What's the next logical step after Security+

tmcgtmcg Banned Posts: 127
I know this question has probably been asked numerous times in the past, I apologise in Advance!

My situation is I have a number of certifications and no hands on experience. Once I finish Security+ what would be the next certification to take it security?. I need one that does not require 2 years security experience etc.

However is higher than Security+ or a similar level. Any advice would be greatly appreciated.


  • [Deleted User][Deleted User] Senior Member Posts: 0 ■■□□□□□□□□
    Have you looked at the CASP certification from CompTIA? It is higher then Sec+ and there is no work experience requirement necessary. https://certification.comptia.org/certifications/comptia-advanced-security-practitioner

    I would look at getting some experience though as the main security certifications that are taken with respect and shows that you know your stuff usually involve experience.

    You could also do the CISSP without experience but you will only get the Associate status as you don't have the experience.

    You could even to the SSCP certification as well. But they require 1 year of experience which isn't really that bad if you think about it.

    Besides that, most of them are either big bucks or work experience. Sorry man.
  • tmcgtmcg Banned Posts: 127
    Thank you for the reply. Maybe I will knock out Linux+ next I guess it would help sometime in the future when I do have the required experience. Can CEH be done without experience if it's obtained online?
  • [Deleted User][Deleted User] Senior Member Posts: 0 ■■□□□□□□□□
    Thanks for the rep man!

    You can do the CEH without experience however, you will need to go through a bootcamp from a provider like New Horizons to be eligible. That is the costly route to take the exam. Besides that, you need the work experience of 2 years in security to take the exam. My only suggestion would be to apply for self study. You will need $100 to apply but you could be denied and lose the money. It is really your call. There is no real logical next step to take. You have to know what is right for you and pursue it. Best of luck in your decision.
  • OctalDumpOctalDump Member Posts: 1,722
    I'm going to half crosspost a response

    First look at this:

    Then this:
    The other things for a visual overview are the CompTIA roadmap and the GIAC roadmap. Both put the certifications into a broader context.

    The CompTIA roadmap takes a variety of certifications, CompTIA and others, and tries to put them into "levels". It's not 100%, but gives you an idea about how hard things are, how they might fit together in a career path. It doesn't include all the certifications, but enough to be useful.

    The GIAC roadmap is only GIAC certifications, but they offer so many that it almost doesn't matter. This roadmap is better for getting an understanding of the potential specialisms within Info Sec, as well as how GIAC certs relate to each other.

    There's also this wikipedia page on Computer Security Certifications, which gives a nice long list of various certifications. Not comprehensive, but long.

    And some links to other certifying bodies pages for completeness:
    EC Council
    Offensive Security
    2017 Goals - Something Cisco, Something Linux, Agile PM
Sign In or Register to comment.