[tjr]

What about the CompTIA Security+?

Once upon a time I was a contractor at an insurance company, and I saw that most of the people in their IT department had various certifications hanging on their cubicle walls. I thought, "I want one of those."

So I selected the Security+ certificate, inhaled about two-thirds of a book covering the material, passed the test, framed the certificate and put it on my office wall.

That's about it. It was fun.

[rdl]

Security+ is the "easiest" of the big certs (I did CISSP with about 10 hours of prep, and probably didn't even need that, but I had been working in the field for 15y, read the Rainbow Books when I was 11, and enjoy security trivia for its own sake rather than for application only; it normally takes about 5x more time to prep for than Security+ vs. CISSP).

Security+ seems a bit more focused, and obviously vastly less comprehensive (Part of CISSP is some fairly esoteric and never-used theoretical models). In practice I'd say it's on par with CISSP.

https://www.isc2.org/dodmandate/default.aspx DoD considers Security+ to be level I or level II, CISSP to be ok up to level III, although prefers CISM or CISA for certain roles over CISSP.