Security Certification Options

  • I have to pick from the following list as part of the requirements for a Google Partner Specialisation requirement. I've done the Network+ (gfl) in the past so vaguely familiar with CompTIA. Curious to know if anyone has taken these and what their thoughts on it was. Any other comments welcome.

    CISSP: Certified Information Systems Security Professional
    CISM: Certified Information Security Manager
    CompTIA Security+
    CEH: Certified Ethical Hacker
    GSEC: SANS GIAC Security Essentials

  • Security+ is not too hard and is very straightforward. It's the kind of certification I would recommend to all techs to get them security-minded so they don't do stupid stuff because they can think logically about it from a security perspective.

    I believe all the other ones are more specific if you want to actually get into infosec.

  • @flaxking That was the one I was thinking of as the lowest barrier to just be able to tick the box on one of them. CEH had a lot of quality feedback from those that took it here and I was also thinking this would be the more interesting one. The CISSP being the security cert to get if I wanted the one that held the most value going someplace else but also requiring the most effort.

  • Sec+ is super easy. It's not like a security cert as much as it is a "security aware" cert for people who other skills to show that they can think about security, too.

  • Ugh CEH is the worse option. I have it and that is scam certification IMO. It is like over $1000 to take a test that is multiple choice and extremely easy.

    CISSP - Great, but you have to commit a good amount of time and brainpower to it. I have it and it was pain in the ass, but well worth it.

    CISM - Weighed the same as CISSP by DoD DIrective 8570, but an easier test.

    Security + - Used to be a basic watered down security cert like Scott said, but recently was made much tougher and is more well respected now

    If I wanted the most value and was willing to do the work I would do CISSP.

    If I wanted a good amount of value and wanted an easier test, I would do CISM

    If I wanted to learn something and build a good base, I would do Security +

  • @larsen161 The best person on this community to listen to with direct knowledge of this is @irj for certain.

Log in to reply