.

Pick a cert, any cert

<<

plik

Newbie
Newbie

Posts: 31

Joined: Tue Dec 19, 2006 9:32 am

Location: North - UK

Post Tue Dec 19, 2006 4:26 pm

Pick a cert, any cert

Ok, I've got an apraisal at work on Fri and I'm wondering what training/exams to ask for. It will be InfoSec related if I get my way. I work for an ISP so swinging it won't be too difficult (I hope!).

Now the training budget isn't huge so I may have to home study, which doesn't bother me, as long as they pay ;)

I'm CCNA/MCP trained and have about 7yrs in IT, currently about halfway through, and taking a break from, a BSc in IT/Comp Sci. I've been interested in computer security for about as long as I've been in the IT trade, but haven't really studied it, just picked up books, read tutorials and played with various "l33t skillz"  ::) websites. I'm not looking for something that will get me a new job, just a stepping stone to more advanced qualifications that might.

I took a quick look at test questions for the CompTIA Sec+ and think I could sail that with only a little bit of study, but the pen test exams seem a bit more hands on.

How do the CEH and CPTS compare to Sec+?  Are there any other certs people would recomend taking?

Oh, and I've got to be able to get it here in the UK, I don't think work'll shell out for plane tickets.


Any views would be gladly taken into account.

Cheers,
plik.

I was going to tack this on to an old thread, but it suggested I start a new one as it was ancent, so here are the answer to the questions asked in that thread:

Aim for Management or stay Geek? - Geek! all the way!
Networking/Servers/Clients? - Everything and anything (see above)
<<

LSOChris

Post Tue Dec 19, 2006 4:54 pm

Re: Pick a cert, any cert

others may disagree, but i think CEH/CPTS are basically the next step after Sec+...you'll have to evaluate where you are with the Security+ objectives on if you need to actually take the exam or not.

as a (somewhat bad) analogy i would say that Security+ expects you to know things about security and threats to your network's security where CEH/CPTS you are kinda expected to know how to conduct those threats to your network's security.
<<

d1spat3r

User avatar

Newbie
Newbie

Posts: 28

Joined: Mon Dec 04, 2006 10:13 am

Location: Wisconsin

Post Tue Dec 19, 2006 5:26 pm

Re: Pick a cert, any cert

I think another good source for learning is Sans.  I taken multiple courses from them and have always rated them top notch.  You could try something like the OnDemand, @home or other various methods.  If you can go to a conference, do it.  The knowledge you get from the instructors is excellent.

there was also a recent comparison done between all the certs (but I can't seem to find it now) that had some good details in it. 

I can't say anything about CEH/CPTS as I have not gone through them. 

What part of security do you want to get into is the main question?  Depending upon that reply the certs to go for may change.
CISSP, GSEC, GCFA
<<

plik

Newbie
Newbie

Posts: 31

Joined: Tue Dec 19, 2006 9:32 am

Location: North - UK

Post Tue Dec 19, 2006 5:48 pm

Re: Pick a cert, any cert

d1spat3r wrote:What part of security do you want to get into is the main question?  Depending upon that reply the certs to go for may change.


That's the thing, I'm not totally sure. Closest thing to security I've done have just been bits of roles in the past, it's been server and data, currently it's more internet/network security, but I've always had a thing for finding holes in things so pen test would be a logical step. I do spend time with IDS and honeypots/nets at home, I also like following the latest ways the underground find to keep under the radar (but I never find out until it's on the radar!) but I've not got any expert knowledge in any one field so doubt I could get into research.

Forensics might be another path, it seems a bit sadistic but give me a dir of logs or packet captures and an incident to piece together and I'm a happy bunny
Last edited by plik on Tue Dec 19, 2006 5:58 pm, edited 1 time in total.
<<

blackazarro

User avatar

Sr. Member
Sr. Member

Posts: 368

Joined: Sun Aug 13, 2006 5:31 pm

Post Tue Dec 19, 2006 7:53 pm

Re: Pick a cert, any cert

Hey plik, I have a link to a good article regarding security certs. Hope this help.

http://searchsecurity.techtarget.com/tip/1,289483,sid14_gci990011,00.html
Security+, OSCP, CEH
<<

don

User avatar

Administrator
Administrator

Posts: 4226

Joined: Sun Aug 28, 2005 10:47 pm

Location: Chicago

Post Wed Dec 20, 2006 2:40 am

Re: Pick a cert, any cert

Seems like your thinking is on the right track. Since you are looking for the more technical track as opposed to the management track, forensics could be for you. But as one investigator told me, be careful as to what field you enter. You may get involved in cases that require you to see information that you can never get out of your head. It's just like a cop dealing with murder cases. You may do a lot of good, but there is a price. Unless you stay specifically on the network forensics side, but there is always a chance for those odd cases.

You may also want to look at our sister site, CSP Mag.

Hope this helps,
Don
CISSP, MCSE, CSTA, Security+ SME
<<

plik

Newbie
Newbie

Posts: 31

Joined: Tue Dec 19, 2006 9:32 am

Location: North - UK

Post Wed Dec 20, 2006 4:20 am

Re: Pick a cert, any cert

blackazarro wrote:Hey plik, I have a link to a good article regarding security certs. Hope this help.

http://searchsecurity.techtarget.com/tip/1,289483,sid14_gci990011,00.html


Cheers, I'll read and inwardly digest.


Don: Yeah I'm quite aware that forensics would probably lead to me seeing a few things that would be f'd up. I'd think that it's one of the most likely professions for that. The few times I've had to pull data together for the police have creeped me out, and that was just logs.
<<

d1spat3r

User avatar

Newbie
Newbie

Posts: 28

Joined: Mon Dec 04, 2006 10:13 am

Location: Wisconsin

Post Wed Dec 20, 2006 1:37 pm

Re: Pick a cert, any cert

Yes forensics can be a bad thing...

A little off topic but...

Every time I go to my brothers house he "requests" my help on his computer.  Of course I always forget to tell him to 'clean up' his office before I go work on his computer.  Without fail he always forgets one/two photos lying around on the desk...  I seriously think he does it for fun to watch my reaction.

Oh... the photos well let's just say he is a deputy coroner and the photos are always extremely graphic.  Needless to say I don't eat much while I am at his house.  :-X
CISSP, GSEC, GCFA
<<

plik

Newbie
Newbie

Posts: 31

Joined: Tue Dec 19, 2006 9:32 am

Location: North - UK

Post Thu Dec 21, 2006 6:00 pm

Re: Pick a cert, any cert

Well thanks for the input, I've got a better idea about what to ask for now.

And on top of that I've found the exams are cheaper that I first thought, so I might just take a couple anyway!  ;D

I'll let you know how it goes.
<<

plik

Newbie
Newbie

Posts: 31

Joined: Tue Dec 19, 2006 9:32 am

Location: North - UK

Post Fri Dec 22, 2006 6:30 am

Re: Pick a cert, any cert

Well I got them to agree to paying for the Sec+ and CPTS exams (no training tho' boo!) and giving me some time to study which is a win! The trade off was doing ITIL and Project Management training too, which don't grab me but will keep them happy and look good on the CV. (there was also a rather ominous sounding "and any other training we think you'll need"....)

Thanks again guys for the input.

plik

Return to General Certification

Who is online

Users browsing this forum: No registered users and 1 guest

cron
.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software