- This topic has 19 replies, 12 voices, and was last updated 11 years, 2 months ago by
KamiCrazy.
-
AuthorPosts
-
-
November 3, 2009 at 1:01 pm #4388
dimo
ParticipantHi recently passed ceh with 85% ;D and I would like to get a more direct plan of action for next steps in the security certification area,
I now have c|hfi and c|eh , I have read a fair bit of security+ but now I’m a bit confused as to which exam I should sit, the sy0 201 (which is listed as 2008) or sy0 101 (which many people think is expiring any day) . Comptia haven’t bothered replying to emails I’ve sent looking for confirmation….
can anyone shed light on this….. my basic question for comptia is should I prepare for the sy0-201 exam!I’m also considering ccna security , again don’t know enough about what cisco people think of this, should I got cissp?
and then theres taking a microsoft security whats the quickest ? I’ve come from 13 years in Ops to security recently.
any suggestions guys
-
November 3, 2009 at 3:09 pm #27691
Anonymous
Participantmany people go for ECSA/LPT after clearing the CEH .
I think its very good step to fill the GAP between CEH and CISSP.If you have less than 4 years experience in two security domains ,CISSP is not an option for you.
-
November 3, 2009 at 10:02 pm #27692
impelse
ParticipantCongrats with your pass, Security+ will be ok too.
-
November 4, 2009 at 1:50 am #27693
dynamik
ParticipantCelebrate, of course 😉
Why not move on to the OSCP?
-
November 4, 2009 at 1:56 am #27694
jason
ParticipantSec+ would be a good choice. It’s one of the certs that will knock a year off of the experience requirement for the CISSP.
-
November 4, 2009 at 2:28 am #27695
Grendel
ParticipantI would also agree – the Security+ is a good one. If you are thinking about the CCSP, that’s going to take some time. I’ve mulled it over myself, but it’s certainly not something I would do on a whim (not saying you are – it’s just a lot of studying and hands-on experience, and I’m not sure I’d keep my interest going for that long).
Anyway, that’s my two copper pieces.
– Tom
-
November 4, 2009 at 2:30 am #27696
KamiCrazy
ParticipantI’m doing CEPT and ECSA atm. Since I passed VCP two weeks ago.
-
November 5, 2009 at 10:16 pm #27697
blackazarro
ParticipantSecurity+ is a good choice and you should definitely try Offensive Security OSCP, I had a lot fun with that one plus what this course will teach you will stick with you for a long time. Also, after acquiring these, go for the CISSP which is considered a golden standard in information security certification. I’m going to take the CISSP exam this weekend. I haven’t studied much because I’ve been busy lately, but let see how it goes.
-
November 7, 2009 at 2:31 pm #27698
dimo
Participant@blackazarro wrote:
Security+ is a good choice and you should definitely try Offensive Security OSCP, I had a lot fun with that one plus what this course will teach you will stick with you for a long time. Also, after acquiring these, go for the CISSP which is considered a golden standard in information security certification. I’m going to take the CISSP exam this weekend. I haven’t studied much because I’ve been busy lately, but let see how it goes.
thank you blackazarro hope the cissp goes well, I wasn’t really aware of the OSCP it sounds really interesting. I do think I’ll go with security + I’ve taken in a lot of their requirement with ec council stuff , am reading a bit about ccna security also but comptia is next I’d say, :-
-
November 7, 2009 at 3:20 pm #27699
-
November 7, 2009 at 3:32 pm #27700
dynamik
ParticipantGood luck! You should find it to be fairly straight-forward.
I can’t tell if you have a CCNA, but that’s a prerequisite for the CCNA:S.
-
November 9, 2009 at 9:00 pm #27701
slimjim100
ParticipantI would recommend the Security+ as it will not expire on you and it’s recognized by just about everyone. The Sec+ is also an elective on many other Security certs and the DoD requires it on most IS roles now. I think it gives you the most bang for your buck.
Cheers,
Brian
-
November 12, 2009 at 11:57 am #27702
UNIX
Participantdimo, may I ask which materials you used for studying for the CEH exam? 🙂
As already suggested by others, I too think that Sec+ would be a good choice to do, especially if you want to go for CISSP as well. In terms of other certs I would just do the ones you are interested in.
blackazarro: Do you already know if you have passed? 🙂
-
November 12, 2009 at 2:44 pm #27703
blackazarro
Participantblackazarro: Do you already know if you have passed?
I don’t know yet. I took the test last Saturday and boy it was exhausting. Sitting there for six hours and doing 250 questions is tough and not to say that the questions were tough enough. I basically spent 2 minutes for each question until after 2 to 3 hours into the exam I’ve noticed I was trailing behind which then I started to speed it up and answered the questions more quickly if I wanted to complete the exam on time.
I’ve heard that it takes about a month for you to know if you passed the exam so I should get an answer by December. Let see how it goes, cause after taking the exam, I feel that I failed it.
-
November 12, 2009 at 7:19 pm #27704
dimo
Participant@awesec wrote:
dimo, may I ask which materials you used for studying for the CEH exam? 🙂
hi awesec , of course I should have given more detail for others interested in sitting,,,,, so here goes…
The CEH Prep Guide: The Comprehensive Guide to Certified Ethical Hacking
by Ronald L. Krutz (Author), Russell Dean Vines (Author) is what I used more recently,I started out with Certified Ethical Hacker Exam Prep
by Michael Gregg (Author) , this was good but I think the krutzvines book was better,
I’d advise anyone looking at CEH to know what the main tools are about, snort,nmap,net cat etherealand the switches used, then attacks buffer overflows-loads of questions on this even though they were mainly ‘what attack is this-from an example’ type questions…. sql injections also.To be fair to ec council the exam questions your knowledge on the different stages of hacking i.e. information gathering through to covering your tracks so you should concentrate on what tools get you from start to finish or at least understand the concept .
The key for me in final prep for the exam is covering example questions, you can study security from now until the cows come home but you will need to understand the nature of the questions being asked , that is….how will I be examined, and if you’re like me get into the habit of timing yourself and running through 150 examples within the time, keep moving along come back to what you don’t know later but don’t go back changing loads of questions, it’s been proven to undo correct ones 🙂look at the net and books to see the way these are presented and go for it 🙂
-
November 18, 2009 at 10:31 pm #27705
UNIX
ParticipantThanks dimo, I am sure this may help a few others who are interested in CEH and who are looking for additional study materials. 😉
-
November 19, 2009 at 1:12 am #27706
3PIL0GU3
ParticipantRegardless of the requirements for CISSP can’t you still take the exam and become an associate
-
November 19, 2009 at 11:26 am #27707
-
November 19, 2009 at 2:24 pm #27708
3PIL0GU3
Participantahh reallly nice
-
November 24, 2009 at 6:07 am #27709
KamiCrazy
ParticipantIn regards to the CISSP experience requirement, how creative can you get with it?
I work day in and day out looking after a variety of SMB clients. Doing absolutely everything. Including security related stuff like locking down firewalls. Implementing security policies, designing disaster recovery plans etc.
I basically cover all 10 knowledge areas… but my job title does not infer security.
-
-
AuthorPosts
- You must be logged in to reply to this topic.