Can anyone offer some guidance?

DDStimeDDStime Member Posts: 113 ■■■□□□□□□□
I am new here and let me say there is a lot of helpful people on the forums from what I see. Having said that I have a question for someone that might be willing to help.


I work as a network admin using Active Dir, SCCM, ticketing systems and manage some servers, but don’t really know technically how things work.


I have my CISSP/Sec+, but am really lacking technical knowledge of networking and OS’s. I learned enough to pass tests, but I would like to know the info in greater detail.


So I eventually would like to be a security engineer of some type, but do not know what route to take, or really what to specialize in. I have a lot of interest in how things communicate, but also have a lot of interest in how to reverse engineer and hack things.

Skill level of networking is about 3 out of 10 (I have set up switches and routers for very small LAN’s) and skill level of pentesting is about a 3 out of 10 (I have used Kali to break some keys and WIFI as well as wireshark to follow TCP streams and some very basic packet inspection).


Being that I want to be in the security field and have not made up my mind on what specifically what cert would you recommend?


I have studied CCNA for a bit and also have skimmed various pen certs, but what cert would be a great foundation to start with?

Comments

  • bpennbpenn Member Posts: 499
    You say your networking knowledge could use some work. Definitely get your CCNA, then. You need to know how things communicate and that would be a great first step.
    "If your dreams dont scare you - they ain't big enough" - Life of Dillon
  • 636-555-3226636-555-3226 Member Posts: 975 ■■■■■□□□□□
    Look at SANS training website and see what kind of classes they offer. You don't need to TAKE the classes but can use them to help figure out a path.
  • BlackBeretBlackBeret Member Posts: 683 ■■■■■□□□□□
    Why not go with studying the Network+ material? Cheap to get ahold of the books and get a solid foundation. Look at how everything communicates, services on ports, etc.
  • fuz1onfuz1on Member Posts: 961 ■■■■□□□□□□
    You're probably not giving yourself enough credit with your skill level but you might even want to do Network+ to really get the basics down. Otherwise, CCENT/CCNA is probably right up your alley and should be smooth sailing. After that, you can get into pen-testing, info assurance and a whole lot of other security specializations. Also, maybe you might want to look into MCSE since you admin AD/SCCM.
    timku.com(puter) | ProHacker.Co(nsultant) | ITaaS.Co(nstultant) | ThePenTester.net | @fuz1on
    Transmosis | http://transmosis.com | LinkedIn | https://linkedin.com/in/t1mku
    If evil be spoken of you and it be true, correct yourself, if it be a lie, laugh at it. - Epictetus
    The only real failure in life is not to be true to the best one knows. - Buddha
    If you are not willing to learn, no one can help you. If you are determined to learn, no one can stop you. - Unknown
  • NetworkNewbNetworkNewb Member Posts: 3,298 ■■■■■■■■■□
    Go CCENT/CCNA, I think people under estimate how much of the basics it goes over. I wouldn't waste my time/money with the Network+ based on your background.

    imo, the CCENT kicks the Network+'s butt on helping people understanding the basics of Networking. I passed the CCENT earlier and going for the CCNA: Security now. The CCNA:Sec has a lot of interesting topics that relate to the Sec+/CISSP as well.

    I might go back for the Routing and Switching cert one of these days. Actually took it and failed it a few months back (not by much either) and started working on other things....
  • cyberguyprcyberguypr Mod Posts: 6,928 Mod
    I always advocate what these guys are saying, some OS and networking certs and then focusing on Security. From a security standpoint, the SANS Roadmap helps visualize the different areas of security and how to get there.
  • DDStimeDDStime Member Posts: 113 ■■■□□□□□□□
    Thanks for all of the replies:

    @BP: I am leaning towards this cert. I got about half way through the CCENT portion of lammles book and set it down for some Linux hacking with Kali. I will prob return to grab the CCNA before I go any further into the pentest/hacking side of things as it can inly help me along the way.

    @636: Interesting info at the SANS site, I will check into it a bit more, thanks!

    @Black: As I already started CCENT I will prob stick to CCNA at this point. I have skimmed through Net+ from FEDVTE and there are some great explanations there, thanks!

    @Fuz: I feel comfortable understanding the topics of CCNA so I will prob go this route. I ran into situations in the CEH studies where I could pen targets, but was not really understanding how the underlying communication works. I think CCNA and maybe CCNA:SEC will be a good foundation to understand what is really going on under the hood.

    @NET: I think I will eventually do CCNA:SEC as well, thanks for the info and I might pick your brain for the CCENT.

    @CYB: IYHO would you go sec and OS certs first or networking? I was looking into OSCP, but while I can finish the projects with guidance I sometimes feel like I am lacking the true understanding of what is going on. Its like I am a server at a restaurant that understands very little of how the food is made or the business is run. But I can deliver! ha ha
  • DDStimeDDStime Member Posts: 113 ■■■□□□□□□□
    The problem is that I really enjoy working with Linux and specifically Kali/Backtrack. I think that the networking side of the house is ok, but I feel like I can spend hours playing with pen tools and I seem to get bored doing network configs on CISCO only equipment.

    Would I be doing a huge disservice to myself if I just learned Kali and did not get the CCNA?

    I don't really care about certs, I am more into finding out what I really like about computers and at this point I am a little uncertain
Sign In or Register to comment.