Congratulations!!!

@aphelion

I'm not saying that you MUST start on the helpdesk. What I mean is that you can get a very good baseline of knowledge from the helpdesk positions. There are different types of helpdesks too. You do have the help desks where you are only allowed to read from a script, but you can also get on with a Corporate IT-type helpdesk where you're given more freedom to troubleshoot the issues and less rigid guidelines on your interaction. Its all about finding the right fit for you. I think probably one of the best environments to learn (in my experience, at least) is in a very small shop where you wear a lot of hats (ie. you are the helpdesk, network admin, system admin, application admin, etc.), but that's not for everyone!


@dynamik

I totally agree about the experience requirements of the CISSP. That's actually one of the reasons I don't have my CISSP yet. However, I've seen a number of people around EH-Net (I think j0rdy is one) that have their Associate CISSP. I never really knew that was an option when I first started...

So I will be taking my RHCE next Friday in Dallas. Anyone with experience with RH exams want to share tips/tricks for taking the exam (i.e. time saving tricks) or study methods?

By the way, Redhat is offering access to a virtual lab environment in increments of 1 week for $249 which isn't all that expensive at all. I will be taking advantage of it!

Thanks in advance!

Honestly, and this has been said on many other threads out there, you would probably do best to get a help-desk type of job. It may not be sexy to be on the help-desk, but believe me when I say you will learn A LOT about all the technologies your company uses. This provides you with a baseline of knowledge to work with. It also hones your troubleshooting skills which you will use for the rest of your career!

I would then suggest working a few years at least in an operational role, ie system administrator, application developer, network administrator, etc. This should be based on your interests/skills. By working in this role, you get an understanding of what its like on the "front lines." I've found there are a lot of security-type folks that don't understand the demands on the operations-type folks. (I find myself doing this a lot too.) It also gives you a lot of hands-on training in your role of choice.

As far as certifications go, your best bet is the CISSP. It is recognized throughout the industry as the "gold standard", and a lot of doors will open based just on the one certification. There's nothing wrong with any of the others that you mentioned. They're just not the CISSP. Besides, you will have plenty of time throughout your career to do all of them!

Good luck! And welcome to EH-Net!!!

I guess I would have voted for Sil too if I had known he was gonna kick my ASS!!!!

 

From a Systems Administration standpoint two projects that I've worked on recently that were a lot of fun (and fairly inexpensive) were setting up OSSEC on our PCI segment and Splunk/Syslog-ng SIEM implementation.

If you're not doing log aggregation and monitoring, this can be a huge "quick win." Not only is log monitoring incredibly important for security, it will make misconfigurations glaringly obvious most of the time! Not only will the Security folks be happy, but Operations will get on-board with the project if you can show them how useful a tool it is...

Good luck!

What type of projects? i.e. what is your role?

I do not have my GCIA, dynamic, but I took one of the practice tests about a month ago (trying to figure out if I'm going to challenge it or not). I would suggest reading a Snort book or two. At the very least, read the online documentation for Snort.

I don't believe Wireshark is included in the exam objectives, but Snort definitely is!

Good luck!

Yes. Whether you are challenging the exam or not, you will get 2 practice exams bundled with your certification attempt. The practice exams are very much true to the actual exam from my experience.

If I remember correctly from your original post, you were trying to gain access to the forum as that user. You do not need access to that person's account in order to contact them...

I do believe the "Ethical" part of this website has escaped you.

The easiest way to do this is to boot the box off the install media. (I'm not familiar enough with HP-UX to give you line by line instructions.) Once you have the box up and running off the install media, you will mount the filesystems and edit the /etc/shadow file. Generally, you'll blank the root password, but while you're in there you can find other users. It might be a good idea to blank those passwords as well in case you can't log in directly as root.

HTH

Congratulations!!!

Happy Independence Day for all you American EH-net'ers out there!!!

I hope you and yours have a happy and safe weekend!

Congrats, Dark_Knight!