My certification journey spans three key areas: Foundational, Defense, and Offense.
Foundations provide the essential groundwork. Defense and Offense complement each other: understanding defensive strategies helps me anticipate and evade them when simulating attacks, while offensive knowledge strengthens my ability to create robust defenses. This well-rounded approach enhances my overall cybersecurity skills, allowing me to protect systems more effectively and identify vulnerabilities more efficiently.
Preparing for certifications provides a structured path to demonstrate your knowledge. Even if you don’t ultimately take the exam, mastering the material along the way enhances your skills and understanding.
Below is a list of certifications I have achieved so far, under that is a list of the ones I am actively studying for:
Foundational IT and Security:
CompTIA A+
Skills taught:
- Hardware and network troubleshooting
- Operating system installation and configuration
- Mobile device management
- Basic cybersecurity concepts
Summary: Entry-level certification focusing on IT technical support and operational roles. Covers both hardware and software aspects of computer systems.
CompTIA Security+
Skills taught:
- Network security
- Compliance and operational security
- Threats and vulnerabilities
- Application, data, and host security
- Access control and identity management
- Cryptography
Summary: Foundational, vendor-neutral cybersecurity certification. Validates core skills needed for any cybersecurity role.
Fortinet Certified Associate Cybersecurity
Skills taught:
- Network security concepts
- Security fabric
- Firewall and VPN technology
- Basic threat protection
- Secure access
Summary: Vendor-specific certification focusing on Fortinet’s cybersecurity products and solutions. Provides foundational knowledge of network security and Fortinet’s Security Fabric approach.
Offensive Security:
eJPT (eLearnSecurity Junior Penetration Tester)
Skills taught:
- Information gathering techniques
- Footprinting and reconnaissance
- Scanning networks
- Vulnerability assessment
- Basic exploitation techniques
Summary: Entry-level penetration testing certification. Provides hands-on training in ethical hacking and penetration testing.
TCM Security PNPT (Practical Network Penetration Tester)
Skills taught:
- Active directory attacks
- Network penetration testing
- Web application penetration testing
- Report writing
- OSINT (Open-Source Intelligence)
Summary: Hands-on, practical certification for aspiring penetration testers. Focuses on real-world scenarios and techniques used in professional penetration testing.
Defensive Security:
CompTIA Cybersecurity Analyst (CySA+)
Skills taught:
- Threat and vulnerability management
- Security architecture and tool sets
- Security operations and monitoring
- Incident response procedures
- Compliance and assessment
Summary: Intermediate-level cybersecurity certification focusing on defensive security, threat detection, and incident response.
Actively Studying For:
OSCP (Offensive Security Certified Professional)
Skills taught:
- Advanced penetration testing techniques
- Exploitation development
- Information gathering and reconnaissance
- Privilege escalation
- Report writing
Summary: Advanced, hands-on penetration testing certification. Focuses on practical skills in ethical hacking and requires passing a 24-hour hands-on exam.
AWS SAA (Amazon Web Services Solutions Architect – Associate)
Skills taught:
- Designing distributed systems
- AWS core services and best practices
- Cloud architecture principles
- Cost optimization
- Security in AWS environments
Summary: Validates ability to design and deploy scalable, highly available, and fault-tolerant systems on AWS. Focuses on architectural best practices for the AWS Cloud.
AZ-900 (Microsoft Azure Fundamentals)
Skills taught:
- Cloud concepts
- Azure services
- Azure pricing and support
- Basic cloud security, privacy, and compliance
Summary: Entry-level certification providing foundational knowledge of cloud services and how they are implemented with Microsoft Azure.