//Best Cybersecurity Certifications for Your Resume

Best Cybersecurity Certifications for Your Resume

Certifications are used in almost every industry to demonstrate one’s commitment to professionalism and excellence in his or her role, but they can be even more important in the world of cybersecurity. Managers use certifications to ensure job candidates possess the in-depth technical skills and detailed subject matter knowledge necessary to protect systems, networks and programs from attacks and unauthorized access. In many cases, employers may require (or highly prefer) specific certifications for certain roles, which means IT security professionals who hope to climb the career ladder will need to validate their knowledge and skills through certification.

But with so many cybersecurity certifications to choose from, how do you know where to start? We had the same question. Our solution? Look at the data.

By and large, the number one reason people earn certifications—in any industry, not just cybersecurity—is career advancement. For this reason, we based our list of the best cybersecurity certifications on the ones most requested by employers. CyberSeek, a project supported by the National Initiative for Cybersecurity Education (NICE), provides data about supply and demand in the cybersecurity job market, including the top certifications most commonly requested by employers in job listings.

This infographic reflects information up to 06/19/2018. Percentages and amounts are subject to change.

GIAC Certified Incident Handler (GCIH)

The GCIH certification focuses on detecting and resolving computer security incidents. Certified Incident Handlers are able to demonstrate a wide-range of incident handling skills. This certification is aimed at security professionals who want to work as Incident Handlers, as well as system administrators and security architects who would benefit from a better understanding of incident handling topics such as how cyber criminals infiltrate networks and crack passwords.

Required Exam GIAC Certified Incident Handler (GCIH)
Questions 150
Passing Score 73%
Exam Duration 4 hours
Cost (USD) $1,699
Topic Areas Incident Handling: Identification

Client Attacks

Covering Tracks: Networks and Systems

Denial of Service Attacks

Incident Handling: Containment, Eradication, Recovery

Network Attacks

Overflow Attacks

Password Attacks

Scanning: Discovery, Mapping, Techniques, Defense

Session Hijacking and Cache Poisoning

Web Application Attacks

Worms, Bots & Bot-Nets

ISACA Certified Information Security Manager (CISM)

The CISM certification is a management-focused cybersecurity credential developed specifically for information security managers and others with information security management responsibilities. According to ISACA, “CISM demonstrates a deep understanding of the relationship between information security programs and broader business goals and objectives.”

This infographic reflects information up to 06/19/2018. Percentages and amounts are subject to change.

Required Exam Certified Information Security Manager (CISM)
Questions 200
Passing Score 450 (on a scale of 200-800)
Exam Duration 4 hours
Cost (USD) $575 (Member)/$760 (Non-Member)
Topic Areas Information Security Governance

Information Risk Management

Information Security Program Development and Management

Information Security Incident Management

ISACA Certified Information Systems Auditor (CISA)

The CISA certification is recognized as proof of competency and experience in providing assurance that critical business assets are secured and available. It was specifically created for IT auditors, IT consultants and other security professionals who need to demonstrate the ability to identify risks and apply proven practices to mitigate them. According to ISACA, “Having a CISA certification on your resume makes you quickly identifiable to employers as a highly qualified, experienced professional.”

This infographic reflects information up to 06/19/2018. Percentages and amounts are subject to change.

Required Exam Certified Information Systems Auditor (CISA)
Questions 200
Passing Score 450 (on a scale of 200-800)
Exam Duration 4 hours
Cost (USD) $575 (Member)/$760 (Non-Member)
Topic Areas The Process of Auditing Information Systems

Governance and Management of IT

Information Systems Acquisition, Development and Implementation

Information Systems Operations, Maintenance and Service Management

Protection of Information Assets

ISACA Certified in Risk and Information Systems Control (CRISC)

The CRISC certification demonstrates to employers that holders are able to identity and evaluate IT risks and help their enterprises accomplish its business objectives, and affirms the holders ability to plan and implement appropriate control measures and frameworks that further mitigate enterprise risk without stifling innovation. ISACA reports that more than 2,400 CRISC holders are employed as CEOs, CFOs, CISOs, CIOs or equivalent security executives.

Required Exam Certified in Risk and Information Systems Control (CRISC)
Questions 150
Passing Score 450 (on a scale of 200-800)
Exam Duration 4 hours
Cost (USD) $470 (Member)/$650 (Non-Member)
Topic Areas Risk Identification, Assessment and Evaluation

Risk Response

Risk Monitoring

Information Systems Control Design and Implementation

Information Systems Control Monitoring and Maintenance

CompTIA Security+

The CompTIA Security+ certification focuses on the latest trends and techniques in risk management, risk mitigation, threat management and intrusion detection. This is more of an “entry-level” cybersecurity certification, since it establishes the core knowledge required for any cybersecurity role and validates the baseline skills needed to perform essential security functions.

Required Exam CompTIA Security+ (SY0-501)
Questions 90
Passing Score 750 (on a scale of 100-900)
Exam Duration 90 minutes
Cost (USD) $330
Topic Areas Threats, Attacks & Vulnerabilities

Identity & Access Management

Technologies & Tools

Risk Management

Architecture & Design

Cryptography & PKI

Cisco Certified Network Associate (CCNA) – Security

The CCNA Security certification demonstrates the skills required to develop a security infrastructure, recognize threats and network vulnerabilities, and mitigate security threats. According to Cisco, the CCNA Security certification lays the foundation for roles such as network security technicians, administrators and network security support engineers. CCNA Security certified professionals are able to secure information and devices using the latest Cisco security hardware and software solutions.

Required Exam Cisco CCNA – 210-260 IINS
Questions 60-70
Passing Score Passing scores are set by using statistical analysis and are subject to change without notice.
Exam Duration 90 minutes
Topic Areas SIEM Technology

Cloud & Virtual Network Topologies

Identity Services Engine (ISE)

802.1x Authentication

Cisco FirePOWER Next Generation IPS

Anti-Malware/Cisco Advance Malware Protection

Cisco Certified Network Professional (CCNP) – Security

The CCNP Security certification is intended for Cisco Network Security Engineers responsible for securing routers, switches, networking devices and appliances, as well as choosing, deploying, supporting and troubleshooting firewalls, VPNs and IDS/IPS solutions. According to Cisco, by 2020 “the number of network security professionals will need to double, and most of these professionals will need the validation of an industry certification.”

Required Exam Multiple Exams Required
CCNP Security Exams Implementing Cisco Secure Access Solutions (300-208 SISAS)

Implementing Cisco Edge Network Security Solutions (300-206 SENSS)

Implementing Cisco Secure Mobility Solutions (300-209 SIMOS)

Implementing Cisco Threat Control Solutions (300-210 SITCS)

Questions 300-208 SISAS: 55-65

300-206 SENSS: 65-75

300-209 SIMOS: 65-75

300-210 SITCS: 65-75

Passing Score Passing scores are set by using statistical analysis and are subject to change without notice.
Exam Duration 90 minutes (each)
Topic Areas 300-208 SISAS

Identify Management/Security Access

Threat Defense

Troubleshooting, Monitoring and Reporting Tools

Threat Defense Architectures

Identity Management Architectures

300-206 SENSS

Threat Defense

Cisco Security Devices and Secured CLI Management

Management Services on Cisco Devices

Troubleshooting, Monitoring and Reporting Tools

Threat Defense Architectures

Security Components and Considerations

300-209 SIMOS

Secure Communications

Troubleshooting, Monitoring and Reporting Tools

Secure Communications Architectures

300-210 SITCS

Content Security

Network Threat Defense

Cisco FirePOWER Next-Generation IPS

Security Architectures

Troubleshooting, Monitoring and Reporting Tools

Cisco Certified Internetwork Expert (CCIE) – Security

The CCIE Security certification recognizes individuals who have the knowledge and skills to implement, maintain and support extensive Cisco network security solutions using the latest industry best practices and technologies. In addition to a written qualification exam, candidates will need to successfully complete an eight-hour lab exam that tests one’s ability to get a secure network running in a timed test situation. You must make an initial attempt of the CCIE lab exam within 18-months of passing the CCIE written exam.

Required Exam CCIE Security (400-251)
Questions 90-110
Passing Score Passing scores are set by using statistical analysis and are subject to change without notice.
Exam Duration 120 minutes
Topic Areas Perimeter Security and Intrusion Prevention

Advanced Threat Protection and Content Security

Secure Connectivity and Segmentation

Identify Management, Information Exchange and Access Control

Infrastructure Security, Virtualization and Automation

Evolving Technologies

Certified Information Systems Security Professional (CISSP)

The CISSP certification validates that security professionals have the knowledge and skills to design, engineer, implement and run an information security program. It focuses on the practical application of cybersecurity knowledge and tools. CISSP certified security professionals demonstrate to employers that they have elite skills needed to keep company safe from malicious attacks.

This infographic reflects information up to 06/19/2018. Percentages and amounts are subject to change.

Required Exam CISSP
Questions 100-150
Passing Score 700 out of 1,000 points
Exam Duration 3 hours
Cost (USD) $699
Topic Areas Security and Risk Management

Asset Security

Security Architecture and Engineering

Communication and Network Security

Identity and Access Management

Security Assessment and Testing

Security Operations

Software Development Security

Certified Ethical Hacker (CEH)

The CEH certification validates individuals in the specific network security discipline of ethical hacking, which involves looking for weaknesses and vulnerabilities in target systems. According to the EC-Council, “CEH is used as a hiring standard and is a core sought-after certification by many of the Fortune 500 organizations, governments, cybersecurity practices and is a cyber staple in education across many of the most prominent degree programs in top universities around the globe.”

Required Exam CEH Exam (312-50)
Questions 125
Passing Score Cut score is based on input from a group of subject-matter experts who review the difficulty of the questions in relation to the expected skills of the target audience.
Exam Duration 4 hours
Cost (USD) $950
Topic Areas Background (networking technologies, communication protocols, malware operations, etc.)

Analysis/Assessment (data analysis, systems analysis, risk assessments, technical assessment methods)

Security (firewalls, cryptography, threat modeling, etc.)

Tools/Systems/Programs (network intrusion, programming languages, operating environments, etc.)

Procedures/Methodology (PKI, security architecture, network routing, etc.)



How to Prepare for Cybersecurity Certification Exams

Practical experience is one way to ensure that you have mastered the skills necessary to achieve certification in an area of cybersecurity. Graduate-level courses of study may also provide you with the foundational skills and knowledge needed to meet specific certification objectives. If you’re looking to take the next step in your cybersecurity career, the first step may be to earn your Master’s in Cybersecurity. And thanks to the convenience and flexibility of online learning, you can earn an advanced degree without putting your life on hold.

Ready to start comparing programs?
See which Master in Cyber Security program is right for you.

Learn More