Certifications 101: Why A+, Network+ and Security+ are game changers | Cyber Work Hacks

Certifications 101: Why A+, Network+ and Security+ are game changers | Cyber Work Hacks
===

[00:00:00] Chris Sienko: Today on CyberWerk Hacks, my guest is James Stanger of CompTIA. James is talking today about what CompTIA calls their Tech Trifecta of certifications. That's the A+ and Security Network plus and security plus certification. How do these three certs interact? What domains do each cover? 

[00:00:16] James Stanger: a Yeah. Mm

like tech support, help desk, right network. Plus, it really gets you into becoming somebody who understands networking, at a professional level. and then security plus is basically, the de facto standard for entering the cyber security profession.

[00:00:32] Chris Sienko: And why should you consider studying all three to get a leg up in the multitude of career paths?

[00:00:37] James Stanger: A lot of workers are coming and even though they have a four year degree or a two year degree or they have some sort of training, they don't have the kind of foundations.

They will spend up to half of a new worker's time the first six months teaching them, hey, this is the TCP handshake. 

[00:00:54] Chris Sienko: That's all today on today's episode of cyber work hacks. 

The IT and cybersecurity job market is thriving. The Bureau of Labor Statistics predicts 377, 500 new IT jobs annually. You need skill and hustle to obtain these jobs, of course, but the good news is that cybersecurity professionals can look forward to extremely competitive salaries. That's why InfoSec has leveraged 20 years of industry experience Drawing from multiple sources to give you, cyber work listeners, an analysis of the most popular and top paying industry certifications.

You can use it to navigate your way to a good paying cyber security career. 

So to get your free copy of our cyber security salary guide ebook, just click the link in the description below. It's right there near the top, just below me. You can't miss it. click the link in the description and download our free cyber security salary guide ebook.

Your cyber security journey starts here. 

Now let's get the show started 

 

[00:01:50] Chris Sienko: Welcome to a new episode of Cyberwork Hacks. The purpose of this spinoff of our popular Cyberwork podcast is to take a single fundamental question and give you a quick, clear, and actionable solution and a new insight into how to utilize InfoSec products and training to achieve your work and career goals.

So my guest today is James Stanger from CompTIA, Computing Technology Industry Association. I don't ever get to use the abbreviation in full very often, so here we are. I'm going to say it. Uh, James has joined me on past episodes of both the main, uh, feed and the hex episodes, he discussed both the data plus certification and the cloud plus certification.

But today, uh, James and I are going to get down to brass tacks. And I do mean brass tacks in the way that they're originally referred to the fasteners. I keep the whole carpet down. This is the foundational stuff here. The brass tacks I'm speaking of. CompTIA is a tech trifecta, uh, of certs.

And I'm talking about the A plus certification, the network plus certification and the security plus certification, and specifically about how acquiring all three can supercharge your employment prospects and diversify your career map. So it's great to have you back on the show, James. Thanks for joining me.

[00:02:51] James Stanger: It's great to be here representing CompTIA. I appreciate it, man. Uh, yeah, I like that analogy about the brass tacks, or at least, you know, getting sure foundation. That's

[00:03:02] Chris Sienko: Yeah, yeah, yeah, yeah, I, I, yeah, I feel like I'd heard that, that phrase of like, you know, uh, stripping the, you know, the, the floor to the tax or whatever. And I was like, oh, that's an interesting visual. But, uh, uh, but yeah, so these are, this is like, this is the, uh, the foundational stuff. So I want to talk, um, intimately about the three certs, the A plus the network plus and the security plus, uh, now for those who are just starting and don't know what aspects of it and security do these certifications teach you and ready you for what are their respective tech domains.

[00:03:29] James Stanger: know, the respective tech domains, and that's one way to look at A plus. Network plus and security plus, because, uh, a plus will teach you what I would say are the end points and by end points, I mean the computers that we use,

[00:03:43] Chris Sienko: Mm hmm.

[00:03:44] James Stanger: the webcam, that were the cams that we're using right now, our mobile phones,

[00:03:48] Chris Sienko: hmm.

[00:03:49] James Stanger: PCs,

[00:03:50] Chris Sienko: Yep. Printers. Printers. Yep.

[00:03:54] James Stanger: let's go

[00:03:54] Chris Sienko: Everything. Mm hmm.

[00:03:55] James Stanger: first. Right.

[00:03:56] Chris Sienko: Mm hmm. Mm

[00:03:58] James Stanger: Um, and then let's go land. Uh, let's go, uh, when, right. So

[00:04:02] Chris Sienko: hmm.

[00:04:03] James Stanger: Uh, switches and they start getting into servers and, uh, we still use firewalls intrusion to whatever end point you can think of from

[00:04:12] Chris Sienko: Mm hmm.

[00:04:13] James Stanger: to storage CPU, for example, these days we use the cloud and that means that we will grab resources, whether it be storage or what they call compute, which is

[00:04:24] Chris Sienko: Mm hmm.

[00:04:24] James Stanger: whole bunch of CPU power, right?

A

[00:04:26] Chris Sienko: Right.

[00:04:27] James Stanger: those elements network plus how those things talk to each other.

[00:04:31] Chris Sienko: Mm hmm.

[00:04:32] James Stanger: it be via, uh, Ethernet, Bluetooth, satellite, what have you, right? Security Plus then teaches you how you can, and, and get the CIA triad going. Uh,

[00:04:43] Chris Sienko: Mm hmm.

[00:04:44] James Stanger: integrity, availability, but it's much more than that. Now you can also look at them, uh, In terms of a job role, 

a

[00:04:51] Chris Sienko: Yeah. Mm

[00:04:52] James Stanger: like tech support, help desk, right network. Plus, it really gets you into becoming somebody who understands 

the business of 

networking, 

really getting, uh, you know, 

at a professional level. 

Uh, 

and then security plus is basically, 

let's face it. It's 

the de facto standard for entering the cyber security profession. 

So

[00:05:11] Chris Sienko: Yeah.

[00:05:12] James Stanger: you can look at it in terms of tech. Skill, you can look at it in terms of job role.

[00:05:16] Chris Sienko: Yeah, absolutely. So yeah, well, great. Well, I want to spend today's hack talking specifically about that, about how these three certs linked together to create a much larger kind of more job ready skill set. So, uh, you know, I think it might be tempting for some newer students or professionals, uh, you know, who to only choose what the one cert that pertains to their exact job prospects.

You know, if you're, if you're going to do security analysis, you get the security plus, uh, if you think you're going to be setting up networks, you get network plus, but can you talk about why it's important to sort of chain the information domains together as a set of foundations? And

[00:05:46] James Stanger: That's really a good point. Adjacency is a real thing.

[00:05:49] Chris Sienko: Mm hmm.

[00:05:50] James Stanger: these are all sitting next to each other. You will

[00:05:52] Chris Sienko: Yes.

[00:05:52] James Stanger: tech support. You could end up getting in networking into cybersecurity. That's one of the old classic pathways.

[00:05:58] Chris Sienko: Yeah.

[00:05:59] James Stanger: and so adjacent job roles is really important. The other thing is, you got to have the right foundation to your point of about getting to brass tacks or, or, you know, having the right, uh, start, right?

[00:06:09] Chris Sienko: Mm hmm.

[00:06:10] James Stanger: I was just last week in Nashville, Tennessee, and I was talking to people who are the CIOs and CISOs for organizations that are all hovering around a billion. Uh, that's with a B. So I guess I could do the, uh,

[00:06:22] Chris Sienko: Wow.

[00:06:23] James Stanger: reference here, but you know, 1 billion, right? Uh, you

[00:06:26] Chris Sienko: right.

[00:06:27] James Stanger: billion dollars in revenue is, you know, significant.

[00:06:31] Chris Sienko: Yes.

[00:06:32] James Stanger: And every one of these people echoed what I've heard, whether it be in Thailand, Japan, the UK. Okay. Italy, uh, South Africa. 

A lot of workers are coming 

to them 

and even though they have a four year degree or a two year degree or they have some sort of training, they don't have the kind of foundations.

They will spend up to half of a new worker's time the first six months teaching them, hey, this is the TCP handshake.

[00:06:58] Chris Sienko: Mm hmm.

[00:06:59] James Stanger: here's, you know, you got to understand DNS and not just, oh, yeah, it resolves, uh, you know, names to IP addresses, which, by the way, I ask techies that sometimes, and you'd be surprised how many people get it the opposite.

And I realized DNS, DNS and reverse DNS. I get it. But my point is, a lot of people don't have those foundations. About

[00:07:18] Chris Sienko: That's true.

[00:07:19] James Stanger: Uh, of their workers will spend, um, up to 40 percent up to half, but we'll spend about half their time learning those foundations and

[00:07:27] Chris Sienko: Mm hmm.

[00:07:28] James Stanger: job at CompTIA is to eliminate that problem.

[00:07:32] Chris Sienko: Yeah, and, you know, and that's a best case scenario. Like, a lot of times if you, you know, you come to it with your degree and they don't see your transcript. Uh, any ability to do hands on they're like, well, I'm not going to spend six months, you know, upskilling this person or whatever, like next, you know, move, move, moving up the resume, yeah.

Pile or whatever. So, I mean, to that, to that end, I mean, can you talk about some of the ways that, that having the a plus net plus sec plus can open up your job prospects, are there certain types of job roles that are more attainable to these three certs in your tool belt rather than just getting a sec plus and jumping into the pool?

[00:08:03] James Stanger: That's right. I think, uh, first of all, you, uh, help desk, uh, tech support is something also entry level cloud. Uh, you know,

[00:08:10] Chris Sienko: Yeah. Okay. Mm hmm.

[00:08:11] James Stanger: we can, uh, you know, do somebody that, that does user support. Okay. For cloud based services, you also have people who can actually start at the level of, okay, I understand the business need there.

And now I understand enough about software as a service to maintain software as a service services for the health care industry. Health care industry uses S. A. A. S. A whole lot.

[00:08:34] Chris Sienko: Oh yeah.

[00:08:35] James Stanger: so you can get in. Uh, and doing that and after a period of time, then you can start to say, Hey, I'm going to specialize into not just general technical support, but I'm going to specialize into something that really speaks to me.

[00:08:47] Chris Sienko: Mm hmm.

[00:08:48] James Stanger: means you go into, uh, programming, you know, development

[00:08:50] Chris Sienko: yeah,

[00:08:51] James Stanger: go into cyber security. You know, there's so many different options. But the way I see it that organizations are looking for somebody who has what I call the muscle memory for things like troubleshooting. You know, do you

[00:09:03] Chris Sienko: yeah,

[00:09:03] James Stanger: not just from a theoretical perspective, but can

[00:09:05] Chris Sienko: absolutely.

[00:09:06] James Stanger: do it in a practical way?

And that's that is common thing that I hear. Over and over again. Can this person has this person been through an event where, uh, you

[00:09:17] Chris Sienko: hmm.

[00:09:17] James Stanger: a server has gone down and we know how to fix it or ransomware has come in. I

[00:09:22] Chris Sienko: Yeah.

[00:09:23] James Stanger: last week. Somebody in Nashville and she said, I don't want to hire somebody unless they they really go through a ransomware event.

I said, simulated or real. She said, what's the difference? As long as They really know the steps about

[00:09:35] Chris Sienko: Yep. Yeah. And can really document them, I imagine as well, right? I mean, cause that's, that's the thing that we talk about a lot is, is, you know, one, the hands on element. And I mean, uh, CompTIA has got some, you know, very strong tools for that and InfoSec Skills does as well. But like, can you talk about, uh, sort of how, where hands on experience comes into, uh, this whole process as well?

[00:09:55] James Stanger: You bet. Um, really are looking for people who are not just theory theoreticians. They

[00:10:01] Chris Sienko: Mm hmm. Mm.

[00:10:04] James Stanger: uh, he said the interview was not going well. You know, he was able to answer questions like what happens when you go to comptia. org,

[00:10:11] Chris Sienko: Mm hmm.

[00:10:11] James Stanger: recursive DNS and understanding that.

And he said, they were all fine. The body language was, you know, okay. And they said, well, you know, what are some of your hobbies? And he's like, he goes, well, my favorite thing, because I, uh, learned, uh, comp TIA plus, uh, my favorite thing is to break into my, uh, gaming console. I can't remember which one it was and overclock the CPU.

[00:10:31] Chris Sienko: Ah.

[00:10:31] James Stanger: that was his, and he's like, you know, I, I didn't, you know, didn't know if that was going to be a good answer. And he said, it was amazing to see the change in the room

[00:10:39] Chris Sienko: Mm hmm.

[00:10:40] James Stanger: because people went from kind of, you know, this kind of thing, the body language and they were sitting forward going now. What did you do now?

Tell me about overclocking, right?

[00:10:47] Chris Sienko: Mm hmm.

[00:10:48] James Stanger: job was as a cloud provider, you know, he

[00:10:51] Chris Sienko: Yeah.

[00:10:52] James Stanger: and overclock Google CPUs,

[00:10:53] Chris Sienko: Right.

[00:10:54] James Stanger: but

[00:10:54] Chris Sienko: Yeah.

[00:10:55] James Stanger: he was being asked to if something was going wrong

[00:10:58] Chris Sienko: Yes.

[00:10:59] James Stanger: particular cloud instance, like, well, we need more compute in their CPU, or we need memory, or we need some

[00:11:06] Chris Sienko: Mm hmm.

[00:11:07] James Stanger: Okay, this person might understand eventually, You know what it means to do a Mac address filtering

[00:11:13] Chris Sienko: Yeah. Yeah. Yeah.

[00:11:16] James Stanger: important. And to understand the troubleshooting, uh, the, the actual troubleshooting life cycle, cause there, there are steps

[00:11:23] Chris Sienko: Yes. Yeah. Yeah. I've gone through some of the study manuals on all of those, and the actual sort of, Explanation of how you would troubleshoot things is a huge part of it. Like it's, you know, a good chunk of the exam I know is, is identify this thing, identify this thing, tell how this connects to this, but there's also a lot of like, all right, you need to sort of, uh, diagnose what's going on here and sort of show your homework.

[00:11:46] James Stanger: that's right. And, you know, in the exam and in the labs that you learn for the exam, uh, you're going to see specific. Scenarios come up and you're going to have to, to choose the right tool or take the right steps.

[00:11:58] Chris Sienko: Yeah. Now do you, um, so for, uh, you know, common wisdom I think is to start foundationally and move up. I mean, we, we say them in the order we say them, you know, a plus, a It gives you the ins and outs of the computer. And then you move up to the macro of net plus, and then you still need to secure it with security plus.

Is that the path you recommend as well? Or do you think it matters that much, which order you, you do them in?

[00:12:18] James Stanger: You know, it's a really good question. You have to enter where it makes sense for you. If you are truly competent and confident in understanding endpoints and things, no need to reinvent the wheel. You know what I

[00:12:29] Chris Sienko: Yeah.

[00:12:30] James Stanger: on. Um, I've seen people start with the networking side of things like that.

Usually you start with A plus network plus security plus, but you have to enter where it makes sense for you.

[00:12:38] Chris Sienko: Makes sense. Yeah. I like that. So as we wrap up today, do you have any tips or advice for novice cybersecurity students and professionals who are kind of daunted by the idea of not just learning one set of certs, but now, but now three,

[00:12:49] James Stanger: You know, I think the

[00:12:50] Chris Sienko: Mm hmm. Mm

[00:12:51] James Stanger: a good expectation for yourself. In other words, find out what is interesting for you. You can go to various sites, including CompTIA. org or CyberSeek. org,

[00:13:03] Chris Sienko: hmm.

[00:13:04] James Stanger: to drill down into, uh, Uh, you know, various pathways. You might decide, Hey, I'm not a help desk person.

I'm more of a data person

[00:13:12] Chris Sienko: Right.

[00:13:13] James Stanger: a data person. I eventually want to get into cybersecurity, but I know where I can start. So there are options with understanding infrastructure. So go to CompTIA. org and check it out. You can actually take a look at and kind of identify and create your own persona and

[00:13:28] Chris Sienko: Yeah.

[00:13:29] James Stanger: here's what interests me.

Um, to me, IT is like guitars. Right. So

[00:13:32] Chris Sienko: Yes. Yeah.

[00:13:33] James Stanger: and I've noticed that over the years, guitars kind of choose me. Like I'm a Telecaster player. I don't know

[00:13:40] Chris Sienko: Okay. Yeah. Yeah, yeah.

[00:13:41] James Stanger: I'm talking about, but

[00:13:42] Chris Sienko: No, I do.

[00:13:43] James Stanger: a type of guitar, the Fender Telecaster I'll

[00:13:45] Chris Sienko: Yep.

[00:13:46] James Stanger: on all sorts of guitars, but I end up.

For some reason at the telecaster, it's the same sort of thing when it comes to when it comes to it, there's going to be a niche that will choose you, you'll find

[00:13:57] Chris Sienko: Mm hmm. Yeah.

[00:13:59] James Stanger: the time or data or cybersecurity. So, but get that foundation first.

[00:14:03] Chris Sienko: But the, yeah, and the more, more paths you can see into the, into the maze, I think the better it is. You know, I, I, I know everyone wants to be a pen tester and everyone wants to be a Red Hat, you know, or a, a, you know, red teamer or whatever, but, and those are cool things as well. But, uh, you know, boy, there's a lot of other stuff that you could do that's really interesting as well.

I mean, you know, the, I, I just talked with, uh, uh, David Lee, the Identity Jedi, and he's as excited about identity and access management as anyone I've ever seen. Talk about red teaming, you know,

[00:14:29] James Stanger: what a cool area. And

[00:14:31] Chris Sienko: Yeah. Yeah.

[00:14:31] James Stanger: one of one of dozens of

[00:14:34] Chris Sienko: Yeah,

[00:14:35] James Stanger: really hundreds,

[00:14:36] Chris Sienko: I hope this, uh,

[00:14:36] James Stanger: technology. I mean, there's so much.

[00:14:38] Chris Sienko: Yeah, absolutely. Well, I hope that people are listening, are getting excited about the prospect of looking in all directions and seeing what matches up to them best.

But until then, James Stanger, thank you so much for all of your insights today. I appreciate it.

[00:14:51] James Stanger: I mean, you bet.

[00:14:52] Chris Sienko: And thank you all for watching Cyborg Hacks. If you enjoyed this video and felt it helped you, tell someone about it. A friend, a colleague, social media connections, anyone you like. Word of mouth is the real way to make a community like this grow.

And if you haven't, please subscribe to our podcast feed and our YouTube page. You can go to infosecinstitute. com slash podcast for the full list, or just type cyber work info second, your preferred search engine, you'll see us, uh, and sign up for notifications and auto download of episodes because cyborg hacks is coming out every other Thursday with bite size answers to your questions.

Until next time, keep learning, keep developing your skills and have fun with it. Bye for now.