Is one certification okay or is it pointless?

DatabaseHead

Just curious your thought with certifications? Are they something you can just do one of and get decent value back from without going all out?

Usually you see someone with at least a few and then you see extreme cases where you see someone with 20+. I rarely see 1 though......

Thoughts? For instance security, would getting just the CEH or one of these others help your cause. Assuming you have a degree and some experience as well...

dave330i

A vcp-dcv.

TheFORCE

As usual, experience trumps all. I think those people that have 20+ have been accumulating them over the years, nothing wrong with that, it shows they have been in the industry for a long time. Not always the case, but that's what I see. As an example, I joined this forum in 2006 and only got my A+ back then, did not get any certifications for the next 8 years and then got 3 within the last 2 years. Now imagine if i had only gotten 1 certificate per year after my A+? I would now have maybe another 4 or 5.

Still, having only one certificate did not limit my options to move to other roles so really it doesnt matter how many certs you have if you have the experience for whatever job you are applying.

koz24

If you can only do one make sure it is a good one. I think that rules out the comptias. I'd go with mcsa ccna or VMware-- you can actually land a good job with just one of these.

aftereffector

Certs just get you in the door for an interview or consideration. If you have the one cert that every employer wants to see for your job, you don't need 20 others. For instance, if you're working cybersecurity in the DoD market and you are targeting IAT level 2 positions, you need a Security+. Most federal contracting companies aren't going to care too much about Microsoft, Cisco, and VMware certs as long as you have the security clearance, the baseline IT cert, and sufficient work experience. Same for the CISSP and a lot of IAT level 3 positions - if you have CISSP, you don't need much else to get work.

I didn't know what I wanted to do when I started in IT so I tried a little bit of everything - general CompTIA certs, some Microsoft, some Cisco, a little bit of security... and now I am on a different track than I was even one year ago and I've changed my cert plans accordingly. I also picked up some certs because of degree requirements at WGU. I certainly don't get any value at my current job from my Microsoft cert, my CompTIA certs, either EC-Council cert, or even my CISSP, but had I chosen a different career path I would have certainly needed those certs.

dave330i

TheFORCE wrote: »

As usual, experience trumps all.

Experience just means you've been doing something for X amount of time. It doesn't mean you've been doing it right.

EANx

dave330i wrote: »

Experience just means you've been doing something for X amount of time. It doesn't mean you've been doing it right.

And even if you've been doing it right, there's a huge difference between 10 years of experience and 1 year done ten times.

fmitawaps

1 year ten times is probably better. Ten 1 year contract assignments in 10 different companies mean you've seen a variety of ways that things are done, different equipment, different people, etc.

As opposed to getting into one company and doing the same old things day in and day out for 10 years. A much more limited range of experience.

I have a long string of contract assignments on the resume, from 2 months to a year, and I always wanted to be hired on full time and stay in one place, but it never happens, I just keep getting stupid short term contract jobs. I don't like it.

DatabaseHead

Thanks for responding this is one of those areas where I am on the fence.

EANx

fmitawaps wrote: »

1 year ten times is probably better. Ten 1 year contract assignments in 10 different companies mean you've seen a variety of ways that things are done, different equipment, different people, etc.

As opposed to getting into one company and doing the same old things day in and day out for 10 years. A much more limited range of experience.

You have the right idea but agreed with the wrong part. You want 10 years of experience. If you have one year 10 times, that means you did the same thing over and over. You have one year of experience and then the second year you did the same thing as the first. And thee third year, you did the same stuff as the first.

NetworkingStudent

I agree with the THE FORCE certs are nice to have, but experience is trumps all.

I have seen a lot of jobs descriptions list certain certs as preferred qualifications.

mbarrett

DatabaseHead wrote: »

Just curious your thought with certifications? Are they something you can just do one of and get decent value back from without going all out?

Usually you see someone with at least a few and then you see extreme cases where you see someone with 20+. I rarely see 1 though......

Thoughts? For instance security, would getting just the CEH or one of these others help your cause. Assuming you have a degree and some experience as well...

Some people do just fine without having any certs at all. Why do you want to get a certification in the first place?

G.O.A.T

Well I took two certs (one being ITIL) and managed to get a job, have been working in support for around a year now, I am now looking to get another cert (low level entry) just so I can learn a few things and prove existing knowledge. I would say if you are new dont go for the big certs like MCSA, get the entry ones there just no point over certifying when you have no experience, anyone can pass a test if they study hard enough, doesn't mean you know what you're talking about.

kiki162

Ask yourself this question, is the IT/Infosec industry growing rapidly, or moving along like a snail?

Yes, you can get one certification, and it can keep you stable for a while, however at a certain point you will hit a plateau. Getting certifications is like a stepping stone process. Once you figure out what area of IT you want to work it, then you should look to obtain certs that make sense and give you the best ROI. You have a MS DB cert, so why not go for the MCSE?

Going for the CEH certification IMO is a bit overrated. It's a mid level type of cert that you can use in conjunction with others. For example, if you want to get into ethical hacking, you can also get certs like GPEN, CISSP, or CASP. You can think of CEH like getting one of the entry level CompTIA certs, as it may help get you into a infosec position, but it's really not going to be the biggest factor.

As you go along in the certification process and obtain the higher end certs such as CISSP and GIAC, those certs can help to renew some of your lower end certs (CPE credits). It's very rare to find someone that has NO certs, but has a TON of experience. I have found that those type of people are very intelligent, but constantly work and don't have much of a social life.

My point in all of this is that you really need to prepare yourself to implement a continuous learning strategy, and not get just 1 cert to potentially get your foot in the front door. Those type of certs (CISSP, GIAC, OSCP, and yes even MCSE in certain cases) plus a few years experience will give you enough leverage to get yourself into infosec. Once you get to that point, your forced to continue that path by obtaining CPE credits, or re-taking an exam every year or so. So prepare yourself to jump into the deep end and get that core background in place first! (If you don't have that already )

DatabaseHead

I have one active MS SQL. I got it to help make me more marketable and prove to myself I could pass the exam.

dave330i

EANx wrote: »

You have the right idea but agreed with the wrong part. You want 10 years of experience. If you have one year 10 times, that means you did the same thing over and over. You have one year of experience and then the second year you did the same thing as the first. And thee third year, you did the same stuff as the first.

Seen plenty of 10 years with lacking skills. One of the best one was Catalyst having issues with access port.

EANx

dave330i wrote: »

Seen plenty of 10 years with lacking skills. One of the best one was Catalyst having issues with access port.

That sounds more like someone with one year of experience 10 times instead of 10 years of experience.

This is one of the best things about being an "old-timer", being able to keep up then spin a bit of a yarn about "the old days". I'm less concerned with them gently calling BS then I am with them following along intelligently. One of my favorite stories happened when teaching a class. I and a student stayed late with a bunch of Catalyst 5000 switches playing "what-if", with the eventual result of bringing the entire (test) network down. As I relay that story, I can tell a lot by how the person reacts and the questions they ask.

volfkhat

i have over a dozen certifications;
(mostly the associate-level stuff that many of you have).

But i also have 15 years in the game.

One cert per year... really isn't much to ask.
(plus it keeps you learning)

So imo,
there's nothing wrong with having Just one Cert...
(you gotta start somewhere)

kiki162

I agree...at least 1 cert per year should be the bare min. For me, I normally try to do at least 2 or more per year, which isn't hard to do. And if I'm not studying for certs, then I'm working on my Masters. The key is to always have your hands in something, and stay busy.

Now in your case @DatabaseHead, having that same idea about getting into infosec using 1 cert isn't going to cut it IMO. Now using your existing skills is great AND useful...but having admin skills will be even more helpful. You need to build your base before you jump into "infosec" land.

The best cert you can get to get into infosec is the CISSP, however once you get that cert you'll need to obtain CPE credits every year, along with yearly fees. CompTIA, GIAC, and ISC2 have already jumped into that arena.