Technical Security Cert Recommendation Question

Hello All. I just earned my SSCP certification, and will be getting my CISSP down the road. In the mean time, I now want to pursue an entry level, but reputable tech certification. I am thinking about the CEH cert. I want something that will be hands on, and actually teach me things related to pen testing and hacking in general.

My current job role has me doing the following:
Security Awareness training (which is cool but boring in general for me)
Active Directory auditing (user account inactivity and terminated employees mostly)
File Share Remediation (I contact business owners to fix least privilege issues with their file shares)
Exception Request Management (I assess security exception requests from the business, and approve or disapprove them)

As you can see, my current security role is pretty much Outlook, Excel, and PowerPoint and the occasional command line. I am immensely bored, and want to pursue a more technical role in the near future.

My tech interests are:
Pen-testing
Vulnerability Assessment
Real-time Security monitoring

What do you guys think?
WGU - Bachelors of Science - Information Security
Start Date: Jan. 1st, 2012
Courses:
Done!!!

Comments

  • JDMurrayJDMurray MSIT InfoSec, CISSP, SSCP, GSEC, EnCE, C|EH, CySA+, PenTest+, CASP+, Security+ Surf City, USAAdmin Posts: 11,663 Admin
    The CEH material is a good foundation in what pen testers need to know. However, there is no actual pen testing training in the CEH. That for the EC-Council's LPT (Licensed Penetration Tester) cert, for which the CEH and ECSA certs are a prerequisite.

    I would also say that your career goals will benefit immensely if you learned everything about Excel that you could--including how to write .NET addons for it. Excel is one of the most powerful tools a InfoSec professional will ever use.
  • kanecainkanecain Member Posts: 186
    Thanks JD. I may have convinced myself to pursue a GIAC certification path.
    WGU - Bachelors of Science - Information Security
    Start Date: Jan. 1st, 2012
    Courses:
    Done!!!
  • docricedocrice Member Posts: 1,706 ■■■■■■■■■■
    If you want to go down the GIAC path, I'd recommend looking at SEC504. It's a good balance between defensive and offensive mindset, but I wouldn't necessarily consider 504 to be an entry-level course.
    Hopefully-useful stuff I've written: http://kimiushida.com/bitsandpieces/articles/
  • kanecainkanecain Member Posts: 186
    docrice wrote: »
    If you want to go down the GIAC path, I'd recommend looking at SEC504. It's a good balance between defensive and offensive mindset, but I wouldn't necessarily consider 504 to be an entry-level course.
    Thanks Docrice. I will look into this.
    WGU - Bachelors of Science - Information Security
    Start Date: Jan. 1st, 2012
    Courses:
    Done!!!
Sign In or Register to comment.