Cant make a decision!

5502george

So I have decided that I would like to align my certs/skills for a more technical security role. I just cant decide what to get!

Background:

-DoD system admin
-CISSP/SEC+
-Little to no network knowledge
-Experience with Kali (wireshark, aircrack, metasploit etc...)
-Interested in red team/blue team duties

Goal: To be part of a technical security team working for the gov

Plan: I had initially thought the CCNA would be the route I would take, but there was so much technical CISCO info that I doubt I will use a lot of it. I am now eyeballing OSCP or CEH. I have reviewed the CEH and it seems like that cert would require a month or two to obtain. The DoD seems to really like this cert (I don't know why). I am also looking at OSCP and although I know a lot of the Kali distro, I do not know any languages so this cert might be out of reach for me. I have also thrown around the idea of getting my masters degree in an IT related field as my undergrad is in Aeronautics (non-IT).

Let me know what you think and any thoughts you have on the subject. I feel that I have a lot more potential, but just lack the focus/direction to start one path. I literally have no idea what to do at this point. I am ready for the next challenge, but the real challenge is figuring our which direction to go!!!!!

dustervoice

I know exactly what you are going through. for me i feel this way every 2 months as i get bored easily as soon as i learn a technology i want to move on to something else its a never ending cycle. I think contracting might be the way to go as you can get involved in lots of different project to get a feel for what you like best.

Simrid

I am security god however, I would say if you would like to specialise in network security such as firewall configurations and best practise within that sort of enviroment, that's what Cisco will teach you (CCNP level). If not, bypass Cisco and look at security alternatives.

Hope that helps.

OctalDump

Learn networking. There's no way around it if you want a technical role. At least Net+. The other thing worth doing is learning Python. You can pick the basics up in not too much time, and there are a few books that deal specifically with using Python for ethical hacking.

The CEH is worth getting simply to get jobs, especially in government. It has a cool name, but is really entry level pen testing. Not enough to make you an ethical hacker. You probably have reasonable experience to get this "easily" if you are familiar with Kali.

OSCP is definitely what you want if you want to play red team. The GIAC certs are also nice, but expensive. GIAC Incident Handler is apparently a good step to take after CEH, and is more of the blue team stuff.

Probably, get yourself $500 worth of books to read, learn networking, get reasonable with Python, go deeper with Kali, and prepare for OSCP. After that look at a Masters degree.

lsud00d

You know what's half of netsec? NETWORKING!

You don't have to get the CCNA to understand networking, but at least read a CCNA book and watch some videos. Learn the OSI model. You *must* understand what's going on at all layers to have any shot at being successful in a technical security role. Once you understand netsec, move on to appsec (or websec). Read up on opsec, infosec, and all things -sec.

wtrwlkr

5502,

Just a word of caution: go take a look at the Certified Ethical Hacker forum. People are NOT happy. The gist of what I'm getting is that the EC-Council released a new version of the test with no warning and without updated study materials available. I'm also hearing that WGU is urging their students to put off testing for C|EH as part of their masters program.

The talk over there has made me reconsider C|EH at this time and I'm pursuing CISSP instead. Have you considered going after CCNA and then possibly moving on to CCNA:Security? Or, if you have the money to spend, consider getting a SANS institute cert.

5502george

OctalDump wrote: »

Learn networking. There's no way around it if you want a technical role. At least Net+. The other thing worth doing is learning Python. You can pick the basics up in not too much time, and there are a few books that deal specifically with using Python for ethical hacking.

The CEH is worth getting simply to get jobs, especially in government. It has a cool name, but is really entry level pen testing. Not enough to make you an ethical hacker. You probably have reasonable experience to get this "easily" if you are familiar with Kali.

OSCP is definitely what you want if you want to play red team. The GIAC certs are also nice, but expensive. GIAC Incident Handler is apparently a good step to take after CEH, and is more of the blue team stuff.

Probably, get yourself $500 worth of books to read, learn networking, get reasonable with Python, go deeper with Kali, and prepare for OSCP. After that look at a Masters degree.

I hear you. I actually know a little bit about networking from some engineering I had to do for an military facility. I just cant wrap my head around learning CISCO configs and never using them again. I guess what I will do is read through the CCNA book (I already have) and have my eyes set on CEH>OSCP.

5502george

lsud00d wrote: »

You know what's half of netsec? NETWORKING!

You don't have to get the CCNA to understand networking, but at least read a CCNA book and watch some videos. Learn the OSI model. You *must* understand what's going on at all layers to have any shot at being successful in a technical security role. Once you understand netsec, move on to appsec (or websec). Read up on opsec, infosec, and all things -sec.

I understand most of the OSI model and most protocols that traverse it. I do lack some knowledge about IP though. The thing is that I do well with focused study with an end goal. If I don't have an end goal my brain does not want to learn it . I agree that networking is very important, maybe I will study for CEH and continue to read about networking as it applies during my studies for CEH and eventually OSCP.

philz1982

5502george wrote: »

-Interested in red team/blue team duties

Goal: To be part of a technical security team working for the gov

You mention red/blue team duties. Two totally different areas. Which one appeals to you most? Are you more project focused or task focused. The reason I ask. Red Teaming tends to lend itself well to project focused folks, whereas blue teaming lends itself to task focused folks. Neither are better then the other, just different and they require different personalities. If you can pin down red vs blue, then you can go and narrow down functional areas and begin to create a focused career plan.

For example, if you choose red team you could focus on scripting and be the one who writes scripts for the red team. Or you could focus on personal skills and be the one who focuses on physical and social exploitation.

On the flip side on the Blue team you could be post incident forensics, or you could focus on Defense in Depth deployment and become an infrastructure expert.

You can also focus outside of Blue/Red teams on things like secure software development and secure network engineering.

Let me know your thoughts.

5502george

philz1982 wrote: »

You mention red/blue team duties. Two totally different areas. Which one appeals to you most? Are you more project focused or task focused. The reason I ask. Red Teaming tends to lend itself well to project focused folks, whereas blue teaming lends itself to task focused folks. Neither are better then the other, just different and they require different personalities. If you can pin down red vs blue, then you can go and narrow down functional areas and begin to create a focused career plan.

For example, if you choose red team you could focus on scripting and be the one who writes scripts for the red team. Or you could focus on personal skills and be the one who focuses on physical and social exploitation.

On the flip side on the Blue team you could be post incident forensics, or you could focus on Defense in Depth deployment and become an infrastructure expert.

You can also focus outside of Blue/Red teams on things like secure software development and secure network engineering.

Let me know your thoughts.

I have no preference really. Like I said I love IT and that is where my dilemma originates. I cant pin point one thing that I would like to do. I know I love figuring out puzzles like cracking routers and boxes (in controlled environments of course) and have used tools to recover deleted files and really liked that as well.

Like I mentioned, I do very well when I have a goal in mind to learn (certs). What would you recommend as a starting point?