Security+ vs CISSP? Which one is better for your Cyber Security career?

แชร์
ฝัง
  • เผยแพร่เมื่อ 26 ธ.ค. 2024

ความคิดเห็น • 152

  • @JonGoodCyber
    @JonGoodCyber  4 ปีที่แล้ว +11

    Study Sources:
    Security+
    CompTIA Security+ Study Guide: amzn.to/2Rg1OHf
    CompTIA Security+ Course (membership access): www.jongood.com/product/comptia-security-sy0-501/
    CompTIA Security+ Course (single course without membership): www.jongood.com/udemy/securityplus
    CISSP
    Official CISSP CBK: amzn.to/2THCPhy
    Official CISSP Study Guide: amzn.to/369BT7Z
    Eleventh Hour CISSP: amzn.to/2Rfavl4

    • @germ4613
      @germ4613 2 ปีที่แล้ว +3

      Terrible video. Security+ is a lower level basics of security cert. The cissp would be compared to the casp. If anything. Makes 0 sense to compare it to security+

    • @germ4613
      @germ4613 2 ปีที่แล้ว +2

      You completely skipped intermediate certs. You compared a more basic cert to a advanced cert here 🤣🤣🤣

    • @germ4613
      @germ4613 2 ปีที่แล้ว

      How do you have both these certs and not know that

    • @JonGoodCyber
      @JonGoodCyber  2 ปีที่แล้ว +1

      @@germ4613 I get asked to compare the two certifications frequently enough that it made sense to make a video to address it, not because I'm unaware of the audience that each is targeted towards. Thank you for watching!

    • @germ4613
      @germ4613 2 ปีที่แล้ว +1

      @@JonGoodCyber I also think it's weird that people keep comparing network+ to ccna. Cause network+ is a entry cert. They should be comparing network+ to a Cisco entry cert. Ccna is a intermediate cert. No one ever calls that out. Cause that one is like duh ccna is harder.

  • @MrLopez746
    @MrLopez746 4 ปีที่แล้ว +28

    I think you hit the correct point towards the end that you should get Security+ first on your way to get CISSP. I think the real question some people have is if you should start with Security+ or SSCP. Or if you already have Security+ should you try for the SSCP or CySA+ next? Especially if you want to be an analyst, not necessarily a security manager.

    • @JonGoodCyber
      @JonGoodCyber  4 ปีที่แล้ว +12

      Honestly I would probably recommend the CySA+ over the SSCP. The SSCP is very similar to the Security+, where the CySA+ will give you more of that analyst knowledge that is helpful in a Security Operations Center (SOC).

    • @krisg900
      @krisg900 ปีที่แล้ว +1

      @@JonGoodCyber what about Pentest+

    • @JonGoodCyber
      @JonGoodCyber  ปีที่แล้ว +1

      @@krisg900 for what kind of job? If we are still talking about the same path, (Security Analyst) the Pentest+ isn't even really in the conversation. Honestly even for Penetration Testing jobs, the value of the Pentest+ is very minimal. At the level of experience this question is related to (early to mid level security analyst), you should be much more focused on building your analysis skills and how to leverage blue team tools.

    • @krisg900
      @krisg900 ปีที่แล้ว +1

      @@JonGoodCyber I was thinking about getting Pentest+. I have Security+ and am about to take CySA+. I was thinking about Pentest+ because I like pentesting and offensive but idk. I also am looking at the AZ 500. I like offense but I also like defense. What do you think? I don't want to spend forever getting certs. Should I get CySA+ and AZ-500 and stop?

    • @JonGoodCyber
      @JonGoodCyber  ปีที่แล้ว +1

      Definitely go grab a copy of my eBook ( jongood.com/getstarted/ ) to see the skills and certifications that I recommend. As far as your situation, it isn't clear if you're working in the industry or your level of experience but cloud is one of the hottest areas in Cyber Security right now, and honestly in all of technology careers. With that being said, cloud is also its own area so if that is of interest to you, I wouldn't try to dip my toes in a bunch of areas and instead dive all the way in.

  • @csl9495
    @csl9495 2 ปีที่แล้ว +13

    I'm 80% done studying for the sec+, and then I just learned about the cissp and its placement in hiarchy and considered to stop the sec+ and pursue the cissp. But thanks to this vid, I vid for reminding me to just stay focus and knock out the sec+. Especially when I have zero experience and I've already skipped the A+ and Network+. The cissp will come when it comes.

    • @JonGoodCyber
      @JonGoodCyber  2 ปีที่แล้ว +1

      Awesome, I'm glad that I could help and thank you for watching!

    • @Napkin2d
      @Napkin2d ปีที่แล้ว

      @csl9495 any update?

  • @u.talwalkar9640
    @u.talwalkar9640 4 ปีที่แล้ว +15

    I’m studying for security+ as a stepping stone to get into security space with a goal to finally do CISSP or CISA or CRISC later. Been in IT for 20+ years.

    • @JonGoodCyber
      @JonGoodCyber  4 ปีที่แล้ว +4

      Awesome stuff...when you get to that later point if you are going to do all three, I would recommend the following order: CISSP, then CISA, then CRISC. They might not all make sense based on how things evolve but they all have great information and that order is highest demand to lowest.

    • @u.talwalkar9640
      @u.talwalkar9640 4 ปีที่แล้ว +1

      Jon Good thank you. How do you value CISM in that order compared to CISSP especially.

    • @JonGoodCyber
      @JonGoodCyber  4 ปีที่แล้ว +3

      The CISSP and CISM do have some overlap but I would consider the CISSP more valuable. For that particular lineup, I would say CISSP, CISA, CISM, CRISC...possibly even CRISC then CISM just because ideally you want to get different skillsets and then the CISM is just icing on the cake.

    • @JonGoodCyber
      @JonGoodCyber  4 ปีที่แล้ว +2

      I would clarify that the CISA is not as much about the technical side of security and focuses heavily on identifying risk in areas like processes. Risk and risk management are major subjects in security but they aren't usually part of an analyst or engineer's role.

  • @HN-ATX
    @HN-ATX 4 ปีที่แล้ว +25

    Why do you compare these two certs? They are not comparable.

    • @JonGoodCyber
      @JonGoodCyber  4 ปีที่แล้ว +16

      The question actually comes up a lot and I'm here to help.

    • @richarddalton4305
      @richarddalton4305 4 ปีที่แล้ว +1

      I'd agree

    • @Dj_Alax909
      @Dj_Alax909 3 ปีที่แล้ว +1

      Same thing I thought when I saw this.. but yeah I can imagine people entering IT Cybersecurity would be confused.

  • @VinnyMartello
    @VinnyMartello 4 ปีที่แล้ว +15

    I passed my security plus literally just this week. So excited to pursue a different career.

    • @JonGoodCyber
      @JonGoodCyber  4 ปีที่แล้ว +4

      Awesome and congratulations! I still remember how excited I was when I passed Security+.

    • @A42yearoldARAB
      @A42yearoldARAB ปีที่แล้ว

      how is it going? Thinking of taking it.

    • @VinnyMartello
      @VinnyMartello ปีที่แล้ว

      I started my own tree removal company and I haven’t touched a computer!

  • @carlacampos6474
    @carlacampos6474 2 ปีที่แล้ว +5

    Hello! Thanks for taking the time to teach this, I am studying the material of both, and also for (ISC)2 I am getting a sense of which one I feel more comfortable of doing first. I am doing courses online and self education and tutorials, I will probably end up doing first sec+ thank u for all the good stuff you post

    • @JonGoodCyber
      @JonGoodCyber  2 ปีที่แล้ว +3

      There is certainly an overlap in the material for both certifications but it's generally not a good idea to study multiple certifications at once. It's much better to make a decision and put your full effort into a single certification. Thank you for watching and I'm glad that the content is helpful!

  • @clu66er
    @clu66er 4 ปีที่แล้ว +4

    Why not both? I know cost will be a factor but Sec+ will help gain the fundamentals down before taking the CISSP. Also in Europe the CISSP will open more doors than Sec+ would do.

    • @JonGoodCyber
      @JonGoodCyber  4 ปีที่แล้ว +2

      There is absolutely nothing wrong with getting both certifications. Depending on the factors I lay out in the video though, one might make more sense than the other right now.

  • @kuririn1975
    @kuririn1975 4 ปีที่แล้ว +2

    Sec+ vs CISSP which is better. That is a no brainer on which is one holds more weight the problem is employers will see the CISSP cert and once hired will expect you to know your stuff. Plus just to take the test you need atleast 5 years experience in the industry to even apply. So depending on the level of knowledge/experience of the person is which cert to go for. Starting out Sec+, In the IT Security Field for a few years CISSP

    • @JonGoodCyber
      @JonGoodCyber  4 ปีที่แล้ว +1

      You make an important point in that where you are in your career really matters as far as the value you can get out of certain certifications.

  • @ReQuiem_2099
    @ReQuiem_2099 3 ปีที่แล้ว +17

    Lol; “Should you repeat 3rd grade, or should you go for your masters?

    • @JonGoodCyber
      @JonGoodCyber  3 ปีที่แล้ว +2

      Thank you for watching!

  • @SiDrift
    @SiDrift 2 ปีที่แล้ว +2

    This is sort of like asking if the A+ or a Microsoft Expert Cert is better for your career. Odd comparison choice as one is entry level and one is close to being intermediate-senior level.

    • @JonGoodCyber
      @JonGoodCyber  2 ปีที่แล้ว +2

      It may seem like an odd comparison but I promise you that I get the question enough to where I needed to make the video. Interestingly enough, the question doesn't always come from people who are brand new to the career field.

  • @pehash
    @pehash 3 ปีที่แล้ว +11

    You mention "for your career". Is there even a contest? Its like comparing the begginer level with the expert level. Lol

    • @JonGoodCyber
      @JonGoodCyber  3 ปีที่แล้ว +4

      It's important to keep in mind that your current career situation is different from your career situation in 5-10 years.

  • @bryantbrown162
    @bryantbrown162 4 ปีที่แล้ว +3

    Currently an undergraduate student in information technology/cyber security. Looking for a certification now to further my career. I brand new to the space. Thanks for your updates. It helps me stay focused.

    • @JonGoodCyber
      @JonGoodCyber  4 ปีที่แล้ว +1

      Awesome and I'm glad you enjoyed the video! Make sure to grab a free copy of my eBook ( www.jongood.com/newsletter/ ) that has a certification roadmap for you.

  • @peaceful4you408
    @peaceful4you408 2 ปีที่แล้ว +2

    Certifications hold more or less value depending on what sector you’re in. There will never be a general answer to this. I can 1000% guarantee you that the Security+ in the government sector will be by far the more valuable cert. It’s literally a government DoD requirement listed. Even if you have CISSP, they won’t even hire you without Security+. If they do hire you without Security+, they won’t keep you long if you don’t get it fast. I had my CISSP going into a government role and it got me hired but I had an 8 week grace period to pass and obtain Security+ or I would have been shown the door. They literally told me that. I know in the private sector though, security+ is regarded as an entry level certification but still valuable depending on what you’re doing.

    • @JonGoodCyber
      @JonGoodCyber  2 ปีที่แล้ว +2

      If you can pass the CISSP but cannot pass the Security+ then something is wrong. The government/defense sector definitely has some unique aspects regarding certifications and what's required based on overall responsibility. I find it interesting if you were actually told that the CISSP would not satisfy the Security+ requirement. Whoever was interpreting the requirements didn't do a very good job because the CISSP is an IAT Level III and IAM Level III certification, which actually means that it satisfies all lower levels within those categories. Some IAM level certifications wouldn't satisfy an IAT level requirement but the specific situation that you mentioned is a very common comparison. Also, the CISSP is actually the most valuable certification that you can have in that industry for high level positions.

    • @zepplinc20
      @zepplinc20 2 ปีที่แล้ว

      @@JonGoodCyber Came here to say this.

    • @Milky44
      @Milky44 2 ปีที่แล้ว

      @@JonGoodCyber If he can pass the CISSP and not the sec plus then that means he cheated some how.

  • @TheJmanuelsj
    @TheJmanuelsj 4 ปีที่แล้ว +6

    Since I’m new to security, security +

    • @JonGoodCyber
      @JonGoodCyber  4 ปีที่แล้ว +4

      Awesome choice! Good luck and make sure to check out my course as you prepare ( www.jongood.com/courses/ ).

    • @TheJmanuelsj
      @TheJmanuelsj 4 ปีที่แล้ว +1

      Thanks Jon, will do :)

  • @44godson
    @44godson ปีที่แล้ว +1

    That sucks, if I learned CISSP I will have to wait to be even considered an associate. But better than nothing I guess. Not sure if this is to curb the influx of personnel applying or it's genuinely about gaining the experience.

    • @JonGoodCyber
      @JonGoodCyber  ปีที่แล้ว +1

      The target audience of the CISSP is managers or people making management level decisions with a security program, which is quite a different role than a normal staff member. The CISSP should certainly be on your roadmap but it doesn't do anything for you until you have the required experience under your belt. There's plenty of other options out there that are a better fit for somebody trying to gain experience but doesn't meet the requirement yet.

  • @svyat1607
    @svyat1607 4 ปีที่แล้ว +1

    I am new to Security , got CCNP R&S, MCSE cloud platform and infrastructure, a lot of tools related Certs (Splunk, PRTG, CyberArk,....) going to try CISSP.

    • @JonGoodCyber
      @JonGoodCyber  4 ปีที่แล้ว +1

      Awesome! The CISSP would definitely be a good addition.

  • @fireleather1707
    @fireleather1707 2 ปีที่แล้ว +1

    I like when somone who holds the certs speaks to them, too many out there that dont hold the cert speak to it.

    • @JonGoodCyber
      @JonGoodCyber  2 ปีที่แล้ว +2

      I'm glad that you enjoyed the video! It certainly can be helpful to hear from somebody who's been through the journey before.

  • @csl9495
    @csl9495 2 ปีที่แล้ว +1

    Has there been an update with the Cissp? I was just on their website and I'm sure I signed up for their free self paced training material. Also it says it's entry and it doesn't require 4-5 years of experience.

    • @JonGoodCyber
      @JonGoodCyber  2 ปีที่แล้ว +1

      You probably signed up for their entry level certification that they just released recently. The experience requirement for the CISSP has not changed ( www.isc2.org/Certifications/CISSP/experience-requirements ).

  • @khavanu
    @khavanu 4 ปีที่แล้ว +2

    Substantial amount of Exam Fees .. will stop me taking CISSP

    • @JonGoodCyber
      @JonGoodCyber  4 ปีที่แล้ว +3

      The CISSP is definitely not inexpensive and ideally you can work for an employer that will pay for it. With that being said, would you pay $700 if it resulted in $10,000 more pay? By passing the CISSP you might not directly get that kind of increase but over the long term it really is that obvious that you should get the CISSP.

  • @ae4xo
    @ae4xo 3 ปีที่แล้ว +1

    I am a windows systems admin. I have to get my security + in order to get a job on the air force base. Now with that, should i look at the CISSP later if i am not going to be in cyber security?

    • @JonGoodCyber
      @JonGoodCyber  3 ปีที่แล้ว +1

      In that environment, I would highly encourage you to pursue the CISSP at some point. You'll find that as you get more experience, even the senior level staff in IT are going to frequently have a CISSP so you want to stay competitive if nothing else.

  • @saidibrahim5931
    @saidibrahim5931 4 ปีที่แล้ว +3

    Which courses you think is good for beginners with Link's please

    • @JonGoodCyber
      @JonGoodCyber  4 ปีที่แล้ว +2

      On my website I have my Security+ course, which is great for beginners to Cyber Security.
      www.jongood.com/product/comptia-security-sy0-501/
      My website requires a membership but then you can access all of my courses including the ones I am working on creating right now.
      www.jongood.com/product/membership-subscription/
      If you prefer just an individual course instead of access to all of my courses then I would check out the single course on Security+:
      www.jongood.com/udemy/securityplus

  • @ernieschroeder1831
    @ernieschroeder1831 2 ปีที่แล้ว +1

    Thanks Jon! Great presentation. For me, Security+ it is!

  • @RegentDevil2
    @RegentDevil2 3 ปีที่แล้ว +1

    I have 3-4 years experience in sys admin roles with Windows. I have good general knowledge but in terms of networking my skill level is around CCNA at best. My question is do CISSP roles require you to have intimate technological knowledge? Or more just a high-level understanding of how everything works?

    • @JonGoodCyber
      @JonGoodCyber  3 ปีที่แล้ว +3

      It will really depend on the role because even though the CISSP is primarily meant for management level staff, there are a variety of positions including senior level technical roles that desire people to have a CISSP. The short answer though is that you don't have to apply to technical roles if you would rather be non-technical as there are plenty of roles that exist.

    • @RegentDevil2
      @RegentDevil2 3 ปีที่แล้ว +1

      @@JonGoodCyber thank you for the insight

  • @SheepdogTTV
    @SheepdogTTV ปีที่แล้ว +1

    With an associates degree and a security+ certification, is it possible to find Analyst jobs? been unable to find anything on indeed.

    • @JonGoodCyber
      @JonGoodCyber  ปีที่แล้ว +1

      If you're trying to find jobs that match what you have exactly, you're not using the right strategy. Find jobs that match your level of paid experience, and see how well your knowledge/skills align. Most likely you'll be in the ballpark for the job requirements of an entry level or junior level type job but you should be seeking to be the most competitive candidate that you can be.

    • @SheepdogTTV
      @SheepdogTTV ปีที่แล้ว +1

      @@JonGoodCyber Thanks for the reply Jon, I lack experience mostly, but it is very difficult to get experience with nobody hiring 0-2 years in my area. Even entry level positions on indeed have 4+ years of experience required.

    • @JonGoodCyber
      @JonGoodCyber  ปีที่แล้ว +1

      @@SheepdogTTV I recommend using the filters provided by the job boards because jobs frequently ask for 3 years or less of experience. Also, don't just look for remote jobs, as that will limit your chances.
      In general, Cybersecurity is not considered an entry-level career path, so you should be applying to any help desk, IT or cyber security job that matches your experience. As you gain experience, start developing a strategy for the next steps to reach your goal job.
      I highly recommend checking out the Career Services offered by Cyber Training Pro to help you in your journey ( www.cybertrainingpro.com/ ).

  • @BD90..
    @BD90.. 2 ปีที่แล้ว +1

    Any thoughts on the CompTIA cyber analyst certification?

    • @JonGoodCyber
      @JonGoodCyber  2 ปีที่แล้ว +1

      As far as comparing them to the Security+ and CISSP? I certainly have thoughts on it but I need more context to address your question.

  • @Chris-tq1jy
    @Chris-tq1jy 2 ปีที่แล้ว +1

    I have 5 years working in a Security Operations Center, does that count as CISSP experience? Or do I need to be an ISSO?

    • @JonGoodCyber
      @JonGoodCyber  2 ปีที่แล้ว +1

      The requirement is for cyber security experience not a particular title. I would take a look at the requirements and domains ( www.isc2.org/Certifications/CISSP/experience-requirements ) to make sure that your experience aligns but I can't imagine somebody working in a SOC doesn't have the appropiate experience.

  • @Chadbelerique
    @Chadbelerique 3 ปีที่แล้ว +5

    This feels like apples and oranges. Both are security certs but on opposite ends of the cert spectrum.
    Sec+ is entry level and CISSP is mid-to-late level.
    For 99% of people CISSP won’t be your first cert.
    Anyone asking this should shoot for Sec+

    • @JonGoodCyber
      @JonGoodCyber  3 ปีที่แล้ว +3

      You would be surprised how often I get asked the question and many times it is because somebody is not aware how each certification fits into a career.

  • @galloe
    @galloe 6 หลายเดือนก่อน

    I'm not even understanding how people are making this comparison. Those two certifications come into play at very different stages in your career, one is entry level and the other requires real-life experience to even be allowed to sit for the exam.
    By the time you go for the CISSP you probably had the Security+ for years, or maybe even stopped renewing it by then. These two certs are worlds apart, and it's not about which one is better, you'll probably get both at different points in your life.
    If you're contemplating on taking the Sec+ exam, then you're not ready for the CISSP and more than likely don't meet the requirements to take it. If you're at the point where you're ready for the CISSP, then you're way beyond the Sec+.

    • @JonGoodCyber
      @JonGoodCyber  6 หลายเดือนก่อน +2

      It's important to understand that I get questions from people of all experience levels, and my ultimate goal is to help people in their journey regardless of experience level. Although this might not be a question you have, which is completely fine, that doesn't mean other people don't need an answer to it, and we certainly aren't going to (and shouldn't) hate on them for asking. Also, for the correctness of your comment, the CISSP has an experience requirement to get certified, but you do not technically need any "real-life" experience to sit for the exam.

    • @galloe
      @galloe 6 หลายเดือนก่อน

      ​@@JonGoodCyberI didn't realize this video is 4 years old, it just popped up in my suggestions.
      I completely understand what you're saying, and I respect that you're trying to help and answer people's questions. I just feel it was addressed in an odd way.
      The whole "Which one is better?" and "So which one should you go for?" questions seem out of place, because they're not comparable at all. It's not like anyone is going to come to the point where they have to decide which one to take between the two. It's as if you're pitting them against each other, or like we're being forced to choose one over the other, when in reality most people will benefit from acquiring both, just at very different points in their career.
      To me, it's almost like asking the question, "Should I apply for a SOC Analyst position, or should I apply for CISO?" Well, what's your skill level and experience?
      Anyway, I'm not trying to invalidate anything you're saying, I just found it a bit strange to approach this the way you did.
      Thank you for the content!

  • @VF5
    @VF5 3 ปีที่แล้ว +1

    So my goal is CISSP, but I don't have the cyber experience to take the exam. I work in project management (PMP certified) so should I go for security+ or SSCP?

    • @JonGoodCyber
      @JonGoodCyber  3 ปีที่แล้ว +2

      I typically recommend the Security+ over the SSCP unless there is a very specific reason. The Security+ is more widely known and my students usually have an easier time passing.

  • @samirul223
    @samirul223 4 ปีที่แล้ว +4

    Been In in support for 5 years I'm doing the security + exam as I am interested in getting into cybersecurity

    • @JonGoodCyber
      @JonGoodCyber  4 ปีที่แล้ว +1

      Awesome stuff! Make sure to check out the video I just dropped for my One Year Anniversary and a special gift.

  • @castercs
    @castercs 2 ปีที่แล้ว +1

    Anyone knows how new CCNP (2nd exam or concentration exam focused in security) compares to CompTIA Security + ?

    • @JonGoodCyber
      @JonGoodCyber  2 ปีที่แล้ว +2

      The CCNP Security will be more difficult and more technically focused on the network side of things. That means VPNs and other networking technologies at a deep level because it's a professional level certification. The Security+ will give you a broad understanding of Cyber Security without the focus on a specific vendor. Basically, you can count on your CCNP studies requiring a lot of hands on where the Security+ will be more conceptual. When the CCNA Security was still around, it was a lot closer but even then it still heavily focused on networking for obvious reasons.

    • @castercs
      @castercs 2 ปีที่แล้ว +1

      @@JonGoodCyber thanks a lot Jon for input. I am struggling to decide what to take before i even start to read CySA + so i don't get lost in material.

    • @JonGoodCyber
      @JonGoodCyber  2 ปีที่แล้ว +2

      If you can pass the Security+, the CySA+ would be a little more difficult because it's the next level but you should be able to handle it. I recommend checking out the roadmap in my eBook ( www.jongood.com/getstarted/ ) for what I tell people to pursue.

  • @stormchaser419
    @stormchaser419 2 ปีที่แล้ว +1

    No benefit in my opinion to take the CISSP before getting the experience.

    • @JonGoodCyber
      @JonGoodCyber  2 ปีที่แล้ว +1

      Interestingly I made a video on the Associate of ISC(2)...aka the CISSP prior to having the experience. th-cam.com/video/GNVBcGziS9I/w-d-xo.html

  • @MikeMitchell-y3m
    @MikeMitchell-y3m ปีที่แล้ว

    I am a six figure Risk Assessment engineer without any cert. Study on your own and get the SKILLS. Interviewers see past certs

    • @JonGoodCyber
      @JonGoodCyber  ปีที่แล้ว +2

      Mark Zuckerberg dropped out of college and created Facebook and is now rich...does that mean that everybody should drop out of school and they will form the next Facebook? There's always going to be examples where people just happened to be in the right place at the right time or have the right network that opens a door into a good position...but you're asking for a lot of disappointment by completely ignoring certifications and ASSUMING that interviewers are going to put in the extra effort that you're describing. Certifications are a much bigger discussion but that oversimplification is a recipe for disaster.

    • @MikeMitchell-y3m
      @MikeMitchell-y3m 9 หลายเดือนก่อน

      I agree

  • @rishipreetam9129
    @rishipreetam9129 4 ปีที่แล้ว +1

    I have CEH and CHFI , I want to do one Certification in security domain , so Security+ or SSCP?

    • @JonGoodCyber
      @JonGoodCyber  4 ปีที่แล้ว +1

      I typically recommend Security+ over the SSCP because it has better industry recognition and tends to be an easier exam for people. At the end of the day though, they both cover very similar information and are intended for basically the same audience.

    • @s0larflare
      @s0larflare 3 ปีที่แล้ว +1

      @@JonGoodCyber The SSCP has an advantage that it counts as a year experience waiver for the CISSP, so rather than needing 5 you only need 4.

    • @JonGoodCyber
      @JonGoodCyber  3 ปีที่แล้ว +1

      The waiver is not unique to the SSCP and there are a total of 52 certifications that provide that benefit, including the Security+.

  • @Brain_quench
    @Brain_quench 3 ปีที่แล้ว +1

    Hello Jon
    looking for advice on my job search. Currently a Spanish teacher but looking to leave b/c of the low pay. In the last 5 months I obtained (Google Data Analytics Cert, Google Project Management Cert, Comptia Security + Cert). I have a limited budget to pay for more certs/training. My 2 questions are: 1. What type of jobs/pay would you say I am qualified for now? 2. How can I buff my resume even further but inexpensively? Thanks in advance.

    • @JonGoodCyber
      @JonGoodCyber  3 ปีที่แล้ว +1

      For Cyber Security, the only certification that would help directly is the Security+ and I would apply to anything that says 2 years or less experience in both IT and Cyber Security. Unfortunately, just because you obtained the Security+ doesn't necessarily mean you have the required knowledge in areas like networking, operating systems, etc. to be "qualified" for a job, especially in cyber security. Look at my free eBook ( www.jongood.com/getstarted/ ) where I provide a roadmap of what you should be learning and the certifications to pursue. For training, you'll want to check out my resources page ( www.jongood.com/resources/training/ ) where I provide several options that are either free or low cost.

    • @Brain_quench
      @Brain_quench 3 ปีที่แล้ว +1

      @@JonGoodCyber Thank you for taking the time to reply!

    • @Stoneface_
      @Stoneface_ 2 ปีที่แล้ว

      Any update?

  • @justinfay3011
    @justinfay3011 4 ปีที่แล้ว +2

    Does a degree count as experience with the CISSP?

    • @JonGoodCyber
      @JonGoodCyber  4 ปีที่แล้ว +1

      Yes, you can get a one year waiver by either having a degree or one of the approved certifications. www.isc2.org/Certifications/CISSP/experience-requirements

  • @Frissdas1207
    @Frissdas1207 3 ปีที่แล้ว +1

    IMHO unless you're trying to work for the gov, comptia certs are kinda a joke and waste of time. -10 years IT, Sr. Systems engineer with ccnp sec.

    • @JonGoodCyber
      @JonGoodCyber  3 ปีที่แล้ว +1

      If you have 10 years of experience then you aren't really the target audience for CompTIA certifications because they typically work best for 0-3 years of experience. I disagree with saying that CompTIA certifications are worthless for a lot of reasons including but not limited to required prep time, learning concepts early in your career, and helping employers differentiate candidates. I could say the same thing for a CCNA being worthless if you have 20 years of networking experience because it would make a lot more sense to aim straight for a CCIE.

    • @Frissdas1207
      @Frissdas1207 3 ปีที่แล้ว +1

      @@JonGoodCyber I did not say worthless. I said "kinda a joke". Even when I started out in IT back in late 2010 I had the A+, Net+ and MCSA. never once was my comptia certs brought up in interviews, ever. 3 bosses in and they all said "I saw your Microsoft cert" 3 years into IT I got the ccent then ccna r/s then 1 year after that the ccnp r/s followed by ccnp sec.
      I have had a total of 4 bosses between 3 jobs over 10 years and every single one of them have expressed complete lack of care or attention for comptia certs even when recruiting for our help desk.
      I'm not saying don't get them. I am saying if I could go back, I would have spent my time elsewhere.

    • @JonGoodCyber
      @JonGoodCyber  3 ปีที่แล้ว +1

      Everything is a building block to learning more knowledge. Of course as you get higher level certifications (like CCNA > CCNP) and depending on the actual job responsibilities then things are going to be valued differently. Additionally, different hiring managers will view things differently depending on their experience and what they personally value. Are CompTIA certifications "impressive" in the grand scheme of things? Obviously they aren't going to turn heads but they give you something tangible to exhibit that you are continually learning, which is a lot harder if you are only studying (especially as hiring managers review resumes).
      Something that I tell people all the time is that whenever you can show what you know through blogs, videos, etc., the better you look and it COULD take away some of the emphasis on certifications in the industry. The main problem is that of all the people that I tell that, the number that actually follow through with it is pretty small.

  • @Ricocase
    @Ricocase 3 ปีที่แล้ว +1

    What about cciso? Do I have to earn a sec+ and ceh 1st or just take a cciso class alone?

    • @JonGoodCyber
      @JonGoodCyber  3 ปีที่แล้ว +2

      Below is the link to the eligibility requirements for the CCISO from EC Council. Although the Security+ isn't a requirement for the CCISO, if you couldn't pass the exam then you definitely aren't ready. The CEH has very little relevance if any for the CCISO.
      ciso.eccouncil.org/cciso-certification/cciso-qualification-requirements/

    • @Ricocase
      @Ricocase 3 ปีที่แล้ว +1

      @@JonGoodCyber thx, basically a zillion years experience (5 yrs per 5 domains). Is there truly a demand for cybersecurity professionals without a zillion years experience, lol?

    • @JonGoodCyber
      @JonGoodCyber  3 ปีที่แล้ว +1

      Domains 1-4 will almost always overlap in experience. Domain 5 basically will require you to be in a lead or management role. It will probably be easier to get the experience satisfied than it seemed at first glance.

  • @richarddalton4305
    @richarddalton4305 4 ปีที่แล้ว +1

    I have the Sec+ and the CySA+ among the trifecta. Do you think the CASP would be a good next step or CISSP?

    • @JonGoodCyber
      @JonGoodCyber  4 ปีที่แล้ว +2

      How much experience do you have? I would definitely check out my video on the technical path to the CISSP ( th-cam.com/video/wWKACDri6hM/w-d-xo.html ). The CASP is a good progression leading up to the CISSP because it builds on the knowledge you've already acquired and adds additional knowledge. Also in the CASP, you are still going to get some of the hands-on technical learning that you aren't really going to get in the CISSP, which is more about managing from a high-level.

    • @richarddalton4305
      @richarddalton4305 4 ปีที่แล้ว +1

      I have 2.5 years of help desk/SysAdmin/ everything lol. Small shop. I currently work at a IT school as an instructor mentor. 6 months there. So 3 years of experience. Getting the CySA and Sec+ get a 1 year waver. So I’m 1 year away with experience

    • @JonGoodCyber
      @JonGoodCyber  4 ปีที่แล้ว +2

      Awesome...I would definitely follow the path. You are getting pretty close but remember it's a marathon not a sprint!

    • @kuririn1975
      @kuririn1975 4 ปีที่แล้ว

      @@richarddalton4305 Do you want to be managerial or technical? Managerial go CISSP, Technical stick with CASP and maybe get CCNP-Security, CISM. Depends on what you want to do.

  • @christhesoftwareguy5672
    @christhesoftwareguy5672 2 ปีที่แล้ว +1

    I just passed my security plus exam just this past week

    • @JonGoodCyber
      @JonGoodCyber  2 ปีที่แล้ว +1

      Congratulations! What's next?

  • @youtubeforfun75
    @youtubeforfun75 3 ปีที่แล้ว +1

    Hello Jon, I have no job experience in IT but I have done bachelor in IT engineering and currently I am doing master of cyber security. Am I eligible for CISSP? And is it necessary?

    • @JonGoodCyber
      @JonGoodCyber  3 ปีที่แล้ว +2

      I would review the CISSP requirements below so that you are aware, but no you wouldn't meet the 5 years of paid work experience required. The CISSP should be the goal of anybody in Cyber Security. I would recommend checking out my Getting Started page for useful resources included a career roadmap ( www.jongood.com/getting-started/ ).
      CISSP Requirements: www.isc2.org/Certifications/CISSP/experience-requirements

  • @GerritSmit
    @GerritSmit 3 ปีที่แล้ว +2

    I was thinking of taking this route to be honest. Security+ > CEH > CISA > CCISO > CISM > CISSP(But with CISSP you mention that you need to write ISC2? before or after CISSP)
    But I see you mention to start with the biggest and hardest one first CISSP, then do the CISA. Is the concept you are trying tell here equivalent to doing the CCIE first then CCNA?
    What's your Take?
    I got to where I am through sheer experience but now qualifications is becoming a thing that i need to do to progress further.
    I'm currently an Information Security Specialist for 4 years now. But before that for 6 year i've been involved in the security space for 6 years with 2 years being a security engineer.
    Always had a study disability even through school, so had to have someone(Scribe) read the papers for me for my brain to take in. With psychologist that had to approve this with proper evaluations.(Just making a point that I wasn't just being lazy and truly have an issue)

    • @JonGoodCyber
      @JonGoodCyber  3 ปีที่แล้ว +2

      I would highly recommend grabbing a free copy of my eBook ( www.jongood.com/getting-started/ ) where I give a skills and certifications roadmap. Although you list some well known certifications, there is more strategy to getting the most return on your investment than simply gathering a bunch of certifications. For the CISSP and CISM, I have a comparison video ( th-cam.com/video/WbtpVWEm2QU/w-d-xo.html ) that I would highly consider watching for the differences. Also, for all of ISC2 and ISACA certifications, you must submit an application and be approved based on the requirements.

  • @mashkr
    @mashkr 4 ปีที่แล้ว +1

    Good day, Jon!
    I am a bit confused about the experience requirements.. I have 16+ years experience in application architecture, design and development, none in the role of a formal cybersecurity-related job. However, owing to my passion in security, I have put in my best efforts to deliver secure applications. Can I still be CISSP certified or do I have to settle down for an associate?
    I have started my prep, though...

    • @JonGoodCyber
      @JonGoodCyber  4 ปีที่แล้ว +2

      You would need to look at the domains and the requirements to see if your experience matches. Typically, if you've been working in a technology job then you probably can qualify but if you want an official answer then you would need to reach out to ISC2.

  • @godman2011
    @godman2011 2 ปีที่แล้ว +1

    Is there anyone who can give advice to me?

    • @JonGoodCyber
      @JonGoodCyber  2 ปีที่แล้ว +1

      Absolutely! For more specific advice, I recommend scheduling a one-on-one Career Coaching session ( jongood.com/services/ ).

  • @TheJmanuelsj
    @TheJmanuelsj 4 ปีที่แล้ว +1

    Great video Jon!

    • @JonGoodCyber
      @JonGoodCyber  4 ปีที่แล้ว +2

      Thank you! I'm glad you enjoyed it.

  • @Novascular
    @Novascular 3 ปีที่แล้ว +1

    why are these being compared lol

    • @JonGoodCyber
      @JonGoodCyber  3 ปีที่แล้ว +2

      This question comes up frequently and it's easier to make a video than answer the same question hundreds of times.

  • @livelovecode
    @livelovecode 3 ปีที่แล้ว +1

    This is like comparing a Fiat Uno to a Hummer.

    • @JonGoodCyber
      @JonGoodCyber  3 ปีที่แล้ว +1

      Believe it or not, this question does come up frequently so it was worth the time to answer it.

  • @toshitbharti732
    @toshitbharti732 2 ปีที่แล้ว +1

    Seriously you compare cissp with compTIA😂😂😂

    • @JonGoodCyber
      @JonGoodCyber  2 ปีที่แล้ว +1

      People ask questions and I answer them. You would be surprised how often I get asked to compare the two.

  • @ghassanajarar4448
    @ghassanajarar4448 4 ปีที่แล้ว +1

    Like it!

    • @JonGoodCyber
      @JonGoodCyber  4 ปีที่แล้ว +1

      Thank you! Glad you enjoyed the video.

  • @jamiec8657
    @jamiec8657 3 ปีที่แล้ว +1

    lol, what a question.

    • @JonGoodCyber
      @JonGoodCyber  3 ปีที่แล้ว +1

      I'm glad you enjoyed the video!

  • @marktree1099
    @marktree1099 2 ปีที่แล้ว +1

    Algorithm

    • @JonGoodCyber
      @JonGoodCyber  2 ปีที่แล้ว +1

      Thank you for the support!

  • @GrumpierByTheDay
    @GrumpierByTheDay 3 ปีที่แล้ว

    Dafuq?? Is this for real?