Technical Security Cert Recommendation Question
kanecain
Member Posts: 186 ■■■□□□□□□□
Hello All. I just earned my SSCP certification, and will be getting my CISSP down the road. In the mean time, I now want to pursue an entry level, but reputable tech certification. I am thinking about the CEH cert. I want something that will be hands on, and actually teach me things related to pen testing and hacking in general.
My current job role has me doing the following:
Security Awareness training (which is cool but boring in general for me)
Active Directory auditing (user account inactivity and terminated employees mostly)
File Share Remediation (I contact business owners to fix least privilege issues with their file shares)
Exception Request Management (I assess security exception requests from the business, and approve or disapprove them)
As you can see, my current security role is pretty much Outlook, Excel, and PowerPoint and the occasional command line. I am immensely bored, and want to pursue a more technical role in the near future.
My tech interests are:
Pen-testing
Vulnerability Assessment
Real-time Security monitoring
What do you guys think?
My current job role has me doing the following:
Security Awareness training (which is cool but boring in general for me)
Active Directory auditing (user account inactivity and terminated employees mostly)
File Share Remediation (I contact business owners to fix least privilege issues with their file shares)
Exception Request Management (I assess security exception requests from the business, and approve or disapprove them)
As you can see, my current security role is pretty much Outlook, Excel, and PowerPoint and the occasional command line. I am immensely bored, and want to pursue a more technical role in the near future.
My tech interests are:
Pen-testing
Vulnerability Assessment
Real-time Security monitoring
What do you guys think?
WGU - Bachelors of Science - Information Security
Start Date: Jan. 1st, 2012
Courses: Done!!!
Start Date: Jan. 1st, 2012
Courses: Done!!!
Comments
-
JDMurray
Admin Posts: 13,091 Admin
The CEH material is a good foundation in what pen testers need to know. However, there is no actual pen testing training in the CEH. That for the EC-Council's LPT (Licensed Penetration Tester) cert, for which the CEH and ECSA certs are a prerequisite.
I would also say that your career goals will benefit immensely if you learned everything about Excel that you could--including how to write .NET addons for it. Excel is one of the most powerful tools a InfoSec professional will ever use. -
kanecain
Member Posts: 186 ■■■□□□□□□□
Thanks JD. I may have convinced myself to pursue a GIAC certification path.WGU - Bachelors of Science - Information Security
Start Date: Jan. 1st, 2012
Courses: Done!!! -
docrice
Member Posts: 1,706 ■■■■■■■■■■
If you want to go down the GIAC path, I'd recommend looking at SEC504. It's a good balance between defensive and offensive mindset, but I wouldn't necessarily consider 504 to be an entry-level course.Hopefully-useful stuff I've written: http://kimiushida.com/bitsandpieces/articles/ -
kanecain
Member Posts: 186 ■■■□□□□□□□
Thanks Docrice. I will look into this.If you want to go down the GIAC path, I'd recommend looking at SEC504. It's a good balance between defensive and offensive mindset, but I wouldn't necessarily consider 504 to be an entry-level course.WGU - Bachelors of Science - Information Security
Start Date: Jan. 1st, 2012
Courses: Done!!!