IT Infrastructure Pathway (Best Foundation for Cybersecurity):
Information technology (IT) infrastructure are the components required to operate and manage enterprise IT environments. IT infrastructure can be deployed within a cloud computing system, or within an organization's own facilities.
IT infrastructure components include hardware, software, networking components, an operating system (OS), and data storage, all of which are used to deliver IT services and solutions.
Transitioning from Non-IT to Cybersecurity |
Transitioning from IT to Cybersecurity |
2. CompTIA A+ |
1. Bachelor/Diploma in IT/Network & Security/Cyber Security or 1 year of related practical IT experience (A+, Windows 10, IT support): |
Job possibilities after IT infrastructure pathway skills:
Job Roles |
Certification Skill Set: |
1. IT Technician 2. PC Maintenance and Repair 3. IT Support Technician 4. Field Service Technician 5. IT Technical Support 6. Technical Support 7. IT Customer Service 8. Technical Support Specialist |
|
1. Network Field Technician 2. Network Support Specialist 3. Network Administrator 4. Network Analyst 5. Network Engineer 6. System Administrator |
|
1. Linux Support Technician 2. Linux Systems Administrator 3. Linux Database Administrator 4. Web Administrator |
|
1. Security Architect 2. Security Engineer 3. Security Consultant 4. Security Specialist 5. Security or Systems Administrator |
|
1. Systems Engineer 2. Server Administrator 3. Sales Solution Specialist, Servers Support |
|
1. Cloud Systems Engineer, 2. Server Administrator, 3. Sales Solution Specialist/ Sales and Marketing Staff in cloud product or service management. 4. Project Manager, Cloud Engineer, Data Center SAN job, Business Analyst, New Data Center Staff, 5. Cloud Computing Technical Support Staff, 6. Managed Service Provider Personnel |
Cybersecurity Foundation Track:
Certifications |
Job Role |
Skill set |
Provide individual users, employs with necessary knowledge and skills to protect their information assets. |
It educates on safe handling of internet, system, and end devices so that breaches can be avoided |
|
information security, network security, and computer forensics related job. |
||
Junior Computer Forensic Specialists, Encryption Specialist, Anyone involved in basic information security operations, Information Systems Security Manager, Security Specialist |
Gives hands-on experience on cryptographic algorithms and stenography |
|
latest operational skills and knowledge you need for real-world jobs in security operations centers (SOCs). SOC analysts serve as the front line of defense against cybersecurity threats - preventing and detecting threats to defend your organization. |
||
Cisco Certified CyberOps Professional Certification |
Information Security analyst |
incident response roles, cloud security, and other active defense security roles. |
CBRFIR: Conducting Forensic Analysis and Incident Response Using Cisco Technologies for CyberOps |
CyberOps Forensic Analysis and Incident Response, Security Operations Center (SOC) Analyst (Associate/Beginning Level), Cybersecurity Analyst, Cybersecurity Engineer, Security Operations Manager, Cyber Security Engineer 1-3 Years' experience required. |
Detect and respond cyber security threats, Incident response process and playbooks, Advanced incident response Threat intelligence Digital forensics concepts Evidence collection and analysis Principles of reverse engineering. |
Certified Network Defender (CIND) |
Network administrator Network engineer CND analyst Security analyst |
Detailed understanding and hands-on ability to function in real life situations involving network defence |
Certified Ethical Hacker (C|EH) Theory + Practical |
Ethical Hackers, Security officers, Auditors, Security professionals, Site administrators, IT security administrators. |
methodologies of ethical hacking and penetration testing. It demonstrates the application of ethical hacking techniques |
Certified Threat Intelligence Analyst (CITIA) |
CompTIA Cybersecurity Analyst (CYSA+) |
Security analyst: -Tier II SOC analyst -Security monitoring Threat intelligence analyst Security engineer Application security analyst Incident response or handler Compliance analyst Threat hunter |
knowledge and skills of leverage intelligence and threat detection techniques, analyze and interpret data, identify and address vulnerabilities, suggest preventative measures, and effectively respond to and recover from incidents. |
CompTIA Advanced Security Practitioner (CASP+) |
-Enterprise security domain expanded to include operations and architecture concepts, techniques and requirements. -More emphasis on analyzing risk through interpreting trend data and anticipating cyberdefense needs to meet business goals -Expanding security control topics to include mobile and small-form factor devices, as well as software vulnerability. -Broader coverage of integrating cloud and virtualization technologies into a secure enterprise architecture. - Inclusion of implementing cryptographic techniques, such as blockchain, cryptocurrency and mobile device encryption |
Cybersecurity Pathway (Professional Level)
Cyber Security Professional Certifications |
Job Roles |
SkillSet |
EC-Council Certified Security Analyst (ECSA) : Theory + Practical |
Real-world hands-on penetration testing that covers the testing of modern infrastructure, operating system, and application environment including writing and reporting skills. 12-hrs Lab exam. |
|
PENETRATION TESTING WITH KALI LINUX (PWK) |
VAPT related job profiles. |
foundational penetration testing course. Students learn the latest tools and techniques, and practice them in a lab. |
CompTIA PenTest+ |
knowledge and skills required to plan and scope an assessment, understand legal and compliance requirements, perform vulnerability scanning and penetration testing, analyze data, and effectively report and communicate results. |
|
LPT |
loT Penetration Testing, OT and SCADA Penetration Testing, Binary Analysis and Exploitation, Cloud Penetration Testing, Wireless Penetration Testing. 24-hour performance-based, hands-on exam. You have the option to choose either two 12-hour exams or one 24-hour exam. proctor base exam. Score at least 70% and become a CPENT. EC-Council's Certified Penetration Tester (CPENT) Score at least 90% and earn the highly regarded LPT (Master) designation! |
|
Offensive Security Certified Professional (OSCP) |
Pentesters, Network professionals administrators, Other technology professionals. |
Schedule certification exam within 120 days of course completion. OSCP is a 24-hour challenge with an additional 24 hours allowed for reporting. View the full syllabus. Prerequisites: Very good understanding on syntax of programming languages, bash, PowerShell, windows cli, c, JavaScript, MySQL, ruby, java, PHP, python. N+, S+, L+, Network Security,Server Administration, Web Developer, |
eLearnSecurity Certified Professional Penetration Tester (eCPPT) |
Vulnerability Assessment of Networks, Vulnerability Assessment of Web Applications, Advanced Exploitation with Metasploit, Performing Attacks in Pivoting, Web application Manual exploitation, Information Gathering and Reconnaissance, Scanning and Profiling the target, Privilege escalation and Persistence, Exploit Development, Advanced Reporting skills and Remediation |
|
Offensive Security Wireless Professional (OSWP) certification |
Security professionals and enthusiasts, Network administrators, Wireless Engineers, Network Security Professionals. |
4-hour online exam View the OSWP full syllabus: |
Offensive Security Experienced Penetration Tester certification (OSEP) |
Expert Pentester |
48-hour exam. OSEP is the next step for penetration testers who have completed the OSCP. View the syllabus. |
Offensive Security Web Expert (OSWE) certification. |
48-hour exam. Java, .NET, JavaScript, Python, Python / Perl / PHP / Bash scripts, etc Experienced software engineer, full stack web developer, etc can attend this certification. Offensive Security Exploitation |
|
Offensive Security Exploitation Expert (OSEE) certification |
sans.org Cyber Security Skills Roadmap:
eLearnSecurity.com Penetration Testing Certifications:
(ISC)² Cybersecurity and IT Security Certifications and Training:
CISSP Certified Information Systems Security Professional
Who Earns the CISSP?
The CISSP is ideal for experienced security practitioners, managers and executives interested in proving their knowledge across a wide array of security practices and principles, including those in the following positions:
1. Chief Information Security Officer
2. Chief Information Officer
3. Director of Security
4. IT Director/Manager
5. Security Systems Engineer
6. Security Analyst
7. Security Manager
8. Security Auditor
9. Security Architect
10. Security Consultant
11. Network Architect
CISSP Domains:
1. Introduction to Security and Risk Management
2. Asset Security
3. Security Architecture and Engineering
4. Communication and Network Security
5. Identity and Access Management (IAM)
6. Security Assessment and Testing
7. Security Operations
8. Software Development Security
9. SSCP Systems Security Certified Practitioner
10. CCSP Certified Cloud Security Professional
11. CAP Certified Authorization Professionall
12. CSSLP Certified Secure Software Lifecycle Professional
13. HCISPP HealthCare Information Security and Privacy Practitioner
14. CISSP - ISSAP Information Systems Security Architecture Professional
15. CISSP - ISSEP Information Systems Security Engineering Professional
16. CISSP - ISSMP Information Systems Security Management Professional
17. Associate of (ISC)² Associate of (ISC)²
Associate of (ISC)2 Associate of (ISC)²
ISACA CERTIFICATIONS:
A CISA, CRISC, CISM, CGEIT, CSX-P or CDPSE after your name proves you have the expertise to meet the challenges of the modern enterprise.
https://www.isaca.org/credentialing/certifications
CISA - Certified Information Systems Auditor:
The CISA certification is world-renowned as the standard of achievement for those who audit, control, monitor and assess an organization's information technology and business systems. The recent quarterly IT Skills and Certifications Pay Index (ITSCPI) from Foote Partners ranked CISA among the most sought-after and highest-paying IT certifications. This certification is a must have for entry to mid-career IT professionals looking for leverage in career growth.
CRISC - Certified in Risk and Information Systems Control:
ISACA's Certified in Risk and Information Systems ControlTM (CRISC®) certification indicates expertise
in identifying and managing enterprise IT risk and implementing and maintaining information systems controls. Gain instant recognition and credibility with CRISC and boost your career! If you are a mid-career IT professional with a focus on IT and cyber risk and control, CRISC can get you the leverage you need to grow in your career.
CISM - Certified Information Security Manager:
ISACA's Certified Information Security Manager (CISMⓇ) certification indicates expertise in information security governance, program development and management, incident management
CGEIT - Certified in the Governance of Enterprise IT:
ISACA's Certified in the Governance of Enterprise ITⓇ (CGEIT®) is unique and framework agnostic. It is the only IT governance certification that can give you the mindset to assess, design, implement and manage enterprise IT governance systems aligned with overall business goals. Get visibility at the executive level with CGEIT!
CSX-P-Cybersecurity Practitioner Certification:
CSXⓇ-P remains the first and only comprehensive performance certification testing one's ability to perform globally validated cybersecurity skills spanning five security functions - Identify, Protect, Detect, Respond, and Recover- derived from the NIST Cybersecurity Framework. CSX-P requires that candidates demonstrate critical cybersecurity skills in a live, proctored, virtual environment that assesses their analytical ability to identify assets and resolve network and host cybersecurity issues by applying the foundational cybersecurity knowledge and skills required of an evolving cyber first responder. For more information, see the CSX-P Exam Content Outline.
CDPSE - Certified Data Privacy Solutions Engineer:
Modern privacy laws and regulations require organizations to implement privacy by design and by default into IT systems, networks, and applications. To do so, privacy professionals must partner with software developers, system and network engineers, application and database administrators, and project managers to build data privacy and protection measures into new and existing technology environments.
Global Trend: The State of Cyber Security
https://cybermap.kaspersky.com