Exams Overview | Sec Guy Cyber

Stop Paying the Cert Tax. Pick the Right Lane. Execute.

We classify by progression stage. Entry builds foundation. Advanced builds specialization. Managerial builds leadership authority. Each roadmap includes free training (Phase 1) and validation labs (Phase 2).

Entry Level

Foundation stage. Land your first role by proving baseline security fluency.

Objective: Foundation → Proof → First Role

Security+

The industry baseline for SOC Analyst and junior security roles.

  • Threats, attack surfaces, and controls
  • Networking + secure design fundamentals
  • Identity, access, and incident response basics
PHASE 1 Free structured training + practice to pass the exam. PHASE 2 Hands-on labs proving you can analyze, validate, and respond.
View Roadmap

GIAC GSEC

Stronger technical grounding for foundational security roles.

  • Security essentials with depth
  • System and network fundamentals
  • Applied troubleshooting logic
PHASE 1 Structured learning path + exam readiness. PHASE 2 Evidence labs: logs, crypto basics, CLI validation.
View Roadmap

SecAI+

Modern entry path using AI-assisted workflows responsibly.

  • Safe AI usage in security
  • Triage → validate → document workflow
  • Portfolio-ready validation artifacts
PHASE 1 Free course + guided exam practice. PHASE 2 Experience builder labs designed for hiring managers.
View Roadmap

Advanced

Specialist stage. Increase compensation by proving execution depth.

Objective: Specialty → Evidence → Higher Pay

Pentest+

Offensive fundamentals + professional reporting discipline.

  • Recon → enumeration → exploitation basics
  • Findings and remediation communication
  • Hands-on assessment workflow
PHASE 1 Study methodology and exam objectives. PHASE 2 Writeups + lab validation (portfolio-ready).
View Roadmap

CEH

Structured offensive coverage and tool literacy.

  • Threat actor techniques and attack chains
  • Tooling literacy and practical usage
  • Defensive interpretation of offensive activity
PHASE 1 Concept mastery without fluff. PHASE 2 Controlled lab validation and execution.
View Roadmap

AWS Security Specialty

Cloud IAM, logging, encryption, and detection depth.

  • AWS IAM roles and policies
  • CloudTrail, GuardDuty, detection flow
  • Encryption and key management
PHASE 1 Master AWS control plane logic. PHASE 2 Policy + alert + incident validation labs.
View Roadmap

CCSP

Cloud governance and architectural strategy.

  • Shared responsibility models
  • Control mapping and compliance
  • Operational cloud security strategy
PHASE 1 Domain mastery. PHASE 2 Scenario-based design validation.
View Roadmap

SecurityX

Senior architecture and engineering strategy track.

  • Threat modeling and control selection
  • Architecture tradeoffs
  • Design documentation for review boards
PHASE 1 Study advanced domain design principles. PHASE 2 Produce design artifacts + control narratives.
View Roadmap

Managerial

Executive stage. Govern programs, manage risk, drive strategy.

Objective: Programs → Risk Decisions → Leadership

CISSP

Enterprise-wide leadership coverage across security domains.

  • Policy and governance strategy
  • Control selection and enterprise tradeoffs
  • Security program alignment
PHASE 1 Domain coverage mastery. PHASE 2 Governance artifacts + leadership validation.
View Roadmap

CISM

Security management and measurable program outcomes.

  • Incident management lifecycle
  • Security program design
  • Stakeholder reporting logic
PHASE 1 Framework translation into execution. PHASE 2 Program documentation and performance metrics.
View Roadmap

CRISC

Risk identification, analysis, and control validation.

  • Risk assessment methodology
  • Control design and assurance
  • Executive risk communication
PHASE 1 Risk logic and mapping mastery. PHASE 2 Risk register + control validation artifacts.
View Roadmap

Choose your lane. Build proof. Execute.

Create a free account. Unlock labs. Validate capability.