Global spending on cybersecurity products and services is expected to increase by 12-15% each year until 2021, with IoT (internet of things) products leading the way. Since any product connected to the internet is a potential target for hacking, it’s no surprise that the information security market is expected to grow over the next few years.

Spearheading the effort to protect our devices and networks are cybersecurity experts, each with specialized training that makes them formidable against any hacker. This guide explores five of the most popular certifications to help you learn cybersecurity, with details on the necessary requirements and the types of jobs you can land once you’re certified (view our list of cybersecurity interview questions here).

If you’re interested in becoming a cybersecurity analyst, Springboard is launching a cybersecurity bootcamp soon; find out more and join the waitlist here.

Let’s get into it!

1. Network+

You have to learn to walk before you can run. And in the world of cybersecurity, Network+ will help you take your first steps. The Network+ certification is earned through CompTIA, and while it is not necessary for most jobs in cybersecurity, it does provide a great foundation on how computers and networks communicate with each other as well as some cybersecurity best practices.

What will you learn?

The goal of the Network+ certification is to measure participants’ foundational knowledge of how systems and networks communicate and interact. In order to receive this certificate, you must understand the following:

  • Networking concepts
  • Infrastructure
  • Networking operations
  • Network security
  • Network troubleshooting and tools

What are your job options?

The beauty of the Network+ certification is that it opens the doors to most entry-level IT jobs and sets the stage to move deeper into cybersecurity specialties.

If you’re considering pursuing this cybersecurity certificate, here are some jobs that will be open to you:

  • Systems Administrator

A systems administrator is responsible for all hardware and software for a company’s computers. They are required to stay up to date with installing the latest patches and programs. The systems administrator also provides technical support to employees, troubleshooting any computer-related issues.

  • IT Manager

IT managers develop methods to solve the company’s computer problems and oversee other IT employees. They are in charge of minimizing network downtime and keeping costs under control. The IT manager will advise upper management on the latest technology and how new hardware or software could benefit the company.

  • Network Administrator

A network administrator maintains the company network, troubleshooting issues as well as fixing connectivity problems. The network administrator installs new networking systems with the aim of improving speed and security. They are also responsible for maintaining the security of the entire network.

The salary you can earn depends on the position and your level of experience. However, you can generally expect to make at least $40,000 a year with little or no experience. Network+ is an optional prerequisite for Security+.

network+ salaries

(Source: Payscale.com)

Qualifications and cost

The test is 90 minutes, with a passing score being 720 on a scale of 900 (80% or more). It’s recommended that you get the CompTIA A+ certification and have about 9 to 12 months of networking experience before tackling the Network+, though that isn’t strictly necessary. It’s the cybersecurity-related certification with the least amount of prerequisites aside from the A+ and the IT Fundamentals+ offered by CompTIA. It costs $329 USD for people in the United States, though those in emerging markets get some discounts. You should search for discount codes and exam vouchers that can help you take off between 10 and 20% of the list price of exams.  

Case studies

This Redditor describes the resources they used to study and pass the Network+ exam. It was a combination of looking at the study guide and taking courses, as well as practice tests where they got around 80% pass rate, before scheduling the actual test. Using the actual exam objectives themselves proved to be really helpful — as well as good practices such as sleeping well and not loading up on any caffeine. 

Sample questions

It’s important to start with the exam objectives, which break down the different categories of knowledge tested and the distribution of questions. They can serve as a broad study guide for what to tackle, from topics like the different ports and protocols used, to the characteristics of routing and switching. CompTIA has a small 6-question sample to test yourself with. You can then try these practice test questions, with 22 practice exams. 

Here are some sample questions with answers to give you a preview of the Network+ certification (sourced from here and here):

1- Which of the following WAP security features offers the strongest encryption?

A- WPA

B- Hidden SSID

C- WEP

D- WPA2

Answer: D (WPA2)

2- A network administrator should consult which documentation sources first to determine the cause of recent network issues? 

A- Cable management

B- Change management

C- Asset management

D- Network map

Answer: B (Change management) 

3- Which of the following describes a process that can translate internal network IP addresses to external ones?

A- NAT

B- PAT

C- Remote terminal emulation

D- Change control

Answer: B (NAT)

The questions on the Network+ tend to tackle network and general IT topics, with a selection of questions focused on definitions and traits of technologies compared to one another. It’s the most basic test you’ll see here.  

2. Security+

Like Network+, Security+ is earned through CompTIA and is arguably the most important cybersecurity certification, as it provides a foundational understanding of cryptography, risk management, and vulnerabilities.

What will you learn?

This certification will prove you understand the proper way to install and configure systems as well as secure devices, application, and networks. In addition, you will be able to conduct threat analysis on these systems and employ mitigation techniques.

To pass the Security+ exam, you will need to have a thorough understanding of the following:

  • Threats, attacks, and vulnerabilities
  • Identity and access management
  • Risk management
  • Network architecture and design
  • Cryptography and KPI

What are your job options?

For anyone looking for a job in cybersecurity, the Security+ certification should be viewed as the bare minimum qualification; having it will open the door to some awesome jobs:

  • Cybersecurity Analyst

The cybersecurity analyst is responsible for protecting both company networks and data. In addition to managing all ongoing security measures, the analyst is also responsible for responding to security breaches and protecting company hardware, such as employee computers.

  • Security Engineer

Security engineers are tasked with planning and executing a company’s information security strategy and maintaining all security solutions. They can also be responsible for documenting the security posture of their company and any issues or measures taken under their watch.

  • Security Consultant

The security consultant is responsible for evaluating a company’s security posture on a contract basis, while also serving as an advisor to other IT employees. The goal of the consultant is threat management and they will often plan, test, and manage the initial iterations of a company’s security protocols.

security+ salaries

Qualifications and cost

The Security+ certification is the next step after the Network+ certification — and you’re recommended to have two years of experience in IT with some security focus as well as a completed Network+ certification. The Security+ certification is a bit more expensive than the Network+ CompTIA offers at $349 USD — a slight, but noticeable $20 difference. There are discounts for those in emerging markets here too. 

Case studies

There are plenty of examples of people passing the Security+ and talking about it, from Reddit threads, to Youtube. Common threads between their experiences seem to be the use of study guides and courses to get ready, and lots of practice with sample questions, along with an acknowledgement that every study plan might be a bit different. 

Sample questions

There are 24 practice tests for Security+ that are good to consult. It’s also good to look at a study guide for the categories of knowledge you’ll be tested on from identity and access management to risk management. Here are some sample questions sourced from here and here

1- An input field that is accepting more data than has been allocated for it in memory is an attribute of:

A- Memory leak

B- Buffer overflow

C- CSRF (cross-site request forgery)

D- resource exhaustion

Answer: B (Buffer overflow

2- A security engineer wants to implement a site-to-site VPN that will require SSL certificates for mutual authentication. Which of the following will you choose?

A- L2TP/IPSec

B- PPTP VPN

C- SSL VPN

D- IKEv2 VPN

Answer: C (SSL VPN)

3- Identify the protocols that use TCP port 22 by default: (Select THREE

A- SNMP

B- FTPS

C- SMTP

D- SCP

E- TLS

F- SFTP

G- SSL

H– SSH

Answer: D, F, and H. This is based on the fact that SSH uses TCP port 22 by default, so every protocol that relies on SSH for encryption (SFTP and SCP) also uses port 22. 

The overall feel of the Security+ is quite similar to the Network+ which are technical questions that are multiple choice that touch on definitions and concepts. The Security+ tends to focus more on security-focused aspects of networking rather than the more general Network+.  

3. Certified Ethical Hacker (CEH)

Also known as Certified Network Defense Architect (CNDA) for government employees, this is obtained through the EC-Council and requires participants to have two years of experience in the information technology industry before taking the exam. Having your Security+ is a huge plus here as the goal of this certificate is to get you thinking like a hacker so you can thwart attacks against your employer.

What will you learn?

The crux of the CEH certification is training on how to identify weaknesses in your network so they can be patched. Participants will have a front-row seat (using their own systems) to the five phases of hacking: reconnaissance, gaining access, enumeration, maintaining access, and covering your tracks.

Where can you work?

The CEH certification is a great tool to help you boost your skillset for your current role.  If you’re looking to improve your career prospects, here are some positions you will be qualified for:

  • Advanced Threat Analyst

The advanced threat analyst will monitor computer networks with the goal of preventing unauthorized access to files and systems. They also provide reports to senior leadership involving technical defense capabilities of the company.

  • Information Security Assessor

The information security assessor reviews and makes recommendations about the security posture of a company. They do this by interviewing IT employees, reviewing the security of the network, and testing for vulnerabilities. The assessor also reviews the security policies and procedures of the company.

  • Penetration Tester

The penetration tester is hired to legally hack the company’s computer networks. Testers may also use social engineering tactics and attempt to verbally gain information by pretending to be someone of trust. If vulnerabilities are found, the penetration tester will make recommendations to heighten security.

ceh salaries

Qualifications and cost

The CEH is a more advanced certification that typically requires two years of cybersecurity experience or more, as well as other certifications like Network+ and Security+. It’s a six-hour exam that is very rigorous and tests your knowledge of how to conduct a security audit. There are a few class bundles, but a practical CEH exam will cost $550.  

Case studies

There are quite a few case studies out there including the in-depth review on Medium that goes more into the specific logistics of scheduling and purchasing the exam itself. There was also a personal anecdote on this subreddit, which is dedicated to the CEH subreddit. This had a list of resources and the study period (4 months) as well as general advice and personal perspective. 

Sample questions

First, look through a sample exam with the categories of knowledge, from information systems and networking, security controls, and network attacks. Then use this simulator to get more questions to practice with on your path to passing the CEH. We’ve taken three sample questions from the simulator so you can get a better feel for the CEH. 

1- Which technical characteristic do Ethereal/Wireshark, TCPDump, and Snort have in common?

A- They are written in Java.

B- They send alerts to security monitors.

C- They use the same packet analysis engine.

D- They use the same packet capture utility. 

Answer: D (They use the same packet capture utility)

2- A company’s Web development team has become aware of a certain type of security vulnerability in their Web software.

To mitigate the possibility of this vulnerability being exploited, the team wants to modify the software requirements to disallow users from entering HTML as input into their Web application.

What kind of Web application vulnerability likely exists in their software?

A- Cross-site Request Forgery vulnerability

B- SQL injection vulnerability

C- Cross-site scripting vulnerability

D- Session management vulnerability

Answer: C (Cross-site scripting vulnerability)

3- Which of the following will perform an Xmas scan using NMAP?

A- nmap -sA 192.168.1.254

B- nmap -sP 192.168.1.254

C- nmap -sX 192.168.1.254

D- nmap -sV 192.168.1.254

Answer: C (-sX flag for nmap, or nmap -sX 192.168.1.254)

The CEH is a more advanced certification than Security+ or Network+ that is more hands-on when it comes to practical applications. As you look into the questions, they’ll be geared towards practical attack points and experiments, and you might get very specific questions on how to implement attacks and what kind of attacks could be possible. 

4. Certified Information Systems Security Professional (CISSP)

CISSP certification is obtained through the International Information System Security Certification Consortium, or (ISC)². In order to take the exam you must meet the following criteria:

  • At least five years of relevant industry experience
  • Be knowledgeable in at least two of the eight Common Body of Knowledge domains

Current professionals also have the option to earn the CISSP with a focus on their current role; concentrations include architecture, engineering, and management.

What will you learn?

As one of the top professional-level cybersecurity certificates, the CISSP covers vulnerability mitigation in web-based systems, cryptography concepts, investigations, as well as professional ethics.

What are your job options?

The CISSP certification is ideal for anyone looking to obtain a more advanced cybersecurity position:

  • Information Security Analyst

The information security analyst is responsible for protecting the company network and maintaining all defences against an attack. The analyst may also implement the company’s disaster recovery plan in the event of network outages.

  • Information Security Manager

The information security manager develops policies and procedures aimed at securing the company network. They oversee information security analysts while ensuring that the company complies with information security standards and norms. As a manager, they are responsible for hiring and training new information security analysts.

  • Chief Information Security Officer (CISO)

The CISO is an executive-level position and is responsible for overseeing the company’s overall security plan. They are ultimately responsible for network security breaches and work with other executives to ensure departments comply with security standards.

cissp salaries

Qualifications and cost

As of July 2020, there are about 150,000 CISSP holders worldwide. It is a more advanced certification, especially compared to the Network+ and Security+ we mentioned above. The certification requires passing the exam and at least five years of cumulative, paid work experience in cybersecurity domains as discussed before. Specifically, you should have worked in at least two of the eight CISSP domains for those five years. To register and take the CISSP exam usually takes $699 USD. The rescheduling fee is $50 USD, and if you need to cancel, you’ll need to pay a fee of $100 USD. 

Case studies

There’s a subreddit dedicated to the CISSP, where many people will post their personal stories. For example, the case study referenced here took a dedicated seven months of study after spending a year or so studying for the Network+ and Security+. Most of the preparation was done via MP3s and podcasts and then practice exams. This article goes in-depth into the practicalities of the exam itself with the point that you should be familiar with many concepts in the space pre-hand. The exam will reference cybersecurity concepts without defining them at all. 

Unlike other exams that may be focused on defining technologies and comparing them, the CISSP is much more focused on what is the better decision with technology rather than a better technology inherently. The CISSP certification provider, (ISC)2 also has a forum with case studies of exam passers and community members. 

Sample questions

Get familiar with the domains the CISSP covers and how the test is structured. Then dive into either a quick quiz or hour-long exams that cover the CISSP. Here are some sample questions and some others here split into the different domains of the CISSP. 

1- A potential vulnerability of the Kerberos authentication server is:

A- Single point of failure

B- Asymmetric key compromise

C- Use of dynamic passwords

D- Limited lifetimes for authentication credentials

Answer: B (asymmetric key compromise) 

2- Which of the following security models is primarily concerned with how the subjects and objects are created and how subjects are assigned rights or privileges?

A- Bell-LaPadula

B- Biba-Integrity

C- Chinese Wall

D- Graham-Denning

Answer: D (Graham-Denning model)

3- You are performing a security audit for a customer. During the audit, you find several instances of users gaining access to data without going through a formal access approval process. As part of the remediation, you recommend establishing a formal access approval process. Which role should you list to approve policies that dictate which users can gain access to data?

A- Data creator

B- Data processor

C- Data custodian

D- Data owner

E- System owner

Answer: D (data owner)

The CISSP is for established security professionals with years of experience in the field. In a way, it’s a mid-career certification rather than an entry-level one. You’ll see very specific questions on tools and models used — and much more questions about the theory of security rather than definitions and practicalities.  

5. Licensed Penetration Tester (LPT)

The LPT is an expert-level designation overseen by the EC-Council and given only to those who have mastered cybersecurity techniques; it is arguably the pinnacle of cybersecurity certifications.

Applicants must fulfill one of the following requirements in order to be eligible for the exam:

  • Have a minimum of two years of experience as a penetration tester
  • Hold the EC-Council Security Analyst (ECSA) certification
  • Hold another industry-equivalent certification, such as GIAC Penetration Tester (GPEN) or Offensive Security Certified Professional (OSCP).

What will you learn?

Because companies hire LPTs to legally hack into their networks, the certification covers mastery-level cybersecurity concepts, including multi-level pivoting, OS exploits, SSH tunneling, and privilege escalation.

Anyone who receives this cybersecurity certification is expected to make decisions under pressure that can impact the network security of an entire company.

What are your job options?

The LPT certification will solidify your cybersecurity credentials. Here are the type of jobs you can expect to get:

  • Cybersecurity Engineer

A cybersecurity engineer is the architect of a company’s network security. They build, install, and maintain web content filters, firewalls, network sniffers, router access control lists, and more. As an engineer, you will be responsible for creating roadblocks and honeypots for any would-be hackers while monitoring all activity in order to improve defenses.

  • Senior Security Consultant

A senior security consultant has extensive experience testing a company’s security posture. In addition to analyzing a company’s network, they are also responsible for researching new security technologies and threats, and may oversee junior consultants.

  • Licensed Penetration Tester

The LPT certification was created exactly for this position. These cybersecurity masters test an organization’s network for vulnerabilities using a predetermined set of tools.  As an LPT, you are responsible for identifying weaknesses and making suggestions on how to fix them.

lpt salaries

Qualifications and cost

Offered by the EC Council, the same organizing body that offers the CEH certification. It’s an advanced certification as you need two years of experience as a penetration tester, which is an advanced position. The master exam kit costs $899.00 and includes access to the test dashboard as well as a 2 year subscription for the license. There’s an application fee of $100. 

Case studies

There’s an entire book based on how somebody passed the LPT. If you wanted a case study that was on a forum and a community, this story goes through the actual personal checklist of somebody passing the LPT. 

Sample questions

You’ll want to look at the EC Council’s brochure on the LPT. You’ll need to demonstrate knowledge of advanced penetration testing concepts from SSH tunneling to privilege escalation. In effect, the test itself requires you to exfiltrate data with a ticking clock. Unlike other exams that are more theory-based, this exam is much more practical and case-driven. 

Which cybersecurity certification is for you?

Picking the right certification for you comes down to two factors:

  • Where are you in your career?
  • What are you looking to achieve?

For those with little cybersecurity experience, it’s best to start with Network+ or Security+, as they are designed to help participants expand their knowledge and skills so they can ace a cybersecurity interview, land a quality job and increase their experience.

Once you have the experience, move onto the CISSP or hacker certifications to fine-tune your skills or improve your eligibility for a promotion or new role.

Learn more about security analyst roles and cybersecurity jobs, salaries, and more in Springboard’s comprehensive guide to how to become a cybersecurity analyst.

This post was co-written by Jason C. Jason, a Navy veteran, black belt, and writer who holds multiple cybersecurity certifications. Follow him at @writingbyjason.

Springboard’s Cybersecurity Career Track will launch soon. Join the waitlist here.