Starting a Comptia security+ course/program today..

Trentont44

Any advise for someone is taking this course who has really no real coding/programming/IT besides a little HTML and excel use? So basically how hard will this course be for someone who really has no other experience within the IT world?

Squished

You'll find it quite challenging. Why not start with A+ and Network+? I'm studying for Sec+ right now and have many years in the industry and some concepts are tricky!

Trentont44

I did hear Net+ was a little easier, but for the position I need it requires Security+ so I figured I would just go for that. A+, isn't that just the hardware and the components within the computer?

Trentont44

Also the Instructor will be providing the 501 Emmett Dulaney book, and obviously from what I read that one is not recommended. If I got the

Darril Gibson book, would I be able to following the Instructors outline of the class with it?

Squished

Trentont44 wrote: »

I did hear Net+ was a little easier, but for the position I need it requires Security+ so I figured I would just go for that. A+, isn't that just the hardware and the components within the computer?

I guess I'd have to see the position to understand what you're trying to accomplish. The way I understand your question is that you have zero IT experience except a little HTML and excel use and you're going for some sort of IT Security job?

Yes, A+ is hardware and software but you'd be shocked at how much of it is relevant to Sec+ when talking about wireless protocols, command line switches, hardware (routers, switches, etc), and so much more.

Trentont44

Squished wrote: »

I guess I'd have to see the position to understand what you're trying to accomplish. The way I understand your question is that you have zero IT experience except a little HTML and excel use and you're going for some sort of IT Security job?

Yes, A+ is hardware and software but you'd be shocked at how much of it is relevant to Sec+ when talking about wireless protocols, command line switches, hardware (routers, switches, etc), and so much more.

Hmm, maybe While taking this course, it would be behoove of me just to go over A+ myself to understand the material better if assuming the Instructor wont go over that material. Hopefully he or she wont assume everyone is A+ certified? Ha.

Squished

Trentont44 wrote: »

Hmm, maybe While taking this course, it would be behoove of me just to go over A+ myself to understand the material better if assuming the Instructor wont go over that material. Hopefully he or she wont assume everyone is A+ certified? Ha.

I would certainly read the A+ book and take the exam especially if you have minimal other knowledge in IT. Knowing the 802.11 standards, most common ports, what layer what type of hardware operates on, etc., is all stuff from A+ and Net+ that gets elaborated on in Sec+. I'm in the process of going for Sec+ and skipped over Net+ for now and kind of wish I didn't.

TheFORCE

Trentont44 wrote: »

Any advise for someone is taking this course who has really no real coding/programming/IT besides a little HTML and excel use? So basically how hard will this course be for someone who really has no other experience within the IT world?

Security + requires no coding or programming knowledge. It is geared though for someone with already 1-2 years of IT experience. Still, its an entry level certificate so someone who is good with understanding concepts should be able to pass it if they study enough. You might find some items hard to understand but we live in the internet age so anything you don't understand you can find explanations of on google, in wikis and youtube channels beside books. An advice for you, use more than one resource when studying for any certifications.

Trentont44

TheFORCE wrote: »

Security + requires no coding or programming knowledge. It is geared though for someone with already 1-2 years of IT experience. Still, its an entry level certificate so someone who is good with understanding concepts should be able to pass it if they study enough. You might find some items hard to understand but we live in the internet age so anything you don't understand you can find explanations of on google, in wikis and youtube channels beside books. An advice for you, use more than one resource when studying for any certifications.

Ok, this is what I was kind of hoping for. I'm sure I will have to study quite a bit.

Trentont44

TheFORCE wrote: »

Security + requires no coding or programming knowledge. It is geared though for someone with already 1-2 years of IT experience. Still, its an entry level certificate so someone who is good with understanding concepts should be able to pass it if they study enough. You might find some items hard to understand but we live in the internet age so anything you don't understand you can find explanations of on google, in wikis and youtube channels beside books. An advice for you, use more than one resource when studying for any certifications.

Ok this is what I was kind of hoping for, I'm sure I will have to study quite a bit.. thanks.

Squished

TheFORCE wrote: »

Security + requires no coding or programming knowledge. It is geared though for someone with already 1-2 years of IT experience. Still, its an entry level certificate so someone who is good with understanding concepts should be able to pass it if they study enough. You might find some items hard to understand but we live in the internet age so anything you don't understand you can find explanations of on google, in wikis and youtube channels beside books. An advice for you, use more than one resource when studying for any certifications.

Not to single you out at all by any means, but one of the biggest pet peeves of mine on this forum is calling certs "entry level" and as a result equating them to "easy" for someone with 1-2 years IT experience. I can promise you, someone with 1-2 years on a help desk will not find Security+ easy or even Network+ "easy" by any means. Someone with zero experience in IT is probably going to be completely lost no matter how hard they study without any sort of practical experience. There are so many IT people who don't do a single certification and live permanently on a help desk as a result. Even the most basic (notice I didn't say entry level or easy) certifications like A+ will hold value when applying for jobs and should never be discredited. On the flip side, I can think of amazing technical people that couldn't take a standardized test if their life depended on it and a result would never pass A+ despite being brilliant technicians. I'd just love to see people get away from this whole entry level, easy, and even some call them worthless certification mentality. They are all valuable.

TheFORCE

Squished wrote: »

Not to single you out at all by any means, but one of the biggest pet peeves of mine on this forum is calling certs "entry level" and as a result equating them to "easy" for someone with 1-2 years IT experience. I can promise you, someone with 1-2 years on a help desk will not find Security+ easy or even Network+ "easy" by any means. Someone with zero experience in IT is probably going to be completely lost no matter how hard they study without any sort of practical experience. There are so many IT people who don't do a single certification and live permanently on a help desk as a result. Even the most basic (notice I didn't say entry level or easy) certifications like A+ will hold value when applying for jobs and should never be discredited. On the flip side, I can think of amazing technical people that couldn't take a standardized test if their life depended on it and a result would never pass A+ despite being brilliant technicians. I'd just love to see people get away from this whole entry level, easy, and even some call them worthless certification mentality. They are all valuable.

The quote below is directly from the Comptia site.

CompTIA Security+ is the certification globally trusted to validate foundational,vendor-neutral IT security knowledge and skills. As a benchmark for best practices in IT security, this certification covers the essential principles for network security and risk management – making it an important stepping stone of an IT security career.

Link below for more details. So, when Comptia itself is calling it foundational not really sure how that does not equate to entry level. furthermore if you see the recommendations on the link below it says 1-2 years.

As for the reset of your post, someone on a Helpdesk for 1-2 years should be able to acquire all the sec+ knowledge. if you haven't, then you are not trying enough. Take it from someone that worked on the Helpdesk for 2 years and saw all sec+ objectives in a real work environment.
https://certification.comptia.org/certifications/security

Squished

TheFORCE wrote: »

The quote below is directly from the Comptia site.



Link below for more details. So, when Comptia itself is calling it foundational not really sure how that does not equate to entry level. furthermore if you see the recommendations on the link below it says 1-2 years.

As for the reset of your post, someone on a Helpdesk for 1-2 years should be able to acquire all the sec+ knowledge. if you haven't, then you are not trying enough. Take it from someone that worked on the Helpdesk for 2 years and saw all sec+ objectives in a real work environment.
https://certification.comptia.org/certifications/security

I'm not disagreeing with the fact it's foundation level. There's no doubt it is. But those words can certainly give someone a false sense of security going into it and then when and if they don't pass the first time around, they get discouraged and drop out of the industry. To me, and regardless of what CompTIA says, it's a poor choice of words.

Also, you were configuring ACL's and reading through various threat logs from NIPS/NIDS to identify potential threats while on the help desk? Come on, I don't believe that for a second and I worked a help desk for years.

TheFORCE

Squished wrote: »

I'm not disagreeing with the fact it's foundational level.
Also, you were configuring ACL's and reading through various threat logs from NIPS/NIDS to identify potential threats while on the help desk? Come on, I don't believe that for a second and I worked a help desk for years.

Then why the pet peeve when it comes to calling the cert what it actually is. This is an industry recognized entry level cert. Theres numerous articles, publications etc on the topic and not only in this forum.

No two helpdesk are the same as no two organizations are the same. You should know this by your ITIL studies. There are various Helpdesk and different tiers in each. When I was on the Helpdesk I didn't have access to NIPS or HIPS or HIDS because those technologies were not mature enough and not many orgs were using them. But I did have access to anti virus tools, AD, application logs and security logs on each machine. I had access to various ticketing systems were I had to escalate to higher teams, server, infrastructure, exchange admins etc. You learn a lot when you are the first line of contact and first line of defense in the triage process.

Squished

TheFORCE wrote: »

Then why the pet peeve when it comes to calling the cert what it actually is. This is an industry recognized entry level cert. Theres numerous articles, publications etc on the topic and not only in this forum.

No two helpdesk are the same as no two organizations are the same. You should know this by your ITIL studies. There are various Helpdesk and different tiers in each. When I was on the Helpdesk I didn't have access to NIPS or HIPS or HIDS because those technologies were not mature enough and not many orgs were using them. But I did have access to anti virus tools, AD, application logs and security logs on each machine. I had access to various ticketing systems were I had to escalate to higher teams, server, infrastructure, exchange admins etc. You learn a lot when you are the first line of contact and first line of defense in the triage process.

I guess just from hiring people over the years and taking the certs myself to gauge competency required to obtain them I'm seeing so many people with not a single month of IT experience or education applying for sys admin jobs not even making an effort to obtain them. I can't tell you how many bartenders, grocery baggers, retail store clerks I've seen apply to desktop analysti and sys admin jobs without ever having a bit of IT training or experience. It's a weird industry in that way. Regardless of it being an entry level certification, I still value it highly when someone takes the time to understand the content, understand how to do standardized testing, and take the time out of their day and money out of their wallet to go obtain even entry level certs. There are many on here that say the entry level certs are a waste of time, but I strongly disagree with that. I don't think anything is a waste of time.

You also learn that alot of stuff you can do, you don't have access to, simply because your the help desk grunt. I couldn't stand know what an issue was, knowing how to fix it, but couldn't fix it because I didn't have access to it on the help desk and had to wait hours for a Tier 3 grab to look at his ticket queue and get around to it.

Trentont44

TheFORCE wrote: »

Then why the pet peeve when it comes to calling the cert what it actually is. This is an industry recognized entry level cert. Theres numerous articles, publications etc on the topic and not only in this forum.

No two helpdesk are the same as no two organizations are the same. You should know this by your ITIL studies. There are various Helpdesk and different tiers in each. When I was on the Helpdesk I didn't have access to NIPS or HIPS or HIDS because those technologies were not mature enough and not many orgs were using them. But I did have access to anti virus tools, AD, application logs and security logs on each machine. I had access to various ticketing systems were I had to escalate to higher teams, server, infrastructure, exchange admins etc. You learn a lot when you are the first line of contact and first line of defense in the triage process.

For the record I am a Tier 1 Help desk analyst, and after my first class today I can say that I will def have to study...a lot of it being I will have to study the terminology, the acronyms being used because he did not give us anytime to really soak it in and write it down during class before he started throwing some example questions at us.