It Security Track/Path

ITSpectre

Hello all,

So my goal after thinking about this more in depth over the past month, I want to leave the help desk and get into the Infosec realm. Based on many many threads that are posted here.... these things I do need to know

- Networking concepts in detail
- the OSI Model in detail
- How a OS system works in detail
- Linux
- Python

Certification Lineup

- Sec+ (complete)
- RHCSA (in progress)
- eJPT
- CCNA/MCSA
- OSCP
- CISSP

Right now I am working on my RHCSA. The job I am at now may be sending me to another state but it will be for a sysops job working with Linux and Windows as an administrator. I am hoping I get that job. I really do not want to go to another help desk job again after working at different desks for over 2 years. My goal is to be a pentester and show people where the vunerabilities are in their own networks. I want to also teach classes on basic security concepts and how to secure their OWN networks at home... by telling and showing them how to do it... (this will also count for CE credits)

I welcome any and all advice on how to attain my goal!

tpatt100

Focus on the sysops job for a while, knowing how a corporate network works will probably make pen testing easier to understand.

beads

Another alternative into security would audit or as I like to say where InfoSec careers either start or go to die. - b/eads

dmoore44

If you can get your employer to send you, the SANS training is invaluable. The material and instructors are top notch.

Also, you might want to pick up some light reading... I'd recommend Counter Hack Reloaded by Ed Skoudis to break the ice on security related topics (it's a bit old now, but still a great read), the latest edition of Windows Internals (6E Part 1 and 6E Part 2) by Mark Russinovich to cover Windows in depth, Network Security Through Data Analysis by Michael Collins to learn threat detection methodology (The Practice of Network Security Monitoring by Richard Bejtlich is also fantastic for this topic), and the Red Team Field Manual by Ben Clark to have a handy desk reference for various security tools.

jerseytech

May I ask why a MCSA cert?

ITSpectre

jerseytech wrote: »

May I ask why a MCSA cert?

The reason why I added the MCSA cert is I need to understand how windows networking work... or can I just substitute that for a CCNA/CCNP

UnixGuy

In your sysop job:
- Learn how to script (bash for linux, powershell for windows)
- Learn everything you can about Active Directory. I mean everything!
- Learn everything you can about Certificates management.
- Get your hands on on any Enterprise Anti Virus solution.
- Learn about Malware
- Any mobile management solution (MDM).
- Learn Patching.
- Get your hands on any proxy/firewall you might have.
- Are they using any cloud (Azure/AWS)? Learn everything about it on the job.

(Truth is, you don't necessarily need to pass RHCSA or MCSA...but why not if you're very driven. CCNA is good too).

Certificates wise:
- Get the CISSP. Take it, don't wait till you have 5 yrs of experience, just be an associate. Get it out of the way. it's not that hard.
- Any SANS you can. Even if you have to pay for it (trust me). The more the better.
- eLearnSecurit, you will learn a lot for cheap-ish.
- OSCP if you can dedicate 3 months of your life for it, I say don't postpone it, take it as soon as you can.
- If you happen to work with any firewall in your sysop job...get a certificate for that.
- if you happen to work with amazon, get Amazon AWS cert.

chrisone

I think perhaps ccna is overkill. It is a very very hard cert if you have zero networking experience. I think for what you want to get out of networking you can achieve with the network+ exam. The ccna is very long, lots of material to cover, two 800pg books, labs, and learning a lot of Cisco related fluff that you do not necessarily need for security/pentesting. I think your good with comptia network+ exam here.e

ITSpectre

UnixGuy wrote: »

In your sysop job:
- Learn how to script (bash for linux, powershell for windows)
- Learn everything you can about Active Directory. I mean everything!
- Learn everything you can about Certificates management.
- Get your hands on on any Enterprise Anti Virus solution.
- Learn about Malware
- Any mobile management solution (MDM).
- Learn Patching.
- Get your hands on any proxy/firewall you might have.
- Are they using any cloud (Azure/AWS)? Learn everything about it on the job.

(Truth is, you don't necessarily need to pass RHCSA or MCSA...but why not if you're very driven. CCNA is good too).

Certificates wise:
- Get the CISSP. Take it, don't wait till you have 5 yrs of experience, just be an associate. Get it out of the way. it's not that hard.
- Any SANS you can. Even if you have to pay for it (trust me). The more the better.
- eLearnSecurit, you will learn a lot for cheap-ish.
- OSCP if you can dedicate 3 months of your life for it, I say don't postpone it, take it as soon as you can.
- If you happen to work with any firewall in your sysop job...get a certificate for that.
- if you happen to work with amazon, get Amazon AWS cert.

Now to build on what you just said *very good info and I wrote it down in my notebook that I keep at my desk* To go deeper into what I want to do in Infosec... I decided to get into infosec first.... THEN focus on Hacking, pentesting, intrusion, etc.... Thinking like a hacker but being able to document what I do and how I did it... (I keep a notebook near me and when I learn something new I document what I do to make something happen, or the steps I took to do it) So I am already in the habit of documentation. At my last job I was tasked with documentation because I sent out a document every morning about Security threats, trojans, tips, and what issues we were dealing with for that day. (The help desk lead loved me for that because it made his job easy)

ITSpectre

Also for the CISSP.... Ive already started listening to audio lectures in the car on the way to work... once I complete those I will get the sybex book. I have noticed that most of the materials covered some of it is based off a secured environment.

Antonov

Very informative , thanx