SECURITY+ COMPETITIVE ANALYSIS 1. GIAC GSEC 2. (ISC)2 SSCP 3. EC-COUNCIL CEH

Similar documents
CyberVista Certify cybervista.net

DoD Directive (DoDD) 8570 & GIAC Certification

Cyber Update Mr. Paul Phillips AFLCMC/WNSA (937) May 17

A guide to CompTIA training and certification DDLS Australia Pty Ltd

A Passage to Penetration Testing!

Playing Security Poker I match your degree and raise you by a certification or 2 Grumpy Old Security Men What s up Cert?

EC-Council C EH. Certified Ethical Hacker. Program Brochure

Career Paths In Cybersecurity

CyberSecurity Training and Capacity Building: A Starting Point for Collaboration and Partnerships. from the most trusted name in information security

CompTIA Cybersecurity Analyst+

EC-Council - EC-Council Certified Security Analyst (ECSA) v8

ITU CBS. Digital Security Capacity Building: Role of the University GLOBAL ICT CAPACITY BUILDING SYMPOSIUM SANTO DOMINGO 2018

Building the Cybersecurity Workforce. November 2017

What is the CISSP? Certified Ethical Hacker v8 or higher Certified Forensic Computer Examiner (CFCE) Certified Fraud Examiner (CFE)

Certification and Career Guide

The fast track to top skills and top jobs in cyber. Guaranteed.

Certified Ethical Hacker (CEH)

CYBERSECURITY HOW IT IS TRANSFORMING THE IT ASSURANCE FIELD

A guide to CompTIA training and certification DDLS Australia Pty Ltd

Course overview. CompTIA Security+ Certification (Exam SY0-501) Study Guide (G635eng v107)

C T I A CERTIFIED THREAT INTELLIGENCE ANALYST. EC-Council PROGRAM BROCHURE. Certified Threat Intelligence Analyst 1. Certified

Strengthening Capacity in Cyber Talent sans.org/cybertalent

ISACA MOSCOW CHAPTER Chapter meeting 22 September 2016

CISSP CEH PKI SECURITY + CEHv9: Certified Ethical Hacker. Upcoming Dates. Course Description. Course Outline

Wolfpack Cyber Academy Training Catalogue

CERTIFICATION TRAINING - ISC2

Federal Virtual Training Environment (Fed/VTE) Pre-Approved for CompTIA CEUs

UPDATED: 10/17/16. Senior Level. Senior Specialty Threat, Consultant, Engineer, Manager. Mid Level Analyst

The fast track to top skills and top jobs in cyber. Guaranteed. FREE TO TRANSITIONING VETERANS

Federal Virtual Training Environment (FedVTE) Pre-Approved for CompTIA CEUs

Management Update: Information Security Risk Best Practices

Certified information Systems Security Professional(CISSP) Bootcamp

EC-Council C EH. Certified Ethical Hacker. Program Brochure

The fast track to top skills and top jobs in cyber. Guaranteed. FREE TO TRANSITIONING VETERANS

building for my Future 2013 Certification

EC-Council Certified Network Defender (CND) Duration: 5 Days Method: Instructor-Led

Voucher Procedures This office provides a maximum of 2 vouchers per position. No exceptions

Certifications Part Two: Security Certifications By Shawn Conaway

CIT 480: Securing Computer Systems. Putting It All Together

The fast track to top skills and top jobs in cyber. Guaranteed. FREE TO TRANSITIONING VETERANS

CURRICULUM VITAE SHON L. HARRIS, CISSP

IT Technician Pathways Course Guide

Mohammad Shahadat Hossain

NISTCSF.COM. NIST Cybersecurity Framework (NCSF) Workforce Development Solutions

The fast track to top skills and top jobs in cyber. Guaranteed. FREE TO TRANSITIONING VETERANS

Spillemyndigheden s requirements for accredited testing organisations. Version of 1 July 2012

Security. Protect your business from security threats with Pearl Technology. The Connection That Matters Most

NISTCSF.COM. NIST Cybersecurity Framework (NCSF) Workforce Development Solutions

Ingram Micro Cyber Security Portfolio

Building new cybersecurity pipelines. NICE Conference 2017 November 8, Strengthening Cyber Workforce Development sans.

CompTIA Security+ Pre-approved Training for CompTIA Security+ Continuing Education Units (CEUs)

The fast track to top skills and top jobs in cyber. FREE TO TRANSITIONING VETERANS

2017 PORT SECURITY SEMINAR & EXPO. ISACA/CISM Information Security Management Training for Security Directors/Managers

Certified Cyber Security Specialist

CYBER APPRENTICESHIP. Dr Leigh Armistead, President

ISO Lead Auditor Program Risk Management System (RMS) Training Program

CompTIA IT Fundamentals:

CompTIA CASP (Advanced Security Practitioner)

COURSE BROCHURE CISA TRAINING

Cybersecurity Employment SecureNinja

EC-Council Certified Incident Handler v2. Prepare to Handle and Respond to Security Incidents EC-COUNCIL CERTIFIED INCIDENT HANDLER 1

Cyber Security Advanced Education: Preparing the Emerging Workforce

Course 831 EC-Council Certified Ethical Hacker v10 (CEH)

A United States Cyber Academy Program

CompTIA Cybersecurity Analyst+ (CySA+) Course Outline. CompTIA Cybersecurity Analyst+ (CySA+) 17 Sep 2018

Hidden Figures: Women in Cybersecurity

IT SECURITY OFFICER. Department: Information Technology. Pay Range: Professional 18

ISSMP is in compliance with the stringent requirements of ANSI/ISO/IEC Standard

Unlocking Potential Through Learning

CYBER APPRENTICESHIP. Dr. Leigh Armistead, President

Application for Certification

Val-EdTM. Valiant Technologies Education & Training Services. Workshop for CISM aspirants. All Trademarks and Copyrights recognized.

CISA Training.

Introducing Maryville University s CYBER SECURITY ONLINE PROGRAMS. Bachelor of Science in Cyber Security & Master of Science in Cyber Security

Certified Ethical Hacker V9

BUILDING AND MAINTAINING SOC

You Can Click at the enclosed Link to check out AATP Authorization:

CertStore is a ISO (International Standard Organization) Certified and Approved by Govt. Of India.

Certified Ethical Hacker

Workforce Certification

Keeping Your SOCs Full. May 26, Strengthening Capacity in Cyber Talent sans.org/cybertalent

Certified Ethical Hacker - CEH v9 Training & Certification

DATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE

Training + Information Sharing: Pillars of enhancing cybersecurity posture

BUILD YOUR CYBERSECURITY SKILLS WITH TRASYS INTERNATIONAL

CISA EXAM PREPARATION - Weekend Program

The State of Security in 2017:

Secure Systems Administration and Engineering

A New Cyber Defense Management Regulation. Ophir Zilbiger, CRISC, CISSP SECOZ CEO

CERTIFIED IN THE GOVERNANCE OF ENTERPRISE IT CGEIT AFFIRM YOUR STRATEGIC VALUE AND CAREER SUCCESS

Certified Information Systems Auditor Training and Certification

Advanced Penetration Testing The Ultimate Penetration Testing Standard

FOUNDATION CERTIFICATE IN INFORMATION SECURITY v2.0 INTRODUCING THE TOP 5 DISCIPLINES IN INFORMATION SECURITY SUMMARY

PECB Certified ISO Lead Auditor. Master the Audit of Occupational Health and Safety Management System (OHSMS) based on ISO 45001

CCNA Cybersecurity Operations. Program Overview

Course 831 Certified Ethical Hacker v9

CyberSec First Responder Continuing Education Program

THE ISACA CURACAO CHAPTER IS ORGANIZING FOLLOWING INFORMATION SECURITY AND TECHNOLOGY SESSIONS ON MAY 15-MAY :

STUDENT LEARNING OUTCOMES Beacom College of Computer and Cyber Sciences

So you want to be a Certified Quality Engineer?

Transcription:

SECURITY+ COMPETITIVE ANALYSIS 1. GIAC GSEC 2. (ISC)2 SSCP 3. EC-COUNCIL CEH 1

SECURITY+ VS GIAC GSEC

Where does GSEC fit? 3

CompTIA Security+ and GIAC Security Essentials (GSEC) Feature CompTIA Security+ GIAC GSEC Certifying organization Industry recognized (see description above) CompTIA (nonprofit association) Professional Development Qualifying Credential Vendor-neutral Yes Yes GIAC (Global Information Assurance Certification) (for-profit organization) Professional Development Qualifying Credential ISO/ANSI 17024 and Continuing education Yes Yes DoD 8570.01-M IAT II, IAM I IAT II Target audience Entry-level cybersecurity professionals Entry-level cybersecurity professionals 4

CompTIA Security+ and GIAC Security Essentials (GSEC) Feature CompTIA Security+ GIAC GSEC Exam topics Similar, more in-depth Similar, less in-depth Prerequisites Performance-based questions No required prerequisites; CompTIA A+ and Network+ recommended Yes None, no recommendations No 5

Why Security+ instead of GSEC? Reason #1 Security+ is better suited to help IT professionals reach a base level of cybersecurity competence for the least amount of money GSEC is less in-depth and costs more (GSEC $659 vs Security+ $320 retail) Reason #2 The Security+ exam assesses hands-on cybersecurity skills through performance-based questions GSEC does not Reasons #3 Security+ is focused 100% on cybersecurity skills GSEC is more general and includes networking and Linux fundamentals 6

Reasons to work with CompTIA instead of GIAC Reason #1 CompTIA encourages partners to choose any training option GIAC uses SANS 401 training Reason #2 Security+ is more costeffective to assess entry-level cybersecurity skills GSEC USD $659 vs Security+ $179 retail Reason #3 CompTIA certifications are more widely adopted by the industry 96,131 GIAC certifications issued versus over 2,000,000 CompTIA certifications issued (July 2017) 7

SECURITY+ VS (ISC) 2 SSCP

Where does SSCP fit? 9

CompTIA Security+ and (ISC)2 Systems Security Certified Practitioner (SSCP) Feature CompTIA Security+ (ISC) 2 SSCP Certifying organization CompTIA (nonprofit association) (ISC) 2 Information Systems Security Certification Consortium (nonprofit association) Industry recognized Professional Development Qualifying Credential Professional Development Qualifying Credential Vendor-neutral Yes Yes ISO/ANSI 17024 and Yes Yes Continuing education DoD 8570.01-M IAT II, IAM I IAT I, IAT II, CSSP-IS Target audience Entry-level cybersecurity professionals Entry-level cybersecurity professionals 10

CompTIA Security+ and (ISC)2 Systems Security Certified Practitioner (SSCP) Feature CompTIA Security+ (ISC) 2 SSCP Exam topics Baseline cybersecurity skills, more in-depth Baseline cybersecurity knowledge, less in-depth Prerequisites Performance-based questions (PBQs) No required prerequisites; CompTIA A+ and Network+ recommended Yes Requires proof of one year IT-related experience and an endorsement. Candidates can also pass the exam, become an associate and get the experience later No 11

Why Security+ instead of SSCP? Reason #1 Reason #2 Reason #3 Reason #4 Security+ is more technical and goes further indepth into cybersecurity skills than SSCP SSCP is considered CISSP light because it covers an extremely broad level of topics without going into depth The Security+ exam assess hands-on skills through performance-based questions (and closed-response questions) The SSCP exam has no performance-based questions, only closed-response questions 12

Reasons to work with CompTIA instead of (ISC) 2 Reason #1 Reason #2 Reason #3 CompTIA certifications are more widely adopted by the industry: Over 400,000 CompTIA Security+ certifications have been issued versus 3,360 SSCP certifications (April 2017) SSCP requires one-year verification for ITrelated work to certify, otherwise test takers become an associate Security+ assesses cybersecurity skills when the student sits for the exam; no proof of IT experience required because the hands-on skills are verified immediately at the testing center 13

SECURITY+ VS EC-COUNCIL CEH

Where does CEH fit? 15

CompTIA Security+ and EC-Council Certified Ethical Hacker (CEH) Feature CompTIA Security+ EC-Council CEH Certifying organization Industry recognized (see description on first page) CompTIA (nonprofit association) Professional Development Qualifying Credential Vendor-neutral Yes Yes EC-Council (Int l. Council of Electronic Commerce Consultants) (for-profit association) Professional Development Qualifying Credential ISO/ANSI 17024 and Continuing education Yes Yes DoD 8570.01-M IAT II, IAM I CSSP-Analyst, CSSP-IS, CSSP-IR, CSSP-Auditor Target audience Entry-level cybersecurity professionals Intermediate-level cybersecurity professionals 16

CompTIA Security+ and EC-Council Certified Ethical Hacker (CEH) Feature CompTIA Security+ EC-Council CEH Exam topics Baseline cybersecurity skills required for an entry-level IT professional, including basic penetration testing skills Penetration testing knowledge Prerequisites Performance-based questions (PBQs) No required prerequisites; CompTIA A+ and Network+ recommended Yes Requires proof of two-years cybersecurity related experience, unless the candidate attends official EC-Council training No 17

Why Security+ instead of CEH? Reason #1 The Security+ and CEH audiences are different: Security+ is designed to help IT professionals reach a base level of cybersecurity competence CEH is designed to help IT professionals ethically hack and pen test at the intermediate level (CPT+) Reason #2 The Security+ exam assesses hands-on skills through performance-based questions and closed-response questions: The CEH exam has no performance-based questions The CEH exam assesses only knowledge Security+ assesses knowledge, comprehension and application of skills 18

Reasons to work with CompTIA instead of EC-Council Reason #1 Reason #2 EC-Council requires candidates to attend official EC-Council CEH training, otherwise candidates must provide two-years of employer-endorsed proof of cybersecurity experience CompTIA allows partners to choose less expensive training options CompTIA requires no proof of IT experience to receive Security+; hands-on skills are verified at the testing center Security+ is more cost-effective to assess entrylevel cybersecurity skills (USD $179 vs $700 retail) Reason #3 CompTIA certifications are more widely adopted by the industry: Over 2,000,000 CompTIA certifications have been issued versus over 200,000 EC-Council certifications (July 2017) 19

CSA+ COMPETITIVE ANALYSIS 1. EC-COUNCIL CEH 2. EC-COUNCIL CND 3. LOGICAL OPERATIONS CFR 20

CSA+ VS EC-COUNCIL CEH

Where does CEH fit? 22

CompTIA CSA+ and EC-Council Certified Ethical Hacker (CEH) Feature CompTIA CSA+ EC-Council CEH Certifying organization Industry recognized (see description on first page) CompTIA (nonprofit association) Professional Development Qualifying Credential Vendor-neutral Yes Yes EC-Council (Int l. Council of Electronic Commerce Consultants) (for-profit association) Professional Development Qualifying Credential ISO/ANSI 17024 and Continuing education DoD 8570.01-M Target audience Yes In review: IAT II, CSSP-Analyst, CSSP-IS, CSSP-IR, CSSP-Auditor Intermediate-level cybersecurity professionals Yes CSSP-Analyst, CSSP-IS, CSSP-IR, CSSP-Auditor Intermediate-level cybersecurity professionals 23

CompTIA CSA+ and EC-Council Certified Ethical Hacker (CEH) Feature CompTIA CSA+ EC-Council CEH Exam topics Security analyst knowledge, application and analysis Penetration testing knowledge Prerequisites Performance-based questions (PBQs) No required prerequisites; CompTIA Network+ and Security+ recommended Yes Requires proof of two-years cybersecurity related experience, unless the candidate attends official EC-Council training No 24

Why CSA+ instead of CEH? Reason #1 They have different audiences: CSA+ focuses on security analyst techniques to protect and defend networks CEH focuses on ethical hacking and penetration testing, which is a subset of CSA+ There is only a 38% overlap between the exams, most in penetration testing and vulnerability assessment and management Reason #2 CSA+ objectives cover higher-level learning objectives by analyzing and applying; CEH requires only knowledge of a given topic 25

Why CSA+ instead of CEH? Reason #3 Reason #4 The upcoming CompTIA CPT+ exam will directly compete with CEH The CSA+ exam assesses hands-on skills through performance-based questions and closedresponse questions The CEH exam has no performance-based questions, only closed-response questions The CEH exam only assesses knowledge of skills. CSA+ assesses knowledge, comprehension, application and analysis of skills 26

Reasons to work with CompTIA instead of EC-Council Reason #1 Reason #2 EC-Council requires candidates to attend official EC-Council CEH training, otherwise candidates must provide two-years of employer-endorsed proof of cybersecurity experience CompTIA allows partners to choose less expensive training options CompTIA requires no proof of IT experience to receive CSA+; hands-on skills are verified at the testing center CSA+ is more cost-effective to assess intermediate-level cybersecurity skills (USD $179 vs $700 retail) Reason #3 CompTIA certifications are more widely adopted by the industry: Over 2,000,000 CompTIA certifications have been issued versus over 200,000 EC-Council certifications (July 2017) 27

CSA+ VS EC-COUNCIL CND

Where does CND fit? 29

CompTIA CSA+ and EC-Council Certified Network Defender (CND) Feature CompTIA CSA+ EC-Council CND Certifying organization Industry recognized (see description on first page) CompTIA (nonprofit association) Professional Development Qualifying Credential EC-Council (Int l. Council of Electronic Commerce Consultants) (for-profit association) Professional Development Vendor-neutral Yes Online exam (www.eccexam.com) ISO/ANSI 17024 and Continuing education DoD 8570.01-M Target audience Yes In review: IAT II, CSSP-Analyst, CSSP-IS, CSSP-IR, CSSP-Auditor Intermediate-level cybersecurity professionals Yes No No 30

CompTIA CSA+ and EC-Council Certified Network Defender (CND) Feature CompTIA CSA+ EC-Council CND Exam topics Security analyst knowledge, application and analysis Focuses on traditional perimeter defense knowledge, such as firewalls and anti-virus software; includes basic security analyst knowledge (closer to Security+ knowledge) Prerequisites Performance-based questions (PBQs) No required prerequisites; CompTIA Network+ and Security+ recommended Yes Requires proof of two-years cybersecurity related experience, unless the candidate attends official EC-Council training No 31

Why CSA+ instead of CND? Reason #1 Reason #2 The CND exam focuses more on traditional perimeter techniques, such as firewalls and antivirus software CSA+ focuses more on modern security analytics, such as the Advanced Persistent Threat (APT) CSA+ covers the essential concepts of zeroday anomaly detection that focuses on symptoms and analysis, and penetration testing aspects of vulnerability assessment and management; CND does not The CSA+ exam includes Secure Information and Event Management (SIEM) practices and concepts; the CND exam does not 32

Why CSA+ instead of CND? Reason #3 CSA+ objectives cover Bloom s taxonomy higherlevel learning objectives by analyzing and applying CND objectives cover mostly lower-level learning objectives through knowledge and comprehension. The best way to assess performance is by analyzing and applying technology, in addition to memorizing knowledge and comprehending Reason #4 The CND exam focuses more on entry-level concepts, rather than intermediate security analytics skills; CND is closer to Security+ than CSA+ 33

Why CSA+ instead of CND? Reason #5 Reason #6 Reason #7 CSA+ contains both performance-based assessment items and multiple-choice items; CND contains only multiple-choice items. CSA+ objectives cover higher-level learning objectives by analyzing and applying; CND requires only knowledge of a given topic. EC-Council certifications also tend to focus on arcane security tool features, rather than industry-standard best practices. 34

Reasons to work with CompTIA instead of EC-Council Reason #1 Reason #2 EC-Council requires candidates to attend official EC-Council CND training, otherwise candidates must provide two-years of employer-endorsed proof of cybersecurity experience CompTIA allows partners to choose less expensive training options CompTIA requires no proof of IT experience to receive CSA+; hands-on skills are verified at the testing center CSA+ is more cost-effective to assess cybersecurity skills (USD $179 vs $350 retail) 35

Reasons to work with CompTIA instead of EC-Council Reason #3 At CompTIA, we are very careful to create highquality exams. EC-Council tends to focus on training. Reason #4 CompTIA certifications are more widely adopted by the industry: Over 2,000,000 CompTIA certifications have been issued versus approximately 200,000 EC-Council certifications (July 2017) 36

CSA+ VS CFR

Where does CFR fit? 38

CompTIA CSA+ and Logical Operations CyberSec First Responder (CFR) Feature CompTIA CSA+ LO CFR Certifying organization Industry recognized (see description above) CompTIA (nonprofit association) Professional Development Qualifying Credential Vendor-neutral Yes Yes Logical Operations (for-profit association) Professional Development Qualifying Credential ISO/ANSI 17024 and Continuing education DoD 8570.01-M Target audience Yes In review: IAT II, CSSP- Analyst, CSSP-IS, CSSP-IR, CSSP-Auditor Intermediate-level cybersecurity professionals Yes CSSP-Analyst, CSSP-IR Intermediate-level cybersecurity professionals 39

CompTIA CSA+ and Logical Operations CyberSec First Responder (CFR) Feature CompTIA CSA+ LO CFR Exam topics Security analyst knowledge, application and analysis; includes Incident response Incident response knowledge Prerequisites Performance-based questions No required prerequisites; CompTIA Network+ and Security+ recommended Yes None No 40

Why CSA+ instead of CFR? Reason #1 Reason #2 The CSA+ exam focuses on the unique skills of a security analyst. These include the ability to place, configure, manage, and interpret a Security Information and Event Management (SIEM) tool, interpret packet captures, logs, and other readouts from network, endpoint, and server devices, conduct effective vulnerability assessments and penetration tests, as well as respond properly to incidents. Only 30% of the topics are similar, mostly covering incident response 41

Why CSA+ instead of CFR? Reason #3 CSA+ is an intermediate-level certification; CFR is closer to entry-level Security+ skills. Most CSA+ objectives cover scenarios and applying skills. Most CFR objectives explain concepts. Reason #4 The CSA+ exam assesses hands-on skills through performance-based questions and closedresponse questions The CFR exam has no performance-based questions, only closed-response questions The CFR exam only assesses knowledge and comprehension of skills. CSA+ assesses knowledge, comprehension, application and analysis of skills 42

Reasons to work with CompTIA instead of Logical Operations Reason #1 Reason #2 CompTIA certifications are more widely adopted by the industry: Over 2,000,000 CompTIA certifications have been issued versus very few LO certifications (July 2017) LO is primarily a small publishing company that has gotten into the certification business recently. CompTIA has been an industry IT certification heavyweight for over 25 years. 43

CASP COMPETITIVE ANALYSIS 1. (ISC)2 CISSP 2. ISACA CISM 3. GIAC GCED 44

CASP VS (ISC)2 CISSP

Where does CISSP fit? 46

CompTIA CASP and (ISC) 2 Certified Information Systems Security Professional (CISSP) Feature CompTIA CASP (ISC)2 CISSP Certifying organization Industry recognized (see description on first page) CompTIA (nonprofit association) Professional Development Qualifying Credential Vendor-neutral Yes Yes (ISC) 2 Information Systems Security Certification Consortium (nonprofit association) Professional Development Qualifying Credential ISO/ANSI 17024 and Continuing education Yes Yes DoD 8570.01-M IAT III, IAM II, IASAE I & II IAT III, IAM II & III, IASAE I, II & III, CSSP Manager Target audience Cybersecurity practitioners Cybersecurity managers 47

CompTIA CASP and (ISC)2 Certified Information Systems Security Professional (CISSP) Feature CompTIA CASP (ISC)2 CISSP Exam topics Enterprise cybersecurity architecture, tools and system resilience Enterprise cybersecurity management knowledge Prerequisites Performance-based questions (PBQs) No required prerequisites; CompTIA Security+ recommended Yes Requires proof of five years of cybersecurity-related experience and an endorsement. Candidates can also pass the exam, become an associate and get the experience later No 48

Why CASP instead of CISSP? Reason #1 It depends on the audience: CompTIA CASP is the ideal certification for advanced practitioners of cybersecurity. CASP is intended for those technical professionals who wish to remain immersed in technology as opposed to managing cybersecurity policy and frameworks. CASP is also highly technical in nature. Instead of focusing on theoretical risk management, CASP requires hands-on, practical knowledge of risk management practices. (ISC)2 CISSP is the ideal certification for those in cybersecurity management. CISSP is intended for technical and non-technical candidates that manage cybersecurity policy and frameworks 49

Why CASP instead of CISSP? Reason #2 CASP goes in-depth into advanced cybersecurity skills; in contrast, CISSP covers an extremely broad level of topics without going in-depth. Some people say CISSP is six miles wide and two inches deep Reason #3 The CASP exam assesses hands-on skills through performance-based questions (and closedresponse questions); the CISSP exam has no performance-based questions, only closedresponse questions 50

Reasons to work with CompTIA instead of (ISC) 2 Reason #1 Reason #2 Reason #3 CompTIA certifications are more widely adopted by the industry: Over 2,000,000 CompTIA certifications have been issued versus approximately 130,000 (ISC)2 certifications (April 2017) CISSP requires verification for five-years of cybersecurity-related work to certify, plus an endorsement, otherwise test takers become an associate CASP assesses cybersecurity skills when the student sits for the exam; no proof of IT experience required because the hands-on skills are verified immediately at the testing center 51

Reasons to work with CompTIA instead of (ISC) 2 Reason #4 Reason #5 CASP is more cost-effective to assess entry-level cybersecurity skills (USD $320 vs $599 retail) The CompTIA continuing education program is far more simple, yet just as thorough as (ISC)2 52

CASP VS ISACA CISM

Where does CISM fit? 54

CompTIA CASP and ISACA Certified Information Security Manager (CISM) Feature CompTIA CASP ISACA CISM Certifying organization Industry recognized (see description on first page) CompTIA (nonprofit association) Professional Development Qualifying Credential Vendor-neutral Yes Yes ISACA (nonprofit association) Professional Development Qualifying Credential ISO/ANSI 17024 and Continuing education Yes Yes DoD 8570.01-M IAT III, IAM II, IASAE I & II IAM II & III, CSSP-M Target audience Cybersecurity practitioners Cybersecurity managers 55

CompTIA CASP and ISACA Certified Information Security Manager (CISM) Feature CompTIA CASP ISACA CISM Exam topics Enterprise cybersecurity architecture, tools and system resilience Enterprise cybersecurity management knowledge Prerequisites Performance-based questions (PBQs) No required prerequisites; CompTIA Security+ recommended Yes Requires verification of at least five years of experience working in the information security field No 56

Why CASP instead of CISM? Reason #1 It depends on the audience: CompTIA CASP is the ideal certification for advanced practitioners of cybersecurity. CASP is intended for those technical professionals who wish to remain immersed in technology as opposed to managing cybersecurity policy and frameworks ISACA CISM is a management-focused certification that promotes security practices and recognizes the individuals who manage, design, oversee and assess an enterprise s information security Reason #2 CASP goes in-depth into advanced cybersecurity topics and hands-on skills; CISM covers cybersecurity governance, compliance and management 57

Why CASP instead of CISM? Reason #3 CISM is highly respected, yet also quite theoretical. CASP is respected in the industry because it focuses on practical knowledge and security implementation Reason #4 The CASP exam assesses hands-on skills through performance-based questions (and closedresponse questions); the CISM exam has no performance-based questions, only closedresponse questions 58

Reasons to work with CompTIA instead of ISACA Reason #1 Reason #2 Reason #3 Reason #4 CompTIA certifications are more widely adopted by the industry: Over 2,000,000 CompTIA certifications have been issued versus approximately 110,000 ISACA certifications CISM requires verification of at least five years of experience working in the information security field CASP assesses cybersecurity skills when the student sits for the exam; no proof of IT experience required because the hands-on skills are verified immediately at the testing center CASP is more cost-effective to assess advanced cybersecurity skills (USD $320 vs $595 retail) 59

CASP VS GIAC GCED

Where does GCED fit? 61

CompTIA CASP and GIAC Certified Enterprise Defender (GCED) Feature CompTIA CASP GIAC GCED Certifying organization Industry recognized (see description on first page) CompTIA (nonprofit association) Professional Development Qualifying Credential Vendor-neutral Yes Yes GIAC (Global Information Assurance Certification) (for-profit organization) Professional Development Qualifying Credential ISO/ANSI 17024 and Continuing education Yes Yes DoD 8570.01-M IAT III, IAM II, IASAE I & II IAT III Target audience Advanced cybersecurity practitioners Advanced cybersecurity practitioners 62

CompTIA CASP and GIAC Certified Enterprise Defender (GCED) Feature CompTIA CASP GIAC GCED Exam topics Enterprise defense, cybersecurity architecture, tools and system resilience Enterprise defense Prerequisites Performance-based questions (PBQs) No required prerequisites; CompTIA Security+ recommended Yes None, no recommendations No 63

Why CASP instead of GCED? Reason #1 Reason #2 Reason #3 GCED covers only enterprise defense; CASP covers enterprise defense, plus cybersecurity architecture, tools and resilience techniques used to predict how the network will react when under attack The CASP exam assesses hands-on cybersecurity skills through performance-based questions; GCED does not CASP was developed for the industry in general, but also with a goal to help the United States Department of Defense secure its systems 64

Reasons to work with CompTIA instead of GIAC Reason #1 Reason #2 Reason #3 Reason #4 GIAC sells SANS 501 training; CompTIA can guide partners to less expensive training options CASP is more cost-effective to assess entry-level cybersecurity skills (USD $320 vs $659 retail) CompTIA certifications are more widely adopted by the industry: Over 2,000,000 CompTIA certifications have been issued versus 96,131 GIAC certifications (July 2017) SANS training is highly-respected. But CASP training and certification provides hands-on understanding of risk management at less cost, with significant Return on Investment (ROI) 65

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback