Posted on Dec 30, 2014
Is Security+ for Cyber Warriors a good baseline?
8.13K
39
20
3
3
0
I have seen most of the new jobs for cybersecurity (25D and 17C) asking for Sec+ as a pre-req but I am wondering if it's actually a good baseline. It provides a basic overview of Security technologies but not much else. As someone who has taken courses in cryptography and securing applications and databases, I personally think we should be looking at CISSP as a baseline if we want to really get the best for this growing mission.
Cyber
Security
Cybersecurity
Posted >1 y ago
Responses: 11
7
7
0
Few comments. As of right now, anyone with elevated (ie admin) privileges on the DoD network has to have a certification that meets the DoD 8570 mandate. These certs range from A+ on the low end to CISSP on the high end. Sec+ is a good "middle ground" with regards to cost and attainability. CISSP is great, but the test is 1. Expensive. 2. Hard. 3. Requires a good chunk of time in the field. 4. Requires someone with a CISSP to sponsor you.
Now moving forward, the DoD is moving away from commercial certs towards a DISA hosted position based certification under the DoD 8140 program. This process will require someone to re-cert every time they change positions. Think upwards of 50 modules. You are going to do server admin, you have to do these 15 modules to get certified. You are going to work routers and switches, that is these 20 modules. There may be some overlap between positions, but it would standardize the training/cert across all the branches.
Now for certs, I think for the Net-A certs in coding, CEH, and similar would be most appropriate.
Now moving forward, the DoD is moving away from commercial certs towards a DISA hosted position based certification under the DoD 8140 program. This process will require someone to re-cert every time they change positions. Think upwards of 50 modules. You are going to do server admin, you have to do these 15 modules to get certified. You are going to work routers and switches, that is these 20 modules. There may be some overlap between positions, but it would standardize the training/cert across all the branches.
Now for certs, I think for the Net-A certs in coding, CEH, and similar would be most appropriate.
(7)
(0)
TSgt Joshua Copeland
LTC Richard Becker, on the Army side do you Net-D folks do both networking and servers? On the AF side, servers are one career field, transport is another and endpoints are a third. As such, CCNP/CCNA would only be practical for the transport side while vendor certs specific to the other two would be more appropriate. CISSP would be great for your SNCOs and FGO's.
(1)
(0)
SGT (Join to see)
MSgt Copeland, that actually does sound like a better program overall and you made good points about the CISSP. I think rigorous testing in baseline skills could be accomplished without civilian certs as prerequisites. I only bring up the Sec+ issue as we have over 1/2 our unit Sec+ certified but most lack understanding of the topics. They just memorized the test dumps, regurgitated the information and forgot it. The CISSP prevents that (for the most part).
I can see the merit of CCNA/CCNP but don't like them since they are vendor specific. My last 2 units were in the process of phasing out all Cisco tech in favor of Juniper so Cisco certs provide no real benefit.
I personally think if we are going to push a cert, we need to make it difficult but if not, then we need to test more and worry less about prerequisites. I was told I am ineligible for 25D because 25P is not "IT experience," but I was working on my Masters in Computer Science before PCSing to Korea. I know a lot of 25B who technically meet the 4 years experience but have never done more than reimage computers or some that have always been training room... Most 25Bs have barely touched Linux but I have taken classes in it and worked with it as a user and/or programmer for over 10 years. My experience just isn't verifiable through my work since it was a hobby/interest and not an occupation
I can see the merit of CCNA/CCNP but don't like them since they are vendor specific. My last 2 units were in the process of phasing out all Cisco tech in favor of Juniper so Cisco certs provide no real benefit.
I personally think if we are going to push a cert, we need to make it difficult but if not, then we need to test more and worry less about prerequisites. I was told I am ineligible for 25D because 25P is not "IT experience," but I was working on my Masters in Computer Science before PCSing to Korea. I know a lot of 25B who technically meet the 4 years experience but have never done more than reimage computers or some that have always been training room... Most 25Bs have barely touched Linux but I have taken classes in it and worked with it as a user and/or programmer for over 10 years. My experience just isn't verifiable through my work since it was a hobby/interest and not an occupation
(3)
(0)
CPT (Join to see)
I knew a Soldier who had N+ and I asked him to get me the IP address of a computer. He said, what is that? I was shocked. I knew he used a dump... but an IP address is fundamentals.... 001
(0)
(0)
TSgt Joshua Copeland
CPT (Join to see), I have seen more than a few that I question how they passed.
(1)
(0)
4
4
0
3
3
0
Anyone with a decent amount of intellect can get any certification. However, knowing how to do the job is a totally different story altogether. I've see people who never occupied a network security position achieve a cissp just because they had the time to study.
I've also seen people with their CCNA and have no idea how to configure a router ACL. Does a cert make you better? No, it doesn't, it just makes the boss comfortable that you should be able to perform at your job.
Now day, the S+ CE is high in demand if you want a job in the DoD. Regular S+ doesn't cut it. And the amusing thing about this is that it's a repetitive course, but CompTIA has to make money somehow.
I've also seen people with their CCNA and have no idea how to configure a router ACL. Does a cert make you better? No, it doesn't, it just makes the boss comfortable that you should be able to perform at your job.
Now day, the S+ CE is high in demand if you want a job in the DoD. Regular S+ doesn't cut it. And the amusing thing about this is that it's a repetitive course, but CompTIA has to make money somehow.
(3)
(0)
CPT (Join to see)
Good point. I tell people it's a combo of College - Certs & Experience. The other two is open-mindness to continue learning and networking people with other skill sets.
(0)
(0)
Read This Next
Continue with Facebook 
Continue with Google