sscp or security+ first?
chickenlicken09
Member Posts: 537 ■■■■□□□□□□
in SSCP
hi guys, so im still debating where to start in terms of the security route. i was thinking cissp but now i think it makes sense to start with something lighter like the security+ or sscp just to make sure i like it and get my feet wet. Are there pros or cons as to where to start?
Im thinking the sscp would look better on the cv as i dont see security+ listed much. Any thoughts would be great?
Thanks
Im thinking the sscp would look better on the cv as i dont see security+ listed much. Any thoughts would be great?
Thanks
Comments
-
JoJoCal19 Mod Posts: 2,835 ModDo you already have security experience? The CISSP requires 5 years of experience in at least 2 of the 10 domains it covers. I believe the SSCP is more along the lines of what you'd be looking at. Having had the Security+ and not having it help me a single bit (nor did the Network+), along with the expensive cost of the CompTIA certs, I wouldn't take it. I would however buy the Security+ book and read it and learn the material as if you are going to take the test. Then move on to other certs such as the SSCP.Have: CISSP, CISM, CISA, CRISC, eJPT, GCIA, GSEC, CCSP, CCSK, AWS CSAA, AWS CCP, OCI Foundations Associate, ITIL-F, MS Cyber Security - USF, BSBA - UF, MSISA - WGU
Currently Working On: Python, OSCP Prep
Next Up: OSCP
Studying: Code Academy (Python), Bash Scripting, Virtual Hacking Lab Coursework -
PJ_Sneakers Member Posts: 884 ■■■■■■□□□□This is the best advice I've found on the subject:
http://www.techexams.net/forums/security-certifications/28593-security-certification-where-start.html -
dustervoice Member Posts: 877 ■■■■□□□□□□I would say get security+ then move on to SSCP then CISSP. Security + for your knowledge only and to build a solid foundation/springboard as no employer will be impressed by security+ being on your CV. I passed the A+ and Net+ some years back i've now officially deleted them from my CV as they are just taking up valuable real estate on a limited 2 page document. After being in IT for so long if i have to still prove to someone that i know how to change out a NIC card(A+) or demonstrate that i know what a cat5 cable is(N+) then am in real trouble
-
Remedymp Member Posts: 834 ■■■■□□□□□□If you already have SY0-401, skip the SSCP then. It's not worth it IMO.
Here are a few postings of Jr. IT Security positions recently:General Summary of Position:
The Junior Network Security Administrator role is to assist the Information Security Officer with planning, designing, development, and implementation of efficient network integrity, systems security, log management, business continuity and disaster recovery. This individual will apply proven communication, analytical and problem-solving skills to help identify, communicate and resolve issues in order to maximize the benefit of internal systems investments and will be involved in a variety of other projects including assisting with firewall, anti-virus, web filtering, threat remediation and security compliance.
Duties & Responsibilities:- Performing analysis of network security needs and contributes to design, integration, and installation of hardware and software
- Analyzing, connectivity requests to insure compliance with Mass 201 CMR 17, PCI and other policies
- Provide recommendations for the development and analysis of Network Security policies and procedures
- Document computer security policies, procedures and provide alternative solutions to requests that violate policies
- Ability to work Hands-on with Internet protocols, IPS, firewalls, packet capture and analysis, SSH, TLS/SSL, web servers, application servers, database security, patch management and vulnerability assessment tools
- Device/vendor agnostic (needs to support Check Point, Fortinet, Cisco, F5, etc.)
- Software/vendor agnostic (needs to support Websense, McAfee, Tenable, etc.)
- Bachelor's degree
- 2 years of networking experience with Cisco Routers and Switches
- Network security experience with Checkpoint
- Problem Solving - must be able to provide technical solutions to a wide range of complex difficult problems.
- Self-Motivator possessing a high sense of urgency and high level of integrity
- Strong written and verbal communication, as well as organization and documentation skills
- Strong knowledge of networks and network topologies and protocols
- Reporting for internal/external use and compliance
- Candidates with these desired skills will be given preferential consideration:
- Cisco CCNA
- Check Point CCSA
- CISSP
- Microsoft MCSA
- Familiar with standard security and PCI best practices
- Vulnerability Management / Risk Assessment
- Knowledge of features of Active Directory, Group Policy and Certificate Authority technologies.
- Experience with endpoint security software and encryption products
Responsibilities:
The position requires a higher degree of technical ability and skills, that relate directly to the operation, maintenance, and troubleshooting of specialized security related infrastructure. Examples of such infrastructure are the RSA DLP (Data Loss Prevention), SEIM (Security Event Information Management), IPS (Intrusion Prevention), WAF's (Web Application Firewalls). The position also requires a higher level of specific experience and formal structured training to be effective.
Due to sensitive nature of the data being analyzed and administered this person must exhibit distinct discretion. However, a self-assured manner and authority is also necessary when interacting with management in non-Operations areas.
Day to day administration of security infrastructure including:- Operations of the Security systems, including maintenance, configuration, issue remediation, audit and troubleshooting
- Administer Data Privacy Committee Sharepoint portal Administering RSA DLP and SEIM software and Hardware
- Analysis, categorizing and reporting the DLP results, including informing the DLP gate-keepers within Legal, HR and ACS of any suspicious activity
- Development and administration of correlated customized real-time security alerts
- Education of sensitive information owners of their data protection responsibilities and data encryption techniques
- Enforcement of data encryption automation
- Staying current with US and global Data Privacy Laws Development and administration of metrics reporting to the Data Privacy Committee
Qualifications:- Excellent verbal and written communications skills
- Advanced knowledge of Microsoft Office suite, and Lotus Notes
- Advanced knowledge of TCP/IP networks, routing, protocols, and topology
- Excellent Internet troubleshooting skills
- Good working knowledge of Windows & Linux Operating systems, and Database technologies
- Project Management involvement required to understand project scheduling and criticality of tasks and prioritization
- Excellent customer service, and troubleshooting skills
- Highly analytical with structured approach experience
- Excellent problem detection and resolution skills
- Detail oriented, self starter
I would go for SY0-401, then focus on either CCNA:Security or RHCSA. More ROI for either of those two, IMHO... -
JDMurray Admin Posts: 13,091 AdminThe SY0-401 now covers most--if not all--of the topics covered by the SSCP exam. However, the Sec+ exam itself is simpler than the SSCP exam. Either exam is good preparation for the other. If you had to choose only one or the the other, you will get more resume recognition from the Security+ cert.
-
PJ_Sneakers Member Posts: 884 ■■■■■■□□□□The SY0-401 now covers most--if not all--of the topics covered by the SSCP exam. However, the Sec+ exam itself is simpler than the SSCP exam. Either exam is good preparation for the other. If you had to choose only one or the the other, you will get more resume recognition from the Security+ cert.
-
chickenlicken09 Member Posts: 537 ■■■■□□□□□□some good advice there thanks, i have the security+ book already and it seems interesting. although i have the ccna already i think i would
enjoy the security+ more. will prob skip the sscp all together if there that much overlap. that job spec gives me an indication of where i should be going.
although its a junior role they seem to expect a certain amount of experience already so would i be right in saying it would pay better than a junior role?
im trying to not go backwards in salary also! -
Remedymp Member Posts: 834 ■■■■□□□□□□some good advice there thanks, i have the security+ book already and it seems interesting. although i have the ccna already i think i would
enjoy the security+ more. will prob skip the sscp all together if there that much overlap. that job spec gives me an indication of where i should be going.
although its a junior role they seem to expect a certain amount of experience already so would i be right in saying it would pay better than a junior role?
im trying to not go backwards in salary also!
If you already have CCNA. Push for CCNA: Security. After CCNA: Security, I would go for RHCSA.
Taking a pinch in salary by way of transitioning from one role to another is not uncommon in IT. It's just the nature of the game.
Being able to balance out your expertise in OS(RHCSA), Networking(CCNA), as well as Security Fundamentals (SY0-401) could be great way to become a decent security generalist. -
JDMurray Admin Posts: 13,091 AdminPJ_Sneakers wrote: »That being said, do you think there is any tangible benefit to obtaining the SSCP certification rather than the Security+?
-
diggitle Member Posts: 118 ■■■□□□□□□□Just get them both....lol as you can see JDMurray has them both. I say its worth it.c colon i net pub dubdubdub root
-
Karthik524 Registered Users Posts: 1 ■□□□□□□□□□Hi JD,
Currently i am working in Avaya TAC and i have total 5 years of experience into Networking and i am working on security devices and firewalls as well now i would like follow Information Security path so which one would be better Security + or SSCP. which certification has more value please suggest.
Thanks,
Karthik