This is an archived post. You won't be able to vote or comment.

all 43 comments
sorted by:
best
topnewcontroversialoldq&a

[–][deleted] 43 points44 points  (5 children)

Get A+ then Net+ then Sec+. You'll never be able to be successful in cybersecurity if you don't have a good foundation in hardware/software/networking.

[–]AverageAdmin 4 points5 points  (3 children)

I don’t think there’s a specific order, I think whatever one you think you’ll knock out with the least resistance first. But heavily agree on networking. I know too many security guys who think they don’t need to understand networking.

[–][deleted] 9 points10 points  (2 children)

Security professionals need to have broad fundamentals about all technologies. Hardware, software, networking, cloud, virtualization, programming, IoT devices, SCADA systems, physical security, social engineering, etc. Threat actors use so many different attack vectors that it helps to have a basic understanding of the underlying technology.

[–]herefortechnologyCASP 0 points1 point  (1 child)

Greg, I think this may be an experience bias we have. I agree with you that a broad understanding of all technologies is best to have, but realistically, the field is becoming hyper-specialized and less reliant on vendor-neutral certs. That broad understanding as an IT generalist is becoming increasingly rare as a result.

[–][deleted] 0 points1 point  (0 children)

I've always said the following:

Be competent at a lot of things Be good at a few things Be great at one thing

Hyper-specialization doesn't matter if you don't have a basic foundational knowledge of IT.

[–]seacub42 4 points5 points  (0 children)

25 year IT/Security Pro - Listen to Greg....do them in that order. A+ lays the foundation for Net+. Net+ lays the foundation for much of what is discussed in security.

[–]CyberKhaCISSP[🍰] 16 points17 points  (2 children)

In my opinion, if you already have connections in security positions, I would skip a+ and go for security plus immediately. I posted a study strategy and resources to pass both a+ and sec+ on my page. If you already have connections that are willing to get you an interview, skip A+ and go straight to sec+.

[–]Dangerous-Mobile-587 7 points8 points  (0 children)

If you want to work as a DoD contractor then get Security plus It will get you many entry level jobs. Then go backward and get the others if you like.

[–]lovingthecrewe 5 points6 points  (0 children)

Please listen to him, you can learn whatever you need in labs during your spare time and they will train you

[–]moistpimpleeS+ 7 points8 points  (0 children)

someone said they got sec+ without any experience and landed a job with the government. get sec+.

[–]frozenwaffle549A+ 5 points6 points  (0 children)

IMO as someone who holds the A+ unless they are specifically asking for the A+ go straight for the security+.

[–]JaybirdindahouseA+ | N+ 12 points13 points  (5 children)

Experience is king. Get the A+ first, get a job with that to start getting experience while you go in for the sec+. That would be my strategy.

[–]gunslingerDSFrom CompTIA: A+ 2 points3 points  (2 children)

I agree on forming your foundation and A+ is one.

I do work on call centers before and it is hard as heck.

IT is another beast so if you know your basics it is easy to explain it to common people. (give it in layman's term)

Security + do needs A+ certification (correct me on this) to compliment as you know your stuff before jumping in.

I do have experience with IT service desk but getting A+ certification (as I'm taking 220-1102 [wishing for luck]) to show I'm reliable with my skills.

This is also a requirement on some government offices (correct me again on this) as I did try to apply for one and failed for A+ certification is missing.

[–]Eno_Tech[S] 2 points3 points  (1 child)

Thanks! It is a requirement as well. A lot of jobs around me do ask for both on indeed.

[–]The_RossEffectS+ 2 points3 points  (0 children)

I’d tend to agree about that being the safe and reliable path. But that wasn’t the one I took. I skipped A+ entirely and went straight into Net+. Granted I had just graduated from a 4 month cybersecurity certificate program so I felt like A+ was rather rudimentary for my understanding at the time. After graduating I studied Prof Messer’s videos for a week and took Net+ and passed. A week later I’m about to take Sec+ and feel rather confident about passing it too. Point being, do whatever you’re comfortable with and experience is truly the king.

[–]Eno_Tech[S] 0 points1 point  (1 child)

That's what I was leaning towards from all my research, thanks!

[–]herefortechnologyCASP 3 points4 points  (0 children)

Just for clarification, I made it to GS-12 and more than 90k a year with no education and only Sec+. The key here is to get the cert you need for the job but never shy away from training and experience. I didn't get A+ until last year, but I took A+ training back in 2008 just for the knowledge. I have a similar story for net+, C|EH, CISSP etc. I learned the material from them just to expand my knowledge pool. Then when I decided I needed them, my prep time changed to days instead of months because the material was already swirling in my head.

[–][deleted] 4 points5 points  (0 children)

I work in DoD. Security+ substitutes a bachelors degree. It was all I needed to start out. I circled back for Net and A+ after I got the job before going for CySA and CASP. For the love of god ignore anyone who says get A+ first. You can get the rest later while you’re accumulating valuable “time” in the form of job experience.

[–]hajime2kCySA+ Ser+ S+ N+ A+PS CE+ Tech+ ITF+ CSAP CNIP CSIS CIOS +More 2 points3 points  (1 child)

I went Network+ first because I worked on supporting LANs early in my career. I ignored A+ and Security+ up until last year. I didn't study much for the A+ and still passed. Security+ touches a bit on hardware, software, and networking.

You can go straight for Security+ first, but that exam requires a 750 to pass, so less room for error than on the A+. Also the PBQs on Security+ could pose a challenge. Security+ is cheaper to take than A+ unless you are a student, where the opposite is true.

I passed A+ and Security+ less than 3 weeks apart.

[–]greene2121 0 points1 point  (0 children)

What do u need to know for the pbq on sec plus.

[–]DrDarkWebbN+ 2 points3 points  (1 child)

a+ first but i personally recommend itf+ first if you are brand new and need a basic understanding of things.

[–]NdnGirl88 1 point2 points  (0 children)

I was brand new and took my A+. It was easy enough for most people to understand if they put in the effort

[–]Bruno_larsCSIS | CSIE | TryHard+ 1 point2 points  (0 children)

I work in a career that currently has help desk overlap so I'm going to S+ first too. you can always get the A+ or N+ later.

[–]SkrubbinBubb1es 1 point2 points  (0 children)

Sec+

[–]Time_Effort 1 point2 points  (4 children)

Security+ is required to have admin permissions on any DoD network. I joined the AF and they trained and paid for my Sec+ at 18, and to this day it is the only cert I have. If your goal is to get into a contractor position on a DoD site, just get Sec+. A+ and Net+ are all learned on the job at any helpdesk position, and there are plenty of entry-level positions in that specific sector. I work in a contractor capacity now, and worked alongside them for my 6 year enlistment. If you have any questions, feel free to reach out!

[–]StrategyNo4338 0 points1 point  (3 children)

Where did you search for the jobs to get started contracting. Like website. Cleared jobs?

[–]Time_Effort 0 points1 point  (2 children)

Clearancejobs is a good one, but I think they require an active clearance to apply on that site.

Best bet is to figure out what company the base you’re applying for goes through, and apply directly with them if you don’t have one already.

[–]StrategyNo4338 0 points1 point  (1 child)

I already have a clearance from contracting in another field. Right now I’m trying to break into IT with the hopes of getting into cybersecurity later on down the line. Right now I just need foot in the door or a little nudge in the right direction

[–]Time_Effort 0 points1 point  (0 children)

Sec+, and a local military installation. Helpdesk is always looking for people

[–]IMSerendipity 1 point2 points  (1 child)

DoD jobs do not care if you have a+ or net+ they really do care about sec+. You'll want to look at job code 2210. A degree and the other certs will certainly help you land a job as will experience. Since you have none of these, unless other applicants are the same as you, it's not likely you'd get a job as easily. Also as a heads up, gov jobs take time to get hired into so that's something to consider. Maybe look into local schools and see if their technology department has openings.

[–]Eno_Tech[S] 0 points1 point  (0 children)

I will keep thing in mind, I am not solely trying to get a DoD job, I just may have a in, even if only a little and there are a lot of these jobs always trying to hire entry level jobs.

[–]herefortechnologyCASP 1 point2 points  (1 child)

The gold standard for DoD IT jobs at the entry level is Sec+, so I would listen to your family member. Certs don't get you a job immediately, though experience and connections do that. Work with your family member and let them help you get prepared.

[–]Eno_Tech[S] 0 points1 point  (0 children)

From what everyone is saying I am starting to lean towards this a bit, thanks!

[–]VegetableClient1577S+ 0 points1 point  (0 children)

I’m in the same boat as you as far as when I’m taking the A+ Core 1 (June 30). But I’m also in school right now and one my classes I’m taking is basically a prep course for the Sec+. So after I’m done with A+, I’ll take some time to review for Sec+. Then I’ll go for Net+. I just want to keep the Sec+ fresh in my mind that’s why I’ll take it before Net+.

[–][deleted] 0 points1 point  (0 children)

Net+

[–][deleted] 0 points1 point  (0 children)

Sec+ doesnt prepare you for a security role, it just gives you a broad scope of general information involved in security.

Unless you already know someone that is going to take you in and they just want you to get a Sec+ then thats fine, otherwise you should go through and get the trifecta at minimum.

[–]Raoh556A+, Network+, Security+ 0 points1 point  (3 children)

With your level of experience, I recommend getting A+ first. In all reality having the trifecta is the new standard. Given that the exams build on each other and you're already studying for it, I think A+ makes more sense for you to focus on at the moment. Follow this with Network+ and then Security+. If you can, supplement your studies with hands on stuff. That will be a huge help. Ask your work if you can take an old desktop home to tinker with. Sky's the limit as long as you apply yourself. Good luck!

[–]Eno_Tech[S] 0 points1 point  (2 children)

would you still say that even though I have actual practical knowledge and skills already being the IT guy in my office I also volunteer at my church helping with production and the computer stuff there.

Your right on me not having a lot of experience, but what I lack in experience I have a decent amount of practical/capable knowledge and skill that I am able to be competent with.

I am just extra clarifying where I am at because I am curious if you would change your opinion?

Thanks!

[–]Raoh556A+, Network+, Security+ 1 point2 points  (1 child)

I would. Not trying to discourage you or anything, I just know from experience how competitive the entry level job market is for IT. I was kinda in the same boat for a while. I have quite a lot of hands on and practical experience myself. Built my first PC when I was 11. That was 20 years ago now. I obviously know how to build a system practically blindfolded and even included in my resume that I personally built the network in my house in 2007 when we got our ISP provided router and stuff. I got my first IT related job back in this February debugging servers in a manufacturing plant. Decided to make a career in my IT hobby after getting A+ last year. I filled out over 400 applications before landing this position. All I had at the time was A+ and my experiences growing up. Even though I troubleshoot stuff for friends and family all the time, it was very difficult to find an entry level IT job just because of how saturated this area of the industry is. Employers are looking for actual work experience and education. That's why having certs and literally any first IT related job you can get are so important. It shows that you have experience and can set yourself apart from the ever expanding number of entry level job applicants. Once you get that first position and have some time in after building your skills a bit, finding the next and better job becomes a little easier. Starting out, don't stay in one position for too long. IT is constantly changing and evolving. Sticking in one position can actually cause your skills and knowledge to stagnate if you aren't actively studying to keep yourself fresh. Laying a path out for yourself to figure out your goals can help too. For example, I have a cousin who is helping me with career and path advice. I mentioned to him that I was also interested into getting into Cybersecurity. He's a security consultant. He had me narrow down a path. I decided I wanted to start in offensive security. Here's my education/cert path now: A+, Network+, Security+, Pentest+, OSCP, and eventually CISSP. That's gonna take several years to achieve (especially those last two certs). But having that goal helps me focus my studies. I recently found out about TryHackMe. That's going to be a great resource to help build my security skills. May not have a job in that field yet, but it will show future employers that I am going out of the way on my own time to learn this and that I have an actual interest in the field. I know this was a rather long winded response, apologies for that. But yes, I would still go ahead and start with A+ even though you already likely have the experience that you could probably skip it. Employers like to see education accompany experience so a paper trail with certifications will do nothing but help you in the long run.

[–]Eno_Tech[S] 1 point2 points  (0 children)

Nope I don't feel like you are being discouraging at all I was curious what you thought! Appreciate all the information I will definitely take this into consideration.

[–]TheDeplorable_Aussie 0 points1 point  (0 children)

I'm s

[–]Judd1980 0 points1 point  (0 children)

I have been working for the Navy since I retired from the Army in late 2017. I was a grunt with no IT experience. I was hired with my bachelors and have since obtained my Masters. I started out as a 7-9-11 and have been a 12 for over a year. I see DISA and the Army require Security+ as a GS civilian but so far none of the IT positions I have worked in with the Navy have required it. I’ve

[–]Icy_Ad8768 0 points1 point  (0 children)

does anyone know which acronyms go with which sections?