Which Security Certification is Right for You: CSA+ vs. CEH

Many are drawn to the Cybrary site by a desire to learn security skills and extend their IT background into the cyber security industry, as jobs in this field are in high demand and can offer an exciting and rewarding career.The confusion arises when IT professionals are unsure of where to start in order to reach their end goal of achieving a top tier security certification. It’s easy to see why.With security certifications such as the CSA+, CEH, CFR, GSEC, and SSCP, security professionals have many options in defining their course of study. Unfortunately, the answer is not one size fits all.This post will attempt to offer some guidance and defining factors regarding critical security certifications to put Cybrarians on a path to success. For those completely new to the field of IT, we recommend you start with the basics before jumping full force into cyber security concepts.A beginner learning path on Cybrary would be as follows: CompTIA A+, CompTIA Network+, and CompTIA Security+. Once you’ve grasped the concepts of Security+, you can move beyond to courses mentioned in this post.Traditionally, the CEH designation is seen as the most glamorous, and the Cybrary team has found it’s the one asked about the most, however, in light of CompTIA’s release of the CSA+, many have found themselves wondering if this is, in fact, the certification route that is best for them.TLDR

CSA+ Overview

Obtaining your certification as a CompTIA Cybersecurity Analyst signifies that you possess the fundamental knowledge to configure and use threat detection tools, perform data analysis, and interpret the results to identify vulnerabilities, threats and risks to an organization.

How Does It Compare?

According to CompTIA, “CSA+ differs from others on the market because it’s a mid-level certification that focuses on security analytics for the security analyst job role. Many other certifications out there don't go into as much detail with analytics. CSA+ also focuses on defense, or “blue team,” cybersecurity skills rather than offense, or “red team,” skills.”

Who Is CSA+ Intended For?

The CSA+ is intended for those who have a minimum of 3-4 years of hands-on information security or related experience. CompTIA has done research which shows security analytics is a broader term that includes threat management, vulnerability management, intrusion detection and response, and tools, so ideally, anyone working in a related role would be a good fit for this certification.

Why Earn the CSA+ Certification?

The U.S. Bureau of Labor Statistics (BLS) predicts that information security analysts will be the fastest growing overall job category, with 37% overall growth between 2012 and 2022. They have also found that the median pay for an information security analyst in the United States is $90,120 per year.

CSA+ Exam Details

Referenced with code CS0-001, the CSA+ certification exam contains a maximum of 85 multiple-choice and performance-based questions which testers have 165 minutes to complete. In order to pass, individuals must score a 750 or higher out of 900.

Topics of Emphasis

• Threat Vulnerabilities and Reporting
• Threats Reconnaissance
• Digital Forensics
• Social Engineering
• Introduction to Syslog Monitoring

Additional CSA+ Information

CompTIA CSA+ is ISO/ANSI 17024 accredited and is awaiting approval by the U.S. Department of Defense (DoD) for directive 8140/8570.01-M requirements.Find more here: https://certification.comptia.org/ 

Recommendations from Testers

“The real-world-scenario-style questions provide a great way for someone to demonstrate they have more than just the basic knowledge. It proves they have the critical thinking skills needed to apply that knowledge in the field.This test is a great fit for someone who’s looking for a way to prove themselves as more capable than Security+ but who isn’t quite ready to tackle something as intense as CASP or Offensive Security Certified Professional (OSCP).”

• Nicholas Carrol,  systems administrator at the Florida State University (FSU) College of Medicine

“I think it's a great add-on to CompTIA Security+ and certainly great for people looking to get CASP and/or Certified Information Systems Security Professional (CISSP) certifications. Every certification you can add is one more thing that might set you apart from the countless other people who have applied. I think it's great to have a certification that goes past the general IT security of Security+ and focuses on the dangerous ocean of the internet!”

• Jack Haines, owner of Haines I.T.

What does Cybrary offer in Preparation of the CSA+ exam?

Considering this exam is so new, we do not yet offer a full course for the CSA+, but plan to add one in the near future.Those looking for specific CSA+ practice will be happy to know we do offer a CSA+ virtual lab, available here.

CEH Overview

Obtaining your certification as an ethical hacker signifies that you possess the fundamental knowledge to protect systems using an ethical hacking methodology and framework as your line of defense.

How Does It Compare?

According to EC-Council, the CEH certification “focuses on hacking techniques and technologies from an offensive perspective. This advanced security course is regularly updated to reflect the latest developments in the domain, including new hacking techniques, exploits, automated programs as well as defensive recommendations as outlined by experts in the field. The CEH body of knowledge represents detailed contributions from security experts, academicians, industry practitioners and the security community at large.”

Who Is CEH Intended For?

The CEH certification exam is intended for security officers, auditors, security professionals, site administrators, and anyone who is concerned about the integrity of the network infrastructure.

Why Earn the CEH Certification?

Based on the IT Skills and Salary Survey conducted by Global Knowledge and Penton, CEH is among the top 15 highest paying certifications this year ranking in the 9^th position.From a career perspective, security professionals will acquire a well-rounded body of knowledge, both business and technical to have better opportunities in this field.

CEH Exam Details

Referenced with code 312-50, the CEH certification exam contains a maximum of 125 multiple-choice questions which testers have 4 hours to complete.

Topics of Emphasis

• Footprinting and Reconnaissance
• Scanning Networks
• Device Enumeration
• System Hacking Concept
• Process Monitoring

Recommendations from Testers

“The CEH qualification has meant that I have been able to prove my knowledge within the pen-testing arena to colleagues and external contacts. Coupling the EC-Council qualification with my ISC2 and CISCO certifications enables me to show a broad understanding of many of the key areas to which my job role is currently focused. I feel that this enhances the confidence and increases the "peace of mind" in those that receive my services.”

• Nicholas Charles Paul Humphrey, UK Ministry of Defense

“I would recommend CEH to anyone specializing in information security domain and the course will give you fundamental knowledge about hacking, threats and the measures to defend your organization.”

• Sushanth Sadanand K, GTS Executive Program Head, Global BFSI Regulatory Compliance & CISO Cyber Security Strategist

What does Cybrary offer in Preparation of the CEH exam?

Cybrary offers a full range of CEH preparation materials. We recommend beginning with the FREE CEH course, then practicing the techniques discussed with the CEH virtual lab, and finally reviewing key points using the CEH Practice Test.

To Summarize

The difference between the CSA+ and the CEH is their level of difficulty and approach to security. The CSA+ is an intermediate level certification focused on defensive security while the CEH is a more advanced certification focused on offensive security.

What About Other Security Certifications?

The CyberSec First Responder (CFR-210) certification focuses on advanced security tools and techniques including penetration testing. More information, here.The GIAC Security Essentials (GSEC) Certification covers the fundamentals of security tools and techniques across 50 objectives, meaning you’re presented with a broad range of security skills. More information, here.The Systems Security Certified Practitioner (SSCP) certification specifies 7 domains and is meant to provide hands-on technical ability to handle daily procedures which will improve data confidentiality, integrity, and availability.  More information, here.Want More Posts Comparing Certifications?Leave a comment describing what you’d like to learn more about.