+ Reply to Thread
Results 1 to 23 of 23
  1. Member
    Join Date
    Sep 2016
    Posts
    82

    Certifications
    CCNA Security, CCNA R&S
    #1

    Default CCNP Security + CISSP

    Hi,

    I was wondering if anyone who is going for the CCNP Security is also going to do (or has done) the CISSP?

    I'm looking to focus on security, so I'm wondering if these certs are for people that are going different directions
    Reply With Quote Quote  

  2. SS -->
  3. Senior Member aftereffector's Avatar
    Join Date
    Dec 2013
    Location
    NC
    Posts
    512

    Certifications
    CISSP, CASP, CCNA R/S, CCNA Security, MCTS
    #2
    CISSP is almost completely management-focused, not technical at all. A CISSP knows what a firewall is and how it works, but not how to design, configure, and administer an ASA. The CISSP might help you out if you're in a technical role (and CCNP Security might help if you're a manager) but the two certs are really going separate directions within infosec.
    CCIE Security - this one might take a while...
    Reply With Quote Quote  

  4. Member
    Join Date
    Sep 2016
    Posts
    82

    Certifications
    CCNA Security, CCNA R&S
    #3
    Thanks for reply. I see you have CISSP, CASP, CCNA Sec and going for CCIE Security. I'll assume you're in a technical role?

    I'm having a tough time (internal struggle haha) figuring out if I should really pursue the CISSP or maybe there's something more appropriate . I'm not a manager, but I am looking to move to a role that's more security based.

    Today, I'm a hybrid server and network administrator. I do it all from build servers (windows/vmware), deploy switches, firewalls, telcom and run scans using Nessus.
    Reply With Quote Quote  

  5. Senior Member
    Join Date
    Mar 2011
    Location
    Chicago
    Posts
    1,246

    Certifications
    CISSP-ISSAP, HCISPP GPEN, GSEC, GSNA, GCIH, E|CH, ECSA, Security+
    #4
    Clearly the CISSP is a non-vendor specific cert intended to show general experience with security and concepts. I don't get the management thing as I see no management tasks included in the exams just general concepts. The CCNP series is obviously focused on Cisco so the concentration is much narrower and technically specific to Cisco products.

    CCNA, CCSP and CCNA (R&S) all retired but I have certified in each. My career went down a different path to include more pentesting, security architecture and investigation so those became irrelevant in my case.

    - b/eads
    Reply With Quote Quote  

  6. Member
    Join Date
    Sep 2016
    Posts
    82

    Certifications
    CCNA Security, CCNA R&S
    #5
    Thanks for the info beads. Do you feel the CISSP is relevant to your current role?
    Reply With Quote Quote  

  7. Senior Member Mike-Mike's Avatar
    Join Date
    Aug 2010
    Location
    Louisville, KY
    Posts
    1,848

    Certifications
    CISSP, HDI-SCA, ITIL V3 Foundations, A+, Network+, Security+, MCP, MCDST, CCENT, CCNA, Project+, CCNA Security, MCTS: Windows 7 Config, CEH, CHFI
    #6
    I dont have either the CCNP Security or the CISSP. However I am in Security, and I do have a CCNA Security.


    Number of interviewers who asked about my CCNA Security: 0

    Percentage of interviewers who see my list of certs and then ask about the CISSP: 100%
    Reply With Quote Quote  

  8. Member
    Join Date
    Sep 2016
    Posts
    82

    Certifications
    CCNA Security, CCNA R&S
    #7
    Quote Originally Posted by Mike-Mike View Post
    I dont have either the CCNP Security or the CISSP. However I am in Security, and I do have a CCNA Security.


    Number of interviewers who asked about my CCNA Security: 0

    Percentage of interviewers who see my list of certs and then ask about the CISSP: 100%
    That's funny and not surprising at the same time. The CCNP Security certification is really just a goal for me from a technical perspective.

    The way I've been looking at it is, if the CISSP teaches you that you need a firewall/IPS, but you don't know how to configure a firewall or IPS, what good is it going to do for me, career wise?
    Reply With Quote Quote  

  9. Member
    Join Date
    May 2011
    Location
    Pittsburgh, Pa
    Posts
    75

    Certifications
    CCNA:R&S/S, CCNP:R&S, Security+, Palo Alto ACE v7.0
    #8
    Quote Originally Posted by Mike-Mike View Post
    I dont have either the CCNP Security or the CISSP. However I am in Security, and I do have a CCNA Security.


    Number of interviewers who asked about my CCNA Security: 0

    Percentage of interviewers who see my list of certs and then ask about the CISSP: 100%
    AKA HR FILTER J/K. I think it depends on the role you are applying for whether they will ask about certain certs.. if you are in a information security role and your job is more about policy, procedure, overall security, etc. etc.. i can see them asking about CISSP. If you are applying for a technical role and they ask you about the CISSP then well you better either set them straight or get out of there because they don't know what they want.

    I work in a purely Network Security Technical role - i deploy firewalls, vpns and everything else - i don't have a CISSP and i probably won't get one.. but if i ever look for another technical job and they ask me about CISSP well lets just say I probably won't work there. I guess once you've been in the field long enough.. you know what you want and you know when a company has the position you want and you can weed out the potential bad jobs where people think they want one thing but are asking about another.
    Reply With Quote Quote  

  10. Senior Member mbarrett's Avatar
    Join Date
    Apr 2016
    Location
    DC
    Posts
    332

    Certifications
    CISSP CEH CCNP Security
    #9
    Quote Originally Posted by mnashe View Post
    Hi,

    I was wondering if anyone who is going for the CCNP Security is also going to do (or has done) the CISSP?

    I'm looking to focus on security, so I'm wondering if these certs are for people that are going different directions
    I did my CISSP, and did the CCNP Security later on, after working in the Infosec field for a while. I had an extensive background in servers & networks before I did my CISSP which helped my understanding of some of the Domains on the CISSP.

    The CCNP Security is way more hands-on technical with Cisco and their specific product line with ASA, IDS, VPN, Cisco L2-L3 network security, etc. The CISSP is much, much more broader and spans most, if not all aspects of the Infosec field. It is not vendor specific. With the CISSP you are expected to have a solid understanding of all the concepts covered in the domains of the CISSP Common Body of Knowledge, and not all of them are technical. It's more of a 20,000-ft view of the Infosec terrain, and the CCNP Security is like a 5000-foot view and contains all the detail you would expect in a smaller area of focus.
    On the other hand, CCNP Security develops networking skills & knowledge that are not part of Infosec, rather it's usually considered a networking cert that happens to be focused on the security technology from Cisco.
    Last edited by mbarrett; 09-08-2016 at 03:53 PM.
    Reply With Quote Quote  

  11. Senior Member
    Join Date
    Mar 2011
    Location
    Chicago
    Posts
    1,246

    Certifications
    CISSP-ISSAP, HCISPP GPEN, GSEC, GSNA, GCIH, E|CH, ECSA, Security+
    #10
    Quote Originally Posted by mnashe View Post
    Thanks for the info beads. Do you feel the CISSP is relevant to your current role?

    As the or a Senior Security Architect for my current set of clients, yes but only to get past the HR filters. Otherwise, I find certificates in general to be overly relied upon to judge experience in general.

    They (certificates in general) have become a bit of a crutch for HR and hiring managers who are looking to side step the harder candidate evaluation questions if not the filtering process as a whole. This is exactly why you see so many contract to hire positions - vetting candidates is hard - especially security people. The more material made available by third party authors likewise allows for less experienced people to pass an exam they should have no business taking in the first place.

    On the positive side. I like certification to make me learn the last 10-20 percent of testable material I probably wouldn't otherwise learn or be exposed.

    Finishing Cloud Security Alliance and ISC(2) CCSP. Finished Wireshark earlier this year and saw half a dozen SANS certifications retire this year alone. So its a mixed bag of what will help my clients and help me make money. As a consultant I have to work harder than corporate types in regard to skill level. Besides, I bore easily to the point of being a bit OCD or arch typical 'router jock' by nature. Those skills that become old or deprecated retire only to be replaced by newer, shinier certs that in demand. OK wireshark is still just plain cool and useful so I broke down and finished it for my own good - its too useful, not to.

    - b/eads
    Reply With Quote Quote  

  12. Member
    Join Date
    Sep 2016
    Posts
    82

    Certifications
    CCNA Security, CCNA R&S
    #11
    Quote Originally Posted by mackenzae View Post
    I work in a purely Network Security Technical role - i deploy firewalls, vpns and everything else - i don't have a CISSP and i probably won't get one.. but if i ever look for another technical job and they ask me about CISSP well lets just say I probably won't work there.
    Are you working for a VAR? I've seen quite a bit of technical positions in my area that ask for CISSP, which is one of the reasons I was looking to pursue it.

    Quote Originally Posted by mbarrett View Post
    I did my CISSP, and did the CCNP Security later on, after working in the Infosec field for a while. I had an extensive background in servers & networks before I did my CISSP which helped my understanding of some of the Domains on the CISSP.
    Is you in a technical Infosec role now?

    I also have a background in servers and networks. I'd say 60/40. I'm looking to move away from the normal server admin/network admin tasks and focus mostly on security role but I want to configure the security appliances. I'm not really looking to be focused on writing policies.

    I'm familiar with ASA and Palo Alto firewalls, but not much IDS/IPS appliances. My VPN knowledge could also be better, I've setup remote access and site to site VPNs, but not often. The CCNP Security (current blueprint) has a whole course on VPNs, which interests me.

    I thought maybe I should look at GIAC Perimeter Protection Analyst, Intrusion Analyst or Incident Handler certs instead. The courses are expensive and I'm self funded
    Reply With Quote Quote  

  13. Senior Member mbarrett's Avatar
    Join Date
    Apr 2016
    Location
    DC
    Posts
    332

    Certifications
    CISSP CEH CCNP Security
    #12
    At the moment, I'm working more hands-on with firewalls. I'm planning on maintaining the hands-on roles with firewalls, IDS, VPN etc in the future but I have a pretty good Infosec background at this point that I can utilize as well, to enable me to function in that world.
    The GPPA certification program was suspended until 2017, they are not offering the training at this time - I looked into it earlier this year. You might be able to schedule the test.
    The GCIA and GCIH are pretty good to have, at least from what I have seen.
    Last edited by mbarrett; 09-08-2016 at 06:43 PM.
    Reply With Quote Quote  

  14. Member
    Join Date
    Sep 2016
    Posts
    82

    Certifications
    CCNA Security, CCNA R&S
    #13
    Quote Originally Posted by beads View Post
    Otherwise, I find certificates in general to be overly relied upon to judge experience in general.
    As do I. Most of the time, I study to learn and take the exams just because I studied. The goal is always learning, not passing exams.

    Wireshark is cool, so no harm there haha and the CCSP looks like a cool exam too.

    For me, the certificates help as I do not have a degree.
    Reply With Quote Quote  

  15. Member
    Join Date
    Sep 2016
    Posts
    82

    Certifications
    CCNA Security, CCNA R&S
    #14
    Quote Originally Posted by mbarrett View Post
    At the moment, I'm working more hands-on with firewalls. I'm planning on maintaining the hands-on roles with firewalls, IDS, VPN etc in the future but I have a pretty good Infosec background at this point that I can utilize as well, to enable me to function in that world.
    The GPPA certification program was suspended until 2017, they are not offering the training at this time - I looked into it earlier this year. You might be able to schedule the test.
    The GCIA and GCIH are pretty good to have, at least from what I have seen.
    I didn't know that about the GPPA, good to know.

    My OCD has me all over the place with these certifications (only for learning). I want to work with firewalls, IPS/IDS, but also cloud security. I have a virtualization background too
    Reply With Quote Quote  

  16. Member
    Join Date
    May 2011
    Location
    Pittsburgh, Pa
    Posts
    75

    Certifications
    CCNA:R&S/S, CCNP:R&S, Security+, Palo Alto ACE v7.0
    #15
    Quote Originally Posted by mnashe View Post
    Are you working for a VAR? I've seen quite a bit of technical positions in my area that ask for CISSP, which is one of the reasons I was looking to pursue it.
    No I work for a giant health system in their Network Security Team which is the technical side of Security (Deploying/managing an array of firewalls like Palo Altos, Junipers, ASAs - approx 300 or so overall - NAT/ACLS/policys etc..), managing a couple of VPN environments which there are probably 250+ VPNs and increase on a weekly/monthly basis, managed F5 viprions/vCMP from a network/chassis level plus some more..

    There is another team which would handle the more incident response/IDS/IPS type of security work and i know a bunch of them have their CISSP. There is then yet another team which handles vul mgmt/scanning/documentation of firewall requests/systems and more of the policy side of security. Perhaps this is a unique setup since the environment is so large.
    Reply With Quote Quote  

  17. Senior Member chrisone's Avatar
    Join Date
    Nov 2009
    Location
    Los Angeles
    Posts
    1,568

    Certifications
    DarkSideOps 1, CISSP, CCDP, CCNP R/S, CCNP Security (Secure, FW) , C|EH , PA ACE
    #16
    Going for the CISSP right now and have half of my CCNP Security. Both complement each other really well.
    2017 Goals: Dark Side OPS: Custom Pentesting (complete), eCPPT (in progress), LFCS (in progress), OSCP
    Reply With Quote Quote  

  18. Member
    Join Date
    Sep 2016
    Posts
    82

    Certifications
    CCNA Security, CCNA R&S
    #17
    Quote Originally Posted by mackenzae View Post
    No I work for a giant health system in their Network Security Team which is the technical side of Security (Deploying/managing an array of firewalls like Palo Altos, Junipers, ASAs - approx 300 or so overall - NAT/ACLS/policys etc..), managing a couple of VPN environments which there are probably 250+ VPNs and increase on a weekly/monthly basis, managed F5 viprions/vCMP from a network/chassis level plus some more..

    There is another team which would handle the more incident response/IDS/IPS type of security work and i know a bunch of them have their CISSP. There is then yet another team which handles vul mgmt/scanning/documentation of firewall requests/systems and more of the policy side of security. Perhaps this is a unique setup since the environment is so large.
    Thanks for the info. Seems to be the area that probably interests me most. I'm just sick of traveling
    Reply With Quote Quote  

  19. Member
    Join Date
    Sep 2016
    Posts
    82

    Certifications
    CCNA Security, CCNA R&S
    #18
    Quote Originally Posted by chrisone View Post
    Going for the CISSP right now and have half of my CCNP Security. Both complement each other really well.
    Good to know! This is how I was going to do mine actually, 2 exams then cissp, then finish the other two. I was planning on saving the ISE exam and 300-207 (I think) for last
    Reply With Quote Quote  

  20. Junior Member
    Join Date
    Feb 2016
    Location
    Kuwait
    Posts
    7

    Certifications
    CISSP, Prince2 Foundation, CCNP R/S, ITILv3 Foundation, CCNA R/S, CCNA Sec, Fortinet NSE 4, BTech E&C
    #19
    Just passed the CISSP, currently doing the endorsement process. I'm planning to complete CCNP security by next year, currently working for a MSSP and the primary reason I did CISSP was to get past the HR (future job security), but that does not mean I haven't gained anything out of the cert, now i'm able to confidently talk to IT manager or security manager using a common 'CISSP like' language when configuring firewalls, email-filters, AD/Exchange audit solutions etc. As you progress through your career you will realize that communication play's a major role as you climb up the ranks. So gain as much knowledge as you can, be it security management or technical security because there seems to be an overlap somewhere....... right?
    Reply With Quote Quote  

  21. Member
    Join Date
    Sep 2016
    Posts
    82

    Certifications
    CCNA Security, CCNA R&S
    #20
    Quote Originally Posted by Techand$$ View Post
    Just passed the CISSP, currently doing the endorsement process. I'm planning to complete CCNP security by next year, currently working for a MSSP and the primary reason I did CISSP was to get past the HR (future job security), but that does not mean I haven't gained anything out of the cert, now i'm able to confidently talk to IT manager or security manager using a common 'CISSP like' language when configuring firewalls, email-filters, AD/Exchange audit solutions etc. As you progress through your career you will realize that communication play's a major role as you climb up the ranks. So gain as much knowledge as you can, be it security management or technical security because there seems to be an overlap somewhere....... right?
    Congrats on passing the CISSP!
    Reply With Quote Quote  

  22. Senior Member JustFred's Avatar
    Join Date
    Feb 2012
    Location
    DeepSpace 9
    Posts
    646
    #21
    Quote Originally Posted by Techand$$ View Post
    Just passed the CISSP, currently doing the endorsement process. I'm planning to complete CCNP security by next year, currently working for a MSSP and the primary reason I did CISSP was to get past the HR (future job security), but that does not mean I haven't gained anything out of the cert, now i'm able to confidently talk to IT manager or security manager using a common 'CISSP like' language when configuring firewalls, email-filters, AD/Exchange audit solutions etc. As you progress through your career you will realize that communication play's a major role as you climb up the ranks. So gain as much knowledge as you can, be it security management or technical security because there seems to be an overlap somewhere....... right?

    Awesome. Congratulations
    Reply With Quote Quote  

  23. Member
    Join Date
    May 2011
    Location
    Pittsburgh, Pa
    Posts
    75

    Certifications
    CCNA:R&S/S, CCNP:R&S, Security+, Palo Alto ACE v7.0
    #22
    Quote Originally Posted by Techand$$ View Post
    but that does not mean I haven't gained anything out of the cert, now i'm able to confidently talk to IT manager or security manager using a common 'CISSP like' language when configuring firewalls, email-filters, AD/Exchange audit solutions etc. As you progress through your career you will realize that communication play's a major role as you climb up the ranks.
    Congrats and this actually does make sense from a communication standpoint.
    Reply With Quote Quote  

  24. Senior Member
    Join Date
    Oct 2016
    Location
    NJ
    Posts
    296

    Certifications
    CCNP R&S, CCNA(Security/Data Center), PCNSE 7, MCITP: Exchange 2010
    #23
    Quote Originally Posted by mackenzae View Post
    If you are applying for a technical role and they ask you about the CISSP then well you better either set them straight or get out of there because they don't know what they want.

    I work in a purely Network Security Technical role - i deploy firewalls, vpns and everything else - i don't have a CISSP and i probably won't get one.. but if i ever look for another technical job and they ask me about CISSP well lets just say I probably won't work there..
    Just came across this. Do other technical network security folks on here feel the same way? I'm currently studying for CISSP, and struggling a little, because the material doesn't relate to where I see myself. I'm trying to push through it, but at times feel like I'd be better off studying for CCNP Security or CCIE
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks