CCNP Security + CISSP
mnashe
Member Posts: 136 ■■■□□□□□□□
Hi,
I was wondering if anyone who is going for the CCNP Security is also going to do (or has done) the CISSP?
I'm looking to focus on security, so I'm wondering if these certs are for people that are going different directions
I was wondering if anyone who is going for the CCNP Security is also going to do (or has done) the CISSP?
I'm looking to focus on security, so I'm wondering if these certs are for people that are going different directions
Comments
I'm having a tough time (internal struggle haha) figuring out if I should really pursue the CISSP or maybe there's something more appropriate . I'm not a manager, but I am looking to move to a role that's more security based.
Today, I'm a hybrid server and network administrator. I do it all from build servers (windows/vmware), deploy switches, firewalls, telcom and run scans using Nessus.
CCNA, CCSP and CCNA (R&S) all retired but I have certified in each. My career went down a different path to include more pentesting, security architecture and investigation so those became irrelevant in my case.
- b/eads
Number of interviewers who asked about my CCNA Security: 0
Percentage of interviewers who see my list of certs and then ask about the CISSP: 100%
CWTS, then WireShark
That's funny and not surprising at the same time. The CCNP Security certification is really just a goal for me from a technical perspective.
The way I've been looking at it is, if the CISSP teaches you that you need a firewall/IPS, but you don't know how to configure a firewall or IPS, what good is it going to do for me, career wise?
AKA HR FILTER
I work in a purely Network Security Technical role - i deploy firewalls, vpns and everything else - i don't have a CISSP and i probably won't get one.. but if i ever look for another technical job and they ask me about CISSP well lets just say I probably won't work there. I guess once you've been in the field long enough.. you know what you want and you know when a company has the position you want and you can weed out the potential bad jobs where people think they want one thing but are asking about another.
I did my CISSP, and did the CCNP Security later on, after working in the Infosec field for a while. I had an extensive background in servers & networks before I did my CISSP which helped my understanding of some of the Domains on the CISSP.
The CCNP Security is way more hands-on technical with Cisco and their specific product line with ASA, IDS, VPN, Cisco L2-L3 network security, etc. The CISSP is much, much more broader and spans most, if not all aspects of the Infosec field. It is not vendor specific. With the CISSP you are expected to have a solid understanding of all the concepts covered in the domains of the CISSP Common Body of Knowledge, and not all of them are technical. It's more of a 20,000-ft view of the Infosec terrain, and the CCNP Security is like a 5000-foot view and contains all the detail you would expect in a smaller area of focus.
On the other hand, CCNP Security develops networking skills & knowledge that are not part of Infosec, rather it's usually considered a networking cert that happens to be focused on the security technology from Cisco.
As the or a Senior Security Architect for my current set of clients, yes but only to get past the HR filters. Otherwise, I find certificates in general to be overly relied upon to judge experience in general.
They (certificates in general) have become a bit of a crutch for HR and hiring managers who are looking to side step the harder candidate evaluation questions if not the filtering process as a whole. This is exactly why you see so many contract to hire positions - vetting candidates is hard - especially security people. The more material made available by third party authors likewise allows for less experienced people to pass an exam they should have no business taking in the first place.
On the positive side. I like certification to make me learn the last 10-20 percent of testable material I probably wouldn't otherwise learn or be exposed.
Finishing Cloud Security Alliance and ISC(2) CCSP. Finished Wireshark earlier this year and saw half a dozen SANS certifications retire this year alone. So its a mixed bag of what will help my clients and help me make money. As a consultant I have to work harder than corporate types in regard to skill level. Besides, I bore easily to the point of being a bit OCD or arch typical 'router jock' by nature. Those skills that become old or deprecated retire only to be replaced by newer, shinier certs that in demand. OK wireshark is still just plain cool and useful so I broke down and finished it for my own good - its too useful, not to.
- b/eads
Are you working for a VAR? I've seen quite a bit of technical positions in my area that ask for CISSP, which is one of the reasons I was looking to pursue it.
Is you in a technical Infosec role now?
I also have a background in servers and networks. I'd say 60/40. I'm looking to move away from the normal server admin/network admin tasks and focus mostly on security role but I want to configure the security appliances. I'm not really looking to be focused on writing policies.
I'm familiar with ASA and Palo Alto firewalls, but not much IDS/IPS appliances. My VPN knowledge could also be better, I've setup remote access and site to site VPNs, but not often. The CCNP Security (current blueprint) has a whole course on VPNs, which interests me.
I thought maybe I should look at GIAC Perimeter Protection Analyst, Intrusion Analyst or Incident Handler certs instead. The courses are expensive and I'm self funded
The GPPA certification program was suspended until 2017, they are not offering the training at this time - I looked into it earlier this year. You might be able to schedule the test.
The GCIA and GCIH are pretty good to have, at least from what I have seen.
As do I. Most of the time, I study to learn and take the exams just because I studied. The goal is always learning, not passing exams.
Wireshark is cool, so no harm there haha and the CCSP looks like a cool exam too.
For me, the certificates help as I do not have a degree.
I didn't know that about the GPPA, good to know.
My OCD has me all over the place with these certifications (only for learning). I want to work with firewalls, IPS/IDS, but also cloud security. I have a virtualization background too
No I work for a giant health system in their Network Security Team which is the technical side of Security (Deploying/managing an array of firewalls like Palo Altos, Junipers, ASAs - approx 300 or so overall - NAT/ACLS/policys etc..), managing a couple of VPN environments which there are probably 250+ VPNs and increase on a weekly/monthly basis, managed F5 viprions/vCMP from a network/chassis level plus some more..
There is another team which would handle the more incident response/IDS/IPS type of security work and i know a bunch of them have their CISSP. There is then yet another team which handles vul mgmt/scanning/documentation of firewall requests/systems and more of the policy side of security. Perhaps this is a unique setup since the environment is so large.
2023 Cert Goals: SC-100, eCPTX
Thanks for the info. Seems to be the area that probably interests me most. I'm just sick of traveling
Good to know! This is how I was going to do mine actually, 2 exams then cissp, then finish the other two. I was planning on saving the ISE exam and 300-207 (I think) for last
OSCP | CISSP | CREST CRT | CCNP | ITIL
Goal: CREST CCT | PMP
Congrats on passing the CISSP!
Awesome. Congratulations
Congrats and this actually does make sense from a communication standpoint.
Just came across this. Do other technical network security folks on here feel the same way? I'm currently studying for CISSP, and struggling a little, because the material doesn't relate to where I see myself. I'm trying to push through it, but at times feel like I'd be better off studying for CCNP Security or CCIE
Anyways coming to your question, you need to decide where you want to work 5 years from now, if it’s in network security i.e. routers, firewall, IPS, NAC etc then do it the cisco or juniper or checkpoint or paloAlto way. If you want to work in a position that deals with an all round security in information technology then CISSP is your ticket (not the only ticket) to it.
OSCP | CISSP | CREST CRT | CCNP | ITIL
Goal: CREST CCT | PMP
They outsource their test making to a third vendor. So they don't even create their own tests and that is why when you study for it and then take it, you will notice they are very different. This is specifically true for the CCNA Security exam.
I would focus on management and concepts. Cisco firewalls are not even best rated out there so you will mostly likely be working be Palo Alto firewalls, especially in the financial sector.
Furthermore, if anyone who knows Cisco internally would ever be honest with you. They will tell you that these exams are a lot of fo money grabbing. They make way too much money from their academy and tests.
You can learn the technical skills on the job. What the Cisco certs don't teach you is how to logically and rationally think about networks and security, which is way more valuable than remembering configuration commands.