HomeCalendarCertificationsColumnsFeaturesForumResourcesVitals
 
Image
 
linkedin_logo.png rss_logo.jpg
twitter_logo.png youtube_logo.jpg
Latest Additions
 
EH-Net Login
Welcome Guest.
Lost Password?
No account yet? Register
Who's Online
We have 60 guests and 1 member online
EH-Net News Feeds
Latest Additions
 
Advertisement

You are here: Home arrow Forum arrow Ethical Hacking Discussions and Related Certificationsarrow General Certificationarrow Security certifications
EH-Net
May 26, 2012, 01:32:44 AM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: Advertise on EH-Net!! - Reasonable Rates, Highly Targeted Audience.
 
   Home   Help Calendar Login Register  
Pages: [1] 2   Go Down
« previous next »
  Print  
Author Topic: Security certifications  (Read 8585 times)
0 Members and 1 Guest are viewing this topic.
asterix
Newbie
*
Offline Offline

Posts: 5


View Profile
« on: November 02, 2010, 08:44:31 AM »
Hi Guys,
I have completed a degree in computer science and worked my way up through the ranks from helpdesk to 3rd line support. I have passed Security+ and other Cisco and Microsoft certifications although I'm now thinking of getting out of the technical game but unsure of what roles involving security are available! I'm not in a rush to get out of the technical role and looking to complete a few certs that will allow me to change over. I was thinking that the MCSA: Sec, MCSE: Sec & CCSA/CCSP are the big ones in technical security, and i should now be looking CEH, (ISC)2 and possibly MSC: Infosec. Really feel that i need some guidance in relation to this in respect to Recognition, time it takes to study, cost, prerequisites, required training programs etc.

Regards,
James
Logged
chrisj
Hero Member
*****
Offline Offline

Posts: 997


View Profile
« Reply #1 on: November 02, 2010, 09:17:21 AM »
you've got the Sec+, that's a start. However from there the question should be what aspect of Security do you want to do?

Red team (attack / pentest)
Blue team (defense)
Policy maker (management)

etc.
Logged
OSWP, Sec+
asterix
Newbie
*
Offline Offline

Posts: 5


View Profile
« Reply #2 on: November 02, 2010, 07:23:50 PM »
TBH im not overly sure as haven't had much experience in what's outside the IT support roles, what kinda certs would we be looking at in each of these areas?
Logged
chrisj
Hero Member
*****
Offline Offline

Posts: 997


View Profile
« Reply #3 on: November 02, 2010, 11:46:45 PM »
Red team, CEH, anything Offensive Security, SANS certs
Blue team, firewall certs, incident handler certs , SANS certs
Management CISSP (from what I've heard).
Logged
OSWP, Sec+
asterix
Newbie
*
Offline Offline

Posts: 5


View Profile
« Reply #4 on: November 03, 2010, 08:00:22 AM »
is this the only 3 areas? where does forensics fit into this model?
With exception of Security+ are there any other certifications that provide a fundamental introduction?
Another query is to what 'Value' these certs hold? are some easier yet more recognised than others or approved my other certifications??
Logged
dante
Jr. Member
**
Offline Offline

Posts: 58



View Profile
« Reply #5 on: November 03, 2010, 08:50:12 AM »
Forensics(CHFI) will be under blue team.

One more to the list.
Reverse Engineering - CREA, GREM

Yes there are some certs(CEH) that are more recognized, easier to attain covers fundamentals but does not really say that you can do the job.
Logged
asterix
Newbie
*
Offline Offline

Posts: 5


View Profile
« Reply #6 on: November 04, 2010, 04:54:43 PM »
So the areas of security can be split into the following four areas:
Reverse engineering
Red team
Blue team
Management

Any More?
What does 'Reverse Engineering' actually involve?
Logged
SephStorm
Sr. Member
****
Offline Offline

Posts: 416


View Profile WWW
« Reply #7 on: November 04, 2010, 06:08:00 PM »
For fundamentals you are pretty much looking at Sec+, then either CEH or SANS GSEC for a technical path. I would say that these certs are good foundations for red or blue teamers.

When it comes to management, you can add CISA and CISM to the list, but 9 out of 10 times, the CISSP is good enough.

As for Reverse Engineering, I assume we are talking about reverse engineering malware. Basically finding malicious code and tearing it apart to see how it was written, and possibly how to defend against it. Really, I would throw this under the blue team bus.
Logged
Support my hactivities.
http://www.cafepress.com/TRUEHacker
asterix
Newbie
*
Offline Offline

Posts: 5


View Profile
« Reply #8 on: November 12, 2010, 11:03:47 PM »
Great so i could prob break this down into:

Foundation
Technical Administration (red/Blue team)
Management
Legal??

Does auditing come under management or would this justify its own category? What Certs would you be looking at for Auditing/Legal??
Logged
eternal_security
Newbie
*
Offline Offline

Posts: 36


View Profile
« Reply #9 on: November 16, 2010, 07:16:22 AM »
Quote from: asterix on November 12, 2010, 11:03:47 PM
Great so i could prob break this down into:

Foundation
Technical Administration (red/Blue team)
Management
Legal??

Does auditing come under management or would this justify its own category? What Certs would you be looking at for Auditing/Legal??

Ok, call me stupid and flame me if you want....but what are red and blue team?  I've seen it in several posts, I've heard the terms, but I've never really known what they are.

Thanks!

eternal_security
Logged
aweSEC
Hero Member
*****
Offline Offline

Posts: 1100


View Profile
« Reply #10 on: November 16, 2010, 08:43:07 AM »
Simply put:
Red team = offensive, attacking team
Blue team = defensive team
Logged
eternal_security
Newbie
*
Offline Offline

Posts: 36


View Profile
« Reply #11 on: November 29, 2010, 09:24:50 AM »
Quote from: awesec on November 16, 2010, 08:43:07 AM
Simply put:
Red team = offensive, attacking team
Blue team = defensive team

Thanks awesec.  I know it probably seemed stupid, and I had an idea that they correlated to offensive/defensive teams somehow, but I never really knew.  (Thanks also for not flaming me  Wink  ).

Kind regards,
eternal_security
Logged
SephStorm
Sr. Member
****
Offline Offline

Posts: 416


View Profile WWW
« Reply #12 on: December 01, 2010, 08:14:54 AM »
Asking questions is one step on the path to knowledge. the other is google. Wink (No, not yahoo, google.)
Logged
Support my hactivities.
http://www.cafepress.com/TRUEHacker
Solinus
Newbie
*
Offline Offline

Posts: 31


View Profile
« Reply #13 on: December 02, 2010, 07:33:28 AM »
Quote from: SephStorm on December 01, 2010, 08:14:54 AM
Asking questions is one step on the path to knowledge. the other is google. Wink (No, not yahoo, google.)

Amen!


....I think that the CIW sec analyst is another good, basic foundation cert
Logged
Kerry
MCITP:EA | MCTS(x5) | MCSA+ | MCSE+ | Security + | CCNA | WCSP |
DSCE | PCT |CIW Security Analyst | CSSA
SephStorm
Sr. Member
****
Offline Offline

Posts: 416


View Profile WWW
« Reply #14 on: December 02, 2010, 01:45:30 PM »
I think CIW Sec is a good one too, I was planning on knocking it out before the retirement next year, whether I do or not depends on my schedule.
Logged
Support my hactivities.
http://www.cafepress.com/TRUEHacker
Pages: [1] 2   Go Up
  Print  
« previous next »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.16 | SMF © 2011, Simple Machines
Joomla Bridge by JoomlaHacks.com 		Valid XHTML 1.0! Valid CSS!
Page created in 0.145 seconds with 22 queries.
 

gk_static-ad_feb2012.jpg
Global Knowledge: Build Security Skills to Protect & Defend

els_130x200fixed2.gif
eLearnSecurity Student Course Now Live!
5% Off with Code
ELS-EH-5

SANS Deals 4 EH-Netters
$150 OFF Any SANS Course in Any Format!
Coupon Code: EHN_Connect Including SANS Security West 2012 & SANSFIRE 2012
Recent Forum Topics

cbtnuggets_logo_125.jpg
Try CBT Nuggets Free!

Vote For EH-Net

Add to Technorati Favorites
technorati fave

 
         
Advertisement

© 2012 The Ethical Hacker Network
Joomla! is Free Software released under the GNU/GPL License.