In regards to the CISSP experience requirement, how creative can you get with it?

I work day in and day out looking after a variety of SMB clients. Doing absolutely everything. Including security related stuff like locking down firewalls. Implementing security policies, designing disaster recovery plans etc.

I basically cover all 10 knowledge areas... but my job title does not infer security.

Good luck, I didn't find it hard but it wasn't as challenging as some of the other certs I've done.

I would recommend something like Network+ to begin with. Unless you are also interested in hardware as well then I would begin with A+ and then Network+ from Comptia.

Then I would suggest progressing to CCNA. Networking is so fundamental to so many computer system stuff now that I am surprised day in and day out how many people who work in IT don't know anything about networking.

Once you have sufficient networking skills I would suggest learning about linux. If you want to pentest you need to know your way around linux. I did RHCT for linux and I really recommend it but it is pricey.

Then I suggest dabbling into a bit about programming and scripting and windows software. At this point you don't need to be a masterful programmer. You just need to know the basics so that you can construct your own scripts and be able to read code and figure out how an exploit works.

Then at this point I suggest really getting into the basics of pen testing and there are a lot of excellent courses out there.

Disconnect from network. Reinstall windows. No point changing ISPs or changing IPs beccause if you continue to use the same websites they'll find your new IP anyway.

Secure your box and then reconnect back to the net.

I think the security+ cert is great. Simply because it can count towards a cross credit for so many other things.

One of my first certs CCNA took me 3 tries lol!

Anyways good job

If you book with vue you don't need a code.

I didn't find my exam having many factual errors. I reviewed the questions I knew that I didn't know the answer to and some of them were surprising in terms of the answer

Bit confused... so are you the guy who got off the bus?

Ordered, although I ended up not saving much because they jacked up pricing for my local region compared to the USD cost 

Anyone going? I got my ticket and  my hoodie sorted.

Learning how to lockpick now to get the caaaaaaaash

 

I have a safari books online sub, which I fulfiils most of my needs for access to books. Hopefully Syngress will add your book so that I can read it.

However I am interested in what's included on the DVD? I won't have access to the DVD through safari so I might be tempted to purchase a hard copy if there is something to entice me on the DVD.

I'm doing CEPT and ECSA atm. Since I passed VCP two weeks ago.

Personally my lab at home consists mainly of two things.

I run all my OS's on VMware fusion on my MBP. With 4 gigs of ram I can do most things quite well. I also run backtrack as a fusion image.
For wireless testing, I simply plug in a USB WiFi card into Fusion and it bridges it over to Backtrack.

For cisco related stuff I run dynagen on my home desktop, which is an opteron 175 with 4 gigs.

Honestly fusion has made testing and labwork a breeze for me.

If you don't want to run a mac my suggestion would be to use a linux host and run something like KVM, or virtualbox etc. I personally don't recommend using windows as a host OS.

Backtrack is the linux distro geared towards security, it has its roots in two different linux distros. Backtrack version 1-3 were livecd's with some capacity to be installed.

Backtrack 4 is the first version geared towards permanent installation whilst still having its very useful livecd functionality.

Offensive Security is the official course material designed to train you in the use of backtrack. Of course there is extra stuff in there some of it not related to backtrack (ie. Core Impact) but that is because Offensive security is not just about backtrack.

IMO how much you get out of OS101 depends on your background and how tech savvy you are. If you know quite a bit about networking, programming etc, it will be dead easy. If you are lacking both, it will be challenging.

Before I took OS101 I had a background working with windows, although I am trained as a network engineer and I have RHCT training for server administration. Therefore I found it quite simple to follow. I lacked programming expertise and those modules were the hardest for me to understand.

They are selective and if you provide them with inconsistent information like you have then they simply refuse training.