nav[aria-label="Primary Navigation"] { padding: 0; & ul { list-style: none; width: 100%; display: flex; flex-direction: row; justify-content: start; align-items: start; gap: 30px; padding: 0; & li { margin: 0; } & ul li { list-style: none; } } }

What's A good Security Cert for System Admin?

Chrisbari14

Good morning/afternoon Tech Family!!

Question.. What's a good security certification to obtain? I'm on the course to go after my MCSA Windows 10 desktop cert and MCSA Windows 2012 R2 server cert. What would be a good security cert to add to my skills?

Find more posts tagged with

SAVE $250 on Your Boot Camp — Use Code "EXAM26"

Exclusively for TechExams members for Infosec Boot Camps starting before April 30, 2026

View Boot Camps

Comments

TacoRocket

Security+, CISSP, CISM, GSEC. It really depends on what you're trying to do.

ThePawofRizzo

I'd say Security+ is a natural first-step, as you have listed in your goals. CompTIA is soon releasing a "CyberSecurity Analyst+" exam, and the beta was tough, but doable as a step after Security+. And you'd likely see some of the Sec+ material in the Analyst+ exam, so while Sec+ is fresh in your mind, I'd say go for the Analyst+ test as well once it is released.

mbarrett

SSCP, Sec+ or the SANS GSEC are all entry security certs.

aftereffector

Security+ is a good, attainable entry-level security cert. It covers a pretty wide range of topics and is vendor-neutral so it should be fairly relevant for many system admin roles. It's not going to help you with the practice of securing a Windows domain or anything technical like that, but at least you'll know about PKI and other such concepts.

CISSP is a good target to shoot for after some hands-on experience. I wouldn't bother with the CASP unless you are working in the DoD market space - in which case, definitely go for the CASP as well!

beads

SANS GSEC would be ideal if you or your employer can afford it. The CompTIA Security+ or soon to be released Security Analyst+ would also be appropriate. CISSP should be reserved for long term, practicing security analysts and would be overkill for someone on the network administration side of the house. CASP if you were looking for something a bit more advanced but it really depends on what your duties are today, your division of labor or DoL within your organization and how deep into the practice you wish to explore.

- b/eads

NetworkNewb

I would assume the SANS Sec505: Securing Windows and Powershell Automation course would be great for any Sys Admin. Assuming your employer would pay for it or you got into a work study option of course.

https://www.sans.org/course/securing-windows-with-powershell

636-555-3226

Security+ is already my recommended entry-level get-your-feet-wet security cert

Remedymp

beads wrote: »

SANS GSEC would be ideal if you or your employer can afford it. The CompTIA Security+ or soon to be released Security Analyst+ would also be appropriate. CISSP should be reserved for long term, practicing security analysts and would be overkill for someone on the network administration side of the house. CASP if you were looking for something a bit more advanced but it really depends on what your duties are today, your division of labor or DoL within your organization and how deep into the practice you wish to explore.

- b/eads

IIRC, Security Analyst+ is a performance based cert, in that you would need to have experience working/handling security incidents.

UnixGuy

all the certs suggested by other members are great!

What I found was help is eLearnSecurity eJPT Junior Penetration Tester. Even if you don't want to be a penetration tester, it just opened my eyes to certain areas that I didn't know about, and got me used to using tools like nmap, and found free alternative to vulnerability scanners. If you like practical certs do it. SANS certs are king of course. Security+ is good too