Which certs are easiest to hardest

I have $4500 dollars to use in the next 9 months on certifications. Which ones from this list are easiest to hardest I should take? I am in the Cyber security field and currently posses Security+ and CEHV9. I initially was going to use the $4500 towards CISSP and a boot camp, I was informed I can use the $4500 towards multiple certifications and would like to take advantage and start self studying for some of these certifications. Any information from those who have taken them would help. I have over 6 years of experience in Cyber security.

· Associate of ISC2
· CERT Certified Computer Security Incident Handler (CSIH)
· Certified Associate in Project Management (CAPM)
· Certified Ethical Hacker (CEH)
· Certified Information Security Manager (CISM)
· Certified Information Systems Security Professional (CISSP)
· Certified Security Analyst (CSA)
· Cisco Certified Network Associate (CCNA) Routing and Switching
· Cisco Certified Network Associate Security (CCNA Security)
· CompTIA A+ CE
· CompTIA Advanced Security Practitioner (CASP) CE
· CompTIA Network+ CE
· CompTIA Project+
· CompTIA Security + CE
· CyberSecurity Forensic Analyst (CSFA)
· GIAC Assessing and Auditing Wireless Networks (GAWN)
· GIAC Certified Forensics Analyst (GCFA)
· GIAC Certified Incident Handler (GCIH)
· GIAC Certified Intrusion Analyst (GCIA)
· GIAC Certified Penetration Tester (GPEN)
· GIAC Certified Perimeter Protection Analyst (GPPA)
· GIAC Information Security Fundamentals (GISF)
· GIAC Information Security Professional (GISP)
· GIAC Security Essentials Certification (GSEC)
· GIAC Security Expert (GSE)
· GIAC Security Leadership Certification (GSLC)
· GIAC System and Network Auditor (GSNA)
· Information System Security Management Professional (CISSP-ISSMP)
· Licensed Penetration Tester (LPT)
· Project Management Professional (PMP)
· System Security Certified Practitioner (SSCP)

Find more posts tagged with

SAVE $250 on Your Boot Camp — Use Code "EXAM26"

Exclusively for TechExams members for Infosec Boot Camps starting before April 30, 2026

View Boot Camps

Comments

techfiend

I like your original plan on CISSP. If you want to be in security technical or management it is THE cert to have. While you could probably knock out a few of the easier certs in instead of CISSP they won't carry the same weight to employers.

The only other considerations I'd give is PMP if you have the project manager experience and want to be in that area. GIAC certs are looked upon highly but don't have the demand of CISSP and PMP.

OSCP is another consideration that's not on your list.

cyberguypr

Knowing what your role is and where you want to go would be the first thing to answer as different certs fit within different paths.

OctalDump

I'll point you to CompTIA's career roadmap, and also the GIAC roadmap. Both give an overview of where the various certification fit. They're not perfect, but they are roughly right.

I think that one of the GIAC's or the CISSP are good options. From CompTIA's offerings, CASP is probably the only one worth your while getting, but that also depends on where you work. It is popular for US Government (Defence etc).

CCNA Security isn't particularly worthwhile on its own. I'd get the CCNA R+S first. The CCNA Sec is most useful if you are planning to pursue CCNP Sec or CCIE Sec. There's also the new CCNA Cyber Ops which might be more useful. I'd say that CCNA R+S is probably the place to start for any of the network focussed certs on your list (ignoring Network+).

LPT is probably only worth your effort if you like EC-Council. The OSCP or the GIAC GPEN are better options.

Some of these also have an experience requirement to get the certification. CISSP, CISSP-ISSMP, CSA, CISM, PMP. I'd suggest checking if you have the necessary requirements for those.

TechGuru80

Easiest or best for your career? These are two completely different objectives. SSCP probably wouldn't be that difficult but it won't help you much at 6 years experience. Frankly I would do the CISSP and get it over with then you can go onto others.

NetworkNewb

TechGuru80 wrote: »

Frankly I would do the CISSP and get it over with then you can go onto others.

+1 to this. But then again, (to echo cyberguy) with out knowing what exactly you do and what you want to do, another might be more helpful right now. Hard to go wrong with CISSP though.

TechGromit

daboola wrote: »

I have $4500 dollars to use in the next 9 months on certifications. ....was going to use the $4500 towards CISSP and a boot camp

Your best bet to to spend your money on books and certification exams. You be lucky if $4,500 covers one boot camp and exam. The courses you have listed are all over the map, what do you want to specialize in? Remove the GSE from your list, you be lucky to earn that one for less than 35k and it's the hardest on the list by far, no one on Techexams forums has it yet.

I'd drop the CompTIA A+ CE and CompTIA Network+ CE from the list as well, if your going for more advanced certs, no one is going to care if you have them. and of course you already have the CompTIA Security + CE why list it?

**** the CyberSecurity Forensic Analyst (CSFA) from your list, you don't meet the prerequisites and it's not a well know certification anyway.

If your going for a penetration tester position, you can't beat the price of the OSCP, $1,150 for 90 days lab access and certification attempt, but it's not easy, it's one of the tougher certifications. Even if you don't pass, you'll learn a LOT.

tedjames

Don't blow that much money on a CISSP bootcamp. You can earn this one through self and group study. I've been through a CISSP bootcamp, and it didn't really teach me much beyond what I already knew. The instructor focused more on how to take the test than actually learning the material. If you have that kind of money to spend, take a SANS course.

PJ_Sneakers

All the GIAC stuff is outta your price range. Also, if you already have CEH, why is it on the list?