I’ve been thinking of doing this for a while but have never found the time until now. Here is a list of what I feel are the most valuable certifications in the security industry, listed in Basic, Junior, Intermediate, and Senior categories. I’ll be covering these certifications over four articles starting with the Basic category.

Please note that:

1. This is my opinion
2. I am not saying you need all of these certifications, I am just listing those that I feel are at a basic level and may help you start your security career
3. I fully expect to catch some flack for my categorization

Here is the list:

Basic

Cisco Certified Entry Networking Technician (CCENT)

The scoop:

The Cisco CCENT (Cisco Certified Entry Networking Technician) certification validates the skills required for entry-level network support positions, the starting point for many successful careers in networking. Candidates should have the knowledge and skill to install, operate and troubleshoot a small enterprise branch network, including basic network security. CCENT certification is the first step toward achieving CCNA, which covers medium size enterprise branch networks with more complex connections.

Associated Training: Interconnecting Cisco Networking Devices Part 1 (ICND1) v1.0
Requirements: One exam at a testing center (640-822 ICND1)
Renewal: Every 3 years
Andrew’s Notes: An understanding of how networking works provides a solid foundation for understanding advanced networking topics and network level security issues.
More Info: Cisco Certified Entry Networking Technician (CCENT)

CompTIA Network+® Certification

The scoop:

CompTIA Network+ validates the knowledge and skills of networking professionals. It is an international, vendor-neutral certification that recognizes a technician’s ability to describe the features and functions of networking components and to install, configure and troubleshoot basic networking hardware, protocols and services. Although not a prerequisite, it is recommended that CompTIA Network+ candidates have at least nine months of experience in network support or administration or adequate academic training, along with a CompTIA A+ certification.

Associated Training: Materials can be found through the CompTIA Authorized Quality Curriculum (CAQC) site and CompTIA Learning Alliance (CLA) site
Requirements: One exam at a testing center
Renewal: Never expires
Andrew’s Notes: The Network+ certification introduces you to additional networking topics and can help you prepare for the CCNA certification.
More Info: CompTIA Network+® Certification

Microsoft Certified Professional (MCP) in Microsoft Windows Vista, Microsoft Windows XP Professional, and/or Microsoft Windows 2000 Professional

The scoop:

Microsoft Certified Professionals (MCPs) stand apart from other IT personnel. They have demonstrated undeniable expertise with Microsoft products and platforms to colleagues, employers, and—most important—to themselves.

Associated Training: Can be obtained directly from Microsoft or through an endless number of 3rd party providers
Requirements: One exam at a testing center
Renewal: Expires when retired by Microsoft
Andrew’s Notes: Everyone needs to know the basics of installing and configuring the most widely deployed desktop operating systems before they can even think about securing them.
More Info: Microsoft Certified Professional (MCP) in Microsoft Windows Vista, Microsoft Windows XP Professional, and/or Microsoft Windows 2000 Professional

CompTIA Linux+™ Certification

The scoop:

CompTIA Linux+ is a vendor-neutral certification, generic across distributions, that validates the knowledge of individuals with a minimum of six to twelve months of practical Linux experience. Professionals holding the CompTIA Linux+ credential can explain fundamental management of Linux systems from the command line, demonstrate knowledge of user administration, understand file permissions, software configurations, and management of Linux-based clients, server systems and security.

Associated Training: Materials can be found through the CompTIA Authorized Quality Curriculum (CAQC) site and CompTIA Learning Alliance (CLA) site
Requirements: One exam at a testing center
Renewal: Never expires
Andrew’s Notes: The Linux+ certification gives you the basic knowledge on how to work with a Linux operating system. If you can, I’d invest the time into a MCP certification AND a Linux certification to round out your knowledge.
More Info: CompTIA Linux+™ Certification

Junior Level Linux Professional (LPIC-1)

The scoop:

Overview of Tasks: To pass Level 1 someone should be able to:

• Work at the Linux command line
• Perform easy maintenance tasks: help out users, add users to a larger system, backup & restore, shutdown & reboot
• Install and configure a workstation (including X) and connect it to a LAN, or a stand-alone PC via modem to the Internet.

Associated Training: Materials can be found through the LPI Approved Training Materials (LPI ATM) site
Requirements: There are currently 2 exams for the first level (LPIC1) that can be taken at a testing center
Renewal: Once a person is certified by LPI and receives a certification designation (LPIC-1, LPIC-2, LPIC-3), recertification is recommended after two years from the date of the certification designation to retain a current certification status. However, to RETAIN an ACTIVE certification status, a certification holder is REQUIRED to recertify within 5 years of the certification designation.
Andrew’s Notes: Like the Linux+ certification, the LPIC-1 gives you the basic knowledge on how to work with a Linux operating system. If you can, I’d invest the time into a MCP certification AND a Linux certification to round out your knowledge.
More Info: Junior Level Linux Professional (LPIC-1)

Summary of Basic Level Certifications

I feel that a solid base of knowledge, that combines operating system and networking expertise, provides a strong foundation for getting into the security field. You may notice that I have not mentioned any programming related certifications in my Basic list. This is simply because I am not a programmer, nor do I want to be one. Perhaps someone can revise this list in the future to include programming related certifications 😉