- This topic has 19 replies, 12 voices, and was last updated 10 years, 10 months ago by
.
-
Posts
-
-
Hi recently passed ceh with 85% ;D and I would like to get a more direct plan of action for next steps in the security certification area,
I now have c|hfi and c|eh , I have read a fair bit of security+ but now I’m a bit confused as to which exam I should sit, the sy0 201 (which is listed as 2008) or sy0 101 (which many people think is expiring any day) . Comptia haven’t bothered replying to emails I’ve sent looking for confirmation….
can anyone shed light on this….. my basic question for comptia is should I prepare for the sy0-201 exam!I’m also considering ccna security , again don’t know enough about what cisco people think of this, should I got cissp?
and then theres taking a microsoft security whats the quickest ? I’ve come from 13 years in Ops to security recently.
any suggestions guys
-
-
-
-
-
I would also agree – the Security+ is a good one. If you are thinking about the CCSP, that’s going to take some time. I’ve mulled it over myself, but it’s certainly not something I would do on a whim (not saying you are – it’s just a lot of studying and hands-on experience, and I’m not sure I’d keep my interest going for that long).
Anyway, that’s my two copper pieces.
– Tom
-
-
Security+ is a good choice and you should definitely try Offensive Security OSCP, I had a lot fun with that one plus what this course will teach you will stick with you for a long time. Also, after acquiring these, go for the CISSP which is considered a golden standard in information security certification. I’m going to take the CISSP exam this weekend. I haven’t studied much because I’ve been busy lately, but let see how it goes.
-
@blackazarro wrote:
Security+ is a good choice and you should definitely try Offensive Security OSCP, I had a lot fun with that one plus what this course will teach you will stick with you for a long time. Also, after acquiring these, go for the CISSP which is considered a golden standard in information security certification. I’m going to take the CISSP exam this weekend. I haven’t studied much because I’ve been busy lately, but let see how it goes.
thank you blackazarro hope the cissp goes well, I wasn’t really aware of the OSCP it sounds really interesting. I do think I’ll go with security + I’ve taken in a lot of their requirement with ec council stuff , am reading a bit about ccna security also but comptia is next I’d say, :-
-
@jason wrote:
Sec+ would be a good choice. It’s one of the certs that will knock a year off of the experience requirement for the CISSP.
thanks to all that responded, appreciate the advice,
-
-
-
dimo, may I ask which materials you used for studying for the CEH exam? 🙂
As already suggested by others, I too think that Sec+ would be a good choice to do, especially if you want to go for CISSP as well. In terms of other certs I would just do the ones you are interested in.
blackazarro: Do you already know if you have passed? 🙂
-
blackazarro: Do you already know if you have passed?
I don’t know yet. I took the test last Saturday and boy it was exhausting. Sitting there for six hours and doing 250 questions is tough and not to say that the questions were tough enough. I basically spent 2 minutes for each question until after 2 to 3 hours into the exam I’ve noticed I was trailing behind which then I started to speed it up and answered the questions more quickly if I wanted to complete the exam on time.
I’ve heard that it takes about a month for you to know if you passed the exam so I should get an answer by December. Let see how it goes, cause after taking the exam, I feel that I failed it.
-
@awesec wrote:
dimo, may I ask which materials you used for studying for the CEH exam? 🙂
hi awesec , of course I should have given more detail for others interested in sitting,,,,, so here goes…
The CEH Prep Guide: The Comprehensive Guide to Certified Ethical Hacking
by Ronald L. Krutz (Author), Russell Dean Vines (Author) is what I used more recently,I started out with Certified Ethical Hacker Exam Prep
by Michael Gregg (Author) , this was good but I think the krutzvines book was better,
I’d advise anyone looking at CEH to know what the main tools are about, snort,nmap,net cat etherealand the switches used, then attacks buffer overflows-loads of questions on this even though they were mainly ‘what attack is this-from an example’ type questions…. sql injections also.To be fair to ec council the exam questions your knowledge on the different stages of hacking i.e. information gathering through to covering your tracks so you should concentrate on what tools get you from start to finish or at least understand the concept .
The key for me in final prep for the exam is covering example questions, you can study security from now until the cows come home but you will need to understand the nature of the questions being asked , that is….how will I be examined, and if you’re like me get into the habit of timing yourself and running through 150 examples within the time, keep moving along come back to what you don’t know later but don’t go back changing loads of questions, it’s been proven to undo correct ones 🙂look at the net and books to see the way these are presented and go for it 🙂
-
-
-
@3PIL0GU3 wrote:
Regardless of the requirements for CISSP can’t you still take the exam and become an associate
Yep, and then they give you 5 years to meet the experience requirement.
-
-
In regards to the CISSP experience requirement, how creative can you get with it?
I work day in and day out looking after a variety of SMB clients. Doing absolutely everything. Including security related stuff like locking down firewalls. Implementing security policies, designing disaster recovery plans etc.
I basically cover all 10 knowledge areas… but my job title does not infer security.
-
- You must be logged in to reply to this topic.
