which order should i study for these in

knewbold

hi
i posted these in general but got a PM saying here would be better


Hi
firstly a tiny bit of background
i have 15 years experience in support/server admin from first line through to 3rd in mainly windows technologies.

i have had a lot of time off recently due to ankle problems and i wanted to brush up my skillset, i got a rather unbelievably priced deal which involved all of the below courses, with unlimited retakes....its self study which i hate but i have a lot of time on my hands as i cant really walk at the moment.

i currently have a few MS certs, as well as Security plus and CEH

i really have no preference which way i should go, but i havent really studied the value as i intend taking the lot
same as prerequisites, i have the experience apart from cisco, which i am tempted to start with


Comptia N+ (i see it as not worth my time at the moment)
Cisco CCNA
Cisco CCNA Security
ISC2 CISSP
ISC2 CSSLP
ISC2 SSCP
Comptia CASP
ISACA CISM
ISACA CISA

what route should i take??



right heres the list, what next and what order please

TheFORCE

Comptia N+ - don't take this, you already know most of the stuff in Net+
Cisco CCNA - Take it, 1st
Cisco CCNA Security - Take it, 2nd
ISC2 CISSP - Take it, 1st or 2nd
ISC2 CSSLP - Take it if you are going to develop and test software.
ISC2 SSCP - Dont take it, lower than CISSP almost equal to Sec+
Comptia CASP - Almost equal to SSCP or CISSP
ISACA CISM - Overlaps/ complements CISSP, take it 3rd after CISSP
ISACA CISA - Nice to have if you aim to be an auditor. Take it after CISM or before. Two different certs.

OctalDump

Definitely get the Cisco ones done. They are good for solidifying your network understanding and learning the basics of practical network security.
So:
1. Cisco CCNA
2. Cisco CCNA Security

Now how much experience do you have? If it's a lot, then CISSP. If it's a little, then SSCP. If it's none, but you know a lot, then CASP. CASP and SSCP are very similar. SSCP requires 12 months experience (in defined domains) to qualify for the cert, but CASP has no formal requirement - but it is challenging if you don't have reasonable knowledge across the whole spectrum. Most people get these either because of work requirement (CASP is on DoD list) or as a stepping stone to CISSP.

Once you've got the necessary experience, then CISSP is all that matters and the CASP and SSCP are not holding much value.

That sort of covers the generic certifications. CSSLP, CISM and CISA are all tied to more particular career paths. CISM is probably the most generic, but does focus more on 'management' issues, so less technical. CISA is all about auditing (good demand for this). CSSLP is all about secure development practice.

CISM and CISA both have quite specific work experience requirements. CISM probably isn't worth worrying about until you are in a role that could be considered 'management'. They also have different focus. So, it depends on the path you are taking.

beads

Well, above list indicates everything from IT Auditor, Network Analyst, Engineer and finally Mid level Security Manager. Start slow and decide on a career path, gain some lower level training and experience and build from there. There is no reason to become another paper "expert" with no real experience or skill to back it up.

In other words it depends on what you are interested in doing next and where your interests lie moving forward. Gaining either the CISM or CISSP would be the worst possible certs to obtain without serious experience and effort to back them up.

Good luck.

- b/eads

adrenaline19

Just knock out the Net+ when you go to take a different one.

It would be super easy for you, and it never hurts to have extra certs on your resume.