.

Next step

<<

lorgmorgoth

Newbie
Newbie

Posts: 7

Joined: Mon Mar 28, 2011 4:34 pm

Post Mon Apr 04, 2011 8:04 am

Next step

Greetings,

A while ago I started to dive into the exciting and thrilling world of network security. I've been a network administrator for quite some time now, but I never had the opertunity to delve into the security aspect of network administration.

I'm currently certified as A+, Net+, Security+, MCSA, MCTIP:SA and JNCIA-FWV and I've enrolled in a 5 day EC-Council ENSA course starting the beginning of May.

Can you give me some advise on the next step?

I would like to focus more on the defensive part of network security (blue team), but I'm not sure which course/certification to pursue next.

The folks at the company where I'm taking the ENSA course, told me to go for CEH next, but that seems to focus more on the offensive aspect. On the other hand, there's more demand in the market for people with a CEH certification than there is for people with (the much lesser known) ENSA certification.

I've looked into SSCP but that one - as with ENSA, doesn't seem to be really valued in the market, due to the demand for CISSP certification.

Because I don't have the necessary work experience for CISSP, CISSP also fall from my shortlist.
<<

hell_razor

User avatar

Jr. Member
Jr. Member

Posts: 90

Joined: Wed Jul 14, 2010 10:44 am

Post Mon Apr 04, 2011 9:52 am

Re: Next step

I would suggest SANS SEC504.  It covers (or at least a few years ago) basics about offensive security, but concentrates far more on incident response and handling, some of the legal aspects, and whatnot.
A+, Network+, Server+, CISSP, GSEC, GCIH, GPEN, GCIA, GISP, GCFW
<<

dynamik

Recruiters
Recruiters

Posts: 1119

Joined: Sun Nov 09, 2008 11:00 am

Location: Mile High City

Post Mon Apr 04, 2011 8:39 pm

Re: Next step

Yea, 504 would be a good one. Depends on your specific area of interest. 503, 501, etc. might be more interesting for you. I think the SANS stuff is the right direction to go at this point: http://www.sans.org/security-training/courses.php

Also, don't shy away from the CISSP just because you don't meet the experience requirements. You will be an associate until you meet them. You have six years to meet the requirements once you pass, and you'll only need four with your other certs. For better or worse, that one is practically a necessity, and it's nice to get it out of the way.
The day you stop learning is the day you start becoming obsolete.
<<

lorgmorgoth

Newbie
Newbie

Posts: 7

Joined: Mon Mar 28, 2011 4:34 pm

Post Tue Apr 05, 2011 5:05 am

Re: Next step

I've also looked at the SANS courses, but they're outrageously expensive!

Also, I live in the Netherlands and the SANS certificates aren't really known down here, so I'm not sure if these certifications will justify the high price.
<<

dynamik

Recruiters
Recruiters

Posts: 1119

Joined: Sun Nov 09, 2008 11:00 am

Location: Mile High City

Post Tue Apr 05, 2011 6:42 pm

Re: Next step

What do you ultimately want to be doing? We could probably recommend books, websites, etc. that could help you on your journey.

Are their any job sites for your region? Review the requirements for what you'd consider to be ideal jobs. That'll give you some direction for formal education, certifications, and other knowledge and skills.

Welcome to the forums, btw :)
The day you stop learning is the day you start becoming obsolete.
<<

tturner

User avatar

Sr. Member
Sr. Member

Posts: 435

Joined: Thu Jun 26, 2008 4:50 pm

Post Tue Apr 05, 2011 11:39 pm

Re: Next step

lorgmorgoth wrote:I've also looked at the SANS courses, but they're outrageously expensive!

Also, I live in the Netherlands and the SANS certificates aren't really known down here, so I'm not sure if these certifications will justify the high price.


800 (850 after June) for conference + 4 months ondemand + cert is really not bad if you are not afraid of a little work.

http://www.sans.org/security-training/volunteer.php
Certifications:
CISSP, CISA, GPEN, GWAPT, GAWN, GCIA, GCIH, GSEC, GSSP-JAVA, OPSE, CSWAE, CSTP, VCP

WIP: Vendor WAF stuff

http://sentinel24.com/blog @tonylturner http://bsidesorlando.org
<<

lorgmorgoth

Newbie
Newbie

Posts: 7

Joined: Mon Mar 28, 2011 4:34 pm

Post Sat Apr 09, 2011 1:32 pm

Re: Next step

dynamik wrote:What do you ultimately want to be doing? We could probably recommend books, websites, etc. that could help you on your journey.


I haven't got a definitive careerpath laid out yet, I just want to get more involved with (network) security in general for now.

ATM i works as a senior network administrator at a small IT company (in which I hold a minor share) with 15 employees and somewhat under 50 customers ranging from 20 to 350 employees with serveral geographicly dispersed locations.

Our main focus is administering these networks. I spend half of my time designing and implementing the networks, whilst my collegues to the every day administering. Mainly due to the size of our company I spend the other half on petty end-user problems and documentation (one of the more evil parts of the job).

Ideally I would like to spend the majority of my time on the design aspect and balance that out with implementing the nessecary security polices, doing audits and going to security conventions (lol)

Are their any job sites for your region? Review the requirements for what you'd consider to be ideal jobs. That'll give you some direction for formal education, certifications, and other knowledge and skills.


There's where the short sightedness (is that a proper English verb?) of most HR departments comes in; they only demand the certifications they *know*, so almost any job that's got the 'security' description in it will demand CISSP and I haven't found a single job that mentions the SANS certifications...

Welcome to the forums, btw :)


Thank you very much indeed, glad to be here ;)
<<

dynamik

Recruiters
Recruiters

Posts: 1119

Joined: Sun Nov 09, 2008 11:00 am

Location: Mile High City

Post Sat Apr 09, 2011 2:30 pm

Re: Next step

lorgmorgoth wrote:There's where the short sightedness (is that a proper English verb?


Yes, and you used it perfectly ;)

Honestly, for what you want to do, the CISSP would actually be fairly relevant. You should also consider the CISA and CISM. Those would set you up really good for a management / auditing position.

Also consider the value of certifications even if they are not listed on HR's wishlist. Years ago, the Linux+ unexpectedly gave me a bump during a technical interview (after I got past the initial HR screening) simply because someone with some basic Linux experience could really help them out. SANS is a pretty well respected institution world wide, and if you get an opportunity to talk to someone more technical, being able to say, I've been trained and/or certified in <whatever> by SANS may give you an edge.

Training and certs are expensive though, so you need to pick-and-choose carefully to maximize your ROI. You'll waste your time and money if you just acquire them haphazardly (speaking from personal experience). You can often acquire a similar level of knowledge through self-study, so make sure you really need the letters before committing to anything.
The day you stop learning is the day you start becoming obsolete.
<<

lorgmorgoth

Newbie
Newbie

Posts: 7

Joined: Mon Mar 28, 2011 4:34 pm

Post Sun Apr 10, 2011 2:25 pm

Re: Next step

dynamik wrote:What do you ultimately want to be doing? We could probably recommend books, websites, etc. that could help you on your journey.


Recommendations for books, websites etc. are alway welcome!
<<

dynamik

Recruiters
Recruiters

Posts: 1119

Joined: Sun Nov 09, 2008 11:00 am

Location: Mile High City

Post Sun Apr 10, 2011 7:57 pm

Re: Next step

The CISSP AIO (5th) from Shon Harris would be a good start.

http://www.amazon.com/CISSP-All---One-G ... 244&sr=8-1

For the CISA and CISM, you're pretty much stuck using the official guides. I really don't like the flow of either of them. I actually learned a lot more from going through their practice exam questions.

https://www.isaca.org/bookstore/Pages/Bookstore.aspx

Some others that may be of interest:

http://www.amazon.com/Security-Engineer ... 318&sr=1-1

http://www.amazon.com/Myths-Security-Co ... 411&sr=1-2 (kind of basic, but it has some interesting items)

http://www.amazon.com/New-School-Inform ... 427&sr=1-1

http://www.amazon.com/Beautiful-Securit ... 411&sr=1-1

http://www.amazon.com/Security-Metrics- ... 419&sr=1-1
The day you stop learning is the day you start becoming obsolete.
<<

lorgmorgoth

Newbie
Newbie

Posts: 7

Joined: Mon Mar 28, 2011 4:34 pm

Post Sun May 22, 2011 6:01 am

Re: Next step

Well, I've nailed the ENSA exam from EC-Council, with a 940 out of 1000.

After careful deliberation on my part, I've deceided to start with SSCP after summer and then to go for CISSP.
<<

thaper0007

Newbie
Newbie

Posts: 4

Joined: Fri Jun 10, 2011 9:47 am

Post Sat Jun 11, 2011 1:45 am

Re: Next step

is it neccessary to do CCNA and RHCE before going for CEH?
<<

hayabusa

User avatar

Hero Member
Hero Member

Posts: 1662

Joined: Mon Jan 29, 2007 2:59 pm

Post Sat Jun 11, 2011 9:47 am

Re: Next step

No...

Apologies for brevity, but I could swear I just saw someone post in the past day or so, regarding these certs being independent of one another.  Will knowledge from one or the other 'help' you?  Yeah, certainly.  But the certs, themselves, are not 'required.'
Last edited by hayabusa on Sat Jun 11, 2011 9:51 am, edited 1 time in total.
~ hayabusa ~ 

"All men can see these tactics whereby I conquer, but what none can see is the strategy out of which victory is evolved." - Sun Tzu, 'The Art of War'


OSCE, OSCP , GPEN, C|EH
<<

tturner

User avatar

Sr. Member
Sr. Member

Posts: 435

Joined: Thu Jun 26, 2008 4:50 pm

Post Sat Jun 11, 2011 11:40 am

Re: Next step

thaper0007 wrote:is it neccessary to do CCNA and RHCE before going for CEH?


I would say CEH is probably easier than either RHCE or CCNA, but if you had CCNA and RHCE under your belt you'd have a really strong base that would certainly be very useful for the kinds of jobs that are asking for CEH.

You don't want to be one of those folks that only focus on the security stuff and neglect their core skillsets. You will miss a ton of stuff.
Certifications:
CISSP, CISA, GPEN, GWAPT, GAWN, GCIA, GCIH, GSEC, GSSP-JAVA, OPSE, CSWAE, CSTP, VCP

WIP: Vendor WAF stuff

http://sentinel24.com/blog @tonylturner http://bsidesorlando.org

Return to Security

Who is online

Users browsing this forum: No registered users and 1 guest

cron
.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software