For cybersecurity - are MCSA and CCNA necessary for programmers?

ProlifixProlifix Member Posts: 8 ■□□□□□□□□□
I'm currently working in an entry-level programming role and planning on moving into penetration testing sometime in the future; probably after I learn Java, Python and Ruby to a professional level. Since I have no interest in system/network administration, would it be advisable to get the CCNA and MCSA certifications, or would it be better to go straight for the security certifications instead?

I guess this question is ultimately directed at those who went into cyber-security from the programming side, because I realise that over 90% of the members on this forum are system/network admins who code on the side. From the programming/development side, how necessary are these Microsoft and Cisco certifications, and, more broadly, how important are network security skills for programmers?

I am still planning on learning the basics of system/network administration so that I'm able to understand IT Security more fully, but ultimately I would rather use 90% of my time on coding and finding exploits in apps/websites as opposed to setting up physically secure networks and acting as a technician.


  • the_Grinchthe_Grinch Member Posts: 4,165 ■■■■■■■■■■
    I'm not a programmer, but I'll offer an opinion. I don't believe you would require the CCNA or MCSA, but you would need an understanding of networking and the operating systems you are pentesting. If your background is in computer science then I believe you have the basics and should probably just research the finer points of the OS.
    Intro to Discrete Math
    Programming Languages
    Work stuff
  • BlackBeretBlackBeret Member Posts: 684 ■■■■■□□□□□
    The pentesters at my location are required to have the following; CISSP, GPEN, MCSA (any), Linux (any), CEH (Check a box). Having CCNA and database certs is a preference but not a requirement. Essentially they want to see a demonstrated depth of knowledge in systems (Windows, Linux, Cisco IOS), knowledge of the full spectrum of security (CISSP), knowledge of pretesting methodologies (GPEN), etc.
Sign In or Register to comment.