TryHackMe SEC1 vs COMPTIA Sec+ vs HTB CJCA

For decades, the path to a cybersecurity career was linear: buy a 600-page textbook, memorize port numbers and acronyms, pass a multiple-choice exam, and hope an employer teaches you how to actually use a firewall. CompTIA Security+ has been the undisputed king of this model, the HR Gatekeeper.

But the industry is shifting. Employers are tired of certified candidates who can define SQL Injection but can’t spot one in a log file. Enter the Practical Revolution, led by Hack The Box (HTB) and TryHackMe (THM). Their certifications, the CJCA and SEC1, are effectively anti-exams. They don’t ask you A, B, C, or D; they give you a broken network and tell you to fix it.

What is THM is SEC1

SEC1 is the capstone certification for TryHackMe’s Cyber Security 101 path. Unlike the multiple-choice marathons of the past, SEC1 is 100% practical.

The Format: A 24-hour exam window to complete hands-on tasks. No proctor breathing down your neck, but no “C” for “Charlie” to save you if you don’t know the syntax.

The Scope: It’s a hybrid beast. It covers the Holy Trinity of entry-level cyber: Red (Offensive), Blue (Defensive), and General Ops (Linux/Windows fundamentals).

It feels like a Capture The Flag (CTF) competition that grew up and got a corporate job. You aren’t answering questions about what Nmap is; you are using Nmap to find open ports and answer questions based on the output.

Who Is It For?

This certification is useless for some and gold for others. Find your lane:

The Zero-to-Hero Aspirant: YES.

If you are switching careers (e.g., from retail or accounting), this is your litmus test. If you fail this, you will struggle in a SOC. It validates that you can actually do the work, not just read about it.

The IT Generalist

YES. If you’re a SysAdmin wanting to pivot, this bridges the gap between I manage servers and “I secure servers.”

The Resume Hunter

NO. If you are looking for a cert to bypass HR filters, go get CompTIA Security+. SEC1 has near-zero name recognition with non-technical recruiters right now. It won’t get you past the Applicant Tracking System (ATS), but it might impress the Technical Lead during the interview.

The Experienced Pro

HARD PASS. If you have more than 6 months of real experience or hold an eJPT/OSCP, this is beneath you. Move along.\

👉 THM SAL1 Notes:

TryHackMe SAL1 Study Notes & Guide (Unofficial)

TryHackMe SAL1 Study Notes is designed as a comprehensive guide for cybersecurity beginners and those preparing for the…

CompTIA Security+ (SY0–701)

It is a vocabulary test for the entire security industry. You will cover everything, from Governance, Risk, and Compliance (GRC) to physical security (locks and cameras) and basic cryptography. However, the depth is practically non-existent. You learn that Nmap exists, not how to use it.

The Exam: 90 minutes, ~90 questions. Mostly multiple-choice with a few “Performance-Based Questions” (drag-and-drop simulations) that feel clunky compared to real labs.

The Cost:

• Exam: ~$400 USD (Exam voucher only).
• Training: Extra. Expect to pay $50–$500+ for books/video courses.
• Retake: Full price (~$400) unless you bought insurance.

The Verdict:

• Pros: It is mandated by the U.S. DoD (Directive 8570) and recognized by 99% of recruiters. It is the only cert on this list that will get you past an Applicant Tracking System (ATS) today.
• Cons: It teaches almost zero practical skills. You can pass this exam and still be useless on Day 1 of a job.

HTB Certified Junior Cybersecurity Associate (CJCA)

Hack The Box has a reputation for difficulty, and even their “Junior” cert reflects this.

CJCA is a true hybrid of Red (Offensive) and Blue (Defensive) operations. You are attacking a specific segment of a network to understand the vulnerability, then validating SIEM alerts to see if it was detected.

It focuses heavily on the Analyst workflow assessing risk and writing reports.

The Exam: 100% Hands-on. You are dropped into a virtual environment. You must perform a gray-box pentest and a defensive analysis (SIEM validation). You then have to write a commercial-grade report.

The Cost:

• Exam: ~$105 USD (Voucher).
• Training: Requires HTB Academy “Cubes” or a subscription.
• Non-Students: The “Silver Annual” sub is ~$490 USD/year (includes exam).
• Students: Can access the path for ~$8/month (unbeatable value).

The Verdict:

• Pros: Extremely high respect among technical hiring managers. It proves you can actually do the job. The reporting requirement sets you apart as a professional, not just a script kiddie.
• Cons: Zero recognition with HR/Recruiters (for now). It is harder than Security+ and SEC1.

THM SEC1 vs vs. Security+: Security+ is a vocabulary test; SEC1 is a driving test. You need Security+ to get the interview, but you need SEC1 skills to keep the job. If you can afford both, get Security+ for the resume and SEC1 for the confidence.

THM SEC1 vs vs. eJPT: eJPT is purely offensive. SEC1 provides a more rounded Security Engineer base. If you aren’t sure if you want to attack (Red) or defend (Blue), SEC1 is the superior starting point.

THM SEC1 Cost

When analyzing the TryHackMe SEC1 cost, we aren’t just looking at a price tag; we are looking at a market disruption. In an industry where certification bodies treat candidates like ATMs, TryHackMe has aggressively undercut the competition.

• Standard Price: $149 USD (approximate).
• Subscriber Price: If you are already a Premium member, you typically unlock a discount, bringing the voucher down to roughly $126 USD.
• The “Bundle” Value: This isn’t just an exam fee. The $149 includes 3 months of Premium access to the learning paths (Pre-Security & Cyber Security 101) and one free retake.

To understand why this pricing is aggressive, you have to look at what you aren’t paying for.

The inclusion of a free retake is a direct shot at CompTIA and OffSec. If you fail Security+, you pay another ~$400. If you fail SEC1, you just try again. This relieves the immense “exam day anxiety” that causes many juniors to choke.

No Courseware Fees: Most certifications charge you for the exam, then charge you double for the “official book” or training. With SEC1, the training environment is the platform you already have access to.

From a pure ROI (Return on Investment) perspective, SEC1 is unbeatable. You are effectively paying for a quarter-year of training and getting a certification thrown in for free.

Even if the HR recognition is currently lower than Security+, the cost-to-skill ratio makes it the most logical first step for anyone paying out of their own pocket.

TryHackMe SEC1 Notes

Soon we will release a curated set of study notes for THM SEC1, check out our store regularly to stay tuned

Cyber Security Certification Study Notes | The MasterMind Notes / Motasem Hamdan

The official Cyber Security Certification Study Notes collection for The MasterMind Notes / Motasem Hamdan. Shop…

My Final Verdict

The SEC1 is the certification the industry needs, but not the one it currently rewards.

If you buy this expecting recruiters to flood your LinkedIn inbox, you will be disappointed. However, if you buy this to force yourself to learn actual terminal commands, log analysis, and vulnerability scanning in a pressurized environment, it is worth every penny.

Strategy: Put Security+ on your resume header to satisfy the HR algorithm. Put TryHackMe SEC1 in your Projects/Skills section and talk about it during the technical interview.

Tell the hiring manager, I don’t just know what a SQL injection is; I exploited one in a live environment during my SEC1 exam. That is how you win.