Getting Started In The InfoSec Industry

Speak to any cyber-security employer and they’ll tell you that experience is king. Equally, they will also tell you that they prefer to see a candidate who has cut their teeth in the deep end of IT and networking before they started to specialise in security.

That said, what’s the best starting point for those who want to get into the IT field with an aim of specialising in cyber security?

A degree in computer science is a great starting point. But equally, so is taking the work and training route. This looks at some of the entry level qualifications to help get your foot on the IT career ladder as you work towards building your cyber security knowledge.

CompTIA Courses
The CompTIA series of courses are well regarded by the industry and are aimed at entry level candidates; the courses are vendor neutral, and are put together by the Computing Technology Industry Association, a non-profit industry association.

We offer courses with a range of providers. Browse our full range of CompTIA courses here.

CompTIA A+

The CompTIA A+ qualification is designed to give you a solid base in validating your IT skills. You will learn IT fundamentals related to installing and maintaining computer systems.

The focus is on:

  • Hardware and operating system installation + configuration
  • Diagnostics, troubleshooting, fixing hardware issues, etc.
  • Software – installing and configuring
  • How to configure computers for network use versus standalone use

The certification is divided into different components; an initial mandatory exam with 100 questions known as the A+ Essentials, followed by one of three possible specialism exams: IT Technician, Remote Support Technician or Depot Technician.

These exams have no set time frame or order that they must be taken in. Once certified, you will be required to repeat these exams every 3 years to remain certified.

CompTIA Network+

This certification builds on the base developed by the A+ qualification; the A+ covers the physical basics of networking, but doesn’t give you enough in the way of insights to grant you the appropriate level of knowledge for a real-world entry level networking role. Having the prior certification will be helpful; that said, it’s not a requirement to have taken the A+ in order to take the Network+.

The certification is designed for someone with a little more experience, such as a year of on the job exposure to real life IT work. However, this is not a requirement either.

The Network+ certification covers networking in far more detail and is focused on these aspects of common wired and wireless networking:

  • Configuration
  • Management 
  • Troubleshooting


Also included are aspects of emerging technologies such as unified communications, mobile, cloud, and virtualization technologies.

There is a single exam that must be taken to complete the certification. As with other CompTIA certifications, the exam involves 90 multiple choice questions and must be retaken every three years in order for the certification to be retained.

CompTIA Security+

The first certification that is explicitly focused on security in our list, the Security+ certification is the starting pointing point for demonstrating that you have the skills to deal with network security tasks.

Like all other CompTIA certifications, it is internationally recognised.

Developed initially in 2002, it was created to address emerging security threats and has been updated many times since its inception.

Similar to other certifications from CompTIA, the exam comprises 90 questions, and these are to be taken over a 90 minute period. The areas of focus include:

  • Network security
  • Compliance and operation security
  • Threats and vulnerabilities
  • Application data & host security
  • Introduction to access control, identity management and cryptography

This certification, whilst still aimed squarely at those looking for an entry into cyber-security, makes the assumption that you have already gained the previous qualifications in the series as well as having earned at least two years of experience in IT administration with a security focus.  It’s therefore expected that you’ve been taking qualifications as a parallel activity with working in industry.

This qualification is perhaps the most important on this list as this establishes the base of expertise from which other security knowledge extends.

Cisco Courses

Cisco certifications are not platform-agnostic like the CompTIA ones; they focus on Cisco’s own proprietary technology. However, they are highly regarded, internationally recognised and represent an excellent step into more acquiring more advanced knowledge.

Cisco CCENT (Cisco Certified Entry Network Technician)

Earning the CCENT certification requires completing the Interconnecting Cisco Networking Devices Part 1 exam, which covers networking fundamentals, LAN switching technologies, routing technologies, and other subjects.

This certification goes into a lot more detail than the Network+, and consequently is viewed more favourably by many employers.

The exam topics are weighted as follows:

1.0 Network Fundamentals              20%

2.0 LAN Switching Fundamentals     26%

3.0 Routing Fundamentals                25%

4.0 Infrastructure Services               15%

5.0 Infrastructure Maintenance       14%

Due to the increased depth of this certification, the exam is a lot more involved. Questions are delivered in different formats:

  • Multiple choice
  • Drag & drop
  • Fill in the blank
  • Multiple question mini tests
  • Router simulations

The router simulation aspect involves things such as connecting virtual cables, and using virtual network terminals to enter commands to set up virtual “networks”.

Cisco CCNA

This certification builds on the knowledge that the CCENT delivers and is slightly more advanced.

Having a CCNA certification shows prospective employers that you can deal with enterprise level routers and switches, whether installation, operation, or configuration.

There are two exams that need to be taken. The first exam is a choice of two options – Option 1, the 200-125 Cisco Certified Network Associate Exam (CCNA), and Option 2, the 100-105 Interconnecting Cisco Networking Devices Part 1 Exam (ICND1).

Option 1, the CCAN exam, covers skills related to network fundamentals, LAN switching technologies, IPv4 and IPv6 routing technologies, WAN technologies, infrastructure services, infrastructure security, and infrastructure management.

Topics in the exam are weighted as follows:

1.0 Network Fundamentals              15%

2.0 LAN Switching Technologies      21%

3.0 Routing Technologies                 23%

4.0 WAN Technologies                      10%

5.0 Infrastructure Services               10%

6.0 Infrastructure Security                11%

7.0 Infrastructure Management       10%

Option 2, the ICND1 exam, covers network fundamentals, LAN switching technologies, routing technologies, infrastructure services, and infrastructure maintenance.

Topics in this exam are weighted as follows:

1.0 Network Fundamentals              20%

2.0 LAN Switching Fundamentals     26%

3.0 Routing Fundamentals                25%

4.0 Infrastructure Services               15%

5.0 Infrastructure Maintenance       14%

Both exams are 90 minutes; the CCNA exam comprises 50 to 60 questions, and the ICND1 exam comprises 45-55 questions.

We offer a range of training providers to help you earn your CCNA. For a list of providers and courses, check out our CCNA courses here.

This batch of certifications is enough to not only get you into the IT industry and start to carve out practical experience, but also compliment your work and push your knowledge to an advanced level.

In the next part in the series we will explore some of the other options available to help focus you career on security, with more advanced courses that aim to flesh out your practical security knowledge and demonstrate your skill to prospective employers.