Security certification - where to start?

v_infosec

Could anyone tell me is MCSA:Security and MCSE:Security certifications retired? If they are, what are other alternative Microsoft certification with security concentration. I need a full explanation please. I have been on MS website and I seem not to find any info regarding MCSA/MCSE: security.

I would appreciate if Kreaton , JDMurray will comment on this post and have it broken down for me.

I want to follow kreaton's advice on

Security+
MCSA, MCSE
CEH
CNNA/CCNP:security
SSCP

If MCSA/MCSE: security are retired? What do you suggest I do to follow the above plan sequentially?


Thanks for your response.

MIke

itsgonnahappen

Tagging this post for reference. Keatron props +1.

nandan.phirangi

I am CCNA Certified and have 2 years of experience in Network Monitoring and troubleshooting field.


I have interest in Information security. I am planning to pursue CEH.


But I don't have any experience in Info. Security.


Please advise Keatron or any experienced security professional if I should go for CEH .

Master Of Puppets

A little more info would be useful but the CEH will definitely increase your chances of getting a job.

Do you know the area you wish to get into?

JustFred

I just wanted to say thank you all for this post. It gave me ideas on the path to follow as a network engineer who also wants to have a solid background in security since I'm starting to deal with firewalls and security a lot.

It's great when people share their knowledge with others. Some people seem annoyed just by asking them a simple question or some guidance. It's a shame these people do not realize they were once novices too.

Master Of Puppets

JustFred wrote: »

I just wanted to say thank you all for this post. It gave me ideas on the path to follow as a network engineer who also wants to have a solid background in security since I'm starting to deal with firewalls and security a lot.

It's great when people share their knowledge with others. Some people seem annoyed just by asking them a simple question or some guidance. It's a shame these people do not realize they were once novices too.

That's great to hear! Just a little side note on the annoyed people you are talking about - a lot of people, especially in infosec, get retarded questions on a daily basis by people who want to become an ethical hacker but can't tell the difference between a computer and a fridge(people who have no idea what it is and say they want it because it sounds cool and everyone else is doing it). Or people who want to take an easy way and continue to ask stupid questions even when you have explained to them that you can't join Anonymous after 3 months of studying hacking.

I just wanted to point out the some of these people in some circumstances, should not be blamed for not wanting to deal with it all. However, it is an entirely different story when someone wants to begin/advance in a certain field, knows what he is doing, has ambition and a desire to learn, improve and get better. In other words - like many people on this forum. It really is a shame when people deny individuals like that advice. Knowledge should be shared and I have always tried to help someone if I am competent enough on the subject. But we should bear in mind that some people do not deserve help as much as others.

JDMurray

Master Of Puppets wrote: »

a lot of people, especially in infosec, get retarded questions on a daily basis by people who want to become an ethical hacker

When people ask me how to get a job doing pen testing, ethical hacking, digital forensics, etc. I first ask them why they think they would like to do that for a living. Most answers I get usually involved the perceived notion that the money is very good or that it's a really fun/kewl job to have. I tell them it's also about long hours, hard travel, boring and tedious investigations, business meetings with customers, and generating lots and lots of documentation. I also recommend that they find people who actually work in those jobs and ask them.

YFZblu

JDMurray wrote: »

Most answers I get usually involved the perceived notion that the money is very good or that it's a really fun/kewl job to have.

Yeah - One of my boss's go-to questions in interviews is, "why security?" - The last guy said "because it's big right now.."

Master Of Puppets

This is part of the point I was trying to make.

JDMurray wrote: »

When people ask me how to get a job doing pen testing, ethical hacking, digital forensics, etc. I first ask them why they think they would like to do that for a living. Most answers I get usually involved the perceived notion that the money is very good or that it's a really fun/kewl job to have. I tell them it's also about long hours, hard travel, boring and tedious investigations, business meetings with customers, and generating lots and lots of documentation. I also recommend that they find people who actually work in those jobs and ask them.

I'm sure the people who are asking you for advice are quite fortunate because I have no doubt it will be of the highest quality. I have a tremendous amount to learn and I am nowhere near as experienced as you but when someone asks this, I too try to sneak the question about their motives and expectations. A lot of times someone perceives this negatively and assumes I am not willing to help while my goal is the exact opposite - I think a serious desicion like that should be informed and not made for the wrong reasons. This is what I did when I was around 15. I researched every aspect of the job for a long time before deciding this is what I wanted to do. Many people think that you sit in front of a black terminal with green letters all day but as we know this is not the case.

JustFred

Thanks for the reply.

I ordered a security+ book, then i found this thread and I'm happy i did. I will work on getting a solid security background on a CCNP like level and also help others along the way who will most likely end up in the position I'm currently in one day.

luking

This is an awesome thread, kudos to all who spent time posting the useful information.
I too am thinking of moving into info/web security and ultimately aspire to land jobs that pay north of 120K+.
I guess that means I must become a CISSP or CCIE. Are there any other top notich certificates that can get me 120K+?
Secondly, I have about 15 years experience in help desk environment. I am msce in win NT/2K/MCDBA. I never worked directly in network administaration although I do have "peripheral IT and Network" experience while poking with clients' networks during troubleshooting etc.
So what would be ideal path for me to start to acquire some:
A. Certifications
B. Real life security related knowledge

I was thinking for starting with ccna and then ccnp but please suggest what you think is best path to above.
Thanks in advance.

chopsticks

blaker00 wrote: »

Good security engineering route depends on what you want to specialize in. I've seen way too many people that memorize nist 800-53, iso 27000, itil, cobit... and claim they are security engineers. These people are not security engineers, they are auditors or security managers.

if you are looking to become a well rounded security engineer this is what you should know.

Offensive security: Scripting(python,ruby), Programming(C, Assembly), Javascript, PHP, Metasploit, sqlmap, Burp-proxy, SQL, OSCP/E, ollydbg, pydbg, etc...

Defensive security:

• Network Route: CISCO, JUNIPER, CHECKPOINT, MRTG, SOLARWINDS- NAC, AAA, VPN, SSL, AES,SHA,MD5. Understand the difference between a hash and encryption. CA, Wireshark, TCPdump, Network segmentation, Architecture roles. Understand Next gen Firewalls such as Palo Alto's, Understand IPS such as Snort, SIEM, wLoadbalancing(f5,citrix). Bluecoat,Riverbed,Netscaler type products.
• System Route: Linux(RHCE), Microsoft(MCITP), Mcafee EPO, Nagios, CLAMAV, Websense or other DLP, Qualys, nexpose, SQL, NOSQL, you should probably understand concepts of NIST 800-53 and ISO27000, Certificate Authorities, Active Dir., Puppet
• Manager : ISO27002, NIST 800-53,34, COBIT, ITILv3, CISSP,CISM,CISA. Not very active in technological side more interested in Confidentiality Integrity Availiability. Gets really in depth with security access and flows. Very interested not just in technology(logical) but also Physical and Administrative
• Programming : Learn SQL injections, Web-app security(web application hackers handbook 2), know everything I've written for Offensive security plus know agile, waterfall, etc different methods of application creation. Best bet for this path would be learn assembly x86 and 64. Learn how to create APT and end up working as a malware or security researcher

Good luck, takes a very long time and a dedicated person to become a sec engineer

Thanks for your guidance.

luking

Well, anyone?

luking wrote: »

This is an awesome thread, kudos to all who spent time posting the useful information.
I too am thinking of moving into info/web security and ultimately aspire to land jobs that pay north of 120K+.
I guess that means I must become a CISSP or CCIE. Are there any other top notich certificates that can get me 120K+?
Secondly, I have about 15 years experience in help desk environment. I am msce in win NT/2K/MCDBA. I never worked directly in network administaration although I do have "peripheral IT and Network" experience while poking with clients' networks during troubleshooting etc.
So what would be ideal path for me to start to acquire some:
A. Certifications
B. Real life security related knowledge

I was thinking for starting with ccna and then ccnp but please suggest what you think is best path to above.
Thanks in advance.

kandy2905

Hi everyone , i am new here so i needed some help from security gurus. I have recently completed masters in information systems and wanted to do some certification in information security or network security
1. Which has better job opportunities and good salary.
2. If i wanted to do CCNP security, what is prerequisite like i first have to do CCNA or CCNA security

I have no experience

Thanks

auxiliarypriest

Yes, CCNA Security would be the prereq for CCNP Security. To be eligible for CCNA Security you would either need to be a CCNA RS or a CCENT.

bradl3yC

Keatron,

What would you recommend currently in place of MCSA:Sec? I read in an earlier post that its all wrapped up into another exam. The exams I have found are the 410-412 and that is specifically Server 2012

Thanks for your advice

enterity

Hi,


I am in a little bit different situation comparing to most of the people that shared their questions above. I have picked more business/managerial path related to service delivery management in Security area. Out of all technical certificates have only ITIL. I am not planning to move to any security related technical role where hands-on skills are crucial.

What certificate would you recommend in my case?


CISSP sounds like a perfect solution but still do not have enough experience (so would become "Associate") and it would probably be a huge challenge for me, as I do not have security background - I am not afraid of learning, just trying not to bite more than I can chew.


Have been also considering Security+ as a staring point but maybe it would be just a waste of money? I do not want to get the certificate just to have one, but to make myself study in a more structured way and have a clear goal. Would I learn more if I took Security+ before taking CISSP or would it be more reasonable to go directly to CISSP as there is some overlap and I want to do it anyway? I know Security+ would give me 1 year experience waiver for CISSP so for sure that is a benefit.


Starting with SSCP does no make too much sense to me as I have heard the overlap is so big it is better to learn a little bit more and pass CISSP.


Or maybe you would recommend any other certificate that would work better in my situation? I am sure it would be best to pass all of them staring for instance from CCNA/Network+ to build strong background but don't want spend my life chasing after certificates, one after another and would like to focus only on those that make most sense.


Thank you for any suggestions.

JDMurray

I would start out by studying the Security+ material. Not having formal experience in the fields of Information Security, you may not be sure if it's of any interest to you for a career track. Security+ will give you an idea of the many areas of knowledge that you must have to be a well-rounded information security practitioner. If you find InfoSec not to your liking, you can pivot into some other area of technology for your career that is more to your interests. If you do find InfoSec material appealing, you can then decide to go on and get the Security+ cert (recommended for the knowledge and resume) or going instead for the SSCP or CASP. Jumping straight to the CISSP is recommended for someone that already meets the education/experience requirements for full CISSP certification.

TK1799_st

This COMPTIA Roadmap is very helpful:

https://certification.comptia.org/docs/default-source/downloadablefiles/it-certification-roadmap.pdf?sfvrsn=2

See the top section for IT Security Certifications

eth0

TK1799_st wrote: »

This COMPTIA Roadmap is very helpful:

https://certification.comptia.org/docs/default-source/downloadablefiles/it-certification-roadmap.pdf?sfvrsn=2

See the top section for IT Security Certifications

+1 but there is no companies like OS, eLS etc

SuramyaBakshi

Hello everyone,

I am new to techexams and Infosec. I have read many threads here (Keatron's coke can analogy) and some other blog posts (e.g Lesley Carhart's) about how to proceed your career in Infosec with the help of certifications and my sincere thanks to everyone. But I think each one has a different situation (or atleast think they are in), so let me ask you all experts on how should I proceed in terms of certifications.

My background: I worked in software development for around 5 years and recently moved to Infosec exactly a year ago. I work as an Identity Access Management consultant deploying/enhancing new or existing IAM solutions.Also I have a Masters degree in CS.

My Goal: I want to see myself in managerial/leadership role in IAM or other infosec projects. As far as I understand CISSP would be my goal 3-4 years later when I attain the required experience.

So what certifications can help me in short term for IAM and long term for infosec overall?

Thanks.

Charper0873

CyberSEC First Responder (CFR) is a must add to your list.

SuramyaBakshi

Thanks @Charper0873. Is CFR a basic level certificate or is it something parallel to Security+ and other certification path?

martyn747

Hello all. Like Suramya above I am looking to move my career into InfoSec and this forum has been invaluable to my research over the last year or so. Please could I get some up-to-date advice and also as I am in the UK, some UK relevant advice?

Unlike most here I do not have a technical background. I have grown up with computers and have always been technically adept. I regret with hindsight not taking a computer science related degree, but I saw my life going a different way and I studied a non-technical degree. I have 7 years experience in law enforcement and I am looking to change career into information security/risk management in the private sector. I am completely dedicated to this, and I hope that if I gain technical qualifications combined with all of my transferable skills from the police force (risk assessment, project management, counter terrorism training, high attention to detail, the list goes on), hopefully an employer will give me a chance.

The amount of courses and certifications available out there are a minefield and its hard for an outsider to set a pathway in stone.

I am currently studying for my Network+. I also have booked a ISO27001 Certified ISMS Foundation training course through ITGovernance.

Any advice on what I should do next after that? I was thinking Security+. I see myself more in a consultancy/project management career than purely technical but all of the vacancies I've looked at require technical knowledge and qualifications.

Of interest, have any of you made successful career changes to InfoSec from the police or any non-technical background? It would be great to hear some constructive advice.

Thanks for your time, I really appreciate it.

Martyn

martyn747

Any input at all, no matter how slim?

zcarenow

i've doing windows systems admin work for a while and was interested in knowing what basic security certification do i need to study? thoughts? thanks.

zcarenow

JDMurray wrote: »

I would start out by studying the Security+ material. Not having formal experience in the fields of Information Security, you may not be sure if it's of any interest to you for a career track. Security+ will give you an idea of the many areas of knowledge that you must have to be a well-rounded information security practitioner. If you find InfoSec not to your liking, you can pivot into some other area of technology for your career that is more to your interests. If you do find InfoSec material appealing, you can then decide to go on and get the Security+ cert (recommended for the knowledge and resume) or going instead for the SSCP or CASP. Jumping straight to the CISSP is recommended for someone that already meets the education/experience requirements for full CISSP certification.

I am a windows systems admin. So security+ is what you recommend for newbies? What exactly is a security+ certification? What are the best books/learning materias to start off with? Thanks.

Elpeca

Great advice from Stephen Covey's 7 habits of successful people. Unless you know where you are headed how can you know where to start? If it's a particular job you have as your goal then I recommend you look at what that job requires and work backwards from there to find your start point. This may save you setting off on the wrong path.

Ritual

eth0 wrote: »

+1 but there is no companies like OS, eLS etc

eth0 I'm curious, you have all the certifications I hope to get in the next couple of years.

what do you do for employment if you don't mind sharing.

also what are your goals now as far as certifications? you going to get into more reverse engineering type certifications like the OSCE eventually?

JDMurray

zcarenow wrote: »

What exactly is a security+ certification? What are the best books/learning materias to start off with? Thanks.

I recommend reading our Security+ discussion forum and Security+ info page.