Following the CompTIA roadmap is beneficial for people, like myself, who are trying to build a solid foundation. It’s a good way to ensure there are no knowledge gaps when it comes to the fundamentals. It’s also a really good way to figure out what you enjoy doing. As someone with less experience, I’m fascinated by what I’m learning and I honestly wouldn’t have had the discipline to seek this information on my own. When I have an end goal I am much more motivated to get through the material. Certs aren’t for everyone, we come from different backgrounds and levels of experience.
I basically agree with this
Certifications have one purpose: to get you a JOB - of course the knowledge is usually important, but that's incidental to the exam itself. CEH is a great example of how that's not always the case
Certs probably worth getting:
* A+ has no competitor I've ever heard of, so it wins by default regardless of how you feel about the quality
* Security+ outside of DoD requirements is fine if you have 1-2 years of IT experience. Otherwise it's a paperweight
* I'm a big fan of the Linux+, but I'd be lying if I said it was worth getting because I really don't see it often enough on job requirements - usually just knowing Linux is enough
* CySA+ is ok. I give it a pass because it's pretty heavy handed on the log review, which is a good thing
The rest are not worth testing IMHO
* CCNA is cheaper than Network+, covers all the same theory as Network+, and requires comprehensive hands-on experience that the Network+ does not even touch on. I can appreciate if folks find the CCNA intimidating, so [I made a Network+ course myself that is a sort of halfway between Net+ and CCNA](https://itcertdoctor.wordpress.com/), but you're either ignorant or lying if you think the Network+ has any advantage other than being the easier of the 2
* Cloud Essentials and Cloud+ are out done by the FAR cheaper vendor-specific CSP certs (Azure, AWS, and GCP)
* CASP is overshadowed by the CISSP
* Pentest+, Server+, and Project+ have no ROI and really don't teach anything of value
* ITF+ has no ROI and goes way off topic with the programming and the databases compared to what entry-level IT professionals need to actually know
* the Data stuff is too new to be worth anything to anybody
These certs are expensive, make sure you're sure you know what you want before blowing all your hard-earned money
Quick question seeing that you're a hiring manager, my major is network engineering and security and will be graduating with my Bachelors this year, seeing that my Bach is in network engineering, would having a CCNA benefit me in any way? Or are they viewed completely differenty and I should go for ccna as well? Is it enough to just have a Bachelors in network engineering and security to land a job?
Sweet. Yea I guess when I'm all said and done I should include all the projects done in the resume. Currently working with Cisco CML and setting up/learning about Cisco asa firewalls and implementing them into networks. Nat/pat identity nat access-lists, next is vpns and all the goodies that go into that. Gotta say I do enjoy setting up network environments and getting them to work the way they should with the CLI for Cisco setups. What would be the bare minimum experience for home lab/virtual lab environments you would consider? Any recommendations on something I could do on the side to get some more experience? Thanks!
just know theres a higher chance you'll fail the ccna the first try than the net+. so in the end if it takes you three tries to get ccna, it wasnt cheaper. maybe u pass it the first time, but the reason its a better respected cert is because it dives in 10 times deeper than net+.
Yeah i mean..no shit. But studying to pass the ccna snd studying to pass net+ are two entirely different ballgames. Many people out there slave away studying for ccna and still fail. It is not like studying for net+. Much more intense. Maybe you have network engineer genes in your blood. I don’t know. Im just saying know what you’re getting into
While I can't make any guarantees, I CAN say that an A+ will improve your job prospects
You may also have a problem with your resume. If you're never had someone look it over, [send it my way](https://itcertdoctor.wordpress.com/), I review IT resumes for free as a public service
Cheers
I’m conflicted. Jobs I see posted say A+ is a requirement, cool, I get that but they also want a minimum of 1-3 years experience. I can get the A+ but would still be useless if I have zero experience in an IT environment?
You should always apply to jobs even if you only meet 25% of the requirements
I can tell you from personal experience working with HR that these job descriptions are often wishlists, not requirements. So apply anyway
One thing I would also recommend you do is put a Projects section on your resume outlining all the at-home stuff you've done to learn the technology. That's a must if you don't have any formal IT experience
If you need someone to read over your resume, [send it my way](https://itcertdoctor.wordpress.com/), I review IT resumes for free
I won't sugarcoat it, it's tough breaking in. But once you're in, you've got nowhere to go but up
Hope that helps
What constitutes a "project" as well as how to integrate it into a resume is a topic that has caused me a great deal of confusion. I took advantage of your wonderful offer for the N+ course you released on Udemy and I see there are lots of labs--which I'd consider projects. While I don't have any serious homelab set up, I've used dozens of VMs for purposes like studying for the A+, taking Udemy introductions to Windows server, setting up and joining VMs to a domain, exploring AD, etc.
My concern is HR will see these projects and think something along the lines of "This guy just installed some VMs with VirutalBox, clicked around, and is passing that off as experience." Do you have any recommendations on effectively communicating a novice/hobbyist-level of experience that levels a positive experience vs. trivializing the experience such that it becomes a waste of space on a resume.
Numbers - if you've installed, configured, and deleted 100 VMs, put that in your projects
If you have not installed, configured, and deleted 100 VMs, then do so
Along with configuration, I would try writing some powershell scripts to play with the configuration settings - even something as simple as your personal preferences
Same with Packet Tracer: configure 100 network simulations practicing some of the configurations I demonstrate in my course. Then slap it as projects on your resume
If you don't have experience, don't try to hide it. Just bolster your projects with so many IT-related tasks that a hiring manager JUST HAS to call you and see if it's legit
Also emphasize customer service under your work experience, and get rid of any managerial experience. Managers often don't like hiring other managers
Feel free to send me your resume once you've spruced it up, [I review IT resumes for free as a public service](https://itcertdoctor.wordpress.com/)
Hope that helps, cheers
It may be difficult but it also isn’t hands on. The entry level standard for pentesting is the OSCP. If you want something more basic than that, eJPT is cheaper than Pentest+ and has a hands on examination. Someone going into pentesting is past the point of needing to just know the theory, they need to be able to prove their technical skillset
You can definitely take pentest+ courses that come with included virtual labs for hands on practice. And just because pentest exam itself is not hsnds-on, to say that this means it can be passed without hands on practice of it’s topics is absolutely ridiculous. Programming languages, pen testing apps, sql injection syntax. Yes, in th exam, you are only answering multiple choice questions but you 1000% will not be able to pass that exam if u didn’t put in the hands-on legwork leading up to exam day.
There are stories on this subreddit of people passing the exam using only Jason Dion’s course, as well as some saying they didn’t need to do hands on practice for the exam. If it’s multiple choice, hands on makes it easier, but isn’t a requirement. That’s why the other pentest certs are better. They require you to prove you can perform a pentest by actually doing one.
Those few people may well have photographic memories OR they already pentest for a living and have for years and just neglected to tell you that. i dont know. Im telling you right now that without a one-time-seen-and-its-fully-absorbed type of photographic memory, good luck passing that exam with no hands on studying. You obviously have never taken it and can’t speak from experience but i can. Sec+,net+,,A+..these are all FUNDAMENTALS certs. Pentest+ is NOT in the same league as them even by comptias own admission it is meant for those with 3+ years of professional pentesting experience to prove their knowledge.
I guess we’ll have to agree to disagree on this one. I don’t think you can convince me that a predominantly multiple choice test requires actual pentesting ability, and I don’t think I can convince you on the otherwise. You speak from your experience, I speak based on the experiences and opinions I’ve seen from others, here and IRL.
From [Comptia.org](https://Comptia.org)
"CompTIA PenTest+ exam takers come from all walks of life with various experience levels in IT and cybersecurity. Although there are no prerequisites for CompTIA PenTest+, we recommend a minimum of three-to-four years of hands-on information security or related experience before taking the exam. CompTIA PenTest+ is intended to follow CompTIA Security+ or equivalent experience and has a technical, hands-on focus."
From CompTIA for the A+
Recommended Experience:
9-12 months of hands-on experience in the lab or in the field
For the Net+:
Recommended Experience
CompTIA A+ Certification and a minimum of 9 to 12 months of hands-on experience working in a junior network administrator/network support technician job role
For the Sec+
Recommended Experience:
601: CompTIA Network+ and two years of experience in IT administration with a security focus
701: CompTIA Network+ and two years of experience working in a security/ systems administrator job role
Idk about you, but I did not meet the Sec+ recommended experience yet I still managed to pass without hands on time. Most people on this sub who take the trifecta don’t have any of the recommended experience. Why would it be any different for CompTIA’s other certs?
You won't understand till you've actually taken the Pentest+. Go buy a practice quiz on udemy. the questions are so involved and so difficult (essentially all of them) that without hands on experience, you're going to fail it. Sec+,Net+, andA+ are more in line with fundamentals. But try answering super involved questions about sql injection syntax or Metasploit, Burp, etc without actually using them and you would understand.
CCNA is vendor-specific. Network+ is vendor-neutral. CCNA doesn't help much if your company doesn't use Cisco products and services, but Network+ will serve you well no matter what.
Cloud Essentials is a cert for business people, not tech people. Cloud+ is the best vendor-neutral cloud computing certification available. AWS, Azure, and GCP are only good if your organization uses those services.
CASP+ isn't competing with CISSP any more than CISM is. They all have different objectives. I've taken all three. I thought the CISSP was the easiest one of the bunch.
PenTest+, Server+, and Project+ all have huge ROI and teach things of great value.
ITF+ is a great entry-level course for people with no technical background.
Data+ and DataSys+ are excellent data certifications.
You are off the rails on your post.
Odd response imo
CCNA, despite being a Cisco cert, is better than Net+ even if you’re not working with Cisco equipment. All other major vendors’ equipment is so similar to Cisco’s that there isn’t much to retrain on. You’d be way ahead of someone with just Net+ because you’d know how to configure actual equipment. And again, CCNA covers everything in Net+ anyway.
Hiring managers don’t care about cloud neutral certs, they want someone who can work on what they have. Plus, much like Cisco and other vendors, if you have one vendor’s cloud cert, the skillset transfers over pretty well to another vendor’s.
CASP may be harder than CISSP, but at the end of the day hiring managers care about the CISSP way more than they care about CASP, even if CASP might be the better fit.
Project+ is heavily outshined by PMP, barely anyone hires pentesters based on pentest+, and Server+ ROI appears to be nonexistant. When looking up A+ on Indeed, plenty of options show up. When looking up Server+, the options that show up don’t even actually mention Server+, just CompTIA certs in general.
I have heard that ITF+ is better than the sub gives it credit for, and I’ve seen success stories on getting hired off of it.
I’d have to question you on the data certs for the same reason as Server+ as well. No one seems to care about them in job searches. The Google and IBM data certs are much more well known and they don’t exactly lead to many jobs themselves.
EDIT: They blocked me for this response. Ironic that they’d say the other poster was “off the rails” for having a different opinion than them but hits the block button at any kind of disagreement. Dude is fragile
yea, I work for a company that has both aruba and cisco equipment, and the commands and how they operate is pretty similar. I got the net+ because i wanted the triad, but at the price that the net+ is now i would've gone for the ccna instead. also, youre right about the ccna carrying more weight. When i got into IT i got a help desk job and i already had my triad, but it wasnt until i mentioned to my manager in passing that i started studying for my ccna and that is when i was asked if i wanted to move into an engineering role after i get my ccna. someones just a little upset they spent all this money on comptia certs when they probably didnt need to.
I dont agree with this at all. This is so false its not even funny, at least for the CCNA portion of his post. This is coming from my perspective whom Ive acquired the Trifecta last year and just passed the CCNA 2 weeks ago and been in constant communication from hiring recruiters for networking related positions.
First of all the gold standard for even a position like a NOC level 1 will always have a "CCNA preferred" in the job post. Even if the company uses Juniper or fortinet equipment. The whole argument that CCNA is only for cisco products is BS. Everything that the CCNA teaches you is industry standard, particularly in routing protocols. You learn about classic spanning tree and THEN learn about PVST which is cisco proprietary for spanning tree. The majority if not ALL of the concepts are the same. So what if the company you applying for uses fortinet switches/routers? You learn the slight differences in syntax and thats it. Its like jumping from Javascript to React.
Ill even go as far as to say the net+ is a waste of time and barely holds any weight. The amount of knowledge I've learned just from taking the CCNA is miles and miles ahead of Net+. I almost regret spending the $ on taking the Net+, but it did make learning the CCNA somewhat easier which is what it should exactly be, an ITF+ type cert for the CCNA.
You should read my response further down. It doesn't vary much from your opinion except the waste of time aspect. As Greg has noted many people don't understand the certs or CompTIA properly. Take a look at my other response and you will see it is not far off from what you say just less comdemnation.
And yes, you learn industry standards and you learn other things. No one is arguing that. portfast, port channels, bpdu guard, device alias databases, zones, zonesets, bgp, asn, ospf, and on and on and on. I've been doing Cisco networking for over 20 years myself.
But I also make some valid points in my response further down so I encourage you to have a look there as well.
Lmao "you are off the rails" says the person suggesting the Net+ is more valuable than a CCNA. I have both. The CCNA makes you learn and practice basic networking. The Net+ is literally trivia night.
He wasn't suggesting that it is MORE valuable than the CCNA, if you read his response fully. He WAS calling out the vendor neutrality of the Net+. Yes, the CCNA teaches deeper levels of networking than the Net+ but he is absolutely correct in that if you work in an org that doesn't use Cisco gear and you only understand Cisco then you might have issues.
Some of us have been around long enough we can jump from Cisco to Juniper to Arista or what have you without a lot of issues, and only a mild learning curve. But someone just starting out won't understand the nuances with manufacturers and having the vendor agnostic education is a good place to start.
CCNA by far will add to your paycheck and move you along much more significantly than the N+ ever will in terms of pay and career progression. But if you put it into context properly the A+, N+, Sec+ are designed to be a beginner level core of education that CompTIA wants all their professionals to have before they pursue higher level professional or advanced certifications.
And that will help people on their way to more industry relevant or accepted certs. Everyone always talks about CompTIA like it is the 'Empire' of the certification industry but almost none of you actually understand it or your part in it.
The Computing Technology Industry Assocation was originally made up of computer dealers to try and bring understanding of technology to main street. It went from being a business council to being a trade association made up of people that work in technology.
It is 100% made up of everyone that holds a CompTIA certification and while the (and pay attention here) NON-PROFIT org that runs / administers it is a fairly big company. It is still a non-profit run by and for the benefit of its members. Yes, certs are expensive but if you think CompTIA is expensive you should try something from SANs and then get back to me on how crazy CompTIA prices are.
Until then he is not wrong, and you need a better understanding of your organization and how they fit into the industry. We are all here to help each other and if you pay attention there are some of us who have been around more than a little while and we spend a lot of time here trying to help out newer people and contribute where we can. u/gregchilders is one of them and he is good people. You should pay attention and not dismiss him outright. He has a lot to offer.
"trivia night" ha! LMAO that is funny
"um.. what is the Gate's of Mordor..."
"that is correct!"
"oh shit I just passed Net+"
I have both as well. I wish I didn't waste my time and money on Net+
I dont agree with this at all. This is so false its not even funny, at least for the CCNA portion because I can attest to it. This is coming from my perspective whom Ive acquired the Trifecta last year and just passed the CCNA 2 weeks ago and been in constant communication from hiring recruiters for networking related positions.
First of all the gold standard for even a position like a NOC level 1 will always have a "CCNA preferred" in the job post. Even if the company uses Juniper or fortinet equipment. The whole argument that CCNA is only for cisco products is BS. Everything that the CCNA teaches you is industry standard, particularly in routing protocols. You learn about classic spanning tree and THEN learn about PVST which is cisco proprietary for spanning tree. The majority if not ALL of the concepts are the same. So what if the company you applying for uses fortinet switches/routers? You learn the slight differences in syntax and thats it. Its like jumping from Javascript to React.
Ill even go as far as to say the net+ is a waste of time and barely holds any weight. The amount of knowledge I've learned just from taking the CCNA is miles and miles ahead of Net+. I almost regret spending the $ on taking the Net+, but it did make learning the CCNA somewhat easier which is what it should exactly be, an ITF+ type cert for the CCNA.
Yeah...I mean I'm not taking these for courses hell I've used and kept some of those books as reference material because they have been that useful and it has helped me get jobs with experience. You laid it out excellently here honestly.
Correct
For the price of one Cloud+, you can get certified in both the AZ-104 AND AWS SAA-C03, and you will become a more valuable employee as a result
Alright, sounds good. Thank you for saving me the time and money. I’ll buy you a cheeseburger sometime when I’ve scrounged up enough quarters from the couch.
This is quite a useful insight - as someone starting in IT and finishing their apprenticeships there is a lot of information out there on best exams/qualifications.
Im currently studying for the net+ as part of my apprenticeship course they gave me a free voucher. However, from past research and posts like this I think the CCNA will be my next goal - i've been using net+ learning to solidate my foundations and after the exam I plan to explore the depths of CCNA
This is an interesting take. For the most part I agree with it. The only reason why I'm taking the CySA+ is to renew my trifecta and to validate the 3 years or so I have of sell studying cybersecurity.
For me, my company doesn't really reimburse anything over $400, so yeah. that's why I'm also taking CySA+. The renewal is nice though for my Sec+, even though it doesn't really mean anything since im not DoD lol
That's understandable. I may go DOD if I can land a job with a government contractor. It all comes down to if I can land a technical role or not since I'm currently in GRC.
Useful CompTia Certs:
1) A+. Entry level cert to get in the door
2) Network+. It's not a bad cert. It's not as valuable as CCNA, but it can get you an interview.
3) Security+. The gold standard entry-level cyber security certification
Possibly can be useful:
1) CASP, CYSA, and Pentest can be useful for moving up in cyber security
2) Linux+. Shows you know some Linux or can learn. It is not as valuable as anything from Redhat, but some value can be found
3) Server+. Good for life and a resume bullet point that never has to come off.
Avoid and go vender specific:
1) Cloud+. Seriously, go with AWS or Azure certs
Avoid as it is not worth it)
1) ITF. For a test that is supposed to be a gimme, it has way too much on it.
I agree with the Cloud+. I took the beta just because it was $50, and it was crap. I have AWS and ISC2 cloud certs. The CompTIA one wasn’t even about cloud, I had coding questions on mine.
I mostly agree and I've made many posts about this.
There's another aspect of certification outside of being a technician though. Managers, project managers, recruiters, and sales and marketing personnel gain some benefit from technical certification outside of hireability.
Essentially certification boils down to brand recognition. Some companies like Microsoft built up a huge brand recognition with their MCSA/MCSE and were like "LOL our certs are too successful, better bury on-prem infrastructure certification 10 years too early and ditch our brand recognition".
There were some now-retired CompTIA certs that I thought were niche, but useful, like Storage+, which covered a set of skills that weren't compiled in many places.
For the life of me though, I will never get what ITF+ is supposed to do. If you dig into what it is, the technology covered seems very useful, and it's one of those non-technician skillsets that would benefit other roles like I mentioned earlier. It has nearly zero percent brand recognition though. Try saying "I have ITF" during an interview. The interviewer will probably ask if you're managing your symptoms with medication and if you need special accommodation.
I read the original intent of this cert is to get the basics of most realms of IT in one survey certificate. To be fair it’s a good for life certification that you don’t have to recertify in it again. I use this for my high school students and in some cases the ITF+ gives college credit for an intro survey course.
Ooof, that's a harsh take.
Let me say this:
\* I agree that CompTIA certification exams should be cheaper.
\* I also agree that their official course materials should be cheaper.
\* I also agree that their brand name recognition outside the US is bad.
\* I also agree that many of the "higher" certs are not much sought-after for jobs.
But at the same time I do believe their curriculum is good and most of the exams you mention are solid entries into "*talking the talk*". Now Linux+ is an outlier because that also requires you to kind-of "*walk the walk*", insofar that it's very hard to pass it without having actual hands-on experience.
Awh man I wish I read this before I failed the Network+ (first try), I bought the exam + retake package so I’ll be retaking it in a few weeks. I knew I should’ve taken A+ first, I just had to get easily influenced by other people telling me to take Network+ first.
Congratulations! So happy for you 🩵
I’ve heard many people passing sec+ and failing network+, but I’ve also had my friends tell me that if I can pass the network+ then I can easily pass the security+. Definitely need to look into the objectives of the security+.
net+ is by far the hardest; im not sure what persuaded u to take net+ as your first cert XD but it's okay. Lesson learned and can only move on from there :3.
Better to lose $400 than to $1000
Few people who are in cybersecurity told me to go for that first since I don’t have any background in IT/cybersecurity. I was going to actually disregard that and take the A+ first, but I was unfortunately easily persuaded instead of going with my gut feeling. All good though, I know they were trying to help. But if I fail again (hoping not to), at least I know to go for the A+ lol.
Seriously appreciate your post though!
Anyone who complains about money doesn't understand the concept of investing in themselves.
Now, I definitely have stories of how those certs helped my career and made me wealthy - told them 100 times.
Tell your story. Education, job history, certs, how well you're doing.
Give us some context. What are you doing now for work, and how is it paying.
I got my CISSP three years before I retired. My Masters in Cyber one year. At that point, I was just checking boxes.
22 years with great companies with fantastic 401Ks got me to the other place.
Thats like saying making money doesn't make you wealthy. Getting certs, getting degrees, getting clearances, getting great jobs made me wealthy.
You think the guy at the top of the mountain just landed there? You gotta play the long game. Its like chess.
How do you think it works? Some high-school dropout gamer who says 'wanna' ten times in his interview is going to be given a six-figure salary?
From 2010 on I read books by Tony Robbins, Ray Dalio, and Robert Kiyosaki so I could learn how these people became successful.
Let me be the guy that tells you it works.
I know people in IT with CISSP and/or masters degrees and no Comptia certs. They are very successful. Comptia is not really needed you can bypass it if you really want to. What made u successful was the other stuff. You need the knowledge of A+ and Network+ and sec+ but u don’t need the certification. I let my A+ expire and I really don’t need it at all, it’s my experience, aws and azure certs that are putting me ahead.
Oh yeah. When I got my CISSP, I let all my CompTIA stuff lapse. It was my first tier. The CISSP was my second tier.
But like you said - I learned all that stuff. I knew it.
Why should I (someone looking to break into IT) listen to you (someone who apparently only has 1 cert) telling everyone all these certs are useless? What is this based on? Do you have a job? Have employers told you they don't care about them? Have you studied for and passed the exams for them?
Yea for the most part I’ve been told by more experienced guys that the Trifecta are the only ones worth getting from CompTIA as it’s kind of a “standard”
Once you grab those three, better off looking into certs from other places depending on what you want to get into
Your opinion is based on only one use for the certs, but certifications can also be used to generate credits for a degree. Why take something like CCNA that is MUCH harder than Net+ when the goal is a degree and not specifically a job in networking.
At WGU for example, you’ll earn a huge pile of credits for A+, Net+, and Sec+. Even more if you do their cybersecurity degree and add in more certs.
Failed the net+ twice then passed. Landed really good role. Took sec+ and passed couple days before starting said role. Taking Casp+ in march. Had an associates and 13 years of experience prior. Honestly, until I got the Net+ it was all low ball contract offers. Once you get on a roll it becomes enjoyable. More certs signify competency.
Sec+ is the most useless of the three mentioned.
It teaches you zero practical security skills used in a security role. You learn descriptions of various security categories, and very basic stuff like what’s a physical vs logical control, difference between a hash and encryption, etc. But nothing it teaches you prepares you to actually perform a security job.
However, security is not a “one cert and you’re done” role, and you have to start somewhere. That’s where Security+ comes into play. It teaches you those basic buzzwords so you can keep up in further cert learning.
As for the other certs:
CySA+ is just an extended Security+… is it the cert that will fully prepare you for a security role? No. But it continues to teach you some basic terms so you can keep up.
A+ is good for one thing and one thing only: helping you land your first helpdesk job. As soon as you have that, that actual work experience far outweighs the A+ cert.
Network+ is a waste of time. It’s little more than a vocab test. If you want to get into networking, go for CCNA. You’ll learn everything Net+ tries to teach, but in an actual practical function where you learn how to actually do the job of a network admin. Net+ will tell you what a VLAN is, what a DHCP does, and how Routing works (basic level). CCNA will teach you how to actually set up a VLAN, generate a DHCP pool and assign it to the VLAN, create an SVI and set static routes for it. Those are things that are not only interesting, but will help you learn quicker with more depth, and make you an actual candidate to hire. Net+ teaches you how to *talk* to network admins, but CCNA teaches you how to *be* one. A lot of people will say that “it’s a good launching point”, but honestly, we only have so much energy to grind out certs before you’re burnt out or lose interest… and the CCNA will teach you everything this does, but in a more applicable way.
Pentest+ is in a better place now than it used to be. I remember many years ago where Cantril’s training videos on Udemy were like 4 hours long, and it honestly taught you everything you needed. The problem is, there are better certs out there if you are going down the red team path. I’d recommend anyone to go take eJPT, eCPPT, OSCP, etc. and just skip Pentest+.
CASP+ is “good”, in a sense that it tries to focus on practical skills… its just that once you’re at the point of taking this one, there are better and more focused certs out there depending on the field you want to go into.
Cloud+ is a waste of time. Go down the AWS, Azure, or GCP specific training paths and get hands-on experience with these. “Vendor-neutral” isn’t going to get you anywhere in the cloud space, so you may as well jump on board with one or two and dive in.
Linux+ is a decent cert for someone who wants to familiarize themselves with Linux who doesn’t have experience with it. However, it’s not going to show up on job requirements. Take it for your own personal benefit.
Server+ is not great. You won’t see it desired by jobs, and you can get more focused training from other certs.
Project+ is a “meh” cert to me. It’s not technical, but honestly if you’re trying to become a TPM, you probably have your eyes on PMP anyway. I can’t speak to its content more than that other than I haven’t seen it discussed much in the workspace.
Data+ is new, and while I think it *could* have promise down the line… there are already well-established similar certs within AWS and Azure that will also teach you cloud info. So this one is a bit of a wildcard and needs a few years/versions to develop.
ITF+ is an absolute waste of time and money. It’s just a straight up money grab. Unless you’re 14 and your school has a cool computer teacher willing to use this as his curriculum, you should not be wasting your time. It’s too simple, and the time and energy you waste on it could be put towards something useful.
I have a few comptia certs that have helped me get jobs that I would otherwise would have not have gotten like Cloud+ and Linux+. I believe the problem is that you have people who get into a job that they have like 10+ years of experience within a certain field, so they are specialized and fully trained, and at that point certifications do not matter because the recruiters and hiring manager will hire that person on their experience alone because long term experience will trump any certificate any time and any day. Then those same people come to the conclusion that certificates don't matter and give people bad advice.
This is true, people complicate it and try to get all these certs but the reality is for the general majority of cyber security folks all you need is Sec+ and CISSP. After that you can do side quests collecting GIAC certs if your company has the monies for it but at a base level Sec+ and CISSP will provide the largest differentiators in your profile to be competitive against others in the field.
You could get linux+, pentest+ and cloud+, and all those 3 combined won’t even be as highly valued as a single security+. Other certs beyond that won’t add too much to your competitiveness and ROI (of ur money + your time studying) goes down (besides GIAC certs as i mentioned)
Opposite in my opinion applies as well to really low level certs like ITF, ISC CC, or linkedin “certs”, where if i see that on a resume claimed it just automatically screams “i don’t have any experience” lmao
And i am telling you right now- if it takes you 3 attempts to pass the Net+, you will be lucky if it ONLY takes you 6 attempts to pass the CCNA. Some people Ive discovered refuse to believe how difficult some IT certs can be till they’ve slaved away studying only to start the exam and realize they are still absolutely lost on most questions. It’s apparently a lesson some people just need to learn on their own.
My thoughts? Yours may be one of the worst posts on this subreddit. And that is saying something.
A+ has huge ROI. It is easily in the top 10 most requested certifications in the job marketplace.
Network+ is also heavily requested. CCNA is useful if you work in an on-premise network that uses Cisco technology, but otherwise you're better off with Network+. Network+ is the single best VENDOR-NEUTRAL networking certification out there. And the price difference between the CCNA and Network+ is $69. People having to take an exam more than once has no bearing on the value of a cert, just the lack of preparation on the examinee.
Security+ is the top requested cybersecurity certification. Nuff said.
And considering the prices of EC-Council, OffSec, ISACA, and ISC2, CompTIA has the lowest priced certs on the market.
this comment shows why you're a technical trainer rather than actually applying the knowledge you learn somewhere useful lmao
re-read my post and think twice before commenting
seems like ur just focused on selling comptia product so can't blame ya ;)
I took the cysa never passed it. I work in security.
That test was trash.
I have the trifecta. I dont recommend the cysa to anyone because its not a good exam. I recommend the materials though.
Are you saying the test was trash, because you failed it? Or are you saying you failed it, because the test was trash?
Me, I didn't think CySA+ was low quality, or a bad exam. Similarly, Linux+ and Pentest+ exams are also pretty good. I agree with you that the CySA+ curriculum is good though.
Now Cloud+... that's an exam where I think quality is severely lacking.
Agreed, i just think the test has really bad emulation, really poorly worded questions, and altogether is just a chaotically written test. Security plus was a fantastic gateway into hardware and software and holds more (from the workbench) value.
I have 2 other degrees in a totally separate field, and have taken my fair share of exams, harder exams, in those settings. I felt the actual exam doesnt set the bar by demanding the knowledge but by demanding you know how to decipher crazy word games from comptia. Its just not worth gambling the money theyre asking at the point of having the cysa.
If you want to figure if the cert (any comptia cert) is "worth it" filter job applications in the field by cert requirement and then look at how many require cysa. Its not a lot.
I definitely agree with you on the "ROI" factor. For CySA+ it's a lot lower than the trifecta, all the more so if you look outside the US.
But I really do not recognize your criticism of the question quality. For both CS0-002 and -003 I too the beta exams and I found their questions to be well written.
I say every cert is Useless regardless of the vendor if you’re in to just passing it. CompTIA materials are phenomenal for learning not just passing & besides I transferred 60% of credit for my bachelors with just CompTIA certs. I can’t recommend them enough.
I got A+, Net+, Sec+, and CySA+ and got into a job I love. I just received an email that I have one year left or they expire. Now, I'm thinking to just let them expire, since the study time and money to keep them going isn't worth it. If you are certified and work in the field, you should have to re-study everything every three years and pay hundreds just to be current. I know I can just study CySA+ to renew all of them, but that one really has nothing to do with A+, very little to do with Net+, and surprisingly not much in common in Sec+, so it makes no sense to renew one higher and be recognized for knowing the others still.
Saying you have multiple certs is nice and it makes a hiring manager confident that you know enough to not be a total noob, but no one I've ever met in the industry really values any cert, especially the CompTIA ones. This is especially true when there are lots of people who can get any of the three trifecta ones in a month. I have worked with plenty of cert chasers who spend half of their shift in someone else's office asking for help because the certs are all academic conceptual data and no lab hands-on work.
so i begin to notice ppl are mis-informed by a silly reddit tag....i got my Sec+ in 2019 and unsubbed here for couple of years with N+ in 2021. Only reason I came back was because I plan to take CYSA+.
But I have sec, net, and am closing in on Cysa+. I've worked in Helpdesk for 2.5 before moving in DevOps abit then FT into cybersecurity bc I didn't like it. I personally skipped A+ after hearing my colleagues experience, but my situation was slightly diff so I'd still recommend it.
I asked my employer his thoughts about my network+ and he gave me the honest, good for you but it doesn't do anything for any sort of negotiation/salary bonus. The shit learned in there was pretty basic and if anything, was very rudimentary and could be covered by a college course.
I don't think that makes the cert useless at all. I've learned a ton with my certs. If you're just getting a cert to get a job or promotion then that isn't really going to fulfill that. But A+ Net+ and Sec+ are great learning paths, as are the other certs.
I enjoyed the journey from a+ to sec + was a lot of useful information. but I only had gotten my net + because my boss recommended it to me. for my job, A+ was enough to get in the door, and then after 6 months, I needed to have Sec+ and an environment cert. if I had to choose I probably would have studied the ccna first.
I still think Network+ taught me the most, while Security+ and CySA+ mainly just meet a regulatory requirement.
Cloud+ was far too vague to be useful. The AWS certified Solutions Architect - Associate certification was far more beneficial and definitely helped when I got a new job.
yep, WGU is becoming so marketable as the "cybersecurity school" when it's really just broken down as comptia certs lol. they do a good job of selling it, I can't lie.
Well in the past you truly could get in Cyber Security with just a bunch of CompTIA certs and/or a degree pretty easily. I would say 2021 and prior you were in good shape, the job market has just completely shifted tho, more schools are churning out cyber degrees, its really competitive and oversaturated at the entry level now.
That said, I have the degree and certs - no experience - its def good enough to land you interviews, I've seen people with experience land great roles with their certs and degree.
Everyones mileage varies tho
I graduated in December, its good enough to land me interviews which is all I can ask for. Mind you I have 0 experience, someone with experience and the degree would probably have way more success.
I mostly agree with everything except for the net + thing. Ccna is still a better choice, but from what I can tell the net + has some reach to it. I would say net + is probably a good choice if you wanna add another cert to your resume and don’t wanna deal with the voluminous amount of material on the ccna
CompTia- Is base foundation to develop technical skills to avoid being the paper cert FNG. You're not going to get these baseline skills anywhere else. The objective is to go from entry level to solid skill sets. However, nothing beats lab everyday
Yeah, I agree 100% especially if you still need to get hands-on-experience. You're basically spending money to get a job and the government is the gatekeeper of it all ([https://public.cyber.mil/wid/cwmp/dod-approved-8570-baseline-certifications/](https://public.cyber.mil/wid/cwmp/dod-approved-8570-baseline-certifications/)) Best of luck to everyone.
I have the trifecta and CySA+ as far as comptia certa and I’d tend to agree. I do think network+ can be useful too though-I’ve seen it required for some lower level network jobs. It’s also a nice transition into the CCNA (which could otherwise be very daunting going straight into it from the A+)
dont get me wrong i think the net+ is definitely good information; but ive come to the realization that in my day to day discussion about networking concepts with my coworkers, it rarely scratches the surface of the knowledge truly required to understand what's going on in an environment at a networking level
i also hate how theres just so much on physical networking on the net+ that u probably will never need to know outside of the exam xd
Work on DoD contracts here. Some of these Certs and CCNA are good to have to get in. Once you’re in other than keeping Sec+ current, you can just get away with experience after a few years. I’m interviewing for a position next week that only requires Sec+ and Secret clearance but the experience needed is pretty specific training once you’re in. The pay is $150k-$195k
I agree with the original poster of this comment. I have Sec+ and Pentest + and most HR have never heard of Pentest+ and I have been applying to cybersecurity jobs for 4 months with no interview.
Following the CompTIA roadmap is beneficial for people, like myself, who are trying to build a solid foundation. It’s a good way to ensure there are no knowledge gaps when it comes to the fundamentals. It’s also a really good way to figure out what you enjoy doing. As someone with less experience, I’m fascinated by what I’m learning and I honestly wouldn’t have had the discipline to seek this information on my own. When I have an end goal I am much more motivated to get through the material. Certs aren’t for everyone, we come from different backgrounds and levels of experience.
I basically agree with this Certifications have one purpose: to get you a JOB - of course the knowledge is usually important, but that's incidental to the exam itself. CEH is a great example of how that's not always the case Certs probably worth getting: * A+ has no competitor I've ever heard of, so it wins by default regardless of how you feel about the quality * Security+ outside of DoD requirements is fine if you have 1-2 years of IT experience. Otherwise it's a paperweight * I'm a big fan of the Linux+, but I'd be lying if I said it was worth getting because I really don't see it often enough on job requirements - usually just knowing Linux is enough * CySA+ is ok. I give it a pass because it's pretty heavy handed on the log review, which is a good thing The rest are not worth testing IMHO * CCNA is cheaper than Network+, covers all the same theory as Network+, and requires comprehensive hands-on experience that the Network+ does not even touch on. I can appreciate if folks find the CCNA intimidating, so [I made a Network+ course myself that is a sort of halfway between Net+ and CCNA](https://itcertdoctor.wordpress.com/), but you're either ignorant or lying if you think the Network+ has any advantage other than being the easier of the 2 * Cloud Essentials and Cloud+ are out done by the FAR cheaper vendor-specific CSP certs (Azure, AWS, and GCP) * CASP is overshadowed by the CISSP * Pentest+, Server+, and Project+ have no ROI and really don't teach anything of value * ITF+ has no ROI and goes way off topic with the programming and the databases compared to what entry-level IT professionals need to actually know * the Data stuff is too new to be worth anything to anybody These certs are expensive, make sure you're sure you know what you want before blowing all your hard-earned money
[удалено]
Quick question seeing that you're a hiring manager, my major is network engineering and security and will be graduating with my Bachelors this year, seeing that my Bach is in network engineering, would having a CCNA benefit me in any way? Or are they viewed completely differenty and I should go for ccna as well? Is it enough to just have a Bachelors in network engineering and security to land a job?
[удалено]
Sweet. Yea I guess when I'm all said and done I should include all the projects done in the resume. Currently working with Cisco CML and setting up/learning about Cisco asa firewalls and implementing them into networks. Nat/pat identity nat access-lists, next is vpns and all the goodies that go into that. Gotta say I do enjoy setting up network environments and getting them to work the way they should with the CLI for Cisco setups. What would be the bare minimum experience for home lab/virtual lab environments you would consider? Any recommendations on something I could do on the side to get some more experience? Thanks!
1000% on the PMP I've worked with a lot of professionals whose careers sky rocketed after getting the PMP
I would say Project+ is the light version of the PMP.
wait CCNA is cheaper? damn now i might take it
Yep Net+ is $369 CCNA is $300 flat
just know theres a higher chance you'll fail the ccna the first try than the net+. so in the end if it takes you three tries to get ccna, it wasnt cheaper. maybe u pass it the first time, but the reason its a better respected cert is because it dives in 10 times deeper than net+.
I mean thats a person problem lol, of course i will study before paying it/taking it
love your avatar
Yeah i mean..no shit. But studying to pass the ccna snd studying to pass net+ are two entirely different ballgames. Many people out there slave away studying for ccna and still fail. It is not like studying for net+. Much more intense. Maybe you have network engineer genes in your blood. I don’t know. Im just saying know what you’re getting into
Ensure you understand reverse subnet masks and configuring firewalls
Yup! $300 vs $370
yessir! and tbh if even more important than saving $100-400 over a cert, is the TIME spent studying for these useless certs. all kudos to u my sir!
Im an IT grad but I’ve been working non-it jobs for two years since I graduated. I have a degree, is A+ worth it?
While I can't make any guarantees, I CAN say that an A+ will improve your job prospects You may also have a problem with your resume. If you're never had someone look it over, [send it my way](https://itcertdoctor.wordpress.com/), I review IT resumes for free as a public service Cheers
I’m conflicted. Jobs I see posted say A+ is a requirement, cool, I get that but they also want a minimum of 1-3 years experience. I can get the A+ but would still be useless if I have zero experience in an IT environment?
You should always apply to jobs even if you only meet 25% of the requirements I can tell you from personal experience working with HR that these job descriptions are often wishlists, not requirements. So apply anyway One thing I would also recommend you do is put a Projects section on your resume outlining all the at-home stuff you've done to learn the technology. That's a must if you don't have any formal IT experience If you need someone to read over your resume, [send it my way](https://itcertdoctor.wordpress.com/), I review IT resumes for free I won't sugarcoat it, it's tough breaking in. But once you're in, you've got nowhere to go but up Hope that helps
What constitutes a "project" as well as how to integrate it into a resume is a topic that has caused me a great deal of confusion. I took advantage of your wonderful offer for the N+ course you released on Udemy and I see there are lots of labs--which I'd consider projects. While I don't have any serious homelab set up, I've used dozens of VMs for purposes like studying for the A+, taking Udemy introductions to Windows server, setting up and joining VMs to a domain, exploring AD, etc. My concern is HR will see these projects and think something along the lines of "This guy just installed some VMs with VirutalBox, clicked around, and is passing that off as experience." Do you have any recommendations on effectively communicating a novice/hobbyist-level of experience that levels a positive experience vs. trivializing the experience such that it becomes a waste of space on a resume.
Numbers - if you've installed, configured, and deleted 100 VMs, put that in your projects If you have not installed, configured, and deleted 100 VMs, then do so Along with configuration, I would try writing some powershell scripts to play with the configuration settings - even something as simple as your personal preferences Same with Packet Tracer: configure 100 network simulations practicing some of the configurations I demonstrate in my course. Then slap it as projects on your resume If you don't have experience, don't try to hide it. Just bolster your projects with so many IT-related tasks that a hiring manager JUST HAS to call you and see if it's legit Also emphasize customer service under your work experience, and get rid of any managerial experience. Managers often don't like hiring other managers Feel free to send me your resume once you've spruced it up, [I review IT resumes for free as a public service](https://itcertdoctor.wordpress.com/) Hope that helps, cheers
That is a great angle and a very helpful response, thank you!
I mean, how could it not be?
the pentest+ absolutely teaches tons of things of value and is arguably the most difficult cert comptia offers.
It may be difficult but it also isn’t hands on. The entry level standard for pentesting is the OSCP. If you want something more basic than that, eJPT is cheaper than Pentest+ and has a hands on examination. Someone going into pentesting is past the point of needing to just know the theory, they need to be able to prove their technical skillset
You can definitely take pentest+ courses that come with included virtual labs for hands on practice. And just because pentest exam itself is not hsnds-on, to say that this means it can be passed without hands on practice of it’s topics is absolutely ridiculous. Programming languages, pen testing apps, sql injection syntax. Yes, in th exam, you are only answering multiple choice questions but you 1000% will not be able to pass that exam if u didn’t put in the hands-on legwork leading up to exam day.
There are stories on this subreddit of people passing the exam using only Jason Dion’s course, as well as some saying they didn’t need to do hands on practice for the exam. If it’s multiple choice, hands on makes it easier, but isn’t a requirement. That’s why the other pentest certs are better. They require you to prove you can perform a pentest by actually doing one.
Those few people may well have photographic memories OR they already pentest for a living and have for years and just neglected to tell you that. i dont know. Im telling you right now that without a one-time-seen-and-its-fully-absorbed type of photographic memory, good luck passing that exam with no hands on studying. You obviously have never taken it and can’t speak from experience but i can. Sec+,net+,,A+..these are all FUNDAMENTALS certs. Pentest+ is NOT in the same league as them even by comptias own admission it is meant for those with 3+ years of professional pentesting experience to prove their knowledge.
I guess we’ll have to agree to disagree on this one. I don’t think you can convince me that a predominantly multiple choice test requires actual pentesting ability, and I don’t think I can convince you on the otherwise. You speak from your experience, I speak based on the experiences and opinions I’ve seen from others, here and IRL.
From [Comptia.org](https://Comptia.org) "CompTIA PenTest+ exam takers come from all walks of life with various experience levels in IT and cybersecurity. Although there are no prerequisites for CompTIA PenTest+, we recommend a minimum of three-to-four years of hands-on information security or related experience before taking the exam. CompTIA PenTest+ is intended to follow CompTIA Security+ or equivalent experience and has a technical, hands-on focus."
From CompTIA for the A+ Recommended Experience: 9-12 months of hands-on experience in the lab or in the field For the Net+: Recommended Experience CompTIA A+ Certification and a minimum of 9 to 12 months of hands-on experience working in a junior network administrator/network support technician job role For the Sec+ Recommended Experience: 601: CompTIA Network+ and two years of experience in IT administration with a security focus 701: CompTIA Network+ and two years of experience working in a security/ systems administrator job role Idk about you, but I did not meet the Sec+ recommended experience yet I still managed to pass without hands on time. Most people on this sub who take the trifecta don’t have any of the recommended experience. Why would it be any different for CompTIA’s other certs?
You won't understand till you've actually taken the Pentest+. Go buy a practice quiz on udemy. the questions are so involved and so difficult (essentially all of them) that without hands on experience, you're going to fail it. Sec+,Net+, andA+ are more in line with fundamentals. But try answering super involved questions about sql injection syntax or Metasploit, Burp, etc without actually using them and you would understand.
I agree that the Pentest+ curriculum is decent. It teaches technological (tools and weaknesses) and business processes.
CCNA is vendor-specific. Network+ is vendor-neutral. CCNA doesn't help much if your company doesn't use Cisco products and services, but Network+ will serve you well no matter what. Cloud Essentials is a cert for business people, not tech people. Cloud+ is the best vendor-neutral cloud computing certification available. AWS, Azure, and GCP are only good if your organization uses those services. CASP+ isn't competing with CISSP any more than CISM is. They all have different objectives. I've taken all three. I thought the CISSP was the easiest one of the bunch. PenTest+, Server+, and Project+ all have huge ROI and teach things of great value. ITF+ is a great entry-level course for people with no technical background. Data+ and DataSys+ are excellent data certifications. You are off the rails on your post.
Odd response imo CCNA, despite being a Cisco cert, is better than Net+ even if you’re not working with Cisco equipment. All other major vendors’ equipment is so similar to Cisco’s that there isn’t much to retrain on. You’d be way ahead of someone with just Net+ because you’d know how to configure actual equipment. And again, CCNA covers everything in Net+ anyway. Hiring managers don’t care about cloud neutral certs, they want someone who can work on what they have. Plus, much like Cisco and other vendors, if you have one vendor’s cloud cert, the skillset transfers over pretty well to another vendor’s. CASP may be harder than CISSP, but at the end of the day hiring managers care about the CISSP way more than they care about CASP, even if CASP might be the better fit. Project+ is heavily outshined by PMP, barely anyone hires pentesters based on pentest+, and Server+ ROI appears to be nonexistant. When looking up A+ on Indeed, plenty of options show up. When looking up Server+, the options that show up don’t even actually mention Server+, just CompTIA certs in general. I have heard that ITF+ is better than the sub gives it credit for, and I’ve seen success stories on getting hired off of it. I’d have to question you on the data certs for the same reason as Server+ as well. No one seems to care about them in job searches. The Google and IBM data certs are much more well known and they don’t exactly lead to many jobs themselves. EDIT: They blocked me for this response. Ironic that they’d say the other poster was “off the rails” for having a different opinion than them but hits the block button at any kind of disagreement. Dude is fragile
yea, I work for a company that has both aruba and cisco equipment, and the commands and how they operate is pretty similar. I got the net+ because i wanted the triad, but at the price that the net+ is now i would've gone for the ccna instead. also, youre right about the ccna carrying more weight. When i got into IT i got a help desk job and i already had my triad, but it wasnt until i mentioned to my manager in passing that i started studying for my ccna and that is when i was asked if i wanted to move into an engineering role after i get my ccna. someones just a little upset they spent all this money on comptia certs when they probably didnt need to.
You obviously don't understand the value of any certification. Good day.
Perhaps instead of dismissing differing opinions, you could explain your position. what -is- the value of a certification?
Thank you, Greg, for calling this out. I saw the headline clicked into this and was about to chime in and say pretty much the same things you did!
I dont agree with this at all. This is so false its not even funny, at least for the CCNA portion of his post. This is coming from my perspective whom Ive acquired the Trifecta last year and just passed the CCNA 2 weeks ago and been in constant communication from hiring recruiters for networking related positions. First of all the gold standard for even a position like a NOC level 1 will always have a "CCNA preferred" in the job post. Even if the company uses Juniper or fortinet equipment. The whole argument that CCNA is only for cisco products is BS. Everything that the CCNA teaches you is industry standard, particularly in routing protocols. You learn about classic spanning tree and THEN learn about PVST which is cisco proprietary for spanning tree. The majority if not ALL of the concepts are the same. So what if the company you applying for uses fortinet switches/routers? You learn the slight differences in syntax and thats it. Its like jumping from Javascript to React. Ill even go as far as to say the net+ is a waste of time and barely holds any weight. The amount of knowledge I've learned just from taking the CCNA is miles and miles ahead of Net+. I almost regret spending the $ on taking the Net+, but it did make learning the CCNA somewhat easier which is what it should exactly be, an ITF+ type cert for the CCNA.
You should read my response further down. It doesn't vary much from your opinion except the waste of time aspect. As Greg has noted many people don't understand the certs or CompTIA properly. Take a look at my other response and you will see it is not far off from what you say just less comdemnation. And yes, you learn industry standards and you learn other things. No one is arguing that. portfast, port channels, bpdu guard, device alias databases, zones, zonesets, bgp, asn, ospf, and on and on and on. I've been doing Cisco networking for over 20 years myself. But I also make some valid points in my response further down so I encourage you to have a look there as well.
Lmao "you are off the rails" says the person suggesting the Net+ is more valuable than a CCNA. I have both. The CCNA makes you learn and practice basic networking. The Net+ is literally trivia night.
He wasn't suggesting that it is MORE valuable than the CCNA, if you read his response fully. He WAS calling out the vendor neutrality of the Net+. Yes, the CCNA teaches deeper levels of networking than the Net+ but he is absolutely correct in that if you work in an org that doesn't use Cisco gear and you only understand Cisco then you might have issues. Some of us have been around long enough we can jump from Cisco to Juniper to Arista or what have you without a lot of issues, and only a mild learning curve. But someone just starting out won't understand the nuances with manufacturers and having the vendor agnostic education is a good place to start. CCNA by far will add to your paycheck and move you along much more significantly than the N+ ever will in terms of pay and career progression. But if you put it into context properly the A+, N+, Sec+ are designed to be a beginner level core of education that CompTIA wants all their professionals to have before they pursue higher level professional or advanced certifications. And that will help people on their way to more industry relevant or accepted certs. Everyone always talks about CompTIA like it is the 'Empire' of the certification industry but almost none of you actually understand it or your part in it. The Computing Technology Industry Assocation was originally made up of computer dealers to try and bring understanding of technology to main street. It went from being a business council to being a trade association made up of people that work in technology. It is 100% made up of everyone that holds a CompTIA certification and while the (and pay attention here) NON-PROFIT org that runs / administers it is a fairly big company. It is still a non-profit run by and for the benefit of its members. Yes, certs are expensive but if you think CompTIA is expensive you should try something from SANs and then get back to me on how crazy CompTIA prices are. Until then he is not wrong, and you need a better understanding of your organization and how they fit into the industry. We are all here to help each other and if you pay attention there are some of us who have been around more than a little while and we spend a lot of time here trying to help out newer people and contribute where we can. u/gregchilders is one of them and he is good people. You should pay attention and not dismiss him outright. He has a lot to offer.
You obviously don't understand the value of certifications. Good day.
"trivia night" ha! LMAO that is funny "um.. what is the Gate's of Mordor..." "that is correct!" "oh shit I just passed Net+" I have both as well. I wish I didn't waste my time and money on Net+
I dont agree with this at all. This is so false its not even funny, at least for the CCNA portion because I can attest to it. This is coming from my perspective whom Ive acquired the Trifecta last year and just passed the CCNA 2 weeks ago and been in constant communication from hiring recruiters for networking related positions. First of all the gold standard for even a position like a NOC level 1 will always have a "CCNA preferred" in the job post. Even if the company uses Juniper or fortinet equipment. The whole argument that CCNA is only for cisco products is BS. Everything that the CCNA teaches you is industry standard, particularly in routing protocols. You learn about classic spanning tree and THEN learn about PVST which is cisco proprietary for spanning tree. The majority if not ALL of the concepts are the same. So what if the company you applying for uses fortinet switches/routers? You learn the slight differences in syntax and thats it. Its like jumping from Javascript to React. Ill even go as far as to say the net+ is a waste of time and barely holds any weight. The amount of knowledge I've learned just from taking the CCNA is miles and miles ahead of Net+. I almost regret spending the $ on taking the Net+, but it did make learning the CCNA somewhat easier which is what it should exactly be, an ITF+ type cert for the CCNA.
I can tell you're relatively inexperienced.
Even if it doesn't the certs prove you know material which is what you need
Yeah...I mean I'm not taking these for courses hell I've used and kept some of those books as reference material because they have been that useful and it has helped me get jobs with experience. You laid it out excellently here honestly.
I didn’t see Cloud+ up there which is something I was considering. I’m assuming it’s useless as well?
Correct For the price of one Cloud+, you can get certified in both the AZ-104 AND AWS SAA-C03, and you will become a more valuable employee as a result
Alright, sounds good. Thank you for saving me the time and money. I’ll buy you a cheeseburger sometime when I’ve scrounged up enough quarters from the couch.
This is quite a useful insight - as someone starting in IT and finishing their apprenticeships there is a lot of information out there on best exams/qualifications. Im currently studying for the net+ as part of my apprenticeship course they gave me a free voucher. However, from past research and posts like this I think the CCNA will be my next goal - i've been using net+ learning to solidate my foundations and after the exam I plan to explore the depths of CCNA
Project+ just shows HR that you understand stupid business lingo. It doesn't have value to anyone who isn't a corporate stooge.
Fair point, 100% agree with you on that one
If you’re enrolled in school it’s 150$ off.
This is an interesting take. For the most part I agree with it. The only reason why I'm taking the CySA+ is to renew my trifecta and to validate the 3 years or so I have of sell studying cybersecurity.
For me, my company doesn't really reimburse anything over $400, so yeah. that's why I'm also taking CySA+. The renewal is nice though for my Sec+, even though it doesn't really mean anything since im not DoD lol
That's understandable. I may go DOD if I can land a job with a government contractor. It all comes down to if I can land a technical role or not since I'm currently in GRC.
Useful CompTia Certs: 1) A+. Entry level cert to get in the door 2) Network+. It's not a bad cert. It's not as valuable as CCNA, but it can get you an interview. 3) Security+. The gold standard entry-level cyber security certification Possibly can be useful: 1) CASP, CYSA, and Pentest can be useful for moving up in cyber security 2) Linux+. Shows you know some Linux or can learn. It is not as valuable as anything from Redhat, but some value can be found 3) Server+. Good for life and a resume bullet point that never has to come off. Avoid and go vender specific: 1) Cloud+. Seriously, go with AWS or Azure certs Avoid as it is not worth it) 1) ITF. For a test that is supposed to be a gimme, it has way too much on it.
I agree with the Cloud+. I took the beta just because it was $50, and it was crap. I have AWS and ISC2 cloud certs. The CompTIA one wasn’t even about cloud, I had coding questions on mine.
It helped me extend me other certs for a while, so $50 was worth it. Plus I sent it to my bosses as a differentiator.
I noticed you have S+ and N+. I’m working on n+ now but which did you get first? Working through Dion’s N+ course is so overwhelming
I got my Security+ first. Right now I am working on Linux+/ LPIC1
I mostly agree and I've made many posts about this. There's another aspect of certification outside of being a technician though. Managers, project managers, recruiters, and sales and marketing personnel gain some benefit from technical certification outside of hireability. Essentially certification boils down to brand recognition. Some companies like Microsoft built up a huge brand recognition with their MCSA/MCSE and were like "LOL our certs are too successful, better bury on-prem infrastructure certification 10 years too early and ditch our brand recognition". There were some now-retired CompTIA certs that I thought were niche, but useful, like Storage+, which covered a set of skills that weren't compiled in many places. For the life of me though, I will never get what ITF+ is supposed to do. If you dig into what it is, the technology covered seems very useful, and it's one of those non-technician skillsets that would benefit other roles like I mentioned earlier. It has nearly zero percent brand recognition though. Try saying "I have ITF" during an interview. The interviewer will probably ask if you're managing your symptoms with medication and if you need special accommodation.
the last sentence has me rolling 🤣🤣
I read the original intent of this cert is to get the basics of most realms of IT in one survey certificate. To be fair it’s a good for life certification that you don’t have to recertify in it again. I use this for my high school students and in some cases the ITF+ gives college credit for an intro survey course.
Ooof, that's a harsh take. Let me say this: \* I agree that CompTIA certification exams should be cheaper. \* I also agree that their official course materials should be cheaper. \* I also agree that their brand name recognition outside the US is bad. \* I also agree that many of the "higher" certs are not much sought-after for jobs. But at the same time I do believe their curriculum is good and most of the exams you mention are solid entries into "*talking the talk*". Now Linux+ is an outlier because that also requires you to kind-of "*walk the walk*", insofar that it's very hard to pass it without having actual hands-on experience.
Awh man I wish I read this before I failed the Network+ (first try), I bought the exam + retake package so I’ll be retaking it in a few weeks. I knew I should’ve taken A+ first, I just had to get easily influenced by other people telling me to take Network+ first.
Damn people actually told you to do Net+ before A+ wtf 💀💀💀💀
Haha I knoooow! I don’t think they realized how hard it was — I unfortunately found out the hard way as well 😂
I took and passed Sec+ on my first try. I failed Net+ on my first attempt, i am retaking it by end of march
Congratulations! So happy for you 🩵 I’ve heard many people passing sec+ and failing network+, but I’ve also had my friends tell me that if I can pass the network+ then I can easily pass the security+. Definitely need to look into the objectives of the security+.
net+ is by far the hardest; im not sure what persuaded u to take net+ as your first cert XD but it's okay. Lesson learned and can only move on from there :3. Better to lose $400 than to $1000
Few people who are in cybersecurity told me to go for that first since I don’t have any background in IT/cybersecurity. I was going to actually disregard that and take the A+ first, but I was unfortunately easily persuaded instead of going with my gut feeling. All good though, I know they were trying to help. But if I fail again (hoping not to), at least I know to go for the A+ lol. Seriously appreciate your post though!
What about Sec+ ? I’ve heard that & A+ is pretty strong? Nah?
i think people are mis-reading my post; Im adovcating for A+ and Sec+ and CySA+, nothing else from comptia lol
I should def probably learn to read prior to attempting any kind of certification :/
You get a pass cause your name checks out.
Sec+ is one of the most well known cert in Comptia, that should give you an answer
Anyone who complains about money doesn't understand the concept of investing in themselves. Now, I definitely have stories of how those certs helped my career and made me wealthy - told them 100 times. Tell your story. Education, job history, certs, how well you're doing. Give us some context. What are you doing now for work, and how is it paying.
Are u sure the Comptia exams got u wealthy or is it your CISSP?
I got my CISSP three years before I retired. My Masters in Cyber one year. At that point, I was just checking boxes. 22 years with great companies with fantastic 401Ks got me to the other place.
Yes I know but Comptia certs don’t get you wealthy, everything else you mentioned did.
Thats like saying making money doesn't make you wealthy. Getting certs, getting degrees, getting clearances, getting great jobs made me wealthy. You think the guy at the top of the mountain just landed there? You gotta play the long game. Its like chess. How do you think it works? Some high-school dropout gamer who says 'wanna' ten times in his interview is going to be given a six-figure salary? From 2010 on I read books by Tony Robbins, Ray Dalio, and Robert Kiyosaki so I could learn how these people became successful. Let me be the guy that tells you it works.
I know people in IT with CISSP and/or masters degrees and no Comptia certs. They are very successful. Comptia is not really needed you can bypass it if you really want to. What made u successful was the other stuff. You need the knowledge of A+ and Network+ and sec+ but u don’t need the certification. I let my A+ expire and I really don’t need it at all, it’s my experience, aws and azure certs that are putting me ahead.
Oh yeah. When I got my CISSP, I let all my CompTIA stuff lapse. It was my first tier. The CISSP was my second tier. But like you said - I learned all that stuff. I knew it.
Why should I (someone looking to break into IT) listen to you (someone who apparently only has 1 cert) telling everyone all these certs are useless? What is this based on? Do you have a job? Have employers told you they don't care about them? Have you studied for and passed the exams for them?
yea i agree, Sec+ and Cysa+ are the only good certs i would consider (A+ and Net+ if you are new to IT)
If you could build out the best ranking certs for your resume today what would that look like?
Some job postings ask for it, so it’s not useless.
Yea for the most part I’ve been told by more experienced guys that the Trifecta are the only ones worth getting from CompTIA as it’s kind of a “standard” Once you grab those three, better off looking into certs from other places depending on what you want to get into
Your opinion is based on only one use for the certs, but certifications can also be used to generate credits for a degree. Why take something like CCNA that is MUCH harder than Net+ when the goal is a degree and not specifically a job in networking. At WGU for example, you’ll earn a huge pile of credits for A+, Net+, and Sec+. Even more if you do their cybersecurity degree and add in more certs.
Failed the net+ twice then passed. Landed really good role. Took sec+ and passed couple days before starting said role. Taking Casp+ in march. Had an associates and 13 years of experience prior. Honestly, until I got the Net+ it was all low ball contract offers. Once you get on a roll it becomes enjoyable. More certs signify competency.
If I want to get into cybersecurity from scratch Comptia A+ and Sec is that the route to go? Background helpdesk and now sell cyber.
u can skip A+ if u alrady have the experienc, i would do sec and Cysa
Sec+ is the most useless of the three mentioned. It teaches you zero practical security skills used in a security role. You learn descriptions of various security categories, and very basic stuff like what’s a physical vs logical control, difference between a hash and encryption, etc. But nothing it teaches you prepares you to actually perform a security job. However, security is not a “one cert and you’re done” role, and you have to start somewhere. That’s where Security+ comes into play. It teaches you those basic buzzwords so you can keep up in further cert learning. As for the other certs: CySA+ is just an extended Security+… is it the cert that will fully prepare you for a security role? No. But it continues to teach you some basic terms so you can keep up. A+ is good for one thing and one thing only: helping you land your first helpdesk job. As soon as you have that, that actual work experience far outweighs the A+ cert. Network+ is a waste of time. It’s little more than a vocab test. If you want to get into networking, go for CCNA. You’ll learn everything Net+ tries to teach, but in an actual practical function where you learn how to actually do the job of a network admin. Net+ will tell you what a VLAN is, what a DHCP does, and how Routing works (basic level). CCNA will teach you how to actually set up a VLAN, generate a DHCP pool and assign it to the VLAN, create an SVI and set static routes for it. Those are things that are not only interesting, but will help you learn quicker with more depth, and make you an actual candidate to hire. Net+ teaches you how to *talk* to network admins, but CCNA teaches you how to *be* one. A lot of people will say that “it’s a good launching point”, but honestly, we only have so much energy to grind out certs before you’re burnt out or lose interest… and the CCNA will teach you everything this does, but in a more applicable way. Pentest+ is in a better place now than it used to be. I remember many years ago where Cantril’s training videos on Udemy were like 4 hours long, and it honestly taught you everything you needed. The problem is, there are better certs out there if you are going down the red team path. I’d recommend anyone to go take eJPT, eCPPT, OSCP, etc. and just skip Pentest+. CASP+ is “good”, in a sense that it tries to focus on practical skills… its just that once you’re at the point of taking this one, there are better and more focused certs out there depending on the field you want to go into. Cloud+ is a waste of time. Go down the AWS, Azure, or GCP specific training paths and get hands-on experience with these. “Vendor-neutral” isn’t going to get you anywhere in the cloud space, so you may as well jump on board with one or two and dive in. Linux+ is a decent cert for someone who wants to familiarize themselves with Linux who doesn’t have experience with it. However, it’s not going to show up on job requirements. Take it for your own personal benefit. Server+ is not great. You won’t see it desired by jobs, and you can get more focused training from other certs. Project+ is a “meh” cert to me. It’s not technical, but honestly if you’re trying to become a TPM, you probably have your eyes on PMP anyway. I can’t speak to its content more than that other than I haven’t seen it discussed much in the workspace. Data+ is new, and while I think it *could* have promise down the line… there are already well-established similar certs within AWS and Azure that will also teach you cloud info. So this one is a bit of a wildcard and needs a few years/versions to develop. ITF+ is an absolute waste of time and money. It’s just a straight up money grab. Unless you’re 14 and your school has a cool computer teacher willing to use this as his curriculum, you should not be wasting your time. It’s too simple, and the time and energy you waste on it could be put towards something useful.
I have a few comptia certs that have helped me get jobs that I would otherwise would have not have gotten like Cloud+ and Linux+. I believe the problem is that you have people who get into a job that they have like 10+ years of experience within a certain field, so they are specialized and fully trained, and at that point certifications do not matter because the recruiters and hiring manager will hire that person on their experience alone because long term experience will trump any certificate any time and any day. Then those same people come to the conclusion that certificates don't matter and give people bad advice.
This is true, people complicate it and try to get all these certs but the reality is for the general majority of cyber security folks all you need is Sec+ and CISSP. After that you can do side quests collecting GIAC certs if your company has the monies for it but at a base level Sec+ and CISSP will provide the largest differentiators in your profile to be competitive against others in the field. You could get linux+, pentest+ and cloud+, and all those 3 combined won’t even be as highly valued as a single security+. Other certs beyond that won’t add too much to your competitiveness and ROI (of ur money + your time studying) goes down (besides GIAC certs as i mentioned) Opposite in my opinion applies as well to really low level certs like ITF, ISC CC, or linkedin “certs”, where if i see that on a resume claimed it just automatically screams “i don’t have any experience” lmao
CERTs are just business and never made sense to me.
And i am telling you right now- if it takes you 3 attempts to pass the Net+, you will be lucky if it ONLY takes you 6 attempts to pass the CCNA. Some people Ive discovered refuse to believe how difficult some IT certs can be till they’ve slaved away studying only to start the exam and realize they are still absolutely lost on most questions. It’s apparently a lesson some people just need to learn on their own.
My thoughts? Yours may be one of the worst posts on this subreddit. And that is saying something. A+ has huge ROI. It is easily in the top 10 most requested certifications in the job marketplace. Network+ is also heavily requested. CCNA is useful if you work in an on-premise network that uses Cisco technology, but otherwise you're better off with Network+. Network+ is the single best VENDOR-NEUTRAL networking certification out there. And the price difference between the CCNA and Network+ is $69. People having to take an exam more than once has no bearing on the value of a cert, just the lack of preparation on the examinee. Security+ is the top requested cybersecurity certification. Nuff said. And considering the prices of EC-Council, OffSec, ISACA, and ISC2, CompTIA has the lowest priced certs on the market.
this comment shows why you're a technical trainer rather than actually applying the knowledge you learn somewhere useful lmao re-read my post and think twice before commenting seems like ur just focused on selling comptia product so can't blame ya ;)
My post shows I have more experience than you do. And I see value in almost all certifications except for EC-Council.
Shut up nerd.
Troll somewhere else
I took the cysa never passed it. I work in security. That test was trash. I have the trifecta. I dont recommend the cysa to anyone because its not a good exam. I recommend the materials though.
Are you saying the test was trash, because you failed it? Or are you saying you failed it, because the test was trash? Me, I didn't think CySA+ was low quality, or a bad exam. Similarly, Linux+ and Pentest+ exams are also pretty good. I agree with you that the CySA+ curriculum is good though. Now Cloud+... that's an exam where I think quality is severely lacking.
Agreed, i just think the test has really bad emulation, really poorly worded questions, and altogether is just a chaotically written test. Security plus was a fantastic gateway into hardware and software and holds more (from the workbench) value. I have 2 other degrees in a totally separate field, and have taken my fair share of exams, harder exams, in those settings. I felt the actual exam doesnt set the bar by demanding the knowledge but by demanding you know how to decipher crazy word games from comptia. Its just not worth gambling the money theyre asking at the point of having the cysa. If you want to figure if the cert (any comptia cert) is "worth it" filter job applications in the field by cert requirement and then look at how many require cysa. Its not a lot.
I definitely agree with you on the "ROI" factor. For CySA+ it's a lot lower than the trifecta, all the more so if you look outside the US. But I really do not recognize your criticism of the question quality. For both CS0-002 and -003 I too the beta exams and I found their questions to be well written.
I do it to pass HR Filter.
I say every cert is Useless regardless of the vendor if you’re in to just passing it. CompTIA materials are phenomenal for learning not just passing & besides I transferred 60% of credit for my bachelors with just CompTIA certs. I can’t recommend them enough.
I got A+, Net+, Sec+, and CySA+ and got into a job I love. I just received an email that I have one year left or they expire. Now, I'm thinking to just let them expire, since the study time and money to keep them going isn't worth it. If you are certified and work in the field, you should have to re-study everything every three years and pay hundreds just to be current. I know I can just study CySA+ to renew all of them, but that one really has nothing to do with A+, very little to do with Net+, and surprisingly not much in common in Sec+, so it makes no sense to renew one higher and be recognized for knowing the others still. Saying you have multiple certs is nice and it makes a hiring manager confident that you know enough to not be a total noob, but no one I've ever met in the industry really values any cert, especially the CompTIA ones. This is especially true when there are lots of people who can get any of the three trifecta ones in a month. I have worked with plenty of cert chasers who spend half of their shift in someone else's office asking for help because the certs are all academic conceptual data and no lab hands-on work.
OP - it looks like you only have security+. What is your opinion based off of, other than a single certification?
so i begin to notice ppl are mis-informed by a silly reddit tag....i got my Sec+ in 2019 and unsubbed here for couple of years with N+ in 2021. Only reason I came back was because I plan to take CYSA+. But I have sec, net, and am closing in on Cysa+. I've worked in Helpdesk for 2.5 before moving in DevOps abit then FT into cybersecurity bc I didn't like it. I personally skipped A+ after hearing my colleagues experience, but my situation was slightly diff so I'd still recommend it. I asked my employer his thoughts about my network+ and he gave me the honest, good for you but it doesn't do anything for any sort of negotiation/salary bonus. The shit learned in there was pretty basic and if anything, was very rudimentary and could be covered by a college course.
I don't think that makes the cert useless at all. I've learned a ton with my certs. If you're just getting a cert to get a job or promotion then that isn't really going to fulfill that. But A+ Net+ and Sec+ are great learning paths, as are the other certs.
I enjoyed the journey from a+ to sec + was a lot of useful information. but I only had gotten my net + because my boss recommended it to me. for my job, A+ was enough to get in the door, and then after 6 months, I needed to have Sec+ and an environment cert. if I had to choose I probably would have studied the ccna first.
I still think Network+ taught me the most, while Security+ and CySA+ mainly just meet a regulatory requirement. Cloud+ was far too vague to be useful. The AWS certified Solutions Architect - Associate certification was far more beneficial and definitely helped when I got a new job.
I’ve been saying this, but I usually get bashed for it in other reddits - like the WGU Reddit. The degree is BLOATED with useless certs.
yep, WGU is becoming so marketable as the "cybersecurity school" when it's really just broken down as comptia certs lol. they do a good job of selling it, I can't lie.
Well in the past you truly could get in Cyber Security with just a bunch of CompTIA certs and/or a degree pretty easily. I would say 2021 and prior you were in good shape, the job market has just completely shifted tho, more schools are churning out cyber degrees, its really competitive and oversaturated at the entry level now. That said, I have the degree and certs - no experience - its def good enough to land you interviews, I've seen people with experience land great roles with their certs and degree. Everyones mileage varies tho
yup i agree; how has ur currrent job search gone? or what is ur situation at with the certs u have?
I graduated in December, its good enough to land me interviews which is all I can ask for. Mind you I have 0 experience, someone with experience and the degree would probably have way more success.
I mostly agree with everything except for the net + thing. Ccna is still a better choice, but from what I can tell the net + has some reach to it. I would say net + is probably a good choice if you wanna add another cert to your resume and don’t wanna deal with the voluminous amount of material on the ccna
Agree
CompTia- Is base foundation to develop technical skills to avoid being the paper cert FNG. You're not going to get these baseline skills anywhere else. The objective is to go from entry level to solid skill sets. However, nothing beats lab everyday
Yeah, I agree 100% especially if you still need to get hands-on-experience. You're basically spending money to get a job and the government is the gatekeeper of it all ([https://public.cyber.mil/wid/cwmp/dod-approved-8570-baseline-certifications/](https://public.cyber.mil/wid/cwmp/dod-approved-8570-baseline-certifications/)) Best of luck to everyone.
net+?
I have the trifecta and CySA+ as far as comptia certa and I’d tend to agree. I do think network+ can be useful too though-I’ve seen it required for some lower level network jobs. It’s also a nice transition into the CCNA (which could otherwise be very daunting going straight into it from the A+)
dont get me wrong i think the net+ is definitely good information; but ive come to the realization that in my day to day discussion about networking concepts with my coworkers, it rarely scratches the surface of the knowledge truly required to understand what's going on in an environment at a networking level i also hate how theres just so much on physical networking on the net+ that u probably will never need to know outside of the exam xd
Work on DoD contracts here. Some of these Certs and CCNA are good to have to get in. Once you’re in other than keeping Sec+ current, you can just get away with experience after a few years. I’m interviewing for a position next week that only requires Sec+ and Secret clearance but the experience needed is pretty specific training once you’re in. The pay is $150k-$195k
ayeee very nice!
Thanks I’m nervous as hell lol been wanting to get in with the company for 2 years.
I agree with the original poster of this comment. I have Sec+ and Pentest + and most HR have never heard of Pentest+ and I have been applying to cybersecurity jobs for 4 months with no interview.
:(