Certificate roadmap for networking security?
qngu8827
Registered Users Posts: 2 ■□□□□□□□□□
Hello. I am a college student who is very interested in doing network security/CEH. I will began my Networking Admin A.S and CCNA cert in the upcoming spring. However, my research is confusing beyond that point and I would like to ask you all for your professional opinions. I’m planning to continue my learning after achieving my networking admin degree. What I have found and considering are; CCNP, CompTIA A+, CompTIA Security+, and another A.S in networking forensic. Beside those mentioned, I also have access to classes, such as WMware managing, EMC info storage and management, cloud infrastructure and service, Citrix – virtual desktop/application admin, Oracle database admin, NET programming, Linux/UNIX admin, wireless networking, IP and VoIP implementation, and of course certificates from Window. Overall, which of these courses pertain to my end goal? Should I also learn to code (c++, Java, ruby, or python)? I understand that experience is the major commodity in the industry, however, I want to optimize my schooling so that I could potentially be utilize in more positions than just helpdesk. Thank you for the insight, your input is much appreciated.
Comments
-
IIIMaster Member Posts: 238 ■■■□□□□□□□Gaining linux, windows server, esxi, and cisco rs & voice exposure is huge, especially if you could gain those certs. I have not dealt with citrix besides utilizing their applications at work but im sure it can only help you. I would stay away from the wireless course.
-
NOC-Ninja Member Posts: 1,403One thing i realize is that you need all of it to connect the dots. I have bumped into CISSP certified guys that cannot create a security plan since they dont know how the network, VM, wireless, OS and etc works. Everything will catch up.
How can you create a security plan if you dont know the network? How can you pen test a network if you dont know RS,VOIP,VM,and wireless?
Here's an example in the real world. You want to be a Network Security Engineer/Architect and you probably are OR you are trying to get there.
Your boss tells you. Here is your chance to show off. I want you to create a security plan. I want you to create a document on how to audit the network. Now you cant audit a network if you dont understand RS, ASA, call manager, VM, and etc. How are you going to exploit these?
Now here is where CCNP, UNIX/LINUX (KALI Linux), ASA (vpn,ids,ips) phyton (metasploit), wireless (how are you going to hack wireless), Call manager (voip) and etc will show up. On top of that, how are you going to protect these if you dont know those.
Do you get where im going here? You cant tell your manager, "well sorry i dont know that so ahhh can u please train me first?"
So the question is, should you learn all of it? Yes since it will eventually catch up at the top.
What is the road map? IMO = Learn RS > unix/linux > phyton > ASA > CA > AAA/802.1x/ISE > wireless > everything
So in cert wise = ccna rs > ccnp rs > ccna sec > ccnp sec > pen test certs > cissp ( you will get to a point that cert wouldnt matter since you are in, you have the experience and you know what to do to get to the top).
All of these takes years of reading, labbing and work experience. -
aderon Member Posts: 404 ■■■■□□□□□□One thing i realize is that you need all of it to connect the dots. I have bumped into CISSP certified guys that cannot create a security plan since they dont know how the network, VM, wireless, OS and etc works. Everything will catch up.
This is really good advice. I was where OP was at not that long ago and tried skipping straight to Security certs and it just doesn't work that well. Even if you manage to skimp by, your knowledge and skills will suffer if you don't first take the time to learn about what you're trying to secure.2019 Certification/Degree Goals: AWS CSA Renewal (In Progress), M.S. Cybersecurity (In Progress), CCNA R&S Renewal (Not Started) -
NOC-Ninja Member Posts: 1,403This is really good advice. I was where OP was at not that long ago and tried skipping straight to Security certs and it just doesn't work that well. Even if you manage to skimp by, your knowledge and skills will suffer if you don't first take the time to learn about what you're trying to secure.
Yes.
The first question is security plan, then they will ask you to pen test it, then they will ask you how to fix it. Again, in the real world, they see you as the security expert. They expect you to know this. They dont want to spend another sum of money to hire another person. IT for them is an expense. -
JoJoCal19 Mod Posts: 2,835 ModNOC-Ninja and aderon are spot on. You must learn the underlying technologies before you go and try to secure them. Take it from someone who is dealing with it now. I went into IAM for 6 years (about 4 too long) and didn't use or keep up with networking, systems, Linux skills at all. Especially the networking skills. Then I went to a GRC position where I was even farther removed from the technical aspect of IT. Now I'm back in a Sr InfoSec Admin position and I'm having to relearn and refresh everything at a rapid pace (starting back with the CCENT). Thankfully I'm in a position to be able to do that.Have: CISSP, CISM, CISA, CRISC, eJPT, GCIA, GSEC, CCSP, CCSK, AWS CSAA, AWS CCP, OCI Foundations Associate, ITIL-F, MS Cyber Security - USF, BSBA - UF, MSISA - WGU
Currently Working On: Python, OSCP Prep
Next Up: OSCP
Studying: Code Academy (Python), Bash Scripting, Virtual Hacking Lab Coursework