Cyber Security Path

Hello Forum,

I'm New to the IT field officially. I was help desk for AT&T Business VOIP and now I'm a IT Specialist with the DOD, VOIP Branch. I would love to get into Cyber Security but I'm asking for a good path of Certifications I can work on to get there and stand out. The job I have now requires me to get a Sec+ or CCNA Sec. My problem is that I have been studying for the Sec+ for a while but I'm being told CCNA is easier . I really just want to know which certification path is best for me with my Cyber Security Goals

Find more posts tagged with

Comments

CyberJosh95

CodeHaVoC,

Im guessing since you work in the DOD you must remain 8570 Compliant. I would go the CompTIA route. In this order:
Sec+ - CSA+ - CASP if you plan on becoming IAT III. I would then focus on CISSP and SANS courses.
Easy is always good but if I were you I would prefer a challenge. The DOD cyber community is extremely competitive and taking the "easy" route wont help you gain any advantages.

Fly, Fight, WIN!

McxRisley

I'm confused here, how are you an IT specialist and you don't have your security+ ? Did they hire you and give you 6 months to obtain it or a higher level cert? Also whoever told you that security + is harder than CCNA flat out lied to you.

CodeHaVoC

yes they told me 6 month to get it

McxRisley

Ok that makes sense then, I know they occasionally do that for some new hires, especially if you're gov and not contractor. You can study for and pass the security + in a month easily. I wouldn't really bother with the CCNA unless you plan to pursue a role in networking.

CodeHaVoC

yes I have Darril Gibson book that I have bee reading and also have access to skill port and did a boot camp a few months ago and still have my material. I hop I have enough to work with.

McxRisley

That should be enough from what I've heard. I just read the pearson book and took the test, but I wouldnt reccomend that at all lol

nisti2

Hello you can do this track:

Security+, CCNA Cyber Ops, CCNA Security, and CISSP.

ITSpectre

I would get Sec+ then see where you want to go WITHIN cyber security.... there are many places to go....
Penetration tester
Cyber sec analyst
Threat mitigation
Red team
Blue team
Forensics

Start with Sec+ and then research where you wish to go while getting the CSA.... After you have a clear understanding of where you want to go I would learn Ubuntu or kali Linux... or CentOS linux. Learn the CLI (command line interface)
Learn a programming language... in cyber security you WILL be looking at code at some point. my advice is to start with Python. its easy to learn and not hard to pick up...
Also learn powershell now.... try to research things that you do now and automate them with a powershell script.... automate automate automate!!

[Deleted User]

Agree with McxRisley Security+ is a cakewalk unlike the CCNA. Sure CompTIA made the Sec+ harder to pass with performance based questions but with the wealth of information out there, it is almost impossible to fail unless you straight up don't study. For Cyber Security path/cert recommendations, it depends on the exact path. Like others have said, there is Red/Blue team, incident response, Cyber defense, policy regular security analysts in say SOC etc.

Find out which path you want first then do research on certs based on that path.

TechGromit

nisti2 wrote: »

Hello you can do this track:

Security+, CCNA Cyber Ops, CCNA Security, and CISSP.

The CCNA Security requires at least a "CCENT" or "CCNA Routing and Switching" certification as a prerequisite. I do not believe the "CCNA Cyber Ops" qualifies as a prerequisite.

ivyvald

I went uni for software engineering, so I have a strong foundation in programming (where my Leetcode fam at!). I was blessed to get my start in a cyber-team for the US gov. Here's my take on 'which path do I choose':

What do you have fun doing in the security space? (I'm a typical millennial

, so finding value in my work and enjoying myself on the job is VERY important to me).
If you're DoD with active TS/SCI then your certs should be part of your package. I advise to get CISSP once you are able.
My first cert was also Sec+, and as I did my job I realized I enjoyed red-teaming the most.
So my path was Sec+, CEH, CISSP, GPEN, GWAPT, OSCP, OSCE, (getting GXPN next)
I let my Sec+ and CEH expire (my newer certs make these irrelevant for me now)
You need to ask your boss about SANS training. DoD loves SANS, and they will pay for your bootcamp classes (they are like $6000 a class).
Just remember to figure out what's fun for you, and then go for it!

** Don't study to get certs, study to obtain knowledge that you can utilize on the job.
Goodluck!

CodeHaVoC

ivyvald wrote: »

I went uni for software engineering, so I have a strong foundation in programming (where my Leetcode fam at!). I was blessed to get my start in a cyber-team for the US gov. Here's my take on 'which path do I choose':

What do you have fun doing in the security space? (I'm a typical millennial , so finding value in my work and enjoying myself on the job is VERY important to me).
If you're DoD with active TS/SCI then your certs should be part of your package. I advise to get CISSP once you are able.
My first cert was also Sec+, and as I did my job I realized I enjoyed red-teaming the most.
So my path was Sec+, CEH, CISSP, GPEN, GWAPT, OSCP, OSCE, (getting GXPN next)
I let my Sec+ and CEH expire (my newer certs make these irrelevant for me now)
You need to ask your boss about SANS training. DoD loves SANS, and they will pay for your bootcamp classes (they are like $6000 a class).
Just remember to figure out what's fun for you, and then go for it!

** Don't study to get certs, study to obtain knowledge that you can utilize on the job.
Goodluck!

Is SANS training like a Security+ BootCamp?

devilbones

ivyvald wrote: »

If you're DoD with active TS/SCI then your certs should be part of your package.

What does this mean?
For the OP, I think you really have to find what you like and then see what is required to get there. Like others have mentioned and you know, there are certain requirements for each level. 8570 is being replaced by 8140, here is a link https://iase.disa.mil/iawip/Pages/summary_wf_requirements.aspx
Good luck and let us know how you are progressing.

shoey

devilbones wrote: »

What does this mean?

I second this... I'm a bit confused as to what a clearance level has to do with an IT cert. I'm guessing ivyvald means that a persons certs would be documented/included in their eQIP (i.e. package) that is used for the background investigation?

ratherunique17

I'm working on a Masters with a focus on Cybersecurity (more so the management/governance aspects of it compared to the technical ). Since I'm only a student, I'm only going for Security+. I'm also making progress with programming languages as well, like SQL. I've seen several cyber job postings that like SQL skills.

CodeHaVoC

Sorry I'm late with this but I have passed My security+ exam on the first try about 2 weeks ago. im still excited and looking forward to another cert. I just don't know which one. I was given a lot of Cisco books ( CCIE, CCNP and cyber ops). I just need to figure out what track i want to pursue. Comptia or Cisco.. Its soooo much lol