Advice

[chadness1]

Hello,

My name is Chad and this is my first post here, I was wondering what certification should I go for, my choices are Sec+, GCIH, GCIA, or CEH, I can see myself in any of these types of roles, I am working on my Bachelors in Information Assurance and Security, but I also want to have a certification, I plan on moving to DC after I graduate and want to have something more than a degree for I to hit the ground running, I am a college student and I am limited on funds, so taking an $2-3k class is impossible unless Sallie Mae going to pay for it.

[ajohnson]

Welcome to the forums.

I'd say self-study Security+ and then either self-study CEH or get the eLearnSecurity course. Unless you have previous experience, the GCIH and GCIA would probably be too advanced, even with the courseware/instruction.

[3xban]

agree on the GIAC courses, they are certainly up there in difficulty.  Not to say you couldn't pass them but as you said, the courses are not cheap.  $3-4K is the average 5-6 day SANS course.  Find a good company who will invest in you then go for the courses   Sec+, CEH or the eLearning course would be a good place to start.  I am taking the eLearning eCPPT course now and it is pretty good.  It covers networking, systems and Web App security.  It flows nicely and has some decent videos.  Not too mention for 600 bucks you get life time access to the material.  So you get the full course, labs (though its more like a download of Backtrack with some setup instructions), videos and you get the exam included. 

[chadness1]

Thanks, that helps out a lot, how do you like the eLearning eCPPT course? when do you plan on taking the certification?

[ajohnson]

Thanks, that helps out a lot, how do you like the eLearning eCPPT course? when do you plan on taking the certification?

Jason did a review here: http://www.ethicalhacker.net/content/view/307/24/

Personally, I would have been a bit more critical. It's done by an Italian company, and the spelling and grammatical errors were too frequent for my liking. The technical content was pretty good, but it could have used a more polish overall. I know it's not practical to cover everything in detail, but like in the shellcode section, you just copy and paste the shellcode without any explanation (even high-level) of what it's doing. I thought some of the areas could have used a bit more meat. The exam also only covers the web app material, not the entire course. Having said that, I think it's a great value for the price. I think it's a great overview-style course for beginners.

[chadness1]

Ok sounds good, I need to read the forum on it more.

Thanks

[hayabusa]

Yeah, CEH and the others are good for 'information,' but if you want to do any hands-on, I think eCPPT is a good cert to start out with, for beginners.

[Joshsevo]

Tons of Govt contractors are needing people certified in the DoD 8570 before they hire you.

So getting certs like
Security+
Net+
CEH
CCNA

This will at the very least get you an interview.

[ElCapitan]

I agree... I would go for the Security+. Not a gold standard, but will certainly set you out from the field as a college recruit. As a bonus, you might learn something from studying for it.

If you buy 2 Sec+ books, download some free tools, get a few Linux and Windows VMs, you should have enough to get you prepared.

[chadness1]

Thanks guys, this really helps out a lot, I am starting to think that certs weighs more then the degree when actually trying to be in a technical role, and not a manager role, and trying to play catch up...