Security + Now lost....
Hello,
Firstly I would like to thank you for taking the time to read my post, and any suggestions/opinions would be greatly appreciated.
I have just finished up with the A+, N+ Sec+ trio (passed sec+ with a 900 this week) and would like a little advice as to where to focus my time and limited resources. I have little to no real world hands on experience (2 years small company network management) bar my recently built home lab to play around with. I am desperately wanting to break into the Info sec world without getting sucked into the help desk trap if possible, but if that has to be done which path outside of work can help speed up the route to a security based role. I am not really sure which area I would like to specialize in, but would like to make efficient use of my time while building up to this decision. I currently seem quite interested in all areas and would love to try out everything, however time and resources are limited and of course you need to focus the beam to get any real results.
I am 33 and have no degree, a couple of entry level certs and a few years limited experience (as stated above). I am wondering what would be the most efficient direction to move at this current point in time. Should I say hit CCENT then CCNA: Security to cover the networking basics, then something like MCSA/MCITP to cover systems basics perhaps with something Linux orientated to cover another system. Then I could move on to something like CASP to further my security knowledge and follow this up with CISSP. Throwing in CEH just for an introduction to the pen side of things and if I like it I can always try OSCP etc.
I feel a little overwhelmed with all of these certs to cover, but I am pretty good with self study and find I can pour lots of structured time into certs especially with the free time I currently get at work. I am aware that certs are not everything hence my home lab to explore things hands on until I get work in the field. I have started learning Python as well for some scripting. I would love some advice as to whether I have the right idea, trying to cover all bases to begin with and see where it goes. Have I missed anything out? What do you think?
Many thanks
Dan
Firstly I would like to thank you for taking the time to read my post, and any suggestions/opinions would be greatly appreciated.
I have just finished up with the A+, N+ Sec+ trio (passed sec+ with a 900 this week) and would like a little advice as to where to focus my time and limited resources. I have little to no real world hands on experience (2 years small company network management) bar my recently built home lab to play around with. I am desperately wanting to break into the Info sec world without getting sucked into the help desk trap if possible, but if that has to be done which path outside of work can help speed up the route to a security based role. I am not really sure which area I would like to specialize in, but would like to make efficient use of my time while building up to this decision. I currently seem quite interested in all areas and would love to try out everything, however time and resources are limited and of course you need to focus the beam to get any real results.
I am 33 and have no degree, a couple of entry level certs and a few years limited experience (as stated above). I am wondering what would be the most efficient direction to move at this current point in time. Should I say hit CCENT then CCNA: Security to cover the networking basics, then something like MCSA/MCITP to cover systems basics perhaps with something Linux orientated to cover another system. Then I could move on to something like CASP to further my security knowledge and follow this up with CISSP. Throwing in CEH just for an introduction to the pen side of things and if I like it I can always try OSCP etc.
I feel a little overwhelmed with all of these certs to cover, but I am pretty good with self study and find I can pour lots of structured time into certs especially with the free time I currently get at work. I am aware that certs are not everything hence my home lab to explore things hands on until I get work in the field. I have started learning Python as well for some scripting. I would love some advice as to whether I have the right idea, trying to cover all bases to begin with and see where it goes. Have I missed anything out? What do you think?
Many thanks
Dan
Comments
2. see what knowledge/experience/certs they are asking for
3. get those
4. get job
5. profit
Because you already have some certs and are looking to acquire more, I'd consider looking into a Bachelors degree from WGU (some WGU people can chime in on this) and maybe contact and advisor to see how many credits you'd transfer in based on certs and what certs you'd earn. Might be able to get your bachelors and all the same certs at the same time.
Hi Dan,
You got a 900 out of 900 on the Security+??
Are you sure that you have "no real world hands on experience"?
lol
If i may ask, what study material did you use to prepare for the exam??
Thanks!
+1 Agree and I also have another vote for WGU!! It's a great way to earn your degree and gain certs at the same time. It is also very cost effective so I would highly recommend looking into it as an option.
*Bachelor's of Science: Information Technology - Security, Master's of Science: Information Technology - Management
Matthew 6:33 - "Seek the Kingdom of God above all else, and live righteously, and he will give you everything you need."
Certs/Business Licenses In Progress: AWS Solutions Architect, Series 6, Series 63
The WGU degree seems interesting, I wonder what its validity is across the water as I am in the UK. I guess its something viable to research, thanks!
Hello swaingant!
Yes I was quite surprised actually, I felt a little sweaty with the wording of some of the questions half way through, probably beta questions throwing me. I was well prepared for the sims too, putting those memorized port numbers to use! I used Darril Gibson's book 'Get certified, Get ahead' along with professor Messer's video's. I really enjoy Darril's books, used them to pass with 900 on A+ and Net+ too (at work the most I have to do is reset the router/server or add a new user so I still maintain no real experience), very informative and easily digestible. The website also has some sim advice which was helpfull in knowing what to expect. I also did a shed load of practice questions and understood the wrong answers as well as the correct ones. I hope this helps others as it was great for me.
Mow, I would love to ask my boss or sell security audits to local businesses but I have no idea how to do that
Hahah that's funny I got the same score 900/900. The proctor was convinced I cheated.
FYI: I went CISSP immediately after S+ and passed in about a months time. I over prepared for the S+, but was prepared for the CISSP at that point.
So currently I am thinking of going CCNA:sec then MCSA then CEH/CASP/CISSP. Although a WGU degree sounds interesting but I am from the UK and the closest thing I have found here is a 6 year part time open university course, which sounds horrible.
Another thought is I can study for several hours a day where I currently work, however the pay is crap and I am not really getting any IT experience, I could move on to a proper IT roll and get paid more while gaining experience too, but have no time to study except outside of work. hmm
What part of security interests you?