Passed Security+. What's Next?

elvinguitar · February 2016

I just passed my Security+ today with a score of 880/900. I studied for two weeks and only used Darril Gibson's book. The exam is not that hard if you really know the concepts.

I want to pursue that path of Penetration Testing. So what cert should I pursue next? I'm thinking of CEH but may told that it's not worth taking since it's all about the tools. I'm planning to take OSCP but not today since I'm no that pro yet.

Also, I'm planning to study python which might be helpful for PenTest and for OSCP. Any book/s you recommend that I should use?

Thanks.

cdx · February 2016

Hi elvinguitar,

Check out this thread from the Security Certificatons forum. It will answer your question.

http://www.techexams.net/forums/security-certifications/28593-security-certification-where-start.html

DAVIS NGUYEN · February 2016

Congrats!

elvinguitar · February 2016

cdx wrote: »

Hi elvinguitar,

Check out this thread from the Security Certificatons forum. It will answer your question.

http://www.techexams.net/forums/security-certifications/28593-security-certification-where-start.html

thanks for the link.

ccnpninja · February 2016

Nice job!

Fulcrum45 · February 2016

Nice score! Good job.

Dakinggamer87 · February 2016

Congrats!!

elvinguitar · February 2016

Thank you guys. I'm planning to pursue the offensive side (penetration testing) of IT Security, what cert should I take next?

636-555-3226 · February 2016

OSCP is the generic bread and butter starting point for red teaming. Some people will point you to CEH, but from recent forum posts I'd give CEH a few months to settle down since they just updated it and there seems to be some user confusion as to materials/tests/etc.

eLearnSecurity also has some classes that people here have spoken highly of, altho I've never personally reviewed the materials

elvinguitar · February 2016

636-555-3226 wrote: »

OSCP is the generic bread and butter starting point for red teaming. Some people will point you to CEH, but from recent forum posts I'd give CEH a few months to settle down since they just updated it and there seems to be some user confusion as to materials/tests/etc.

eLearnSecurity also has some classes that people here have spoken highly of, altho I've never personally reviewed the materials

I saw on Amazon that the Sybex guide for CEHv9 will be out on the month of May. So while waiting for the study guide, what should I study? Should I take CCENT > CCNA Security first? My consideration with CCNA Security is that it is vendor-specific unlike CEH.

One more thing, is Security+ worth the money for the Continuing Education? CompTIA requires you to pay $50/year for the Continuing Education.

cdx · February 2016

Yes Sec+ is very reputable to many employers. It is worth it. Based from my research so far, my route is below in my signature.

User2097 · February 2016

Get CEH and CISSP. OSCP is very hands on. Both will help you grasp concepts for OSCP.

elvinguitar · February 2016

User2097 wrote: »

Get CEH and CISSP. OSCP is very hands on. Both will help you grasp concepts for OSCP.

The study guide for CEH is not available yet.

Psydrox · March 2016

Proud of ya

Cerebro 2.0 · March 2016

Congrats

OctalDump · March 2016

The Offensive Security guys have a Metasploit course. It's a good way to ease yourself into the hands on off pen testing. CEH is like a brief overview of everything, it's worthwhile to have the knowledge, but it's fairly basic. The certification has good recognition, but isn't going to land you a serious role by itself.

If you don't already, get some programming experience. Python is popular in the pentest world, and there's a bunch of books on Python and pen testing. It also helps to understand how stuff works under the hood.

Download Kali, and start familiarising yourself with the tools.

Passed Security+. What's Next?

Comments