GSEC vs. CySA+
Introduction
Degrees are a good way to get yourself going up the corporate ladder, but in the world of cybersecurity, they will only get you so far. Eventually, most will have to back up their knowledge and skills with a professional certification that will verify an elevated level of cybersecurity knowledge.
This article will compare and contrast two of the leading intermediate-level cybersecurity certifications — the GIAC®️ Security Essentials Certification (GSEC) and CompTIA’s Cybersecurity Analyst+ (CySA+) certification. We will explore each certification’s prerequisites, material covered and exam details, and conclude with a well-founded recommendation for which certification you should earn.
What should you learn next?
About GSEC
GSEC is a cybersecurity certification hosted by GIAC and is considered one of the top cybersecurity certifications on the market. This certification is composed of questions created by Subject-Matter Experts (SME) that put their questions up against a Job Task Analysis (JTA) process. This process verifies that the questions reflect current industry standards, to real-world duties in the field, and that the skills are necessary to best perform job responsibilities.
According to GIAC, GSEC validates the certification holder’s information security knowledge beyond that of simple concepts and terminology. This translates into a hands-on information security-centered exam with emphasis placed on real-world information security tasks likely to be encountered on the job.
GSEC prerequisites
GIAC does not require any specific prerequisites to take the GSEC certification exam. With that said, training is recommended in order to avoid having to retake it. There are several good study guides available, but nothing will beat training for the GSEC.
Candidates should keep in mind that GIAC requires a much larger exam registration fee than other hosting organizations, and GSEC is no exception.
GSEC material covered
Instead of presenting the covered material as domains of knowledge, GIAC presents GSEC material as objectives and outcome statements. Don’t let this minor difference make you take this certification exam less seriously — GSEC covers an extensive amount of information security knowledge and skills, covering nearly every subdiscipline in the realm of cybersecurity. This material covers:
- Access control and password management
- Active defense
- Contingency plans
- Critical controls
- Cryptography
- Cryptography algorithms and deployment
- Cryptography application
- Defense-in-depth
- Defensible network architecture
- Endpoint security
- Enforcing Windows security policy
- Incident handling and response
- IT risk management
- Linux security: Structure, permissions and access
- Linux services: Hardening and securing
- Linux: Monitoring and attack detection
- Linux: Security utilities
- Log management and SIEM
- Malicious code and exploit mitigation
- Network device security
- Network security devices
- Networking and protocols
- Securing Windows network services
- Security policy
- Virtualization and cloud security
- Vulnerability scanning and penetration testing
- Web communication security
- Windows access controls
- Windows as a service
- Windows automation, auditing and forensics
- Windows security infrastructure
- Wireless network security
GSEC exam details
The GSEC certification exam covers 180 multiple-choice questions, and the minimum passing score is 74%. Those sitting for the exam will have five hours to pass. After passing the certification exam, certification holders will have to renew their certification every four years.
About CySA+
The Cybersecurity Analyst+ (CySA+) certification is a strong addition to the world’s roster of cybersecurity certifications. Since its debut in 2017, CySA+ has been one of the most cutting-edge certifications – especially since it applies the relatively new technology of behavioral analytics to cybersecurity. This is a first in the industry, which may lead an increasing number of certification candidates to CySA+.
This sounds good, but can CySA+ contend with GSEC? Let’s examine this certification further so you can see for yourself.
CySA+ prerequisites
Unlike GSEC, CySA+ has some distinct prerequisites that a candidate must satisfy before being eligible for this certification exam. First, certification candidates must have four years of hands-on, full-time information security experience. Second, candidates are expected to have earned both the Network+ and Security+ certifications or have gained the equivalent knowledge. This knowledge can conceivably be earned during the years of hands-on experience, but only you will know if this applies to yourself.
CySA+ material covered
CySA+ covers a broad swath of cybersecurity knowledge and skills covering nearly all of cybersecurity’s subdisciplines, much like GSEC. This material is divided into objectives or domains of knowledge, each containing their own sub-objectives. These domains of knowledge (and their respective weight on the exam) are:
- 1.0 Threat and Vulnerability Management (22%)
- 2.0 Software and Systems Security (18%)
- 3.0 Security Operations and Monitoring (25%)
- 4.0 Incident Response (22%)
- 5.0 Compliance and Assessment (13%)
CySA+ exam details
The CySA+ certification exam is composed of a maximum of 85 questions. A minimum score of 750 points out of 900 must be earned to pass the exam. The questions are made up of both multiple-choice and hands-on, performance-based formats, and certification candidates will have 165 minutes to complete the exam.
What should you learn next?
Conclusion
Normally, one certification has an easier time blowing the other out of the water, but not in this case. Both GSEC and CySA+ cover approximately the same amount of material, spanning practically every corner of cybersecurity.
With that said, there are two caveats that may swing your decision. If you are new to cybersecurity (with one to two years of experience), CySA+ would be out of your reach, making GSEC your only option. However, these certifications are intermediate-level, leaving very few early-career professionals equipped with the knowledge and skills to pass the certification exams.
And if your focus is on behavioral analytics, CySA+ is the clear winner, as it places emphasis on this emerging approach to information security.
Sources
- CompTIA Cybersecurity Analyst (CySA+) Certification Exam Objectives, CompTIA
- Security Certification: GSEC, GIAC
- Best Information Security Certifications 2019, Business News Daily