CEU's for other certifications earned

Jose A Ruiz Marquez

Active member
  • Dec 30, 2023
    41
    51
    3,126
    Puerto Rico
    I don't know if anybody has ever thought of this. When we certify, CompTIA has certain paths and order of certifications that allows you to cover a whole set of certifications if you take an upper level exam. Like for example: you have A+, Network+ and Security+, you pass CySA+and all three certs are renewed. Cool. But not everyone do the certs in order and (please correct me if I'm wrong) CompTIA doesn't give you the chance of earning CEU's for other certs taken.

    I have A+, Network+, Security+, Server+, CySA+, Pentest+ and CASP+..... We all know that CASP+ renews all the previous certs. What I find strange is that I took Linux+ and I can't get CEU's to apply to CASP+. The next cert I'm studying for is Cloud+ and it's the same deal. If we look at those 2 certs and how they can enhance my skill set as a CASP+ I can think of:
    • Comprehensive Security Architecture: Both Cloud+ and Linux+ provide practical skills for designing, implementing, and managing secure environments across on-premises, cloud, and hybrid setups, directly supporting CASP+'s focus on enterprise security.
    • Improved Risk Management: The combined knowledge from these certifications equips a CASP+ professional with a holistic view of potential risks in cloud and Linux environments, enabling more effective risk assessment and mitigation strategies.
    • Enhanced Incident Response and Automation: Proficiency in Linux and cloud automation tools enables the creation of efficient incident response mechanisms, aligning with CASP+'s emphasis on response strategies and automation to enhance security operations.
    • Interoperability and Integration: Mastery of cloud and Linux systems supports CASP+ professionals in integrating various security solutions, ensuring interoperability while maintaining a strong security posture.
    So, why doesn't CompTIA give us CEU's no matter in what order you take the certifications? In the end every test we take enhances our knowledge base. If you just have CASP+ we all know that CySA+, Linux+, etc will help us to be better prepared. I'm not talking about 50 CEU's here, I think 15-25 CEU's depending on the cert will be more than fair. Like for example, you are a CASP+ and pass Network+ or Security+ you get 15 CEU's each, you are a CASP+ and pass CySA+ or Cloud+ you get 25 CEU's each.

    Any thoughts?
     
    I don't know if anybody has ever thought of this. When we certify, CompTIA has certain paths and order of certifications that allows you to cover a whole set of certifications if you take an upper level exam. Like for example: you have A+, Network+ and Security+, you pass CySA+and all three certs are renewed. Cool. But not everyone do the certs in order and (please correct me if I'm wrong) CompTIA doesn't give you the chance of earning CEU's for other certs taken.

    I have A+, Network+, Security+, Server+, CySA+, Pentest+ and CASP+..... We all know that CASP+ renews all the previous certs. What I find strange is that I took Linux+ and I can't get CEU's to apply to CASP+. The next cert I'm studying for is Cloud+ and it's the same deal. If we look at those 2 certs and how they can enhance my skill set as a CASP+ I can think of:
    • Comprehensive Security Architecture: Both Cloud+ and Linux+ provide practical skills for designing, implementing, and managing secure environments across on-premises, cloud, and hybrid setups, directly supporting CASP+'s focus on enterprise security.
    • Improved Risk Management: The combined knowledge from these certifications equips a CASP+ professional with a holistic view of potential risks in cloud and Linux environments, enabling more effective risk assessment and mitigation strategies.
    • Enhanced Incident Response and Automation: Proficiency in Linux and cloud automation tools enables the creation of efficient incident response mechanisms, aligning with CASP+'s emphasis on response strategies and automation to enhance security operations.
    • Interoperability and Integration: Mastery of cloud and Linux systems supports CASP+ professionals in integrating various security solutions, ensuring interoperability while maintaining a strong security posture.
    So, why doesn't CompTIA give us CEU's no matter in what order you take the certifications? In the end every test we take enhances our knowledge base. If you just have CASP+ we all know that CySA+, Linux+, etc will help us to be better prepared. I'm not talking about 50 CEU's here, I think 15-25 CEU's depending on the cert will be more than fair. Like for example, you are a CASP+ and pass Network+ or Security+ you get 15 CEU's each, you are a CASP+ and pass CySA+ or Cloud+ you get 25 CEU's each.

    Any thoughts?
    You've raised a very interesting point about CompTIA’s CEU (Continuing Education Unit) system. The way they currently structure renewals and CEUs doesn't fully account for the cumulative knowledge and advanced skills gained by taking certifications out of order or beyond what renews the baseline certifications.

    Your perspective on how certifications like Linux+ and Cloud+ enhance the skills of a CASP+ holder is spot on. These certifications do provide practical, in-depth knowledge that directly applies to the broader enterprise security and architecture focus of CASP+. Incorporating those skills helps a CASP+ professional better manage risks, enhance incident response, and design secure systems in various environments, including cloud and on-premises infrastructures.

    However, the current CEU system seems designed around the idea that higher-level certs automatically encompass the knowledge of lower-level certs, which is why CASP+ renews all previous certifications. But for certifications like Linux+ and Cloud+, CompTIA doesn't seem to recognize them as direct renewals for CASP+ or other higher-level certifications, despite their relevance.

    Your suggestion of offering partial CEUs for other relevant certifications makes sense. Allowing 15-25 CEUs for passing additional certs like CySA+, Linux+, or Cloud+ would encourage broader learning while giving professionals like yourself credit for expanding your expertise in ways that directly benefit your role as a CASP+ certified individual.

    It might be worth providing this feedback directly to CompTIA. Given the evolution of roles in IT, cybersecurity, and cloud environments, they might see value in revisiting their CEU structure to recognize these certifications' real-world relevance and the additional expertise they bring.

    Do you feel that this CEU adjustment would also help in motivating people to pursue more specialized certs without the constraint of order?
     
    Do you feel that this CEU adjustment would also help in motivating people to pursue more specialized certs without the constraint of order?
    I certainly do, IT doesn't have a cut and dry path. You can start with Network+ and then move to Linux+ because your job requires it. Then you decide to move into a managerial area and get Project+ and end up with CASP+. Years go by and you decide to become a SOC analyst and Security+ and CySA+ become an interesting and needed choice, but Boom, they don't count as CEU's. Everything nurtures everything, this certs are not exclusive or isolated from one another. In my case I went A+, Network+, Server+, Security+ (all lifetime), but then moved into CySA+, Pentest+ and CASP+, finally I took Linux+. Linux skills are required for a person that perform duties associated with all certs mentioned! And you tell me I don't get CEU's?. You are making me spend too much money to maintain my status as CASP+ plus I have to deal with Linux+ too. Yes, Cloud+ re certifies Linux+ but in the end I think this needs to be reviewed. We should get CEU's no matter the order of certs, then once we reach CASP+ we need to work only for CASP+ and that applies all the way down with no exceptions on tests. This is more logical and people won't go for certs thinking of a specific order, they get them based on job requirements.
     
    Last edited:
    • Like
    Reactions: precious
    You're absolutely right that the career paths in IT are highly dynamic and personalized based on job requirements. It’s not a one-size-fits-all journey where certifications are taken in a linear order. You’ve outlined a great case for why CompTIA should revisit how they handle CEUs, especially for professionals like yourself who accumulate knowledge from various certifications to meet real-world demands.

    Your point about certifications nurturing each other is key. The knowledge gained from each cert builds a more well-rounded professional, and none of these certs should be seen in isolation. It's clear that IT professionals are often required to adapt, whether by diving into Linux for server management, moving into cloud security, or shifting into managerial or specialized SOC roles. In this ever-changing environment, it’s more logical for the CEU system to reflect how professionals naturally gain and apply their skills, rather than forcing them to stick to a rigid certification path.

    By having a flexible CEU system that applies to all relevant certifications, regardless of the order, professionals wouldn’t have to focus solely on "what cert renews what" but on "what cert enhances my skills the most." This approach would also alleviate the financial and time burden of maintaining multiple certifications separately.

    Your feedback could inspire meaningful change in the industry if it gains enough attention from certification bodies like CompTIA.
    I certainly do, IT doesn't have a cut and dry path. You can start with Network+ and then move to Linux+ because your job requires it. Then you decide to move into a managerial area and get Project+ and end up with CASP+. Years go by and you decide to become a SOC analyst and Security+ and CySA+ become an interesting, but Boom, they don't count as CEU's. Everything nurtures everything, this certs are not exclusive or isolated from one another. In my case I went A+, Network+, Server+, Security+ (all lifetime), but then moved into CySA+, Pentest+ and CASP+, finally I took Linux+. Linux skills are required for a person that perform duties associate with all certs mentioned! And you tell me I don't get CEU's?. You are making me spend too much money to maintain my status as CASP+ plus I have to deal with Linux+ too. Yes, Cloud+ re certifies Linux+ but in the end I think this needs to be reviewed. We should get CEU's no matter the order of certs, then once we reach CASP+ we need to work only for CASP+ and that applies all the way down with no exceptions on tests. This is more logical and people won't go for certs thinking of a specific order, they get them based on job requirements.
    You're absolutely right that the career paths in IT are highly dynamic and personalized based on job requirements. It’s not a one-size-fits-all journey where certifications are taken in a linear order. You’ve outlined a great case for why CompTIA should revisit how they handle CEUs, especially for professionals like yourself who accumulate knowledge from various certifications to meet real-world demands.

    Your point about certifications nurturing each other is key. The knowledge gained from each cert builds a more well-rounded professional, and none of these certs should be seen in isolation. It's clear that IT professionals are often required to adapt, whether by diving into Linux for server management, moving into cloud security, or shifting into managerial or specialized SOC roles. In this ever-changing environment, it’s more logical for the CEU system to reflect how professionals naturally gain and apply their skills, rather than forcing them to stick to a rigid certification path.

    By having a flexible CEU system that applies to all relevant certifications, regardless of the order, professionals wouldn’t have to focus solely on "what cert renews what" but on "what cert enhances my skills the most." This approach would also alleviate the financial and time burden of maintaining multiple certifications separately.

    Your feedback could inspire meaningful change in the industry if it gains enough attention from CompTIA.
     
    • Like
    Reactions: Jose A Ruiz Marquez
    By having a flexible CEU system that applies to all relevant certifications, regardless of the order, professionals wouldn’t have to focus solely on "what cert renews what" but on "what cert enhances my skills the most." This approach would also alleviate the financial and time burden of maintaining multiple certifications separately.
    Yes, and like I said, it doesn't have to be a ton of CEU's, core certs 15 CEU's, specialization like Cloud, Linux, Server, CySA, Pentest 25 CEU's, they should start somewhere and then add Data+ and DataSys+ in the end we all need to manage data theses days, not only logs and scripts. We need to know how to query a DB, clean raw data etc.... Again, everything is integrated and there is no way you can unlink these certs, knowledge and the skills they measure.
     
    • Like
    Reactions: precious
    By having a flexible CEU system that applies to all relevant certifications, regardless of the order, professionals wouldn’t have to focus solely on "what cert renews what" but on "what cert enhances my skills the most." This approach would also alleviate the financial and time burden of maintaining multiple certifications separately.
    You said it perfectly! You move where your professional journey naturally takes you, not towards a 1 2 3 4 5 6 scheme designed to cost you more money if you deviate from it, or more money because in order to get the cert you actually need you have to get another one that right now does not apply to your current role or real experience so you don't loose the chance to get re certified by the higher cert. This makes the process a mere game and fosters the "get certs without real experience or need" syndrome......
     
    • Like
    Reactions: precious
    Yes, and like I said, it doesn't have to be a ton of CEU's, core certs 15 CEU's, specialization like Cloud, Linux, Server, CySA, Pentest 25 CEU's, they should start somewhere and then add Data+ and DataSys+ in the end we all need to manage data theses days, not only logs and scripts. We need to know how to query a DB, clean raw data etc.... Again, everything is integrated and there is no way you can unlink these certs, knowledge and the skills they measure.
    Jose is raising excellent points here. Thanks. Even though I work part time for CompTIA I'm not in a position to speak for the program managers or leadership. I will say that I know program manager and leadership work with many external stakeholders like different government and commercial regulators as well as many companies that employ certified individuals. I continue to be impressed with how they are working with these stake holders and trying to shape the CompTIA offerings to meet or exceed their requirements. CompTIA recognizes just about every other established certification program when it comes to CEUs and renewals. It would seem easy for CompTIA to acknowledge CEUs for their own programs. I see CompTIA not granting credit for other CompTIA programs as an example of how far they go to meet these stakeholder requirements.

    I believe what we are are seeing right now is amazing when some enlightened employers recognize count on specialized certification programs (like those from CompTIA) as opposed to requiring hire candidates possess credentials from a traditional higher education degree programs.
     
    • Like
    Reactions: precious
    It would seem easy for CompTIA to acknowledge CEUs for their own programs. I see CompTIA not granting credit for other CompTIA programs as an example of how far they go to meet these stakeholder requirements.
    I think in the end it may harm us as candidates. I get certified because my employer has an agreement with CompTIA for Cert Master / Test Out / Vouchers. Not everyone has this opportunity. But if this ends the only cert that I will renew will be CASP / Security X and will loose Cloud and Linux even though I use Linux every day because it will be too much money. I think they should do like ISACA where every cert renews every cert no matter the order. Or come up with an order that is fully ascending and once you reach the top cert in any order that top cert will renew every other cert below, like Project+, Data+, A+, Network+, Security+, Server+, Linux+, Cloud+, Pentest+, CySA+, and then CASP+.
     
    Last edited:
    • Like
    Reactions: MBA and Brian Ford
    I think in the end it may harm us as candidates. I get certified because my employer has an agreement with CompTIA for Cert Master / Test Out / Vouchers. Not everyone has this opportunity. But if this ends the only cert that I will renew will be CASP / Security X and will loose Cloud and Linux even though I use Linux every day because it will be too much money. I think they should do like ISACA where every cert renews every cert no matter the order. That is working for the people, not the stakeholders. In the end we are the ones who get certified, not them....
    I appreciate your view but SecurityX is an advanced cybersecurity certification. Cloud+ and a future CloudX are focused on cloud technologies and only cover a small portion of the cybersecurity objectives. Linux+ has that similar small overlaps.

    I ran into this issue years ago when I held the Cisco CCIE certification. It required a tremendous amount of work, months of study and prep, and a multi day practical lab exam. I renewed that 3 times (covering 9 years). When my career moved away from networking and towards cybersecurity I had a choice. Pursue CISSP, CISM, CompTIA certs (and Cisco security specialties) or maintain CCIE. I chose to allow my CCIE to lapse.
     
    • Like
    Reactions: precious
    I appreciate your view but SecurityX is an advanced cybersecurity certification. Cloud+ and a future CloudX are focused on cloud technologies and only cover a small portion of the cybersecurity objectives. Linux+ has that similar small overlaps.
    Exactly, that's why I think CompTIA should give partial CEU's 15-20 per cert towards your top cert, because they are not 100% aligned but also, they are not 100% unrelated
     
    • Like
    Reactions: precious
    Some CompTIA exams give partial CEUs.


    Some CompTIA exams give full CEUs.


    CASP+ gives 25 CEUs for Cloud+ but none for Linux+. Both CySA+ and PenTest+ give 33 CEUs for Cloud+ but none for Linux+. Cloud+ fully renews Liinux+. So technically, if you pass CySA+ (33 CEUs) and PenTest+ (33 CEUs), you have 66 CEUs for Cloud+, which would then renew your Linux+. CASP+ would renew the entire stack.

    Linux+ and Cloud+ don't give CEUs for CASP+ because CEUs renew down not up.
     
    CASP+ gives 25 CEUs for Cloud+ but none for Linux+. Both CySA+ and PenTest+ give 33 CEUs for Cloud+ but none for Linux+. Cloud+ fully renews Liinux+. So technically, if you pass CySA+ (33 CEUs) and PenTest+ (33 CEUs), you have 66 CEUs for Cloud+, which would then renew your Linux+. CASP+ would renew the entire stack.

    Linux+ and Cloud+ don't give CEUs for CASP+ because CEUs renew down not up.
    Thank you so much for taking the time to find this! I already hold the trifecta (A+, Network+, Security+), along with Pentest+, CySA+, and CASP+. I recently passed Linux+, and I plan to earn Cloud+ around Christmas, which will automatically renew Linux+. For the Cloud+ CEUs, I’m thinking of using CertMaster materials from CySA+ and Pentest+. Each offers 25 CEUs, so with both, I can meet the full 50 CEU requirement for Cloud+ and simultaneously renew Linux+. Fortunately, I have access to these resources through my academic partnership. For both CySA+ and Pentest+, I took the exams when I was about 90% through the courses, so once I earn Cloud+, I can complete the CertMaster courses and use them for the necessary CEUs.

    I believe CompTIA should consider allowing CEUs earned from any certification to count toward the renewal of any other certification, including CASP+. Certifications often encompass related knowledge, and CASP+—while an advanced security certification—is still for practitioners. If you're CASP+ certified but not proficient in Linux, it won't reflect well on your expertise. Acquiring Linux+ knowledge, for example, would significantly enhance your abilities as a CASP+ professional. In my experience, I’ve worked with CISSP-certified individuals who couldn't perform basic tasks, such as configuring an IP address. While I understand CISSP is meant for managerial roles rather than hands-on practitioners, there’s a gap between theory and practical skills.

    ISACA has a compelling model in this regard: any certification renews any certification. At my job, they’re encouraging me to pursue both CISM and CRISC with employer sponsorship. When I spoke with an ISACA representative today, they explained that certification order doesn’t matter. Whether it's CISA renewing CISM or vice versa, any cert renews another. They also offer CEUs for a wide range of topics; even a certificate in IoT Fundamentals earns you CEUs toward CISA, CRISC, CISM, etc. Their philosophy is that knowledge is knowledge, and I agree. CompTIA’s CEU and renewal model could benefit from similar flexibility. Improving it would serve everyone in the community, fostering broader skill development across certifications.
     
    Last edited:
    I'll have to disagree with you slightly. Going backward and getting a lesser certification does not help with an expert-level certification. Especially if the overlap between the two is marginal.
    It depends. If you lack foundational skills in networking, Linux, or SOC operations and jump straight to earning CASP+, you might be setting yourself up for a challenge. Unlike certifications from ISACA or CISSP, where you need to demonstrate real-world experience to become certified, CompTIA doesn’t require that same level of hands-on proof. So, without those foundational skills, you could find yourself with a certification that you’re not fully equipped to back up. What happens when you’re working alongside people who have the technical expertise but are just missing a few certifications? In the field, they might wonder why someone pursued a high-level cert like CASP+ without first building those essential skills. I’ve been in situations where I thought, "How can this person be in a supervisory role if they can’t even perform the basic tasks of my job?"

    Improving your Linux skills, for instance, is a smart and necessary step for anyone who has taken the leap into earning CASP+. It’s only fair that this kind of effort be rewarded with CEUs because you’re truly expanding your skill set. At the end of the day, all knowledge is a valuable investment, whether you have to move up or down the certification ladder to acquire it. The key is building a strong, holistic foundation that supports not only your certifications but also your real-world effectiveness.
     
    • Like
    Reactions: precious
    Maybe we’re approaching this exchange of ideas from two different perspectives—you’re focusing on what’s required to pass the exam, while I’m looking at it from the viewpoint of actual fieldwork and practical responsibilities of the certified person. So it's good to mention that one of the biggest challenges during the CASP+ exam was the Linux virtual machine task. It was a real "giant killer" for many candidates because without a decent Linux experience, navigating that portion of the exam was extremely difficult. That task really underscored how essential Linux skills are for CASP+ practitioners working in the field. I know a few people that took the exam 3 times and they claimed their "wall" was that VM. I heard they got it out of the exam to make it easier to pass. For me that VM was an easy task on the test.

    Like you explained, CISSP and CISM, focus more on managerial responsibilities, but CASP+ often requires practical technical skills to implement and troubleshoot security solutions. In my day-to-day work, many cybersecurity tasks—especially in SOC environments or during vulnerability assessments—require Linux skills. Unfortunately, I became Linux+ certified after I earned my CASP+, so due to CompTIA’s CEU structure, it’s a bit harder to use CEUs from Linux+ to count toward my CASP+ renewal. But reading the information you provided is helping me clear the water regarding how I can get the CEU's without hurting my pocket too much.
     
    Last edited:
    • Like
    Reactions: precious
    Maybe we’re approaching this exchange of ideas from two different perspectives—you’re focusing on what’s required to pass the exam, while I’m looking at it from the viewpoint of actual fieldwork and practical responsibilities of the certified person. So it's good to mention that one of the biggest challenges during the CASP+ exam was the Linux virtual machine task. It was a real "giant killer" for many candidates because without a decent Linux experience, navigating that portion of the exam was extremely difficult. That task really underscored how essential Linux skills are for CASP+ practitioners working in the field. I know a few people that took the exam 3 times and they claimed their "wall" was that VM. I heard they got it out of the exam to make it easier to pass. For me that VM was an easy task on the test.
    I skipped the question entirely because I didn't realize that I wouldn't be able to review it later. I never even read the scenario.

    It didn't matter because I passed the exam without even reading it. It must have not been that essential.

    Like you explained, CISSP and CISM, focus more on managerial responsibilities, but CASP+ often requires practical technical skills to implement and troubleshoot security solutions. In my day-to-day work, many cybersecurity tasks—especially in SOC environments or during vulnerability assessments—require Linux skills. Unfortunately, I became Linux+ certified after I earned my CASP+, so due to CompTIA’s CEU structure, it’s a bit harder to use CEUs from Linux+ to count toward my CASP+ renewal. But reading the information you provided is helping me clear the water regarding how I can get the CEU's without hurting my pocket too much.

    CASP+ was intended for professionals with 10+ years of experience. At that point, hands-on work tends to decrease, and managerial work tends to increase. It's considered above traditional SOC work. Those skills can be developed with CySA.
     
    • Like
    Reactions: precious
    I skipped the question entirely because I didn't realize that I wouldn't be able to review it later. I never even read the scenario.

    It didn't matter because I passed the exam without even reading it. It must have not been that essential.
    Interesting, you're the first person I've heard of who passed that exam while skipping that section entirely. Most stories point to that as a significant part, especially in the simulation. Did you take the regular exam or the beta version?
     
    Last edited:
    • Like
    Reactions: precious
    CASP+ was intended for professionals with 10+ years of experience. At that point, hands-on work tends to decrease, and managerial work tends to increase. It's considered above traditional SOC work. Those skills can be developed with CySA.
    I supervise people, but I’ve maintained hands-on involvement, just like many others I know. In my experience, I’m often the one the CISSP or CISM call on to do the heavy lifting, even though we work on the same floor and are seen as part of the top-level IT/cybersecurity chain, where managerial duties are typically expected. We’re clearly coming from different perspectives, and that’s normal—no two IT professionals take the same path. Regardless of how many letters are after my name, I’m on the side that knows how to do the work and actually gets it done.

    To pass CySA+, a solid understanding of Linux+ is crucial. Once again, you're focusing on the test-taking aspect, which some people on platforms like YouTube claim they can pass in just two weeks without any prior experience, relying on memorization rather than actual knowledge even though CompTIA says the test is for a 10 year old veteran. And if they pass it they can use the credential because you don't have to prove those 10 years of experience. My point is simple: if you're genuinely working in IT on a 9-5, any additional knowledge you acquire and validate through certification should be recognized, regardless of the certification level, as it complements your practical experience. The CompTIA model is good, but there is always room for improvement.
     
    Last edited:
    • Like
    Reactions: precious
    Interesting, you're the first person I've heard of who passed that exam while skipping that section entirely. Most stories point to that as a significant part, especially in the simulation. Did you take the regular exam or the beta version?
    I took the regular exam. People speculate on the grading of exam questions and make unsupported assumptions. I didn't even read the scenario and I passed the exam. It was not a make-or-break question. The same is true for PBQs on the other exams. If you do well on the multiple-choice questions, you can easily pass every CompTIA exam without answering a single PBQ.