Security certifications

Viewing 15 reply threads
  • Author
    Posts
    • #5749
      asterix
      Participant

      Hi Guys,
      I have completed a degree in computer science and worked my way up through the ranks from helpdesk to 3rd line support. I have passed Security+ and other Cisco and Microsoft certifications although I’m now thinking of getting out of the technical game but unsure of what roles involving security are available! I’m not in a rush to get out of the technical role and looking to complete a few certs that will allow me to change over. I was thinking that the MCSA: Sec, MCSE: Sec & CCSA/CCSP are the big ones in technical security, and i should now be looking CEH, (ISC)2 and possibly MSC: Infosec. Really feel that i need some guidance in relation to this in respect to Recognition, time it takes to study, cost, prerequisites, required training programs etc.

      Regards,
      James

    • #36089
      rattis
      Participant

      you’ve got the Sec+, that’s a start. However from there the question should be what aspect of Security do you want to do?

      Red team (attack / pentest)
      Blue team (defense)
      Policy maker (management)

      etc.

    • #36090
      asterix
      Participant

      TBH im not overly sure as haven’t had much experience in what’s outside the IT support roles, what kinda certs would we be looking at in each of these areas?

    • #36091
      rattis
      Participant

      Red team, CEH, anything Offensive Security, SANS certs
      Blue team, firewall certs, incident handler certs , SANS certs
      Management CISSP (from what I’ve heard).

    • #36092
      asterix
      Participant

      is this the only 3 areas? where does forensics fit into this model?
      With exception of Security+ are there any other certifications that provide a fundamental introduction?
      Another query is to what ‘Value’ these certs hold? are some easier yet more recognised than others or approved my other certifications??

    • #36093
      dante
      Participant

      Forensics(CHFI) will be under blue team.

      One more to the list.
      Reverse Engineering – CREA, GREM

      Yes there are some certs(CEH) that are more recognized, easier to attain covers fundamentals but does not really say that you can do the job.

    • #36094
      asterix
      Participant

      So the areas of security can be split into the following four areas:
      Reverse engineering
      Red team
      Blue team
      Management

      Any More?
      What does ‘Reverse Engineering’ actually involve?

    • #36095
      SephStorm
      Participant

      For fundamentals you are pretty much looking at Sec+, then either CEH or SANS GSEC for a technical path. I would say that these certs are good foundations for red or blue teamers.

      When it comes to management, you can add CISA and CISM to the list, but 9 out of 10 times, the CISSP is good enough.

      As for Reverse Engineering, I assume we are talking about reverse engineering malware. Basically finding malicious code and tearing it apart to see how it was written, and possibly how to defend against it. Really, I would throw this under the blue team bus.

    • #36096
      asterix
      Participant

      Great so i could prob break this down into:

      Foundation
      Technical Administration (red/Blue team)
      Management
      Legal??

      Does auditing come under management or would this justify its own category? What Certs would you be looking at for Auditing/Legal??

    • #36097
      eternal_security
      Participant

      @asterix wrote:

      Great so i could prob break this down into:

      Foundation
      Technical Administration (red/Blue team)
      Management
      Legal??

      Does auditing come under management or would this justify its own category? What Certs would you be looking at for Auditing/Legal??

      Ok, call me stupid and flame me if you want….but what are red and blue team?  I’ve seen it in several posts, I’ve heard the terms, but I’ve never really known what they are.

      Thanks!

      eternal_security

    • #36098
      UNIX
      Participant

      Simply put:
      Red team = offensive, attacking team
      Blue team = defensive team

    • #36099
      eternal_security
      Participant

      @awesec wrote:

      Simply put:
      Red team = offensive, attacking team
      Blue team = defensive team

      Thanks awesec.  I know it probably seemed stupid, and I had an idea that they correlated to offensive/defensive teams somehow, but I never really knew.  (Thanks also for not flaming me  😉  ).

      Kind regards,
      eternal_security

    • #36100
      SephStorm
      Participant

      Asking questions is one step on the path to knowledge. the other is google. 😉 (No, not yahoo, google.)

    • #36101
      Solinus
      Participant

      @SephStorm wrote:

      Asking questions is one step on the path to knowledge. the other is google. 😉 (No, not yahoo, google.)

      Amen!

      ….I think that the CIW sec analyst is another good, basic foundation cert

    • #36102
      SephStorm
      Participant

      I think CIW Sec is a good one too, I was planning on knocking it out before the retirement next year, whether I do or not depends on my schedule.

    • #36103
      waqasibrm
      Participant

      The information related to Security certification is very good and most of us can help out from many problem thank.

Viewing 15 reply threads
  • You must be logged in to reply to this topic.

Copyright ©2020 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Sign in with Caendra

Forgot password?Sign up

Forgot your details?