CompTIA's own website shows nine certification paths. That's the problem. Most people searching for a CompTIA roadmap already know they want a CompTIA cert — they just can't figure out which one to start with, or in what order. This guide cuts through the chart maze and maps each cert to a real job outcome.
How the CompTIA Roadmap Actually Works
CompTIA organizes its certifications into three tiers — Core, Infrastructure, and Cybersecurity — plus a few specialty certs. None of them are formally prerequisite-locked (you can sit the Security+ without the Network+), but the knowledge stacking matters in practice.
Here's the full CompTIA roadmap at a glance:
| Cert | Tier | Track | Exam Fee | Typical Job Entry Point |
|---|---|---|---|---|
| ITF+ | Pre-Core | All | $157 | Non-technical roles, orientation |
| A+ | Core | IT Support | $253 × 2 | Help desk, desktop support |
| Network+ | Core | Networking / Security | $369 | Junior network tech, NOC |
| Security+ | Core | Security | $404 | SOC analyst, security admin |
| Cloud+ | Infrastructure | Cloud Ops | $369 | Cloud sysadmin, DevOps support |
| Linux+ | Infrastructure | Linux / DevOps | $369 | Linux admin, SRE support |
| Data+ | Infrastructure | Data Analytics | $369 | Data analyst, BI support |
| CySA+ | Cybersecurity | Security | $404 | Threat analyst, SIEM engineer |
| PenTest+ | Cybersecurity | Offensive Security | $404 | Junior pentester, red team |
| SecurityX (CASP+) | Expert | Security Architecture | $494 | Security architect, senior analyst |
| SecAI+ | Specialty | AI Security | $404 | AI security analyst, governance |
The DoD 8570/8140 mandate is one of the biggest drivers for Security+, CySA+, and CASP+ uptake. If you're targeting a government contractor role or any position with DoD system access, Security+ is not optional — it's required paperwork.
Pick Your CompTIA Roadmap by Career Track
The biggest mistake people make is treating the CompTIA roadmap as linear. It's not one ladder — it branches by job family. Pick the branch that matches where you're headed, not the one Reddit said you should do.
Track 1: IT Support → Help Desk → Sysadmin
Path: A+ → Network+ → Cloud+ or Linux+
A+ is the correct starting point here and only here. It validates hardware, OS troubleshooting, and basic networking — exactly what level 1 help desk interviews test. After 12–18 months on a help desk, Network+ makes you a credible candidate for junior network admin or NOC roles. Cloud+ or Linux+ from there depends on whether your employer runs AWS/Azure or Linux-heavy infrastructure.
Skip ITF+ unless your employer is paying for it or you genuinely have no prior computer experience. It adds cost and no credential weight.
Track 2: Networking → Network Engineer
Path: Network+ → then Cisco (CCNA) or Juniper (JNCIA)
Network+ is the right starting point if you're targeting network operations. Be honest with yourself: if your goal is Cisco networking, CompTIA's roadmap only gets you to the front door. Network+ teaches protocols, subnetting, and troubleshooting methodology. CCNA is where employers start paying serious money. Use Network+ to build the foundation and get the first job; use CCNA to advance.
Track 3: Cybersecurity → SOC → Security Engineering
Path: Security+ → CySA+ → PenTest+ or SecurityX
This is the highest-demand track right now. Security+ alone is enough for an entry SOC analyst role — BLS data shows information security analyst jobs growing 33% through 2033, nearly five times the average. CySA+ moves you from detection to threat hunting. PenTest+ is for red team; SecurityX (the cert formerly known as CASP+) is for architects and senior engineers who need a performance-based expert-level credential without going the CISSP route.
One important note: Security+ requires renewal every three years via CompTIA's Continuing Education (CE) program or re-examination. CySA+ and above follow the same cycle. Factor that cost into your planning.
Track 4: AI Security (New in 2025)
Path: Security+ → SecAI+
CompTIA launched the SecAI+ (CY0-001) in 2025 to address AI-specific threat vectors: prompt injection, model poisoning, AI governance, and LLM security controls. It's a specialty cert, not a replacement for Security+. If you're in a role where your organization is deploying AI systems and you need to secure them, this is the first vendor-neutral credential that specifically covers that territory. Still early days on employer adoption, but AI security roles are being created faster than candidates with the right skills exist.
Track 5: Data Analytics
Path: Data+ → then vendor-specific (AWS Data, Google Data Analytics cert)
Data+ is CompTIA's weakest performer in terms of salary impact, not because the cert is bad, but because data roles are increasingly dominated by vendor certifications and portfolio work. Get Data+ if your employer asks for it or if you want a structured introduction to data concepts before going deeper into SQL, Python, or BI tools. Don't treat it as a standalone career accelerator.
How Long Does Each Cert Take to Prepare?
These estimates assume 1–2 hours of study per day. Experienced practitioners can cut them significantly; complete beginners should add buffer.
- A+: 8–12 weeks (covers two exams)
- Network+: 6–8 weeks (prior A+ or networking exposure cuts this to 4)
- Security+: 6–10 weeks (prior network knowledge required to absorb the material)
- CySA+: 8–12 weeks (needs Security+ plus at least some SOC experience)
- PenTest+: 10–14 weeks (hands-on lab time is essential, not optional)
- SecAI+: 4–6 weeks for Security+ holders with AI exposure
Top Courses for the CompTIA Roadmap
These are the highest-rated prep courses available right now, mapped to the certs people are actively studying for.
CompTIA Security+ (SY0-701) Exam Prep 2026 - For Beginners
Covers the current SY0-701 exam objectives in full, written specifically for people coming in without a deep security background. Rated 9.5 — one of the top Security+ courses on Udemy for 2026.
CompTIA Security+ (SY0-701) 1,000+ Practice Questions 2026
A dedicated practice exam bank with over 1,000 questions mapped to SY0-701 domains. Use this alongside your primary study resource in the final two to three weeks before sitting the exam — pattern recognition on question stems is a real skill that matters on test day.
CompTIA A+ Core 1 (220-1201) Full Course & Practice Exam
Updated for the 220-1201 exam series, this covers hardware, networking, virtualization, and cloud fundamentals for the Core 1 exam. Rated 9.4 and includes practice exams, which the A+ genuinely requires — the exam is heavily scenario-based.
CompTIA A+ Core 1 (220-1201) 6 Practice Tests [2026]
Six full practice tests for the 220-1201 exam. If you're taking the A+, don't skip practice exams — the performance-based questions (drag-and-drop, simulations) need repetition to become automatic.
CompTIA SecAI+ Fundamentals: AI Cybersecurity Basics CY0-001
Entry-level intro to the SecAI+ exam objectives — AI threat modeling, prompt injection, governance frameworks. Good first step if you're Security+-certified and working in an environment where AI tools are being deployed.
CompTIA SecAI+ (CY0-001) Course + EBook + Exams (ALL IN ONE)
The all-in-one SecAI+ bundle: video course, written material, and practice exams. Rated 9.6 — the highest-rated SecAI+ resource available right now if you want a single purchase that covers the full exam.
FAQ
What is the CompTIA roadmap and where do I start?
The CompTIA roadmap is CompTIA's structured path of certifications organized by career track and difficulty level. Where you start depends on your target role: A+ for IT support, Network+ for networking, Security+ for cybersecurity. If you have no IT experience at all, A+ is the most common entry point. If you already have some IT background and want to move into security, you can go directly to Security+.
Do I need A+ before Network+ or Security+?
No — CompTIA doesn't enforce prerequisites. But the knowledge gap is real. Security+ assumes you understand how networks operate (TCP/IP, firewalls, VPNs). Most people who struggle with Security+ failed to internalize networking concepts first. If you've worked in IT for a year or more, you can probably skip A+ and go straight to Network+ or Security+. If you're brand new, don't skip A+.
Which CompTIA cert has the best salary impact?
Security+ and CySA+ consistently show the highest salary impact in the CompTIA roadmap. Security+ holders in the US report median salaries around $75,000–$90,000 for entry security roles; CySA+ pushes that to $85,000–$105,000 for threat analyst positions. CASP+/SecurityX holders in senior roles regularly see $120,000+. A+ and Network+ salaries vary more by geography — help desk roles in major metros pay significantly more than regional markets.
How long is a CompTIA certification valid?
Three years. After that, you renew through CompTIA's CE (Continuing Education) program by earning CEUs through activities like college courses, vendor training, or passing a higher-level CompTIA exam. Alternatively, you can re-sit the exam. The renewal fee is $50 per year if you pay for the CE subscription, or the full exam cost if you re-test.
Is CompTIA worth it compared to vendor certs like Cisco or AWS?
CompTIA certs are vendor-neutral, which makes them more broadly applicable but sometimes less valued in shops that run a specific vendor stack. For DoD and government roles, CompTIA (especially Security+) is mandatory and irreplaceable. For corporate networking roles, CCNA typically pays more. For cloud roles, AWS/Azure certs often outweigh Cloud+. The realistic answer: use CompTIA to get the first job, then layer vendor certs on top to advance.
What is CompTIA SecAI+ and should I get it?
SecAI+ (CY0-001) is CompTIA's certification for AI cybersecurity, launched in 2025. It covers securing AI systems, understanding AI-specific attack vectors (prompt injection, adversarial inputs, data poisoning), and AI governance frameworks. It's a specialty cert intended for people who already hold Security+. Whether you need it depends on your role — if you're involved in deploying or governing AI systems, it's increasingly relevant. If you're doing general SOC work, CySA+ is still the better next step.
Bottom Line: Which CompTIA Cert Should You Get?
Most people asking about the CompTIA roadmap fall into one of three situations:
- No IT experience, want a help desk job: Get A+. Study 8–10 weeks. Professor Messer's free YouTube course plus Jason Dion's practice exams is the standard combination that works. Expect $40,000–$52,000 in your first help desk role, with Network+ bumping that $8,000–$12,000 after you have a year of experience.
- Some IT background, want to break into cybersecurity: Go straight to Security+. It's the cert that DoD, MSSP, and enterprise security teams require for junior hires. CySA+ after 12–18 months in a SOC role moves you from analyst to threat hunter money.
- Already in security, want to move up: CySA+ if you're in a blue team role. PenTest+ if you're doing offensive security. SecurityX if you're moving toward architecture or need a performance-based expert credential that doesn't require CISSP's experience hours upfront.
The CompTIA roadmap is most valuable as a structured progression, not as individual credential collecting. Pick the track that aligns with the job you want, spend your money on one cert at a time, and get the real-world hours to go with it — employers hiring for security roles in 2026 are reading resumes that mix certs with actual SOC or lab experience, not just cert lists.