Cyber Security Path

CodeHaVoCCodeHaVoC Member Posts: 15 ■□□□□□□□□□
Hello Forum,

I'm New to the IT field officially. I was help desk for AT&T Business VOIP and now I'm a IT Specialist with the DOD, VOIP Branch. I would love to get into Cyber Security but I'm asking for a good path of Certifications I can work on to get there and stand out. The job I have now requires me to get a Sec+ or CCNA Sec. My problem is that I have been studying for the Sec+ for a while but I'm being told CCNA is easier . I really just want to know which certification path is best for me with my Cyber Security Goals

Comments

  • CyberJosh95CyberJosh95 CISSP, GCIA, CCNA R+S, CASP, Sec+, ITIL Foundations Member Posts: 52 ■■■□□□□□□□
    CodeHaVoC,

    Im guessing since you work in the DOD you must remain 8570 Compliant. I would go the CompTIA route. In this order:
    Sec+ - CSA+ - CASP if you plan on becoming IAT III. I would then focus on CISSP and SANS courses.
    Easy is always good but if I were you I would prefer a challenge. The DOD cyber community is extremely competitive and taking the "easy" route wont help you gain any advantages.

    Fly, Fight, WIN!
  • McxRisleyMcxRisley OSCP, CASP, CySA+, CPT+, Sec+, CEH, Splunk Admin Member Posts: 494 ■■■■■□□□□□
    I'm confused here, how are you an IT specialist and you don't have your security+ ? Did they hire you and give you 6 months to obtain it or a higher level cert? Also whoever told you that security + is harder than CCNA flat out lied to you.
    I'm not allowed to say what my previous occupation was, but let's just say it rhymes with architect.
  • CodeHaVoCCodeHaVoC Member Posts: 15 ■□□□□□□□□□
    yes they told me 6 month to get it
  • McxRisleyMcxRisley OSCP, CASP, CySA+, CPT+, Sec+, CEH, Splunk Admin Member Posts: 494 ■■■■■□□□□□
    Ok that makes sense then, I know they occasionally do that for some new hires, especially if you're gov and not contractor. You can study for and pass the security + in a month easily. I wouldn't really bother with the CCNA unless you plan to pursue a role in networking.
    I'm not allowed to say what my previous occupation was, but let's just say it rhymes with architect.
  • CodeHaVoCCodeHaVoC Member Posts: 15 ■□□□□□□□□□
    yes I have Darril Gibson book that I have bee reading and also have access to skill port and did a boot camp a few months ago and still have my material. I hop I have enough to work with.
  • McxRisleyMcxRisley OSCP, CASP, CySA+, CPT+, Sec+, CEH, Splunk Admin Member Posts: 494 ■■■■■□□□□□
    That should be enough from what I've heard. I just read the pearson book and took the test, but I wouldnt reccomend that at all lol
    I'm not allowed to say what my previous occupation was, but let's just say it rhymes with architect.
  • nisti2nisti2 Member Posts: 498 ■■■■□□□□□□
    Hello you can do this track:

    Security+, CCNA Cyber Ops, CCNA Security, and CISSP.
    2019 Year goals:
    AWS Cloud Practitioner
    Willing to take: ITIL Foundation, 70-410
    "Certs... is all about IT certs!"
  • ITSpectreITSpectre Member Posts: 1,040 ■■■■□□□□□□
    I would get Sec+ then see where you want to go WITHIN cyber security.... there are many places to go....
    Penetration tester
    Cyber sec analyst
    Threat mitigation
    Red team
    Blue team
    Forensics

    Start with Sec+ and then research where you wish to go while getting the CSA.... After you have a clear understanding of where you want to go I would learn Ubuntu or kali Linux... or CentOS linux. Learn the CLI (command line interface)
    Learn a programming language... in cyber security you WILL be looking at code at some point. my advice is to start with Python. its easy to learn and not hard to pick up...
    Also learn powershell now.... try to research things that you do now and automate them with a powershell script.... automate automate automate!!
    In the darkest hour, there is always a way out - Eve ME3 :cool:
    “The measure of an individual can be difficult to discern by actions alone.” – Thane Krios
  • [Deleted User][Deleted User] Posts: 0 ■■□□□□□□□□
    Agree with McxRisley Security+ is a cakewalk unlike the CCNA. Sure CompTIA made the Sec+ harder to pass with performance based questions but with the wealth of information out there, it is almost impossible to fail unless you straight up don't study. For Cyber Security path/cert recommendations, it depends on the exact path. Like others have said, there is Red/Blue team, incident response, Cyber defense, policy regular security analysts in say SOC etc.

    Find out which path you want first then do research on certs based on that path.
  • TechGromitTechGromit A+, N+, GSEC, GCIH, GREM, Ontario, NY Member Posts: 1,990 ■■■■■■■■□□
    nisti2 wrote: »
    Hello you can do this track:

    Security+, CCNA Cyber Ops, CCNA Security, and CISSP.

    The CCNA Security requires at least a "CCENT" or "CCNA Routing and Switching" certification as a prerequisite. I do not believe the "CCNA Cyber Ops" qualifies as a prerequisite.
    Still searching for the corner in a round room.
  • ivyvaldivyvald Member Posts: 9 ■□□□□□□□□□
    I went uni for software engineering, so I have a strong foundation in programming (where my Leetcode fam at!). I was blessed to get my start in a cyber-team for the US gov. Here's my take on 'which path do I choose':

    What do you have fun doing in the security space? (I'm a typical millennial icon_cool.gif, so finding value in my work and enjoying myself on the job is VERY important to me).
    If you're DoD with active TS/SCI then your certs should be part of your package. I advise to get CISSP once you are able.
    My first cert was also Sec+, and as I did my job I realized I enjoyed red-teaming the most.
    So my path was Sec+, CEH, CISSP, GPEN, GWAPT, OSCP, OSCE, (getting GXPN next)
    I let my Sec+ and CEH expire (my newer certs make these irrelevant for me now)
    You need to ask your boss about SANS training. DoD loves SANS, and they will pay for your bootcamp classes (they are like $6000 a class).
    Just remember to figure out what's fun for you, and then go for it!

    ** Don't study to get certs, study to obtain knowledge that you can utilize on the job.
    Goodluck!
  • CodeHaVoCCodeHaVoC Member Posts: 15 ■□□□□□□□□□
    ivyvald wrote: »
    I went uni for software engineering, so I have a strong foundation in programming (where my Leetcode fam at!). I was blessed to get my start in a cyber-team for the US gov. Here's my take on 'which path do I choose':

    What do you have fun doing in the security space? (I'm a typical millennial icon_cool.gif, so finding value in my work and enjoying myself on the job is VERY important to me).
    If you're DoD with active TS/SCI then your certs should be part of your package. I advise to get CISSP once you are able.
    My first cert was also Sec+, and as I did my job I realized I enjoyed red-teaming the most.
    So my path was Sec+, CEH, CISSP, GPEN, GWAPT, OSCP, OSCE, (getting GXPN next)
    I let my Sec+ and CEH expire (my newer certs make these irrelevant for me now)
    You need to ask your boss about SANS training. DoD loves SANS, and they will pay for your bootcamp classes (they are like $6000 a class).
    Just remember to figure out what's fun for you, and then go for it!

    ** Don't study to get certs, study to obtain knowledge that you can utilize on the job.
    Goodluck!


    Is SANS training like a Security+ BootCamp?
  • devilbonesdevilbones Member Posts: 318 ■■■■□□□□□□
    ivyvald wrote: »
    If you're DoD with active TS/SCI then your certs should be part of your package.
    What does this mean?
    For the OP, I think you really have to find what you like and then see what is required to get there. Like others have mentioned and you know, there are certain requirements for each level. 8570 is being replaced by 8140, here is a link https://iase.disa.mil/iawip/Pages/summary_wf_requirements.aspx
    Good luck and let us know how you are progressing.
  • shoeyshoey Member Posts: 111 ■■■□□□□□□□
    devilbones wrote: »
    What does this mean?

    I second this... I'm a bit confused as to what a clearance level has to do with an IT cert. I'm guessing ivyvald means that a persons certs would be documented/included in their eQIP (i.e. package) that is used for the background investigation?
    "I have missed more than 9,000 shots in my career. I have lost almost 300 games. 26 times, I've been trusted to take the game winning shot and missed. I've failed over and over and over again in my life. And that is why I succeed." - Michael Jordan
  • ratherunique17ratherunique17 Member Posts: 6 ■□□□□□□□□□
    I'm working on a Masters with a focus on Cybersecurity (more so the management/governance aspects of it compared to the technical ). Since I'm only a student, I'm only going for Security+. I'm also making progress with programming languages as well, like SQL. I've seen several cyber job postings that like SQL skills.
    2015- BA
    2018-
    MA (Cybersecurity & Government affairs concentrations)
    2018:
    (A+, Sec+, Net+/CCENT for Certs) (Python,& SQL.Maybe C Programming)
    Later: (TBA Certs.)(Ruby, Assembly Programming)
    More School?: MSc in Computer Science. Georgia Tech's Online Masters (2019/2020)
  • CodeHaVoCCodeHaVoC Member Posts: 15 ■□□□□□□□□□
    Sorry I'm late with this but I have passed My security+ exam on the first try about 2 weeks ago. im still excited and looking forward to another cert. I just don't know which one. I was given a lot of Cisco books ( CCIE, CCNP and cyber ops). I just need to figure out what track i want to pursue. Comptia or Cisco.. Its soooo much lol
Sign In or Register to comment.