Sec+ or GISF/GSEC?

bradl3yCbradl3yC Member Posts: 67 ■■■□□□□□□□
Which route would make more sense to take? Sec+ or GISF/GSEC? I have no security experience and my knowledge on most security topics is nominal at best.

Thanks!

Comments

  • cyberguyprcyberguypr Mod Posts: 6,928 Mod
    I would take GISF out of the equation right off the bat. Many agree that this class/cert is extremely basic, no one know what it is, will produce single digit results in a job search, so definitely not worth the time/money if you wan to pursue a technical security path. I'm convinced that those who take GISF are either high level management, people who need to fill a box of some sort compliance-wise, or individuals who underestimated their knowledge.

    What is your goal here? Are you looking just to get your feet wet into security or is security the end goal? Are you looking to gain knowledge, be more marketable, both?
  • bradl3yCbradl3yC Member Posts: 67 ■■■□□□□□□□
    All of the above, really. I want to learn and become more marketable with the end goal being a job in infosec.

    I have 13 years experience in helpdesk type work with the last year as being a system admin.
  • JoJoCal19JoJoCal19 Mod Posts: 2,835 Mod
    With your lack of experience and knowledge on InfoSec, I would recommend reading the Security+ book, even if you don't attempt the certification. Also I would HIGHLY recommend being comfortable with networking, Windows, and Linux at least on the CCENT, 70-410/411, and Linux+ level respectively.
    Have: CISSP, CISM, CISA, CRISC, eJPT, GCIA, GSEC, CCSP, CCSK, AWS CSAA, AWS CCP, OCI Foundations Associate, ITIL-F, MS Cyber Security - USF, BSBA - UF, MSISA - WGU
    Currently Working On: Python, OSCP Prep
    Next Up:​ OSCP
    Studying:​ Code Academy (Python), Bash Scripting, Virtual Hacking Lab Coursework
  • bradl3yCbradl3yC Member Posts: 67 ■■■□□□□□□□
    JoJoCal19 wrote: »
    With your lack of experience and knowledge on InfoSec, I would recommend reading the Security+ book, even if you don't attempt the certification. Also I would HIGHLY recommend being comfortable with networking, Windows, and Linux at least on the CCENT, 70-410/411, and Linux+ level respectively.

    Slightly off topic, but I see you're reading CCNA in 60 days. How are you liking that book?
  • stryder144stryder144 Member Posts: 1,684 ■■■■■■■■□□
    JoJoCal19 wrote: »
    With your lack of experience and knowledge on InfoSec, I would recommend reading the Security+ book, even if you don't attempt the certification. Also I would HIGHLY recommend being comfortable with networking, Windows, and Linux at least on the CCENT, 70-410/411, and Linux+ level respectively.

    Interesting recommendation on the level of knowledge. If you don't mind, could you expand a bit as to why knowledge at those particular levels? Why not also include the 70-680/685 certs, as well? I am by no means challenging your recommendations, just really curious.
    The easiest thing to be in the world is you. The most difficult thing to be is what other people want you to be. Don't let them put you in that position. ~ Leo Buscaglia

    Connect With Me || My Blog Site || Follow Me
  • JoJoCal19JoJoCal19 Mod Posts: 2,835 Mod
    bradl3yC wrote: »
    Slightly off topic, but I see you're reading CCNA in 60 days. How are you liking that book?

    Oh, good catch. I needed to update. I actually switched from that back to Lammle's CCENT study guide. I think the CCNA in 60 Days is an excellent book/plan, but for some reason it didn't work well with my ADD and I was trying to force myself through it. Lammle's conversational style just seems to work better for me. If you're considering the CCNA in 60 Days I recommend picking up the Kindle version for only $10.

    stryder144 wrote: »
    Interesting recommendation on the level of knowledge. If you don't mind, could you expand a bit as to why knowledge at those particular levels? Why not also include the 70-680/685 certs, as well? I am by no means challenging your recommendations, just really curious.

    Sure. The reason I list those particular levels is that I feel they are the basic level of knowledge an information security person should have with regards to networking, Windows server, and Linux skills. How can you secure that which you don't understand? It's also from personal experience. I lost most of those skills during my 6 year stretch working in IAM for a large bank and now in a more technical security role I am having to go back and relearn a lot of it. As for not including 70-680/685, I was thinking more a long the lines of server administration and assuming that even working in a Help Desk position or having entry level IT experience a person would be well versed with most of the Windows desktop stuff. Of course my recommendations are not a one size fits all or applicable to everyone's situation, but just my own suggestions of a good baseline of knowledge. But definitely there's even some things I could refresh myself on from the 70-680/685 certs as well.
    Have: CISSP, CISM, CISA, CRISC, eJPT, GCIA, GSEC, CCSP, CCSK, AWS CSAA, AWS CCP, OCI Foundations Associate, ITIL-F, MS Cyber Security - USF, BSBA - UF, MSISA - WGU
    Currently Working On: Python, OSCP Prep
    Next Up:​ OSCP
    Studying:​ Code Academy (Python), Bash Scripting, Virtual Hacking Lab Coursework
  • bradl3yCbradl3yC Member Posts: 67 ■■■□□□□□□□
    JoJoCal19 wrote: »
    Oh, good catch. I needed to update. I actually switched from that back to Lammle's CCENT study guide. I think the CCNA in 60 Days is an excellent book/plan, but for some reason it work well with my ADD and I was trying to force myself through it. Lammle's conversational style just seems to work better for me. If you're considering the CCNA in 60 Days I recommend picking up the Kindle version for only $10.

    I'm about halfway through the ICND1 portion of Lammle's book. I agree that the conversational style of writing works well. I started with Matt Walkers AIO for C|EH but realized I need a better foundation before taking on some Security related topics. Also, I am not sure that I want to pursue C|EH as SANS certs are more appealing.
  • JoJoCal19JoJoCal19 Mod Posts: 2,835 Mod
    The CEH is good for the resume, that much I can say. However you're right in that the SANS classes and GIAC certs are much better and garner a lot more respect. I would say that if you meet the experience requirements for the CEH where you don't have to pay for the overpriced class and can just self study and take the test, by all means do so. But if not, then I would pass and instead of spending $3000+ on the iClass for CEH, opt to do a SANS work study for $1000.
    Have: CISSP, CISM, CISA, CRISC, eJPT, GCIA, GSEC, CCSP, CCSK, AWS CSAA, AWS CCP, OCI Foundations Associate, ITIL-F, MS Cyber Security - USF, BSBA - UF, MSISA - WGU
    Currently Working On: Python, OSCP Prep
    Next Up:​ OSCP
    Studying:​ Code Academy (Python), Bash Scripting, Virtual Hacking Lab Coursework
  • stryder144stryder144 Member Posts: 1,684 ■■■■■■■■□□
    @JoJoCal19...well reasoned response. Your explanation lines up well with the GSEC exam objectives, which I have been thinking about studying for. Thank you for the patient, well thought out response.
    The easiest thing to be in the world is you. The most difficult thing to be is what other people want you to be. Don't let them put you in that position. ~ Leo Buscaglia

    Connect With Me || My Blog Site || Follow Me
  • bradl3yCbradl3yC Member Posts: 67 ■■■□□□□□□□
    JoJo, just realized you're in Tampa. I'm an hour north of you.

    I'm pretty sure I would meet the qualifications to self study the C|EH exam. I just want to make sure I actually learn the materials and not just pass the test. Having said that, thats why I chose to put that on hold and pick up some fundamentals first.
Sign In or Register to comment.