hope that helps you make sense of Information Security being used as both the umbrella term and one of the sub-categories. Leave a comment if my wording above confuses you and I’ll gladly give it another go. 🙂
What Does InfoSec Defend Against?
Protecting information and information systems means defending against unauthorized access, use, disclosure, disruption, modification, or destruction. Be sure to memorize these for the exam!
Journeying down the rabbit hole of learning Security+ takes a lot of hard work. Understanding the difference between information security and information systems security is the first step toward laying a firm foundation to build upon. With that said, there are a number of additional core concepts to learn. Next up is the InfoSec CIA Triad.
See you there!