Passed -Security+ Exam...What's Next??? CISA???

ns_frankns_frank Member Posts: 19 ■□□□□□□□□□
Hi everyone,

First I would like to thank all of you wonder IT pros. The people that give out tips and advice about careers and certificatgion are the real MVPs. I passed my security+ exam and now I'm ready to aim for another cert. I was looking at the CISA cert. Where can I find the main site to register for the test? I want to learn more info about it just so that I know. Also, what book do you guys suggest? Websites and notes will help to. #MakingAllKindsofGainZ

Comments

  • PJ_SneakersPJ_Sneakers CompTIA, EC-Council, ISACA, (ISC)², Microsoft USAMember Posts: 880 ■■■■■■□□□□
    Make sure you meet ISACA's prerequisites first.
  • Hammer80Hammer80 Member Posts: 207 ■■■□□□□□□□
    It sounds like you are just starting out, these are not entry level certs. Certifications such as CISA or CISSP are not an option until you have 5 years of experience before you can even sit for the exam. The Security+ will knock of 1 year of the requirement on the CISSP, but for CISA i think you need a Bachelor's to get the 1 year waiver. Either way CISA will require the 5 years of Audit experience and CISSP will require 5 years of some sort of security experience, this has to be verifiable experience so you can't BS your way through it.
  • ns_frankns_frank Member Posts: 19 ■□□□□□□□□□
    Ahh I see. I just did more research and looks like i'm not ready. I'm 22 years old with a Security+, and Bachelor's in Computer and Information Systems. I am almost done with my Master's in Information Assurance which I'll be done in May. I will look at the CEH then. Looks pretty cool and worth learning about.
  • shochanshochan Member Posts: 936 ■■■■■■■□□□
    ns_frank wrote: »
    Ahh I see. I just did more research and looks like i'm not ready. I'm 22 years old with a Security+, and Bachelor's in Computer and Information Systems. I am almost done with my Master's in Information Assurance which I'll be done in May. I will look at the CEH then. Looks pretty cool and worth learning about.

    CompTIA has CASP and coming in 2017 the CSA+...you might check it out on the CompTIA.org website. The CASP is no joke though, so you may want to do the CEH or possibly Microsoft/Cisco exam...I would recommend getting your A+ too.
    2021 Goal ~ OSCP

    Urban Achiever~ A+, Network+, i-Net+, MCP 70-210, CNA v5, Server+, Security+, Cloud+, CySA+
  • winona_ryderwinona_ryder Member Posts: 42 ■□□□□□□□□□
    Be wary of employers asking for things like CISSP or CISA, when they also say things like "2 years experience in a similar role".

    That happened here in 2012 and 2013. Occasionally I still see job ads that read like that. It's usually a sign that they aren't familiar with the requirements, and that management buy in will be ......interesting
  • DAVIS NGUYENDAVIS NGUYEN Member Posts: 1,472 ■■■□□□□□□□
  • E Double UE Double U Member Posts: 1,764 ■■■■■■■■■□
    If you can afford SANS training then the GIAC route would be good.
    Alphabet soup: CISSP, CCSP, CISM, CISA, GDSA, GPEN, GCIA, GCIH, GCCC, CEH, Azure Fundamentals, Azure Security Engineer Associate, ITIL 4 Foundation, and more.

    2020 goals: AZ-900, AZ-500, GDSA, ITILv4

    "You tried your best and you failed miserably. The lesson is, never try." - Homer Simpson
  • RemedympRemedymp Member Posts: 834 ■■■■□□□□□□
    You might want to look at ITIL-F.
  • beadsbeads Senior Member Member Posts: 1,511 ■■■■■■■■■□
    Its worth the chuckle when we see people with no experience having passed and endorsed exams like the CISSP or CISA. I mean seriously? Your a mid level career "professional" with absolutely no experience in the field?

    Go for the CISA when you have real auditing experience - it will make resume sense, at that time.

    Seriously, auditing is probably the best place to start an InfoSec career as you get to learn the why's of security rather than just telling people its a vulnerability to fix. It may indeed be vulnerable but there could very well be a legitimate reason its not being fixed to your standards as well. Auditing teaches those and many other much needed skills.

    Sorry, skiddies. icon_study.gif

    - b/eads
  • ns_frankns_frank Member Posts: 19 ■□□□□□□□□□
    Yeah, I did a lot of thinking and I am just so excited about the career field that I want to go as far as I can to be really good. I really am looking to prepare for the security field and I was looking at the Ethical hacking part. Maybe I should grab some books to learn and study for the CEH? What do you think? I am now working as a network administrator and I am learning a lot on the job. Maybe I should go into network security? So many options!!!
  • amcnowamcnow CISSP, CEH, CHFI, SAFe 4 Practitioner, ITIL v3 Foundation, A+, additional certs for outdated technol Circle CityMember Posts: 215 ■■■□□□□□□□
    Just my 2 cents. There are indeed so many options! It's wise to evaluate where you are now and have at least a general idea of where you want to take your career. You can then focus your efforts on certs relevant to your current job and future prospects.

    You mentioned working as a network admin. Do you work with Cisco appliances? If so, then (assuming you don't already have have them) CCNA Routing and Switching and CCNA Security are worth a look.

    EDIT: Just read (in another thread) the CEH exam is part of your academic curriculum. That's how I earned mine. :D
    WGU - Master of Science, Cybersecurity and Information Assurance
    Completed: JIT2, TFT2, VLT2, C701, C702, C706, C700, FXT2
    In Progress: C688
    Remaining: LQT2
    Aristotle wrote:
    For the things we have to learn before we can do them, we learn by doing them.
Sign In or Register to comment.