Best Cyber security certifications for beginners – NI Cyber Guy

Best Cybersecurity Certification for Beginners

“What are the best beginners cyber security certifications?” is probably the question that most people I have spoken to ask. Those who are interested in starting a career in cybersecurity, whether that be in offensive security doing penetration testing as a certified ethical hacker or incident response analyst or even those looking to become a Chief Information Security Officer (CISO) turn to certifications to improve knowledge, prove their hands-on technical skills, make them more competitive in the job market and get their CVs noticed.

But there are many certifications out there focused on different roles in the cybersecurity space, and it can be hard to decide which one to choose and in which order…it’s confusing, I know; I’m still there.

Just look at this diagram by Pauljerimy.com

Table Of Contents

There has been a lot of talk recently, especially here in Northern Ireland about the cybersecurity skills gap, and the need to increase the cybersecurity workforce to meet the needs of the industry. It’s easy to see that cybersecurity positions are in high demand here by just looking at Indeed, Linkedin or speaking to recruiters such as Andrew McKnight at Ocho, Joel Cuddy at ENSO or Carol at Search 5.0.

TIP: Looking at the above job postings will give you an idea of what recruiters and companies are looking for in terms of experience and cybersecurity certifications/qualifications….but beware as many just cut and paste from other ads.

Therefore it’s clear that cybersecurity certifications are a logical step for those looking to improve their skills and further their careers in the cyber security industry.

Now, if you enter into your favoured search engine “Best cybersecurity certifications for beginners” or “what cybersecurity certification do I need to get a job in…(insert Incident response/Information security/security operations/ethical hacking/application security) you will get a list of very expensive and, I feel, not beginner friendly ” best cybersecurity certifications” that you “must-have” to get a job. These include

• OSCP – Offensive Security Certified Professional
• CEH Certification – Certified Ethical Hacker Certification
• SSCP – Systems Security Certified Practitioner
• CCSP – Certified Cloud Security Professional
• CISM – Certified Information Security Manager
• CISA – Certified Information Systems Auditor
• CISSP Certification – Certified Information Systems Security Professional
• GIAC Security Essentials
• GIAC information security fundamentals

In my opinion and experience, you do not need these cybersecurity certifications as a beginner to get a job. Of course, it would be great to have an advanced certification like the above, however, they are generally expensive and require knowledge and experience that many cybersecurity professionals don’t even have.

I should state that I see a beginner as someone who has little to no experience of cybersecurity, such as a recent graduate, a career pivoter or even someone currently working in another area of IT looking for a change.

Starting with the basics and learning about the best foundational, entry-level cybersecurity certifications you can do to help get a job. I will give you some cybersecurity certifications that I have seen in job adverts and know people who have done them. I’ve started with vendor-neutral training courses and certification exams, as they offer the broadest knowledge for someone with little to no prior experience, as opposed to vendor-specific cybersecurity certifications.

The following list doesn’t have a specific rating system, but we did try to present them in the order in which they make the most sense to take if you’re an absolute beginner in the security industry.

CompTIA Network+

If we’re really starting with the basics, CompTIA Network+ is the first cybersecurity certification we should visit. Networking is integral in information security, and this knowledge is invaluable for cybersecurity professionals. So, if you want to kick start your career in cybersecurity, this is why starting with Network+ certification is a good choice. This certification, issued by CompTIA, is a great entry-level certification covering troubleshooting, configuring and managing networks.

The Network+ is a vendor-neutral certification, so will allow you to demonstrate the knowledge and skills to work with any network, regardless of the platform. You’ll gain an understanding of networking concepts and the technical skills to implement them, as well as knowledge of basic security concepts and common types of network attacks—while securing both wired and wireless networks, and using best practices to manage the network, implement policies and establish business continuity.

The topics covered in the Network+ certification are broad, but there are seven distinct domains you’ll find in the exam:

• Network technologies
• Network media and topologies
• Network devices
• Network management
• Network tools
• Network security

Network+ is a highly theoretically oriented certification emphasising broad knowledge of different networking concepts. It is a great starting point for any beginner looking to get into entry-level roles such as system engineer, network support specialist, network analyst, network security engineer, and the like.

While security isn’t widely covered in Network+, it’s still a good start, especially as it being vendor-neutral allows you to focus on the more vendor-specific certifications later in your career, once you decide on a direction you want to take.

Microsoft Technology Associate (MTA) Security Fundamentals

Of the certifications featured in this article, the MTA Security Fundamentals is the most “entry-level” in my opinion. Aimed at high school and early college/tech students, as well as those in the workforce who are looking to change careers, the MTA Security Fundamentals gives you a knowledge of core security principles as well as the basics of security systems, network and software security. To achieve certification, you must pass a single exam, which costs around £105. But most schools and colleges can get this for free via Microsoft.

I have this security certification, and it was a 90-minute exam with 30 to 40 questions in Multiple-Choice and Multiple-Answer formats. The passing grade is 700/1000.

NOTE – I have just found out that this exam was retired in 2022 in favour of the cloud security exams such as the SC-900 and AZ-900.

CompTIA Security+

CompTIA Security+ is widely considered one of the best introductory certifications available and among the first that anyone starting out in cybersecurity should earn. Like all CompTIA cybersecurity certifications, it is vendor-neutral and provides a decent grounding in security skills.

CompTIA Security+ has a wide array of questions that cover a range of cybersecurity-related skills, simulations, and technical knowledge. Topics covered on the exam include threats, vulnerabilities, and attacks, as well as identity and access management, security tools and technologies, risk management, secure application development, deployment, cloud, and virtualization concepts. Additionally, it addresses security architecture and security assessment, which are crucial for understanding the overall security posture and evaluating the effectiveness of security measures.

This entry-level cybersecurity certification, once completed, gives you the knowledge required to detect indicators of compromise, install and configure systems to secure applications, networks, and devices, install and configure identity and access services, utilize risk management and mitigation, and more. These skills and knowledge will help you kick-start your cybersecurity career.

The CompTIA Security+ credential is asked in almost all job adverts that we have seen and so, therefore, is a must for aspiring cybersecurity professionals (Note – at the time of writing, I do not have this certification UPDTATE – I still don’t have this one)

Some of the positions I have seen requiring this certification are:

• Cloud Security Engineer
• Network security engineer
• Security Operations Analyst
• Risk Management
• Senior Technical Support Engineer
• security manager
• Security Administrators

There are no strict requirements like most you’ll find on your search; however, CompTIA recommends obtaining the CompTIA Network+ cert and having two years of experience in an area with a security focus.

If you’re just getting into the field and want a broad knowledge of security-related disciplines, hands-on knowledge, and the ability to propel yourself to a more intermediate role, CompTIA Security+ is a good foundational certification to build upon.

Microsoft Azure Fundamentals Exam AZ-900

This certification is designed to validate the foundational knowledge level of Azure cloud services. It also helps non-technical candidates understand cloud services that offer services such as sales, purchasing, and marketing.  

Domains Covered

• Understand foundational cloud concepts such as High Availability (HA), Scalability, Fault Tolerance (FT), Disaster Recovery, scalability, and the difference between CapEx and OpEx
• Describe Regions, Availability Zones, Resource Groups, Azure Resource Manager, and Azure architectural components.
• Describe Azure Firewall, DDoS protection, Network Security Group (NSG)
• Describe Azure subscription, understand purchasing of Azure services and products, Azure free account, and pricing calculator

Exam Information

• Prerequisites: No special prerequisites
• Number of Questions: 30 – 40
• Duration: 60 Minutes
• Passing Score Required: 700
• Cost: $99

SC-900 Security, Risk & Compliance

This certification is targeted to those looking to familiarise themselves with the fundamentals of security, compliance, and identity (SCI) across cloud-based and related Microsoft services. This is a broad audience that may include business stakeholders, new or existing IT professionals, or students who have an interest in Microsoft security, risk management, compliance, and identity solutions.

I’d recommend this certificate to anyone who is either looking to move into cybersecurity, working with colleagues in cybersecurity, or starting.

The Microsoft SC-900 exam is an ideal starting point for those new to cybersecurity, focusing on the fundamentals of security, compliance, and identity across Microsoft platforms. The exam covers key areas such as Microsoft’s identity and access management solutions, security solutions, and compliance capabilities. For me, I found that the learning for this cybersecurity certification helped solidify the language used by Microsoft more than anything else, although it would give anyone a great high-level view of the various aspects of

Domains Covered

• Concepts of Security, Compliance, and Identity
• Capabilities of Microsoft Identity and Access Management Solutions
• Capabilities of Microsoft Security Solutions
• Capabilities of Microsoft Compliance Solutions

Knowledge and experience:

Candidates should be familiar with Microsoft Azure and Microsoft 365 and understand how Microsoft security, compliance, and identity solutions can span across these solution areas to provide a holistic and end-to-end solution.

Certification Cost

Exam Information

• Prerequisites: No special prerequisites
• Number of Questions: 30 – 40
• Duration: 60 Minutes
• Passing Score Required: 700
• Cost: $99

AWS Certified Cloud Practitioner

It is an entry-level AWS Certification that comes under the Foundational level. It is specifically designed for individuals who have a basic understanding of the AWS Cloud platform, and you’re strongly recommended to have at least 6 months of industrial experience in the AWS Cloud domain before opting for this exam. Moreover, this foundational level exam covers the following aspects of AWS Cloud – basic global infrastructure, architectural principles, value proposition, basic security and compliance aspects, pricing models, and several others.

Domains Covered

Certification Cost

Exam Information

• Level: Foundational
• Exam Format: Multiple Choice Questions (MCQs)
• Exam Duration: 90 Minutes
• Cost: 100 USD (Practice Exam: 20 USD)

Microsoft (AZURE) AZ-500 Security Engineer Associate

The Microsoft (Azure) Security Engineer is the newest role added in the role-based Azure certification path. To become a Microsoft Azure Certified Cloud Security Engineer, you need to pass only one certification – Exam AZ-500: Microsoft Azure Security Technologies.

What Is The AZ-500 From Microsoft?

Microsoft launched AZ-500: Azure Security Technologies exam for Azure security engineers. There are no prerequisites to be eligible for the AZ-500 exam but it is recommended to have passed the AZ-900: Microsoft Azure Fundamentals exam. 

Microsoft also recomend that you have the following knowledge and skills

• Familiarity with the implementation of security controls on the Microsoft Azure platform
• In-depth knowledge of virtualization, cloud N-tier architecture, Amazon Kubernetes Service, and networking
• Ability to recognize and address vulnerabilities using several security tools; implementing security solutions for the protection of networks, applications, and data
• In depth knowledge of scripting and automation, identity and access management, and maintaining security status

Domains Covered

Manage Identity and Access – 20-25%

Implement Platform Protection – 35-40%

Manage Security Operations – 15-20%

Secure Data and Applications – 30-35%

Certification Cost

$165/£113/€100

Exam Information

• Prerequisites: No special prerequisites although AZ-900 would be benificial
• Number of Questions: 30 – 60
• Duration: 180 Minutes
• Passing Score Required: 700
• Cost: $165/£113/€100

Microsoft 365 Security Administrator (MS-500)

The MS-500 focusses on the Microsoft 365 products most used in all business such as Office, Outlook and Teams. The exam covers user password protection, multi-factor authentication, Azure Identity Protection, how to setup and use Azure AD Connect, and conditional access in Microsoft 365.

Domains Covered

• Implement and manage identity and access

• Implement and manage threat protection

• Implement and manage information protection

• Manage governance and compliance features in Microsoft 365

Certification Cost

$165/£113/€100

Exam Information

• Prerequisites: No special prerequisites although MS-900 would be beneficial
• Number of Questions: 30 – 60
• Duration: 180 Minutes
• Passing Score Required: 700
• Cost: $165/£113/€100

**This certification exam has been retired in favour of the Microsoft SC range of exams.*

AWS Certified Security – Specialty

The AWS Certified Security – Specialty certification validates your expertise in the security domain in AWS. You’re recommended to possess industrial experience of at least 2 years of securing AWS workloads along with an experience of a minimum of 5 years of designing and implementing security solutions in the IT security domain to earn this certification.

The CompTIA Advanced Security Practitioner (CASP+) certification is also highly relevant for advanced cybersecurity professionals, covering security architecture, engineering, and risk analysis, and is ideal for roles such as security architects, technical lead analysts, and senior security engineers.

Domains Covered

Certification Cost

Exam Information

Exam Duration: 170 Minutes

• Cost: 300 USD (Practice exam: 40USD)

SC-200 Security Operations Analyst

This cybersecurity certification is for those who work at the front line of cybersecurity threats and security incidents, generally in security incident detection and response/Cyber defense The exam is highly focussed on using the Microsoft Defender suite and the Microsoft Sentinel SIEM/SOAR tool. This cybersecurity certification will help to develop and demonstarte your cyber security skills and cyber security awareness.

The security operations center (SOC) plays a crucial role in the context of the SC-200 certification, as it encompasses roles such as security analyst SOC analyst and incident response analyst, which are essential for effective cybersecurity operations.

Domains Covered

• Mitigate Threats using Microsoft Defender for Endpoint
• Mitigate Threats using Microsoft 365 Defender
• Mitigate Threats using Microsoft Defender For Cloud
• Configure Microsoft Sentinel
• Create queries using Kusto Query Language
• Perform Threat Hunting in Azure Sentinel

Certification Cost

$165/£113/€100

Exam Information

• Prerequisites: No special prerequisites, although SC-900 would be beneficial
• Number of Questions: 30 – 60
• Duration: 180 Minutes
• Passing Score Required: 700
• Cost: $165/£113/€100

CCNA – Cisco Certified Network Associate Network Security

Cisco certifications consist of entry-level, associate and advanced certifications and are considered some of the most valued certifications in the IT industry as a whole. CCNA stands for Cisco Certified Network Associate and this certification can be earned in domains such as routing and switching, cloud, security, cyber operations, and others.

This certification provides candidates with the knowledge and hands-on skills needed to install, troubleshoot and monitor Cisco security network devices and diagnose and minimize security threats. It also is a prerequisite for becoming a Cisco Certified Security Professional (CCSP). With a CCNA Security certification, you’ll demonstrate your knowledge of security infrastructure and safeguarding networks from different security threats.

Topics on the CCNA Security exam include:

• Network security concepts
• Developing a secure network
• Defending the perimeter
• Constructing a secure infrastructure
• Implementing endpoint security
• Using Cisco firewalls to defend the network
• Cryptography and Virtual Private Networks (VPNs)
• Public key infrastructure (PKI) and asymmetric encryption
• Building a site-to-site Internet Protocol Security (IPsec) VPN solution

In addition to the CCNA Security certification, having penetration testing certifications is crucial for network security professionals to validate their expertise in identifying and mitigating security vulnerabilities.

Students who complete the CCNA Security certification exam will be equipped to fill such roles as a network security administrator, network security support engineer and infrastructure security specialist.