Security Certifications - Deep Dive

 
 

What are recommended certifications for getting started?


Cybersecurity certifications can significantly enhance your knowledge and credentials in the field. Here are some widely recognized and recommended certifications, each suited for different levels of expertise and career paths:

  • CompTIA Security+: Ideal for beginners, this certification covers a wide range of introductory topics in cybersecurity, including threats, attacks, and vulnerabilities, risk management, and more. The certification exam requires answering up to 90 questions in a 90 minute period.

    • IT focused degrees such as A+, Network+, and project plus can also benefit people looking to crack into security.

  • Certified Information Systems Security Professional (CISSP): Targeted at experienced security practitioners, managers, and executives, CISSP is a globally recognized certification that demonstrates proficiency in designing, implementing, and managing a best-in-class cybersecurity program. The certification exam requires answering 125-175 multiple choice and advanced innovative items in four hours.

    • There is a requirement of five years of experience for the degree but an associate designation is available for those without the five years.

  • Certified Ethical Hacker (CEH): This certification is for those interested in the hacking aspect of security. This certification is more focused on the tools of an ethical hacker and less on methodology. The certification exam requires answering 125 multiple choice questions within a four hour period.

  • Certified Information Security Manager (CISM): Ideal for IT professionals looking to move into managerial roles, CISM focuses on managing and governing a cybersecurity program.

  • Certified Cloud Security Professional (CCSP): For professionals working in cloud technology, CCSP emphasizes the importance of cloud security and best practices. The certification exam requires answering 150 multiple choice questions in a four hour period.

  • Offensive Security Certified Professional (OSCP): A more hands-on, technical certification, OSCP is for those interested in offensive security tactics and penetration testing. This is a 24-hour proctored exam with a point structure that rates the examinee on exploitation and report writing.

  • GIAC Security Essentials (GSEC): This certification is for professionals who want to demonstrate their knowledge of information security beyond simple terminology and concepts. This is usually accompanied with a 40 hour long SANS course. After this certification is a lot of more specialized certifications within the field. Some have suggested that this is a good preparation course and certification for the CISSP. The certification exam requires answering 106-180 questions in a 4-5 hour period.

Choosing the right certification depends on your current skill level, professional experience, and career goals. It's recommended to research each certification in detail to understand its prerequisites, focus areas, and the opportunities it may open up for you in the cybersecurity field.