+ Reply to Thread
Results 1 to 25 of 25
  1. Senior Member
    Join Date
    Sep 2016
    Posts
    129

    Certifications
    CCNA Security, CCNA R&S
    #1

    Default CCNP Security + CISSP

    Hi,

    I was wondering if anyone who is going for the CCNP Security is also going to do (or has done) the CISSP?

    I'm looking to focus on security, so I'm wondering if these certs are for people that are going different directions
    Reply With Quote Quote  

  2. SS
  3. Senior Member aftereffector's Avatar
    Join Date
    Dec 2013
    Location
    NC
    Posts
    512

    Certifications
    CISSP, CASP, CCNA R/S, CCNA Security, MCTS
    #2
    CISSP is almost completely management-focused, not technical at all. A CISSP knows what a firewall is and how it works, but not how to design, configure, and administer an ASA. The CISSP might help you out if you're in a technical role (and CCNP Security might help if you're a manager) but the two certs are really going separate directions within infosec.
    Reply With Quote Quote  

  4. Senior Member
    Join Date
    Sep 2016
    Posts
    129

    Certifications
    CCNA Security, CCNA R&S
    #3
    Thanks for reply. I see you have CISSP, CASP, CCNA Sec and going for CCIE Security. I'll assume you're in a technical role?

    I'm having a tough time (internal struggle haha) figuring out if I should really pursue the CISSP or maybe there's something more appropriate . I'm not a manager, but I am looking to move to a role that's more security based.

    Today, I'm a hybrid server and network administrator. I do it all from build servers (windows/vmware), deploy switches, firewalls, telcom and run scans using Nessus.
    Reply With Quote Quote  

  5. Senior Member
    Join Date
    Mar 2011
    Location
    Chicago
    Posts
    1,388

    Certifications
    CISSP-ISSAP, HCISPP GPEN, GSEC, GSNA, GCIH, E|CH, ECSA, Security+
    #4
    Clearly the CISSP is a non-vendor specific cert intended to show general experience with security and concepts. I don't get the management thing as I see no management tasks included in the exams just general concepts. The CCNP series is obviously focused on Cisco so the concentration is much narrower and technically specific to Cisco products.

    CCNA, CCSP and CCNA (R&S) all retired but I have certified in each. My career went down a different path to include more pentesting, security architecture and investigation so those became irrelevant in my case.

    - b/eads
    Reply With Quote Quote  

  6. Senior Member
    Join Date
    Sep 2016
    Posts
    129

    Certifications
    CCNA Security, CCNA R&S
    #5
    Thanks for the info beads. Do you feel the CISSP is relevant to your current role?
    Reply With Quote Quote  

  7. Senior Member Mike-Mike's Avatar
    Join Date
    Aug 2010
    Location
    Louisville, KY
    Posts
    1,848

    Certifications
    CISSP, HDI-SCA, ITIL V3 Foundations, A+, Network+, Security+, MCP, MCDST, CCENT, CCNA, Project+, CCNA Security, MCTS: Windows 7 Config, CEH, CHFI
    #6
    I dont have either the CCNP Security or the CISSP. However I am in Security, and I do have a CCNA Security.


    Number of interviewers who asked about my CCNA Security: 0

    Percentage of interviewers who see my list of certs and then ask about the CISSP: 100%
    Reply With Quote Quote  

  8. Senior Member
    Join Date
    Sep 2016
    Posts
    129

    Certifications
    CCNA Security, CCNA R&S
    #7
    Quote Originally Posted by Mike-Mike View Post
    I dont have either the CCNP Security or the CISSP. However I am in Security, and I do have a CCNA Security.


    Number of interviewers who asked about my CCNA Security: 0

    Percentage of interviewers who see my list of certs and then ask about the CISSP: 100%
    That's funny and not surprising at the same time. The CCNP Security certification is really just a goal for me from a technical perspective.

    The way I've been looking at it is, if the CISSP teaches you that you need a firewall/IPS, but you don't know how to configure a firewall or IPS, what good is it going to do for me, career wise?
    Reply With Quote Quote  

  9. Member
    Join Date
    May 2011
    Location
    Pittsburgh, Pa
    Posts
    76

    Certifications
    CCNA:R&S/S, CCNP:R&S, Security+, Palo Alto ACE v7.0
    #8
    Quote Originally Posted by Mike-Mike View Post
    I dont have either the CCNP Security or the CISSP. However I am in Security, and I do have a CCNA Security.


    Number of interviewers who asked about my CCNA Security: 0

    Percentage of interviewers who see my list of certs and then ask about the CISSP: 100%
    AKA HR FILTER J/K. I think it depends on the role you are applying for whether they will ask about certain certs.. if you are in a information security role and your job is more about policy, procedure, overall security, etc. etc.. i can see them asking about CISSP. If you are applying for a technical role and they ask you about the CISSP then well you better either set them straight or get out of there because they don't know what they want.

    I work in a purely Network Security Technical role - i deploy firewalls, vpns and everything else - i don't have a CISSP and i probably won't get one.. but if i ever look for another technical job and they ask me about CISSP well lets just say I probably won't work there. I guess once you've been in the field long enough.. you know what you want and you know when a company has the position you want and you can weed out the potential bad jobs where people think they want one thing but are asking about another.
    Reply With Quote Quote  

  10. Senior Member mbarrett's Avatar
    Join Date
    Apr 2016
    Location
    DC
    Posts
    395

    Certifications
    CISSP CEH CCNP Security
    #9
    Quote Originally Posted by mnashe View Post
    Hi,

    I was wondering if anyone who is going for the CCNP Security is also going to do (or has done) the CISSP?

    I'm looking to focus on security, so I'm wondering if these certs are for people that are going different directions
    I did my CISSP, and did the CCNP Security later on, after working in the Infosec field for a while. I had an extensive background in servers & networks before I did my CISSP which helped my understanding of some of the Domains on the CISSP.

    The CCNP Security is way more hands-on technical with Cisco and their specific product line with ASA, IDS, VPN, Cisco L2-L3 network security, etc. The CISSP is much, much more broader and spans most, if not all aspects of the Infosec field. It is not vendor specific. With the CISSP you are expected to have a solid understanding of all the concepts covered in the domains of the CISSP Common Body of Knowledge, and not all of them are technical. It's more of a 20,000-ft view of the Infosec terrain, and the CCNP Security is like a 5000-foot view and contains all the detail you would expect in a smaller area of focus.
    On the other hand, CCNP Security develops networking skills & knowledge that are not part of Infosec, rather it's usually considered a networking cert that happens to be focused on the security technology from Cisco.
    Last edited by mbarrett; 09-08-2016 at 03:53 PM.
    Reply With Quote Quote  

  11. Senior Member
    Join Date
    Mar 2011
    Location
    Chicago
    Posts
    1,388

    Certifications
    CISSP-ISSAP, HCISPP GPEN, GSEC, GSNA, GCIH, E|CH, ECSA, Security+
    #10
    Quote Originally Posted by mnashe View Post
    Thanks for the info beads. Do you feel the CISSP is relevant to your current role?

    As the or a Senior Security Architect for my current set of clients, yes but only to get past the HR filters. Otherwise, I find certificates in general to be overly relied upon to judge experience in general.

    They (certificates in general) have become a bit of a crutch for HR and hiring managers who are looking to side step the harder candidate evaluation questions if not the filtering process as a whole. This is exactly why you see so many contract to hire positions - vetting candidates is hard - especially security people. The more material made available by third party authors likewise allows for less experienced people to pass an exam they should have no business taking in the first place.

    On the positive side. I like certification to make me learn the last 10-20 percent of testable material I probably wouldn't otherwise learn or be exposed.

    Finishing Cloud Security Alliance and ISC(2) CCSP. Finished Wireshark earlier this year and saw half a dozen SANS certifications retire this year alone. So its a mixed bag of what will help my clients and help me make money. As a consultant I have to work harder than corporate types in regard to skill level. Besides, I bore easily to the point of being a bit OCD or arch typical 'router jock' by nature. Those skills that become old or deprecated retire only to be replaced by newer, shinier certs that in demand. OK wireshark is still just plain cool and useful so I broke down and finished it for my own good - its too useful, not to.

    - b/eads
    Reply With Quote Quote  

  12. Senior Member
    Join Date
    Sep 2016
    Posts
    129

    Certifications
    CCNA Security, CCNA R&S
    #11
    Quote Originally Posted by mackenzae View Post
    I work in a purely Network Security Technical role - i deploy firewalls, vpns and everything else - i don't have a CISSP and i probably won't get one.. but if i ever look for another technical job and they ask me about CISSP well lets just say I probably won't work there.
    Are you working for a VAR? I've seen quite a bit of technical positions in my area that ask for CISSP, which is one of the reasons I was looking to pursue it.

    Quote Originally Posted by mbarrett View Post
    I did my CISSP, and did the CCNP Security later on, after working in the Infosec field for a while. I had an extensive background in servers & networks before I did my CISSP which helped my understanding of some of the Domains on the CISSP.
    Is you in a technical Infosec role now?

    I also have a background in servers and networks. I'd say 60/40. I'm looking to move away from the normal server admin/network admin tasks and focus mostly on security role but I want to configure the security appliances. I'm not really looking to be focused on writing policies.

    I'm familiar with ASA and Palo Alto firewalls, but not much IDS/IPS appliances. My VPN knowledge could also be better, I've setup remote access and site to site VPNs, but not often. The CCNP Security (current blueprint) has a whole course on VPNs, which interests me.

    I thought maybe I should look at GIAC Perimeter Protection Analyst, Intrusion Analyst or Incident Handler certs instead. The courses are expensive and I'm self funded
    Reply With Quote Quote  

  13. Senior Member mbarrett's Avatar
    Join Date
    Apr 2016
    Location
    DC
    Posts
    395

    Certifications
    CISSP CEH CCNP Security
    #12
    At the moment, I'm working more hands-on with firewalls. I'm planning on maintaining the hands-on roles with firewalls, IDS, VPN etc in the future but I have a pretty good Infosec background at this point that I can utilize as well, to enable me to function in that world.
    The GPPA certification program was suspended until 2017, they are not offering the training at this time - I looked into it earlier this year. You might be able to schedule the test.
    The GCIA and GCIH are pretty good to have, at least from what I have seen.
    Last edited by mbarrett; 09-08-2016 at 06:43 PM.
    Reply With Quote Quote  

  14. Senior Member
    Join Date
    Sep 2016
    Posts
    129

    Certifications
    CCNA Security, CCNA R&S
    #13
    Quote Originally Posted by beads View Post
    Otherwise, I find certificates in general to be overly relied upon to judge experience in general.
    As do I. Most of the time, I study to learn and take the exams just because I studied. The goal is always learning, not passing exams.

    Wireshark is cool, so no harm there haha and the CCSP looks like a cool exam too.

    For me, the certificates help as I do not have a degree.
    Reply With Quote Quote  

  15. Senior Member
    Join Date
    Sep 2016
    Posts
    129

    Certifications
    CCNA Security, CCNA R&S
    #14
    Quote Originally Posted by mbarrett View Post
    At the moment, I'm working more hands-on with firewalls. I'm planning on maintaining the hands-on roles with firewalls, IDS, VPN etc in the future but I have a pretty good Infosec background at this point that I can utilize as well, to enable me to function in that world.
    The GPPA certification program was suspended until 2017, they are not offering the training at this time - I looked into it earlier this year. You might be able to schedule the test.
    The GCIA and GCIH are pretty good to have, at least from what I have seen.
    I didn't know that about the GPPA, good to know.

    My OCD has me all over the place with these certifications (only for learning). I want to work with firewalls, IPS/IDS, but also cloud security. I have a virtualization background too
    Reply With Quote Quote  

  16. Member
    Join Date
    May 2011
    Location
    Pittsburgh, Pa
    Posts
    76

    Certifications
    CCNA:R&S/S, CCNP:R&S, Security+, Palo Alto ACE v7.0
    #15
    Quote Originally Posted by mnashe View Post
    Are you working for a VAR? I've seen quite a bit of technical positions in my area that ask for CISSP, which is one of the reasons I was looking to pursue it.
    No I work for a giant health system in their Network Security Team which is the technical side of Security (Deploying/managing an array of firewalls like Palo Altos, Junipers, ASAs - approx 300 or so overall - NAT/ACLS/policys etc..), managing a couple of VPN environments which there are probably 250+ VPNs and increase on a weekly/monthly basis, managed F5 viprions/vCMP from a network/chassis level plus some more..

    There is another team which would handle the more incident response/IDS/IPS type of security work and i know a bunch of them have their CISSP. There is then yet another team which handles vul mgmt/scanning/documentation of firewall requests/systems and more of the policy side of security. Perhaps this is a unique setup since the environment is so large.
    Reply With Quote Quote  

  17. Senior Member chrisone's Avatar
    Join Date
    Nov 2009
    Location
    Los Angeles
    Posts
    1,714

    Certifications
    eCPPT, CISSP, CCDP, CCNP R/S, CCNP Security (Secure,FW), LFCS, CEH, PA ACE
    #16
    Going for the CISSP right now and have half of my CCNP Security. Both complement each other really well.
    2018 Goals: SANS Advanced Security Essentials - Enterprise Defender (complete, not going for cert), SpecterOps: Adversary Tactics Red Team OPS (complete), eCPPT (obtained), OSCP PWK (in progress), Demystifying Regular Expressions (in progress), SLAE (October Start), OSCE CTP (DEC Start)
    Reply With Quote Quote  

  18. Senior Member
    Join Date
    Sep 2016
    Posts
    129

    Certifications
    CCNA Security, CCNA R&S
    #17
    Quote Originally Posted by mackenzae View Post
    No I work for a giant health system in their Network Security Team which is the technical side of Security (Deploying/managing an array of firewalls like Palo Altos, Junipers, ASAs - approx 300 or so overall - NAT/ACLS/policys etc..), managing a couple of VPN environments which there are probably 250+ VPNs and increase on a weekly/monthly basis, managed F5 viprions/vCMP from a network/chassis level plus some more..

    There is another team which would handle the more incident response/IDS/IPS type of security work and i know a bunch of them have their CISSP. There is then yet another team which handles vul mgmt/scanning/documentation of firewall requests/systems and more of the policy side of security. Perhaps this is a unique setup since the environment is so large.
    Thanks for the info. Seems to be the area that probably interests me most. I'm just sick of traveling
    Reply With Quote Quote  

  19. Senior Member
    Join Date
    Sep 2016
    Posts
    129

    Certifications
    CCNA Security, CCNA R&S
    #18
    Quote Originally Posted by chrisone View Post
    Going for the CISSP right now and have half of my CCNP Security. Both complement each other really well.
    Good to know! This is how I was going to do mine actually, 2 exams then cissp, then finish the other two. I was planning on saving the ISE exam and 300-207 (I think) for last
    Reply With Quote Quote  

  20. Junior Member
    Join Date
    Feb 2016
    Location
    Kuwait
    Posts
    17

    Certifications
    OSCP, CISSP, Prince2 Foundation, CCNP R/S, ITILv3 Foundation, CCNA Sec, Fortinet NSE 4
    #19
    Just passed the CISSP, currently doing the endorsement process. I'm planning to complete CCNP security by next year, currently working for a MSSP and the primary reason I did CISSP was to get past the HR (future job security), but that does not mean I haven't gained anything out of the cert, now i'm able to confidently talk to IT manager or security manager using a common 'CISSP like' language when configuring firewalls, email-filters, AD/Exchange audit solutions etc. As you progress through your career you will realize that communication play's a major role as you climb up the ranks. So gain as much knowledge as you can, be it security management or technical security because there seems to be an overlap somewhere....... right?
    Reply With Quote Quote  

  21. Senior Member
    Join Date
    Sep 2016
    Posts
    129

    Certifications
    CCNA Security, CCNA R&S
    #20
    Quote Originally Posted by Techand$$ View Post
    Just passed the CISSP, currently doing the endorsement process. I'm planning to complete CCNP security by next year, currently working for a MSSP and the primary reason I did CISSP was to get past the HR (future job security), but that does not mean I haven't gained anything out of the cert, now i'm able to confidently talk to IT manager or security manager using a common 'CISSP like' language when configuring firewalls, email-filters, AD/Exchange audit solutions etc. As you progress through your career you will realize that communication play's a major role as you climb up the ranks. So gain as much knowledge as you can, be it security management or technical security because there seems to be an overlap somewhere....... right?
    Congrats on passing the CISSP!
    Reply With Quote Quote  

  22. Senior Member JustFred's Avatar
    Join Date
    Feb 2012
    Location
    DeepSpace 9
    Posts
    661
    #21
    Quote Originally Posted by Techand$$ View Post
    Just passed the CISSP, currently doing the endorsement process. I'm planning to complete CCNP security by next year, currently working for a MSSP and the primary reason I did CISSP was to get past the HR (future job security), but that does not mean I haven't gained anything out of the cert, now i'm able to confidently talk to IT manager or security manager using a common 'CISSP like' language when configuring firewalls, email-filters, AD/Exchange audit solutions etc. As you progress through your career you will realize that communication play's a major role as you climb up the ranks. So gain as much knowledge as you can, be it security management or technical security because there seems to be an overlap somewhere....... right?

    Awesome. Congratulations
    "After a time, you may find that having is not so pleasing a thing, after all, as wanting. It is not logical, but it is often true." Spock

    Reply With Quote Quote  

  23. Member
    Join Date
    May 2011
    Location
    Pittsburgh, Pa
    Posts
    76

    Certifications
    CCNA:R&S/S, CCNP:R&S, Security+, Palo Alto ACE v7.0
    #22
    Quote Originally Posted by Techand$$ View Post
    but that does not mean I haven't gained anything out of the cert, now i'm able to confidently talk to IT manager or security manager using a common 'CISSP like' language when configuring firewalls, email-filters, AD/Exchange audit solutions etc. As you progress through your career you will realize that communication play's a major role as you climb up the ranks.
    Congrats and this actually does make sense from a communication standpoint.
    Reply With Quote Quote  

  24. Senior Member
    Join Date
    Oct 2016
    Location
    NJ
    Posts
    472

    Certifications
    CISSP, PCNSE, CCNP R&S, CCNA(Security/Data Center), CySA+
    #23
    Quote Originally Posted by mackenzae View Post
    If you are applying for a technical role and they ask you about the CISSP then well you better either set them straight or get out of there because they don't know what they want.

    I work in a purely Network Security Technical role - i deploy firewalls, vpns and everything else - i don't have a CISSP and i probably won't get one.. but if i ever look for another technical job and they ask me about CISSP well lets just say I probably won't work there..
    Just came across this. Do other technical network security folks on here feel the same way? I'm currently studying for CISSP, and struggling a little, because the material doesn't relate to where I see myself. I'm trying to push through it, but at times feel like I'd be better off studying for CCNP Security or CCIE
    Reply With Quote Quote  

  25. Junior Member
    Join Date
    Feb 2016
    Location
    Kuwait
    Posts
    17

    Certifications
    OSCP, CISSP, Prince2 Foundation, CCNP R/S, ITILv3 Foundation, CCNA Sec, Fortinet NSE 4
    #24
    Hey MitM, I was planning to do the CCNP Security, but I since didn’t come across much Cisco Network security devices in my line of work I eventually dropped the idea of getting that cert.

    Anyways coming to your question, you need to decide where you want to work 5 years from now, if it’s in network security i.e. routers, firewall, IPS, NAC etc then do it the cisco or juniper or checkpoint or paloAlto way. If you want to work in a position that deals with an all round security in information technology then CISSP is your ticket (not the only ticket) to it.
    Reply With Quote Quote  

  26. Junior Member Registered Member
    Join Date
    Jun 2018
    Posts
    2
    #25
    From talking with Cisco Academy Instructors and other people in the field, I am really sorry to say, but Cisco certifications are not as useful as people make them out to be. Like Mike has said, no one asks about them on interviews and that is my experience as well. If you take Cisco certifications, you will understand that they ask you questions that are way off topic and about small details that you just don't pay attention.

    They outsource their test making to a third vendor. So they don't even create their own tests and that is why when you study for it and then take it, you will notice they are very different. This is specifically true for the CCNA Security exam.

    I would focus on management and concepts. Cisco firewalls are not even best rated out there so you will mostly likely be working be Palo Alto firewalls, especially in the financial sector.

    Furthermore, if anyone who knows Cisco internally would ever be honest with you. They will tell you that these exams are a lot of fo money grabbing. They make way too much money from their academy and tests.

    You can learn the technical skills on the job. What the Cisco certs don't teach you is how to logically and rationally think about networks and security, which is way more valuable than remembering configuration commands.
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks