+ Reply to Thread
Results 1 to 12 of 12
  1. Member
    Join Date
    Sep 2016
    Posts
    82

    Certifications
    CCNA Security, CCNA R&S
    #1

    Default Security+/CSA+/CASP before CISSP

    I'm trying to make my transition more towards the security side, with a focus on Cyber Defense. I'm in the beginning stages of studying for CISSP, but was wondering if there is a benefit to going the CompTia route first? I know CISSP is the better ROI option for the resume/HR. My question is geared more towards the content of those three Comptia exams, as far as learning skills necessary for the job.


    Ideally, I'd do SANS/GIAC over both of the above, just not sure I'd want to pay out of pocket for their courses, without having a pure security job first.
    Reply With Quote Quote  

  2. SS -->
  3. They are watching you NetworkNewb's Avatar
    Join Date
    Feb 2015
    Location
    Off the grid
    Posts
    2,556

    Certifications
    A+/Net+/Sec+, CCENT, CCNA:Sec, CCSK, GCIH
    #2
    If you got the experience requirement for the CISSP I would just get that. Then focus on and study whatever area of cyber security interests you most. Those other certs won't actually hold much value once you get it.

    Not saying the knowledge is bad in those after you get the CISSP, but not sure if you would see much ROI in taking and getting the actual certs themselves.
    Reply With Quote Quote  

  4. Junior Member Registered Member
    Join Date
    Feb 2017
    Location
    Los Angeles, CA
    Posts
    5

    Certifications
    CISSP, CASP, SSCP, Security+, Network+
    #3
    Seconding this advice. If you don't yet have the experience but are on a career track where you're already satisfying security-related activities from the various CISSP domains (https://www.isc2.org/cissp-domains/default.aspx), you can do Associate of (ISC)2 for CISSP, which gives you up to six years currently to gain the five years of experience: https://www.isc2.org/how-to-become-an-associate.aspxThe advantage of this is that it looks good on your resume/CV to those who know what it is; the studying itself is a good teacher (honestly I should have put that first); and it gets the big test out of the way so you can relax just a little. Also bear in mind that you may already be doing many things that satisfy the domains without even realizing it.
    Reply With Quote Quote  

  5. Junior Member Registered Member
    Join Date
    Feb 2017
    Location
    Los Angeles, CA
    Posts
    5

    Certifications
    CISSP, CASP, SSCP, Security+, Network+
    #4
    Replying to myself to fix my second link (https://www.isc2.org/how-to-become-an-associate.aspx) and also add that, as you can see from my profile info, I did the CASP and Security+. I don't think they're bad additions to the resume/CV, and they may even snag a recruiter who's looking only at those. So far most of the postings for jobs I've seen in Southern California (can't speak for other places too well) have been defense and military-related positions. If that's your intended trajectory, having those certs may also help you get your foot in the door. Good luck!
    Reply With Quote Quote  

  6. Member
    Join Date
    Sep 2016
    Posts
    82

    Certifications
    CCNA Security, CCNA R&S
    #5
    Thanks for the replies. I have enough work experience to satisfy the CISSP requirements, which is why I originally was going that route. My concern was more in regards to having the confidence with the necessary skills for the interview.

    Would either of you feel it be beneficial to go through the material of those exams prior to studying for CISSP, even if I never sit a Comptia exam, or would you say do that afterwards?

    I would never get the CISSP and then go back to Comptia certs. It would have to be the other way around
    Last edited by mnashe; 04-26-2017 at 11:53 PM.
    Reply With Quote Quote  

  7. Senior Member stryder144's Avatar
    Join Date
    Nov 2012
    Location
    Denver, CO
    Posts
    1,255

    Certifications
    CompTIA A+, Network+, Security+, Server+, Linux+ and CSA+; MCSA: Windows 7, ITIL Foundations
    #6
    I would read The Complete Reference Information Security Second Edition first, then dive into the CISSP exam materials. If you were to get the CompTIA certs first you would spend nearly twice the cost of the CISSP exam fee with little to no real ROI compared to the CISSP.
    The easiest thing to be in the world is you. The most difficult thing to be is what other people want you to be. Don't let them put you in that position. ~ Leo Buscaglia

    Connect With Me || My Blog Site || Follow Me
    Reply With Quote Quote  

  8. Member
    Join Date
    Sep 2016
    Posts
    82

    Certifications
    CCNA Security, CCNA R&S
    #7
    thanks. I see your point. I'll check out the book. I think the fact that CISSP is more a security manager exam is what makes me hesitant. I was feeling like maybe I needed some other security certification under my belt first, even if I did only one of those Comptia ones.

    I'll follow the advice here though and just go for the big gun
    Reply With Quote Quote  

  9. Senior Member
    Join Date
    Oct 2016
    Location
    NJ
    Posts
    312

    Certifications
    CCNP R&S, CCNA(Security/Data Center), PCNSE 7, MCITP: Exchange 2010
    #8
    As someone who is also planning on tackling the CISSP, I was thinking about going this route

    CSA+ (Or CASP) > CISSP > GIAC/CCIE Security


    Not so sure after reading this thread though haha
    Reply With Quote Quote  

  10. Senior Member
    Join Date
    Jan 2013
    Posts
    220

    Certifications
    CSA+, CWTS, Storage+, Sec+, A+, N+, Mobility+, MCP, etc.
    #9
    Quote Originally Posted by MitM View Post
    As someone who is also planning on tackling the CISSP, I was thinking about going this route

    CSA+ (Or CASP) > CISSP > GIAC/CCIE Security


    Not so sure after reading this thread though haha

    Choose the path that works best for you.

    For me, money isn't a concern, so likely my next security cert will be CASP, although I have the experience for CISSP. The reason? Studying for CASP will be helping me eventually prep for CISSP, and get me CEUs for CSA+. While I agree that CISSP probably is a better ROI, I also think any IT Security pro that shows a continual learning process - and certs help with that - is going to be a stronger IT pro.
    Reply With Quote Quote  

  11. Senior Member stryder144's Avatar
    Join Date
    Nov 2012
    Location
    Denver, CO
    Posts
    1,255

    Certifications
    CompTIA A+, Network+, Security+, Server+, Linux+ and CSA+; MCSA: Windows 7, ITIL Foundations
    #10
    Quote Originally Posted by ThePawofRizzo View Post
    Choose the path that works best for you.

    For me, money isn't a concern, so likely my next security cert will be CASP, although I have the experience for CISSP. The reason? Studying for CASP will be helping me eventually prep for CISSP, and get me CEUs for CSA+. While I agree that CISSP probably is a better ROI, I also think any IT Security pro that shows a continual learning process - and certs help with that - is going to be a stronger IT pro.
    You make an excellent point. There are things covered in each of the certifications that are not covered or have a different emphasis in the other certifications. Pursuing, or at least reading the various certification books/watching videos, the other certs might flesh a few things out that may be encountered during the course of ones career.
    The easiest thing to be in the world is you. The most difficult thing to be is what other people want you to be. Don't let them put you in that position. ~ Leo Buscaglia

    Connect With Me || My Blog Site || Follow Me
    Reply With Quote Quote  

  12. They are watching you NetworkNewb's Avatar
    Join Date
    Feb 2015
    Location
    Off the grid
    Posts
    2,556

    Certifications
    A+/Net+/Sec+, CCENT, CCNA:Sec, CCSK, GCIH
    #11
    Quote Originally Posted by ThePawofRizzo View Post
    While I agree that CISSP probably is a better ROI, I also think any IT Security pro that shows a continual learning process - and certs help with that - is going to be a stronger IT pro.
    The way I look at it is your time would probably be better spent focusing on specific aspects of security that you want to work in/with, instead of getting a bunch of "general" security certifications that won't hold much value. I'd rather start focusing on how deep I can get into the specific security technologies I work on.

    How much value would having the CSA+ or CASP be on a resume when someone has their CISSP? It might matter a little to some (like working for the DoD?), but I would doubt it would matter at all to most. Can't say that is fact, but just my view on it.
    Reply With Quote Quote  

  13. Senior Member
    Join Date
    Feb 2014
    Location
    DC/VA
    Posts
    455

    Certifications
    MCSA2012 VCPDCA ITILv3 Sec+CE
    #12
    NetworkNewb is CORRECT. Obtaining the CISSP will lead you to the promise land. Sec+; CASP and CSA is only needed to obtain a DOD Level.
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks