10 Security Certifications To Boost Your Career
8 min read
Earning a security credential can help you open the door to a great job. But you need to know which certification is the right one for you.
.png?w=640)
GIAC Security Essentials (GSEC)
Global Information Assurance Certification (GIAC) is the leading provider and developer of Cyber Security Certifications, globally recognized by government, military and industry leaders. GIAC tests and validates the ability of practitioners in areas including security administration, forensics, management, audits, software security, and legal.
Description
This certification is designed for candidates who want to demonstrate skills in IT systems roles with respect to security tasks. Ideal candidates for this certification possess an understanding of information security beyond simple terminology and concepts.
Prerequisites: None
Exam: GIAC Security Essentials (GSEC)
(180 questions, 5 hours, 73% passing score)
Approx. Cost for Exam
$1,099 USD, administered by Pearson VUE (Affiliate Pricing for GIAC Certification in conjunction with SANS training is $629 USD)
Available Courses
Recommended course SEC401: Security Essentials Bootcamp Style,
Self-Study Material
Training events ($5,950 USD), Self-study books and DVDs ($5,350 USD), Videos from Dr. Cole
Online Practice Test
SANS Security Essentials Assessment Test, (Login credentials required)
(Image source: GIAC)
.png?w=640)
(ISC)² certifications are globally acknowledged as the Gold Standard in for educating and certifying information security professionals. (ISC)2 provides certification in areas such as information security, system security, authorization, software development, digital forensics and healthcare. The two key certifications are Certified Information Systems Security Professional (CISSP) and Systems Security Certified Practitioner (SSCP).
This certification is designed for candidates interested in the field of information security. The ideal candidates are those who are information assurance professionals and know how to define the information system architecture, design, management and controls that can assure the security of business environments.
Prerequisites
Candidates must have a minimum of 5 years of paid full-time work experience in 2 of the 8 domains of the CISSP Common Body of Knowledge (CBK), which covers critical topics in security including risk management, cloud computing, mobile security, application development security, and more.
Exam
CISSP – Certified Information Systems Security Professional (250 questions, 6 hours, 70% passing score)
Approximate Cost for Exam
$599 USD (For Americas, Asia Pacific, Middle East and Africa regions), administered by Pearson VUE
URL
https://www.isc2.org/cissp/default.aspx
Available Courses
CISSP Course Overview
Self-Study Material
— Exam Outline Official (ISC)² Guide to the CISSP
— Official (ISC)² CISSP CBK Training Seminar, and SSCP CBK Training Seminars
–(ISC)²’s Live Online course
Online Practice Tests
–(ISC)² Practice Tests App is available for iOS users: NOTE: The CISSP and SSCP practice test questions are not currently aligned with the domain refresh. New questions will be available in mid-2015.
Image Source: (ISC)²
.png?w=640)
This certification is designed for candidates interested in the field of information security. The ideal candidates are those who are information assurance professionals and know how to define the information system architecture, design, management and controls that can assure the security of business environments.
Prerequisites
Candidate is required to have a minimum of one year of cumulative paid full-time work experience in one or more of the seven domains of the SSCP CBK. If candidates do not have the required experience, they may still sit for the exam and become an Associate of (ISC)² until they have gained the required experience.
Exam
SSCP – Systems Security Certified Practitioner (125 questions, 3 hours, 70% passing score)
Approximate Cost for Exam
$250 USD (For Americas, Asia Pacific, Middle East and Africa regions), administered by Pearson VUE
URL
https://www.isc2.org/sscp/default.aspx
Available Courses
SSCP Course Overview
URL Self-Study Material
Exam Outline
— (ISC)² Guide to the CISSP
— (ISC)² CISSP CBK Training Seminar and SSCP CBK Training Seminars
— (ISC)²’s Live Online course.
Online Practice Tests
— (ISC)² Practice Tests App is available for iOS users. NOTE: The CISSP and SSCP practice test questions are not currently aligned with the domain refresh. New questions will be available in mid-2015.
Image Source: (ISC)²
.png?w=640)
Information Systems Audit and Control Association (ISACA) certifications are globally accepted and recognized, and are known for helping candidates combine the achievement of passing an exam with credit for their work and educational experience.
The key certifications offered by ISACA are Certified Information Security Manager (CISM) and Certified Information Systems Auditor (CISA). Other certifications offered include Certified in the Governance of Enterprise IT (CGEIT) and Certified in Risk and Information Systems Control (CRISC).
Description
This certification is for candidates who have an inclination towards organizational security and want to demonstrate the ability to create a relationship between an information security program and broader business goals and objectives. This certification ensures knowledge of information security, as well as development and management of an information security program.
Prerequisites
Candidates must have five years of work experience in the field of information security, with at least three years in the role of information security manager.
Exam
Certified Information Security Manager (CISM) (200 questions, 4 hours, 450 as the passing mark for the exams required)
Approximate Cost for Exam
Applicant can register for an ISACA exam via online registration or a hard copy registration form. Note: There is an additional $50 USD processing fee for applying for certification. Cost of online registrations: $490 USD (for ISACA members) and $675 USD (for Non-ISACA members).
URL
http://www.isaca.org/certification/cism-certified-information-security-manager/pages/default.aspx
Available Courses
ISACA offers CISM Review courses for various regions.
Self-Study Material
CISM exam preparation, including prep resources, certification job practice, terminology, a glossary, study material and review courses in required area.
Online Practice Tests
CISM Self-Assessment Exam
Image Source: ISACA
.png?w=640)
The CISA certification is a globally recognized certification for IS audit control, assurance and security professionals. With this certification, candidates can showcase their audit experience, skills and knowledge, and demonstrate the capability to assess vulnerabilities, report on compliance and institute controls within their enterprise.
Prerequisites
Candidates must have five years of work experience in the fields of Information Systems Auditing, Control, Assurance or Security.
Exam
Certified Information Systems Auditor (CISA) (200 questions, 4 hours, 450 as the passing mark for the exams required)
Approximate Cost for Exam
Applicant can register for an ISACA exam online registration with
URL
http://www.isaca.org/Certification/CISA-Certified-Information-Systems-Auditor/Pages/default.aspx
Available Courses
—http://www.isaca.org/Certification/CISA-Certified-Information-Systems-Auditor/Prepare-for-the-Exam/Review-Courses/Pages/default.aspx.ISACA offers CISA Review courses for various regions.
URL Self-Study Material
CISA exam preparation, including prep resources, certification job practice, terminology, a glossary, study material and review courses in required area.
Online Practice Tests
CISA Self-Assessment Exam
Image Source: ISACA
.png?w=640)
EC-Council is a member-based organization that certifies individuals in various e-business and information security skills. Here is a list of all the certifications that EC-Council provides: Certified Ethical Hacker (CEH); Computer Hacking Forensic Investigator (CHFI); EC-Council Certified Security Analyst (ECSA); Licensed Penetration Tester (LPT); EC-Council Network Security Administrator (ENSA); EC-Council Certified Incident Handler (ECIH); EC-Council Certified Security Specialist (ECSP); EC-council Certified Disaster Recovery Professional (EDRP); Chief Information Security Officer (CISO); Certified Secure Computer User (CSCU); Certified Ethical Hacker (CEH) is the most common and widely used certification.
Description
CEHv8 is a comprehensive Ethical Hacking and Information Systems Security Auditing program, suitable for candidates who want to acquaint themselves with the latest security threats, advanced attack vectors, and practical real time demonstrations of the latest hacking techniques, methodologies, tools, tricks, and security measures.
Prerequisites
Candidates must attend official training or have at least two years of information security related experience.
Exam
Certified Ethical Hacker (CEH) Exam 312-50 (125 questions, 4 hours, 70% passing score)
Approximate Cost for Exam
The version 8 exam costs $500 USD for the actual test and $100 USD as a nonrefundable fee for registration, administered by Prometric Prime/ Prometric APTC/VUE.
URL
http://www.eccouncil.org/Certification/certified-ethical-hacker
Available Courses
CEH Courseware– US Market Only ($825 USD): course outline, exam.
Self-Study Material
iLearn (Self-Paced $664 USD), Live, Online, Instructor-led ($2,895 USD)
Online Practice Tests
Online Practice Tests
Image Source: EC-Council
.png?w=640)
EC-Council Certified Security Analyst (ECSA) is an advanced ethical hacking certification and a step ahead of a CEH. This certification helps analysts validate the analytical phase of ethical hacking by being able to analyze the outcome of hacking tools and technologies. By making use of innovational network penetration testing methods and techniques, an ECSA can perform the intensive assessments required to effectively identify and mitigate risks to the information security of the infrastructure. The ECSA certification is designed for candidates who are Network Server Administrators, Firewall Administrators, Information Security Testers, System Administrators and Risk Assessment Professionals.
Prerequisites
Candidates must attend official training or have at least two years of information security related experience.
Exam
ECSA v8 (150 questions, 4 hours, 70% passing score)
Approximate Cost for Exam
The version 8 exam costs $500 USD for the actual test and $100 USD as a nonrefundable fee for registration, administered by Prometric Prime/ Prometric APTC/VUE.
URL
https://cert.eccouncil.org/ec-council-certified-security-analyst.html
Available Courses
ECSA/LPT v8 Courseware + iLabs – US Market Only ($700 USD). Course outline
Self-Study Material
iLearn (Self-Paced $559.65 USD), Live, Online, Instructor-led ($2,889 USD)
Online Practice Tests http://www.eccouncil.org/Training/ecsa-assessment
Image Source: EC-Council
.png?w=640)
CompTIA is the leading provider of vendor-neutral IT certifications, offering 16 certification exams in PC support, networking, servers, Linux, security, cloud, mobile and more. CompTIA provides certification series that test various knowledge standards, from entry-level to expert. For security specifically, CompTIA offers the CompTIA Security+ certification.
Prerequisites
Candidates must have a minimum of two years of experience in IT administration with a focus on security. Network+ certification is recommended before taking the Security+ exam.
Exam
SY0-401 CompTIA Security+ certification (90 questions, 90 minutes)
Approximate Cost for Exam
$302 USD
URL
http://certification.comptia.org/getCertified/certifications/security.aspx
Available Courses
To see what the exam covers, fill out this form.
Self-Study Material
Online learning tool, classroom training, study material, e-learning
Online Practice Tests
Click here.
Image Source: CompTIA
.png?w=640)
CWNP is a non-profit organization that sets the IT industry standard for vendor-neutral enterprise Wi-Fi certification and training. Currently, CWNP focuses on 802.11 wireless networking technologies and offers 6 levels (Entry to Expert levels) of career certification for Enterprise Wi-Fi in areas including fundamentals, administration, security, analysis, design, mastery and instruction.
The CWSP certification is a professional level wireless LAN certification that ensures candidates have the skills to successfully secure enterprise Wi-Fi networks from hackers, without dependency on the brand of Wi-Fi gear deployed in the organization.
Prerequisites
Applicant must hold a current and valid Certified Wireless Network Administrator (CWNA) credential.
Exam
CWSP-205 exam administered by Pearson VUE (60 questions, 90 minutes, 70% passing score, 80% passing score for instructors)
Approximate Cost for Exam
$225 USD
URL
https://www.cwnp.com/certifications/cwsp
Available Courses
None
Self-Study Material
CWNP offers self-study products for CWNP certification exams including books, practice tests, and kits.
Online Practice Tests
CWSP practice test questions
Image Source: CWNP
[DarkReading]
English
Hello sir I have completed my CEH and wanted to boost my career in security, so which certification should i opt. Just correct me if I am wrong I was thinking to go for ECSA and then LPT from EC-Council as I am a B.Tech fresher and just now got a job of CEH trainer. please suggest me how to have a security career.
Thank you
Hi Akky,
It very much depends on your career path. Assuming you prefer a penetration testing career path, then next step with LPT or OCSP, or even GPEN should be the right choice to develop it.
Wish you all the best.
@PHC