Options

Need help to enter Security field

Abhishek a.k.a BlackshielAbhishek a.k.a Blackshiel Member Posts: 22 ■□□□□□□□□□
With a batchelor's degree in Business administration and background of commerce, i dream of entering into technology field of security. Looking forward to persue comptia sec+ (as an entrant certi) studies and finally giving exam for the same, will this get me a reputed job? What should i do? Am i going right? Are my qualifications appropriate for industrial needs? ( im from india ). What kindof job will i get.

Comments

  • Options
    pinkydapimppinkydapimp Member Posts: 732 ■■■■■□□□□□
    Security is a huge field FYI. My suggestion is to learn your foundational skills. Networking, and OS for starters. Once you have a strong understanding of how networks and Operating Systems work, then you can start to learn their vulnerabilities and how to protect them. I think any direction you go in you will benefit from those skills. For the OS, Microsoft and linux i would recommend. And keep in mind there are rarely entry level roles in security, so they typically require you to have experience. So learn, get a job, get some experience and then start thinking about which area of security you want to venture in. These are just some of the different areas:

    Security and Risk Management (Security, Risk, Compliance, Law, Regulations, and Business Continuity)

    Confidentiality, integrity, and availability concepts
    Security governance principles
    Compliance Legal and regulatory issues
    Professional ethic
    Security policies, standards, procedures and guidelines

    Asset Security (Protecting Security of Assets)


    Information and asset classification Ownership (e.g. data owners, system owners)
    Protect privacy Appropriate retention
    Data security controls Handling requirements (e.g. markings, labels, storage)

    Security Engineering (Engineering and Management of Security)


    Engineering processes using secure design principles
    Security models fundamental concepts
    Security evaluation models
    Security capabilities of information systems
    Security architectures, designs, and solution elements vulnerabilities
    Web-based systems vulnerabilities Mobile systems vulnerabilities
    Embedded devices and cyber-physical systems vulnerabilities
    Cryptography Site and facility design secure principles
    Physical security

    Communication and Network Security (Designing and Protecting Network Security)


    Secure network architecture design (e.g. IP & non-IP protocols, segmentation)
    Secure network components
    Secure communication channels
    Network attacks

    Identity and Access Management (Controlling Access and Managing Identity)


    Physical and logical assets control
    Identification and authentication of people and devices
    Identity as a service (e.g. cloud identity)
    Third-party identity services (e.g. on-premise)
    Access control attacks
    Identity and access provisioning lifecycle (e.g. provisioning review)

    Security Assessment and Testing (Designing, Performing, and Analyzing Security Testing)


    Assessment and test strategies
    Security process data (e.g. management and operational controls)
    Security control testing Test outputs (e.g. automated, manual)
    Security architectures vulnerabilities

    Security Operations (Foundational Concepts, Investigations, Incident Management, and Disaster Recovery)


    Investigations support and requirements
    Logging and monitoring activities
    Provisioning of resources
    Foundational security operations concepts
    Resource protection techniques
    Incident management
    Preventative measures
    Patch and vulnerability management
    Change management processes
    Recovery strategies
    Disaster recovery processes and plans
    Business continuity planning and exercises
    Physical security
    Personnel safety concerns

    Software Development Security (Understanding, Applying, and Enforcing Software Security)


    Security in the software development lifecycle
    Development environment security controls
    Software security effectiveness
    Acquired software security impact
  • Options
    twodogs62twodogs62 Member Posts: 393 ■■■□□□□□□□
    Why did you not start out with Technical degree in Computer Science?
Sign In or Register to comment.