.

Need help on a path

<<

keith

Newbie
Newbie

Posts: 6

Joined: Fri May 08, 2009 11:26 pm

Post Sun May 31, 2009 4:21 pm

Need help on a path

Hello - I'm new to the forums but after only a short time I can see it's full of some good and impressive information.  I'm hoping to get some direction from some of you that could help me make a "getting started" decision.
I've been in IT for about 25 yrs, from computer op to IT director, for the last 3 yrs. as an independent consultant in the healthcare world installing demographic network bridges in Dr. offices, clinics, hospitals. I have no certifications at this time, just an AA in Digital Electronics and pretty hefty experience.
My objective is to specialize in ethical hacker/penetration testing area for the purpose of adding to my consulting offering. 
The problem I'm having is trying to work out which certification path to take, balancing a limited budget with getting the best knowledge base.  There are a multitude of choices, - SANS, CompTIA, EC seem to be at the front.  I'm very interested in hearing what some of you have to say.  Thanks much for any help!
<<

apollo

Full Member
Full Member

Posts: 146

Joined: Fri Apr 04, 2008 7:44 pm

Post Sun May 31, 2009 7:31 pm

Re: Need help on a path

Would you mind listing some more of the goals of the certification?  Are you looking for something just to give you a step up in your certification listing, or are you looking for accompanying training that will ensure that you have the skills necessary to be able to get into the pen testing field.  What is your experience level?  There may also be some certs that will work for you as self study where training + certification will boost your skills if you need it, so knowing where your skills lie will help in recommendations for certs.
CISSP, CSSLP, MCSE+Security, MCTS, CCSP, GPEN, GWAPT, GCWN, NOP, OSCP, Security+
<<

keith

Newbie
Newbie

Posts: 6

Joined: Fri May 08, 2009 11:26 pm

Post Sun May 31, 2009 9:27 pm

Re: Need help on a path

Thanks Apollo.  My goals relate to the IT healthcare industry I've worked in for years.  The market demands are gearing more towards security of EMRs and interfaces,  patient record protection, HIPPA, etc.  I see a lot of deficiencies especially in small to large clinics, and in single physician practices.  Although I have good experience levels in certain areas of IT and can be effective with networking to a degree, my expertise in network security and tools needs help.  I'm interested in understanding concepts and methodology but also want to put it to good use.  I have to know what I'm doing as a consultant.  I'm often my own backup!
Lastly, I'm not necessarily limiting my options to pen testing or EH.  Someone on this forum wrote about the need for incident handlers, for instance. 
Hope that explains.
Keith
<<

dalepearson

Sr. Member
Sr. Member

Posts: 357

Joined: Thu Nov 09, 2006 10:03 am

Post Mon Jun 01, 2009 3:29 am

Re: Need help on a path

Keith,

welcome to the forum. I would recommend to you the Offensive Security 101 course (Pentesting with Backtrack).
I have not done it myself, but from what I know of people who have done it, and from what I have seen its a good course to pick up the skills, and get an understanding of how to carry out some pentesting.
I think this would do two things for you. 1) It would give you some skill to practice and develop in your own lab, 2) It would give you some skills to offer some level of Pentesting, Vulnerability assessment etc, and give you the option to move onto other certs if this is something you feel you need.

All the best with your future.
<<

keith

Newbie
Newbie

Posts: 6

Joined: Fri May 08, 2009 11:26 pm

Post Mon Jun 01, 2009 12:46 pm

Re: Need help on a path

Thanks dalepearson!  I like your logic and I like the program, and I think you're exactly right.  It gives me the good intro based on my experience and should lead on.  I had not looked at this before.
Thanks again for your insights.
<<

UNIX

User avatar

Hero Member
Hero Member

Posts: 1244

Joined: Mon Apr 28, 2008 9:20 am

Post Tue Jun 02, 2009 2:59 am

Re: Need help on a path

Welcome to the forums keith.

Although certificates are a great thing and something which will help you surely, consider that experience may be more important. I know some people with some well-known certificates which seem not to know really much when you start a discussion with them. Others I know have only a few or no certificates and are "high-skilled" penetration testers.

I would go for one of the certificates in the penetration testing management area which may help you more in terms of getting new clients.
<<

eRiCtHyReD

User avatar

Newbie
Newbie

Posts: 18

Joined: Tue Jan 16, 2007 11:02 am

Post Tue Jun 02, 2009 3:46 am

Re: Need help on a path

Depending on your security skillz, and because of your background and experience, 101 might be too technical for you.
I would recommend CISSP or CISM first. These are more Security management oriented.

Then, if you still want to get deep, you could then follow a training such as 101.
CEH MCSE CCNA  Security+ Network+ A+

Return to General Certification

Who is online

Users browsing this forum: No registered users and 2 guests

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software