Server or networking path for security career.

joemc3joemc3 Posts: 141Member ■■■□□□□□□□
Hello all, what path would better serve a guy who wants to go deep into IT security? MCSE or CCNA?
Please explain why and the benefits of either side.

Comments

  • networker050184networker050184 Posts: 11,962Mod Mod
    Depends. Wanting to go into network security? Obviously the network path will be the way to go here. Want to get into application security, or policy, or any of the many other areas? Well, it all depends. "Security" is a very vast area of IT.
    An expert is a man who has made all the mistakes which can be made.
  • joemc3joemc3 Posts: 141Member ■■■□□□□□□□
    That is what I struggle with. I don't know how the work life of each path varies. It's so vast how does one with no knowledge decide where to go? I would want a more broader security type of a job instead of niche or narrowly focused.
  • PupilPupil Posts: 168Member
    Why not both? Understand the systems side by learning Windows/Linux administration and the networking side by learning Cisco routing/switching/security.
  • kurosaki00kurosaki00 Posts: 973Member
    Usually you gain experience in different areas and then decide which area you want to pursue (in general or security).
    Sometimes some people take some classes and be like.. wow back end/prog security is my thing or I love working with firewalls.
    You need to get some experience and explore around. Eventually you will find out the area you like the most.
    meh
  • YFZbluYFZblu Posts: 1,462Member ■■■■■■■■□□
    A more generic thought process would be: Tools, analysis, or red team? Do you want to be involved in the setup and maintenance of security products and services, or do you want to be involved in analysis/response based on the data produced by such tools? Another way to go is penetration testing.
  • BalantineBalantine Posts: 77Member ■■□□□□□□□□
    It really depends on where/how you work and what kind of problems you see most day to day.

    I did CCNA then MCSE, then ASA/Fortigates and packet analysis in general.

    Neither certificate will really help a lot for security. What they will help with is getting your toes wet and prepping you for the full monty. Don't be intimidated by the books... the water is deep... there will be many more thousands of pages to go. Two of the most obvious deeper channels would be full packet capture and application whitelisting, and I'd add Bro/Powershell/Linux/certificates/identity too. Now that LEO is the apex predator in cyber, you'd be better off envisioning yourself part of a tiger team instead of hack the planet... maybe in a couple years we'll all be using Lojban anyway and the fundamental philosophy problems with linguistics that give rise to technical security problems in general will dry up... icon_lol.gif
    dulce bellum inexpertis
  • docricedocrice Posts: 1,706Member ■■■■■■■■■■
    I like a well-balanced approach. The way I see technical security, everything ultimately revolves around context. I've met system-centric professionals who had limited grasp of the overall picture, and the same goes with the network-centric equivalents. Systems, networks, application, data, mindset, risks, policy, and all that converge much sooner than you think. Understanding risk factors and potential design flaws require a sense of balance.

    It comes down to a lot of fundamentals. Some people choose to go very deep in certain areas and remain light in others, but as long as you have the basic core concepts down on the systems and network side, then your ability to grasp and solve problems will be much more effective. To be only one or the other puts you at a disadvantage because you can't see how things interrelate with one another and you start relying on your assumptions about the other key areas.
    Hopefully-useful stuff I've written: http://kimiushida.com/bitsandpieces/articles/
  • N2ITN2IT Posts: 7,483Inactive Imported Users
    I'm not a security professional but I gotta go with networking. A lot of the security guys I know came up from a networking engineer role or something similiar. Not saying that can't work on servers they can, they all can. I just think if I had to pick one it would networking for sure.
Sign In or Register to comment.