Help me cross a few of these off my list! I need some input on my chart of certs!

Cert Chart PDF.pdf

Hey guys,

So I made a chart of certs, separated by category. They are in order at least category wise in how I want to get them. This is a very long list and I'm unsure of which I really shouldn't bother with getting. The security path is definite mostly, the other ones I could do without a few. I just want to be well rounded and I feel the future is leaning towards virtualization and cloud technologies so I want to get a few certs in that. Let me know your thoughts on which I should do without! I feel there are too many on here. This is just an idea for my future. Obviously it will be a few years before I have all of these but it gives a general outline of what I want to do.


  • OctalDumpOctalDump Member Posts: 1,722
    From Info Sec you could drop quite a few. CASP has fairly limited value, and possibly should be further down that chain. CEH, GPEN and eJPT - choose one. You could possibly drop ePPT and go straight to OSCP after eJPT. You could move python further up the list since it can be useful for pentesting, and certainly you would want fairly good programming skills before attempting OSCE or GXPN. Do the CISSP as soon as you meet the experience requirements.

    It might be useful to put an analyst or incident handler certification in there as well, since there are more of those positions available for junior InfoSec roles.

    Linux+ is of limited value. The knowledge is ok, but broader than most people need. I'd suggest looking at Linux Foundation certifications or RedHat. They are both more hands on. You might also consider doing CCNP R+S before the CCIE Security, but that depends on how things progress for you.

    You can skip the VCA certifications if you like. The VCA-NV wouldn't be of much value if you already have a VCP and CCNA/CCNP. It probably also makes more sense to go across, rather than straight up eg VCP-CMA, VCP-NV, VCAP-CMA, VCAP-NV etc.

    MS do the client exams first. The exams are fairly challenging in general, but the client ones tend to be easier since most people already have good experience with the client.

    Also, expect these roadmaps to change. Certification bodies change their roadmaps, technologies come and go, markets change and your interests change. So look at alternative paths so you don't get stuck up a dead end. Also, you will probably end up sticking to one or maybe two specialities eg networking + security or virtualisation and systems or security and cloud or just pen testing. It will probably take a long time to achieve even one of these high level certifications. You could easily work in network security for 5 years before feeling ready to take on the CCIE Security.

    But there's nothing wrong with dreaming big and aiming high.
    2017 Goals - Something Cisco, Something Linux, Agile PM
  • koz24koz24 Member Posts: 766 ■■■■□□□□□□
    You can do without Network+ and CCNP Security. I feel that if you are getting the CCNA anytime soon then the N+ is just a waste of time, but that's just my opinion.

    The reason you want to skip CCNP Security is because there are no resources for it. What you will want to do is do the Micronics Zero to Hero course which should take you to or a little bit past CCNP Security and at that point you can jump right into CCIE Security. I guess if you really want it you can sit for 4 exams at $250 a pop and get it, but I wouldn't.

    So my networking path in your case would look like CCENT->CCNA R&S -> CCNA Sec -> CCIE Security. CCNP R&S is also an option if you want to throw it in there but I think you may get a little bored with the non-security Route/Switch stuff. I don't know how valuable CCNP R&S is to Security since I'm not a Security guy but maybe people with both can help you on that front.
  • 636-555-3226636-555-3226 Member Posts: 976 ■■■■■□□□□□
    do GPEN (if you can afford it) before OSCP.

    CISSP doesn't really fit in there. the bottom of that list is some pretty specialized, technical stuff, and CISSP is not a good follow-up to them (unless you're working on getting years in to meet the experience reqt)
  • Pmorgan2Pmorgan2 CISSP, CCSP, A+/Net+/Sec+/Project+, ECIH, ITIL v3, CIW SDA & WSP Member Posts: 116 ■■■■□□□□□□
    For security you're probably safe skipping CASP and just taking CISSP. I don't personally care for C|EH, but I've heard it looks great on resumes. I don't have enough knowledge to make recommendations on the rest.

    I concur about skipping CCNA Security, although you might to get CCNP Security depending on how long you plan to wait before the CCIE.

    I recommend you skip all the vmWare VCA certifications. They are not prerequisites for anything, and are extremely simple. Only grab one if you think it'll show your current employer that you're working towards a VCP, or you can sit the exam for free. If you want multiple VCIX certifications, I would recommend speading it out so that you're always renewing with a new cert. For example, a VCP-NX will renew your VCP-CMA certification. VCAP-CMA will renew your VCP-NX, ect.

    For Microsoft, I would do MCSA: Server 2016 first then work from there. The usual recommendation is to take all 3 exams around the same time.

    Be flexible and adjust fire as you go. I'm 5 years into my certification journey and I've made more than 50 adjustments. Speaking of which... it appears I'm behind schedule and need to pick up a book!
    2021 Goals: WGU BSCSIA, CEH, CHFI | 2022 Goals: WGU MSCSIA, AWS SAA, AWS Security Specialist
Sign In or Register to comment.