Internationally, the not-for-profit CREST information assurance accreditation and certification body’s courses and exams are commonly accepted in many countries, including the United Kingdom, Australia, Europe and Asia. CREST’s mission is to educate and certify quality computer security professionals. All CREST-approved exams have been reviewed and approved by the UK’s Government Communication Headquarters (GCHQ), which is analogous to the United States’ NSA.
CREST’s basic information security exam is known as the CREST Practitioner Security Analyst (CPSA) and there is a pen testing exam called the CREST Registered Tester (or CRT). Exams and costs vary by country, but in Australia, for example, the CRT exam cost $1,000 AU.
Vendor-specific certifications
Many vendors, such as Microsoft and Cisco, offer security-specific exams that are worth pursuing. Years ago, Microsoft had several security-specialist exams, such as MCSE: Security. Security has become a general concern for all platforms and technologies, and for years Microsoft has put more and more security questions and testing into all its exams.
However, there are still a few security-specific Microsoft exams, including the $165 Securing Windows Server 2016 exam. As can be expected, the certification focuses on the new security features in Microsoft Windows Server 2016, but goes far beyond just technically securing a server product. It covers red/green forest design, Just-in-Time Admin, Just Enough Admin, and Microsoft’s latest security technologies such as Advance Threat Analytics (ATA). Microsoft security techs might also want to take Microsoft’s Security Fundamentals test for $127.
Cisco’s certifications have always had industry pedigree and are considered tough to pass. The Cisco Certified Internetwork Expert (CCIE) certification is considered the hardest exam to pass in the industry. According to Cisco, less than 3% of CCIE exam students will obtain the certification, even after paying thousands of dollars, creating home labs, and spending an average of 18 months studying for it.
Cisco’s Certified Network Associate (CCNA) Security certificate is easier to obtain and still very well respected. You must first hold another valid Cisco certification to take the CCNA Security exam. After you have your CCNA Security (or any passed CCIE certification), you can take the Cisco Certified Network Professional (CCNP) Security.
The CCIE-Security is the mac-daddy Cisco security exam. It consists of a two-hour written exam (which must be passed first), then an eight-hour lab portion. All Cisco certification exams are hard, but if you get your CCIE Security, you’ll be able to earn a very good living almost anywhere in the world.
Apple doesn’t appear to a have a security-specific exam, but its traditional MacOS exams include some security components.
Red Hat and other Linux security certs
Red Hat offers dozens of certification exams, and like other major vendors, it offers at least one security specialty exam: Red Hat Certificate of Expertise in Server Security and Hardening. Besides normal Linux server-hardening information, successful candidates must be prepared to handle Common Vulnerabilities and Exposure (CVE) and Red Hat Security Advisory Reports. The price is $600.
The Linux Professional Institute (LPI) offers a vendor-neutral Linux security exam (LPIC-3 303) that covers a host of security topics. Candidates must have successfully passed four other lower-level LPI exams to qualify for the LPIC-3 303, although take exams in different order combinations. LPI Level 3 exams, which LPIC-3 303 is, costs $299.99 to take. SANS also offers a GIAC Unix security certification that applies to Linux.
Which certifications to pursue first
I’m a big believer in taking what you know the best first. Use your first exam and certification to get back into good study habits, and once you pass it, build confidence. If you fail, identify your weaknesses and get back on the horse. I once taught a guy who failed the same test two dozen times over the course of a year. He kept coming back and eventually eked out a passing score. I’ll hire a honey badger any day of the week.
If your experience qualifies you for taking the CISSP, that would be a great certification to start with. The breath of the exam (not the depth of material) is what makes the CISSP challenging. Most people who take the exam pass it, and once you’ve earned the certification you can be prepared to share your success with anyone who asks.
If you want to acquire new technical skills, start with the SANS GIAC, CEH or OCSP. People already in auditing or management or those interested in doing so should consider the ISACA exams. Compliance folks should look to SANS and ISACA. Proof of expertise in a vendor’s suite of products can quickly be shared when you have that vendor’s own certification.
I’m also a big believer in taking as many certification exams as you can while you can. It’s easier to study and pass certification exams when you’re in “study mode,” so once you get in that mindset, keep going and try to pass a few exams successively. Many times, people who decide to take a break from pursuing certifications after passing one or two never go back.
I would be proud to have any of the computer security certifications on this list. Each one will broaden your security knowledge and make you a better computer security professional. Each of these certification entities have broadened to become a complete community of like-minded individuals. You’ll not only get help understanding computer security knowledge, but a discussion list where you can ask questions about any difficult subject or scenario and get help. I’ve made online friendships that have lasted decades, and even though I haven’t met them in person, I feel like they really are my mentors and friends. Certifications and the online ecosystems they spawn can only help you and your career.
This story, "Top cyber security certifications: Who they're for, what they cost, and which you need" was originally published by InfoWorld.
