Path advice

michaelphan

Hello all!

I've been putting a lot of thought of where I want to invest my studies. My goal is obtain a career in cyber security as a pentester. I don't know anything in regards to hacking/infosec but I do know that it is the only subject matter which generates an interest from me. I've just recently got my A+ and Net+ now working on Sec+.

After Sec+, I'm not so sure where to go. Would something like OSCP be too advanced for someone with zero knowledge about hacking? Would something like CEH be better to go for before OSCP? Or should I go the traditional route and enroll for my BS in IT?

Thanks for any input you guys can provide!

LionelTeo

CEH is a start, but its still a milestone before you can truly challenge the OSCP, although many had taken OSCP with little experience, some took the CEH to OSCP path. If you are very determine, you can pass even by going through the course and praticing everyday.

However, if you want upgrade yourself more before going for the course, its best you read Advanced Penetration Testing - The Ultimate Security Guide for the feel of the general course outline. If you had not learn penetration testing before, then the Basics of Penetration Testing Guide by an OSCP instructor is useful.

It is also necessary to pick up Metaplsoit, the penetration tester guide as the books are written by OSCP instructors. Finally go for the Art of Hacking by Jon Erickson to learn how to escalate privileges on a linux system.

To further up your skills; Violent Python, written by an OCSE, GSE, teaches some python script for quick banner grabbing that is really useful, a few other threads has mention the use of a python script to do auto enumeration, since Nessus is not allowed in the exam, its best to cut down time by improving from a good exisitng python script for enumeration purpose that would be as close to the nessus as possible. Web Application Hacker Handbook is also very useful due to the depth of web application vulnerability covered.

Final touch up, Shellcoders handbook helps to understand privilege escalation for various system, although you won't be writing a shellcode for the exam. Fortunately this book is good enough for reading through instead of doing the pratical. Penetration Testing using Kali Linux is a relatively new book by the same author who wrote Advanced Penetration Testing, the same book.

In summary
Best to read before going for course
Basics of Penetration Testing - if you do not know what is Kali Linux
Advanced Penetration Testing - Ultimate Security Guide - if you want to have a good feel of the course outline, and the step by step guide for the awesome lab in this guide.
Metasploit, the penetration testing guide - to learn about metasploit, since this is written by OSCP intructors.
Hacking, The Art Of Explotiation - if you do not know how to escalate privileges

Recommended
Violent Python - if you want to improve on a good exisiting python script for fast enumeration
Web Application Hacker Handbook - since web app its part of the test, if you want every chance to pass

Additional Time
Shellcoder Handbook - if you want to understand how privilege is obtain on various system
Kali Linux Penetration Testing - never had this book yet, but for general reinforcing on concepts.

Ceritification Wise
Best Path to take would be CEH, GCIH, GPEN, GWAPT, OSCP
CEH - to understand penetration testing
GCIH - to understand what's GIAC challenge is like, overlapping between CEH and GCIH content make this a viable cert
GPEN - to assure yourself that you had learn the penetration testing stuff
GWAPT - due to part of OSCP includes a web application

However, you can also pick up the OSCP course anytime in your life. It doesn't harm to go for the exam at a course fee of 1000+ USD, take the lab and try the exam at 60 dollar USD. Even if you fail, you still had the course material, and there is tons of free lab to work on out there, and can always come back after finishing every book before rechallenging the exam and practice with another 30-60 days exam extension. Its all a matter of choice and preference.

MacGuffin

If you are asking if you should get certifications or a bachelor degree then my answer is do both. I don't recall ever seeing a position for a computer security position that did not require a college education. If you must choose between one or the other because of limitations on resources then I'd say go to college.

I should give a disclaimer, assume I know nothing. I'm wondering about the same things as you but I'm in a different situation. I have a BS in computer engineering for one, so the question is not if I should get a BS but rather if I need to go to graduate school. I don't know how you plan to pay for your education but I have benefits from the VA I can cash in, they've paid for my certifications and if I hit the right buttons they'll pay for my graduate school too.

I've found that experience is key. No one is going to hire a pen tester that does not have some sort of experience. This gets into the classic dilemma of getting experience to get a job but needing a job to get experience.

(Side note: If you think you can do four years in the military they will pay for college and give you experience. All you need is a high school education, a reasonably clean record, and some physical and mental ruggedness. I say "reasonably" clean record because they will overlook certain things like traffic tickets and even minor drug and alcohol issues if you are smart and fit. The physical requirements aren't too bad, it's the mental rigors that got most people I saw. You need to be able to get up early and work late, ignore cold and hunger for a while, and put up with a lot of BS. You're going to be a computer technician, not infantry, don't expect to have to do a lot of running and shooting.)

A+, Net+, and Sec+ are a good start. I'd suggest some training on the systems you will be pen testing and securing. Get certified by Microsoft, Cisco, or Red Hat. To get anywhere you will have to show you can use the systems too. CompTIA is pretty much a lot of theory, they try to be nonspecific on vendors. Theory is important but you'll need to be able to apply it too. Applying that knowledge means getting practical and specific. I wouldn't worry too much about which one to choose, it's more about proving you can learn than proving what you know.

I'm still trying to figure out what certifications are good ones. I have Net+, Sec+, CEH, and CCENT. I'm working on VCP, CASP, and some sort of Microsoft server certification.

I learned to not try to take it in too fast. Perhaps it's just how I learn but I found that trying to cram in a lot of information too quickly was a waste of my time and your money. I say "your" money because the VA paid for my certification classes and tests with taxes. Sorry about, I'll try to make it up eventually. I took the CCNP courses before I had my CCNA, that was a mistake. I found I need to let the information soak in with time and experience before I go the next step.

Getting back to the experience part of the equation I don't know if I have a good answer for that. You have to start somewhere, that might be answering phones at a help desk for a while. I did it and it sucks. It also got people to call me with job offers. Being in the Army helped me too I'm sure. It's easier to find a job if you have a job. Don't wait around for the perfect job, you'll be waiting a long time.

As I said, I'm still figuring this out too. I hope I enlightened someone.

LionelTeo

For starter certification between 0 to 2 years, CEH, Sec +, SSCP are some of the starter certs you had nailed.

Between 2 to 4 years, GIAC worth the knowledge and ROI. Every two GIAC cert is nearly equivalent to a CISSP in terms of salary gain.

GCIH, G2700, GISP are some of the easier cert to challenge via self study . GSEC would be the next in the list to challenge after the previous three mention and I would recommend to aim for them.

From 3.5 years onward, you should be going for CISSP exam.Once passed you had 9 months to submit your credential before the maintenance kicks in.

Afterwards, your free to take whatever you like. OSCP, CISM, CISA, CRISC are some of the good certs to pick on.

michaelphan

sorry for the late reply...thank you for your input! i might take the route to get a degree while at the same time reading up on the books advised. two birds i guess.

5ekurity

Trust me, do not wait to get your degree....you can have all of the best certs in the world but it will not matter without a degree, a 4 year degree specifically.