Advice for my cert path please!

MJK9550

Hey guys,

I recently took my A+ 901 and passed, doing the 902 on Friday so should have A+ then!

Afterwards I am thinking of doing them in the following order but also not sure which ones to take. I'm going to write out my list and any feedback or advice would be greatly appreciated, thanks!

Net+ or MTA Net Fundamentals 98-366? or both?
Sec+ or MTA Sec Fundamentals 98-367? or both?
MCSA Windows 10 70-697
Linux+
CEH
OSCP
OSCE
CASP

Should I throw in any cisco certs?

Advice Please!

Thanks Guys

636-555-3226

Any idea what you want to do with your career? what's your current background and experience level?

I'd skip the Microsoft tech certs; I'm not sure I've ever met anybody who took them, and I've never really heard much about them.

CompTIA is always a good intro-primer.

Personally I'd skip the CEH & anything EC-Council related. Looks good on the resume, but real world skills do not apply in EC-Council land and the cert won't have much weight with any experienced infosec mgrs (not that there's a lot of those.....)

I'd put CASP before OSCP. Probably do Security+ and then Cybersecurity Analyst+ then CASP to round out your intro/mid-level knowledge.

Networking knowledge is always helpful, esp. if you're going to look into pentesting. cisco is the default standard, but other systems like juniper also apply. know at least the basics.

random side note - seems like a lot of people are jumping on the pentesting bandwagon. I'm going to have to start vetting my pentesters to make sure i'm not getting these entry-level people (nothing against you personally)

MJK9550

Haha I understand that. I'm definitely going for pentesting. Right now I am an entry-level network engineer for a fairly large company. I am in school for computer science as well. I spend countless hours at home self-studying and practicing various skills: python, Linux, kali and the tools that accompany it, networking, etc. Well looks like I'll be a needing a cisco cert then, ccna r/s and ccna sec should be good enough from them? Experience is still lacking this is my first IT job and have been here for 2 months so far and am still in school.

abey1st

What study material did u use for 901? and 902?

MJK9550

The exam cram book, lots of videos on cybrary.it and Lynda.com as well as random practice tests found online.

rex0r

Yeah as with what the other are saying it really depends on what you want to get into in the future. A good starting point is getting the trifecta from CompTIA A+, Net+, Sec+.

After that you can really decide which way you want to go. I would also recommend staying away from microsoft certs as they are not really recognized by many.

As for CEH, its a debateable. Its all theory based, yes it teaches you a birds eye view of what hacking looks like but it will teach you nothing about how to do it or really even how to defend against it. Its simply a recognized cert and it is part of the DoD 8570 which I think is why it got so much credibility. I would get it if you can, just so you have it as a check in the box. But do that down the road.

CISSP > CASP. I would say at that point after you've been through all those other classes and certs, have some experience under your belt, and decide you want to go that route choose CISSP over CASP.

As far as OSCP and OSCE they are very specific and if pentesting is the way you want to go then go for it! If you do though, I would recommend getting CEH first especially if you havent had any introduction to pentesting.

Good luck!