There are 2 types of certification stacks you can progress through.

The 1st we're all familiar with, and it's usually the most difficult.

This is the 0 to 1 stack.

When you have 0 or <1 year of experience, you cut your teeth with these certifications.

This is the certification stack many frequently start with:

• CompTIA A+
• CompTIA Network+
• CompTIA Security+

AKA the CompTIA trifecta.

On top of this, I personally had the CCNA, Linux+, and a few others many skip when starting out.

Others will add:

• Splunk Core
• AZ-900

(Something BowTiedCyber has previously recommended).

If I were to redo the 0 to 1 stack,
I'd skip the A+ and Network+,
Take the Security+,
And get certified based on what local jobs are hiring for the most.

You can find out by reviewing entry jobs from a local IT staffing company to see certifications they commonly recommend.

BUT... It's better to complete the imperfect plan rather than optimizing a plan you never finish.

The 2nd type of the certification stack is the easiest.

Mostly because you've come to terms with knowing that there are unknowns in an IT career.
And the fact that you don't need many certifications to pivot (sometimes 0).
At this stage, you'll find less bootcamps available for you on the internet.

Why?

Because the experience you have, has more weight, than a string of certifications or having a title saying you've graduated XYZ. For this reason, I emphasize getting the first IT job asap any way you can, then begin specializing, more than thinking you'll qualify into 6-figures with more certifications in the 0 to 1 Stack/phase.

So certify based on the niche of you.
This is more important for your IT career strategy than adopting someone else's syllabus.

For someone who wants to get into management with 4 years of experience, this is one stack you could take:

• CISSP
• Security+

It wouldn't make sense for someone who wants to become a Azure Security Engineer.

This stack would probably make more sense for them:

• SC-300
• AZ-500

It covers both Enterprise Infrastructure Security as well as End User security in mind.

For someone that just wants to specialize in IAM, and wants a certification, the SC-300 will do.
While I have not needed it to get an IAM role, nor have I seen others need it, it can help introduce you to the technologies at play.

While the 2nd type of certification stack is built on your experience, it moreso portrays the competency you have.
As with the 1st certification stack, these certifications send out a strong signal to recruiters that you're what they're looking for.
And you can prove it out through the interview process.

Yours truly,
CyberAndChill
​
PS Think long term about your IT career. Can you go faster with me pushing you? I've included 1-1 monthly calls starting January in my community: https://www.skool.com/cyberandchill​

If the end of your studies, and certifications is a 30% raise, what measures would you take to increase the likelihood of this outcome?