
Ready to Start Your Career?

By: Olivia
May 30, 2017
Which Security Certification is Right for You: CSA+ vs. CEH

By: Olivia
May 30, 2017

CSA+ Overview
Obtaining your certification as a CompTIA Cybersecurity Analyst signifies that you possess the fundamental knowledge to configure and use threat detection tools, perform data analysis, and interpret the results to identify vulnerabilities, threats and risks to an organization.How Does It Compare?
According to CompTIA, “CSA+ differs from others on the market because it’s a mid-level certification that focuses on security analytics for the security analyst job role. Many other certifications out there don't go into as much detail with analytics. CSA+ also focuses on defense, or “blue team,” cybersecurity skills rather than offense, or “red team,” skills.”Who Is CSA+ Intended For?
The CSA+ is intended for those who have a minimum of 3-4 years of hands-on information security or related experience. CompTIA has done research which shows security analytics is a broader term that includes threat management, vulnerability management, intrusion detection and response, and tools, so ideally, anyone working in a related role would be a good fit for this certification.Why Earn the CSA+ Certification?
The U.S. Bureau of Labor Statistics (BLS) predicts that information security analysts will be the fastest growing overall job category, with 37% overall growth between 2012 and 2022. They have also found that the median pay for an information security analyst in the United States is $90,120 per year.CSA+ Exam Details
Referenced with code CS0-001, the CSA+ certification exam contains a maximum of 85 multiple-choice and performance-based questions which testers have 165 minutes to complete. In order to pass, individuals must score a 750 or higher out of 900.Topics of Emphasis
- Threat Vulnerabilities and Reporting
- Threats Reconnaissance
- Digital Forensics
- Social Engineering
- Introduction to Syslog Monitoring
Additional CSA+ Information
CompTIA CSA+ is ISO/ANSI 17024 accredited and is awaiting approval by the U.S. Department of Defense (DoD) for directive 8140/8570.01-M requirements.Find more here: https://certification.comptia.org/Recommendations from Testers
“The real-world-scenario-style questions provide a great way for someone to demonstrate they have more than just the basic knowledge. It proves they have the critical thinking skills needed to apply that knowledge in the field.This test is a great fit for someone who’s looking for a way to prove themselves as more capable than Security+ but who isn’t quite ready to tackle something as intense as CASP or Offensive Security Certified Professional (OSCP).”- Nicholas Carrol, systems administrator at the Florida State University (FSU) College of Medicine
- Jack Haines, owner of Haines I.T.
What does Cybrary offer in Preparation of the CSA+ exam?
Considering this exam is so new, we do not yet offer a full course for the CSA+, but plan to add one in the near future.Those looking for specific CSA+ practice will be happy to know we do offer a CSA+ virtual lab, available here.CEH Overview
Obtaining your certification as an ethical hacker signifies that you possess the fundamental knowledge to protect systems using an ethical hacking methodology and framework as your line of defense.How Does It Compare?
According to EC-Council, the CEH certification “focuses on hacking techniques and technologies from an offensive perspective. This advanced security course is regularly updated to reflect the latest developments in the domain, including new hacking techniques, exploits, automated programs as well as defensive recommendations as outlined by experts in the field. The CEH body of knowledge represents detailed contributions from security experts, academicians, industry practitioners and the security community at large.”Who Is CEH Intended For?
The CEH certification exam is intended for security officers, auditors, security professionals, site administrators, and anyone who is concerned about the integrity of the network infrastructure.Why Earn the CEH Certification?
Based on the IT Skills and Salary Survey conducted by Global Knowledge and Penton, CEH is among the top 15 highest paying certifications this year ranking in the 9th position.From a career perspective, security professionals will acquire a well-rounded body of knowledge, both business and technical to have better opportunities in this field.CEH Exam Details
Referenced with code 312-50, the CEH certification exam contains a maximum of 125 multiple-choice questions which testers have 4 hours to complete.Topics of Emphasis
- Footprinting and Reconnaissance
- Scanning Networks
- Device Enumeration
- System Hacking Concept
- Process Monitoring
Recommendations from Testers
“The CEH qualification has meant that I have been able to prove my knowledge within the pen-testing arena to colleagues and external contacts. Coupling the EC-Council qualification with my ISC2 and CISCO certifications enables me to show a broad understanding of many of the key areas to which my job role is currently focused. I feel that this enhances the confidence and increases the "peace of mind" in those that receive my services.”- Nicholas Charles Paul Humphrey, UK Ministry of Defense
- Sushanth Sadanand K, GTS Executive Program Head, Global BFSI Regulatory Compliance & CISO Cyber Security Strategist
What does Cybrary offer in Preparation of the CEH exam?
Cybrary offers a full range of CEH preparation materials. We recommend beginning with the FREE CEH course, then practicing the techniques discussed with the CEH virtual lab, and finally reviewing key points using the CEH Practice Test.To Summarize
The difference between the CSA+ and the CEH is their level of difficulty and approach to security. The CSA+ is an intermediate level certification focused on defensive security while the CEH is a more advanced certification focused on offensive security.What About Other Security Certifications?
The CyberSec First Responder (CFR-210) certification focuses on advanced security tools and techniques including penetration testing. More information, here.The GIAC Security Essentials (GSEC) Certification covers the fundamentals of security tools and techniques across 50 objectives, meaning you’re presented with a broad range of security skills. More information, here.The Systems Security Certified Practitioner (SSCP) certification specifies 7 domains and is meant to provide hands-on technical ability to handle daily procedures which will improve data confidentiality, integrity, and availability. More information, here.Want More Posts Comparing Certifications?Leave a comment describing what you’d like to learn more about.