CyberSecurity Certification Recommendations and Resources

CyberSecurity Certification Recommendations and Resources

I'm looking for some cybersecurity certification recommendations and resources for a friend looking to break in to cybersecurity.

We get asked this all the time at SJULTRA. On trigger for this question is when someone’s team is starting to measure compliance with NIST security standards and they link to examples like CompTIA Security + Information.

There are also handy infographics like this from Hacking Articles.

Hacking Articles Cyber Roadmap

Here are some more detailed examples and links if you’re exploring cybersecurity certifications.

Table of Contents

SJULTRA cybersecurity recommended resources

United States government cybersecurity professionals working with Information Assurance (IA) are required to earn a certification approved by the U.S. Department of Defense. DoD Directive 8570 lists the approved baseline certifications and providers.

CompTIA Security+

Sec+ is the bare minimum for any government job. CompTIA Security+ is a global certification that validates the baseline skills necessary to perform core security functions and pursue an IT security career. Two years’ experience in network administration with a focus on security are required.
https://www.comptia.org/certifications/security

Here is a link to an online 200 page study guide PDF of the topics covered: https://cs.signal.army.mil/static/Course_Downloads/SY0-601v1_1-StudentStudyGuide.pdf

Here’s a link to the online 400 page PowerPoint PPTX of the Student Slide Deck
https://cs.signal.army.mil/static/Course_Downloads/SY0-601v1_1.pptx

CEH – Certified Ethical Hacker

Next up would be CEH https://www.eccouncil.org/programs/certified-ethical-hacker-ceh/ not a great course but the government likes it. 

Beware – the sponsor of this course EC Council has some plagiarism issues: https://attrition.org/errata/charlatan/ec-council/2021-eccouncil-response-to-plagiarism.html

CISSP

For job positions with DOD Information Assurance (IA) and compliance a Certified Information Systems Security Professional CISSP from ISC2 is recommended.
https://www.isc2.org/Certifications/CISSP

OSCP – Offensive Security Certified Professional 

Penetration Testing with Kali Linux is a self paced course that introduces tools and techniques to attack and penetrate live machines in a safe lab environment. Students who complete the course and pass the exam will earn the Offensive Security Certified Professional (OSCP) certification. The OSCP is considered to be more technical than other ethical hacking certifications and is one of the few that requires evidence of practical penetration testing skills.
https://www.offensive-security.com/courses/pen-200/

More resources