infosec skills path

OSWP+CWTS > eCPPT > eNDP > OSCP (maybe)

So I'm thinking about obtaining the OSWP along with the CWTS before starting the eCPPT. I know the eCPPT has a wireless pen testing part module but I'm not so sure if it help me out at all.

I also know that a lot of people haven't done the OWSP and posted about it. I've seen some job postings (not a lot) for the OWSP, which might help me out. I know a lot of people have done the OSCP but I'm totally not ready for it right now.

I think that I'll add the eNDP (https://www.elearnsecurity.com/course/practical_network_defense) just so it'll enforce and add to what I know about network defense.

I'm trying to build up the skills for information security so I can get in a lot easier. I'm also working on the SSCP and the Linux+ right now.

Anyone got any thoughts?

Find more posts tagged with

Comments

636-555-3226

Generally speaking if you aren't at a decent level with wireless knowledge already I'd probably suggest the CWTS then the OSWP, not at the same time. That said, I've never taken either. Generally speaking when I hear people want to get into pentesting I recommend they have good foundation with which to build on. It's hard to learn how to hack things if you don't know how and why they work the way they do already. It's possible to learn on the fly, but it'll be easier to absorb and utilize the material if you gain the knowledge prior rather than at the same time. Otherwise it looks like a good cert path to me.

jamesleecoleman

I did take a wireless class when I was university but that was about 3 years ago. There will be stuff that I'll have to go back over. But I was thinking about the whole how stuff works situation, which means that I might have to do the eNDP first with the CWTS. I do my best to lab out AD such as adding users, password resets and policies.. which I know isn't much. I also do very little Cisco networking practice as well.

I signed up with CTF365 to practice around a bit with different tools to get familiar with them again and to learn new ones.

Thanks for the input 636-555-3226.

renacido

If you're trying to plan your professional development, as I tell people all the time, look at job postings for the next job you want to have, do a skills+knowledge+experience gap analysis, including common certs that are "strongly desired" in those postings, and start filling your gaps.

Otherwise, do whatever excites you, whatever captivates you right now.

Either way, if you're going for a certification, it's best to focus on one at a time unless they have a lot of overlap (in which case I question the value of getting more than one of them).

There are a few decent threads already for career dev and certification paths for infosec careers, just have to do a search to pull those up.

jamesleecoleman

It's mostly for professional development. I'm trying to fill in the gaps but I can't do it at my current position where I work at. So I figure that getting a plan together and working things out can get me where I want to be with in the company.

I'll set about pulling up the threads. I wasn't sure about the path that I put down because two of the certifications aren't really talked about here.